Geeks in Paradise | Brian Chee | TAG: Industry Trends

MORE ENTRIES

TAG: Industry Trends

April 10, 2008 | Comments: (0)

Opened on February 26, 2008, Ixia's iSim-City is a beautifully implemented facility that combines an executive briefing center with a large-scale proof-of-concept lab that can be used alone or with professional services. Located in Santa Clara, this city-scale testing facility is designed to meet corporate overflow testing requirements and will be used for some upcoming InfoWorld shootouts. In my case, I'll be showing up at the start of my test, but after the scripts and methodology are debugged, I'll be able to fly home and run all my tests remotely. With upwards of 5000 gigabit ports on demand, this facility should be able to fulfill whatever testing scenario you can dream up. Trust me, I'm going to see if I can build some shootouts that will stretch this lab's capability ... maybe ...

It was over some truly great curry that Ixia CEO Atul Bhatnagar and I started dreaming of just what an InfoWorld + Ixia testing partnership could do. So although we already have some Ixia testing gear in the Advanced Network Computing Laboratory at the University of Hawaii, what we don't have and can't afford is thousands of ports. One test we've always had to shy away from is that huge 10gig campus/colo/ISP shootout we've had on the back burner for the last couple of years.

The reality is that corporate America needs testing. You don't buy a car unless you've taken it for a test drive, and you don't just sit in the driver seat nor do you just see if the trunk lid opens. The point I'm trying to make is that network testing that runs synthetic traffic across a real network gives you that baseline performance metric with which to judge further upgrades. I've heard a multitude of horror stories about a shoot-from-the-hip guestimate going horribly wrong because no one knew how the network was doing as a system instead of a single device. Over the years I've tried very hard to stay neutral when it comes to test equipment but everyone has weak and strong points; Ixia's strength has consistently been the attention to the Human Computer Interface (HCI). It was just easier to run and thusly more approachable. The stigma has been that you had to be a super human network engineer to run these types of tests. Heck, I've heard some rumblings that you had to be super-human just to know enough to ask the right questions.

What I'm looking at doing is to work with test equipment vendors to publish testing scenarios. We've published out methodologies in the past, but I think it's high time that we flesh these out in more detail so our tests can more easily be duplicated by you the readers.

So to that end CEO Bhatnagar and I also dreamed of cooperative education projects and my dream of creating a coalition of advanced networking labs across the country. We're going to test the water by leveraging Ixia's experience and resources with my years of experience teaching kids about real world networking. I'm dreaming of this coalition graduating hundreds of students a year, helping to fill corporate America's need for the next generation of network engineer. Stay tuned; maybe this partnership between InfoWorld and Ixia will yield more than just cool tests. Maybe it will also result in a skilled workforce able to help you confirm vendor claims on performance instead of just trusting those glossies.

Posted by Brian Chee on April 10, 2008 03:30 PM

February 01, 2008 | Comments: (0)

I object to RFID payment schemes without positive acknowledgment!

Technologists object to U.S. RFID passports - Jul. 13, 2006

<Start soap box>
I just got my replacement American Express Blue for Business credit card and to my dismay I found that Amex has given up on smart card tech and has instead led us down the primrose path with their "ExpressPay" RFID based technology. With MasterCard touting their "Tap and GO" payment system (also RFID) and now Amex, did these folks read about the problems that the US Gov is having with RFID's in passports? (Technologists object to U.S. RFID passports - Jul. 13, 2006 )

Here's my bitch...there is a VERY good reason why high security facilities demand that you have positive acknowledgment of a card swipe for entry. It's just too easy for someone to lose a card or have it stolen. Now with an RFID someone with just a bit of kit can walk through a crowd (occasionally brushing up against folks) and harvest RFID information. Heck even if the information is encrypted, it can still be gathered for bulk decryption later. (See how well the DVD encryption worked!) So for proximity entry cards, you not only swipe/wave your card, but you must also punch in a challenge code (pin). This way a stolen card can't be used to get access to our nation's secrets. Heck, many new keypads even use OLED's under the keys to change the positions of the numbers so that someone can't just dust the keypad.

So I've written a real letter to the American Express folks asking them to get their head examined; but in the mean time I've taken a hammer to my new card (sniff) to destroy the RFID chip. Just as a bit of history, in the very early days of eCommerce, American Express lured me into becoming a Blue member by being one of the first to put into place verbiage in their user agreement saying that they will protect me from Internet fraud if I signed up. hint hint hint... Hey Amex! Do the same thing for the RFID and maybe I'll just quietly request a new card and stop destroying your investment. Better yet, make the person scan a finger or type in a pin code.

Oh yeah, I'm far from the first to raise my hackles on this subject...check out this for a rant on using the RFID to track what products you might be looking at in a store...very big brother if you ask me...

Lastly, to my congressional representatives...please make sure that if you choose RFID for a national ID, make sure that it requires my explicit acknowledgment to the intrusion. Or better yet, if you want a way to ensure that the ID isn't fake, why don't you talk to Gavin Jancke at Microsoft Research? His 2D color bar code can't be read unless you take it out of your wallet, and can contain enough information that you can embed an RSA signature in it. Don't you think this might be a more acceptable plan to folks that would like to maintain a bit of privacy?

Posted by Brian Chee on February 1, 2008 01:05 PM

January 08, 2008 | Comments: (0)

Wiring and Cabling: How To Lace Cable Harnesses

Many have described Cable Lacing as a lost art and rightly so. With zip ties down in the $0.01 each range it doesn't make any economic sense to expend the labor on lacing. However, anyone that has had to troubleshoot a cable bundle has found that the labor charges were just shifted. Tightly bound cable bundles tend to the norm with some installers actually using a zip tie gun to get them even tighter. (and oh by the way increasing cable cross talk by flattening out the cable pairs) The downside is that if you want to trace a cable's physical path, digging it out of a tightly wrapped bundle starts becoming a big problem. With lacing you have the option of slipping a loop to one side to create a gap and make tracing a bit easier. The other advantage is that lacing doesn't leave sharp ends in the cable trays like those on zip ties with the extra cut off.

So while cable harnesses are still used in the aircraft and auto industry, it might be something the computer industry to consider especially as clusters proliferate masses of cables in the back of our equipment racks. So maybe if folks like HP, Dell and IBM are listening; they might want to consider using a lacing board to pre-build cable harnesses so that the bundles lay nicely, and are easier to trace for troubleshooting? I'm sure it will add to the cost, but a pre-made harness for something like IBM's SAN in a box product makes a lot of sense since they control everything in the rack, right down to the cable management.

So I'm fairly sure that I would love to see more cable lacing rather than zip ties, and I also really like that cable lacing makes my racks that much neater. My problem is justifying the upfront labor cost, especially when I know that some of my racks get changed around frequently. More than likely I'll end up using lacing only for cables bundles that go between patch panels.

I'd love to know if anyone out there is still using cable lacing and why you feel the added expense is justified?

Here's a website that has excerpts from a US Navy training manual on cable harness assembly.
Wiring and Cabling: How To Lace Cable Harnesses

Posted by Brian Chee on January 8, 2008 10:28 AM

December 31, 2007 | Comments: (0)

Camera Phone barcode readers: Part II

Well I find myself posting a second part to placate some readers who REALLY wanted me to write on alternative solutions to the previous blog posting on ScanLife and the Sprint ad associated with it. To understand the fervor regarding camera phone barcode technology involves a discussion over Direct versus InDirect metatagging.

Direct metatagging and barcodes:
The concept of a direct metatag is one where the information contained takes you directly to an Internet location whether it be an IP address or a DNS entry. A good example would be something like http://weblog.infoworld.com/geeks/ and if the name of the blog should ever change, the information contained in the metatag will be broken. I'm sure we've all seen broken tags in older webpages or missing graphics. (Similar in concept to absolute URI's)

InDirect metataging and barcodes:
This is a bit different, in that a URL with an indirect tag might not have a fully qualified domain name(FQDN) but may have a link relative to the original page location. In the case of what the reader was commenting about Neoreader by by NeoMedia technologies utilizes a man in the middle approach where the much smaller barcode is looked up in the tag database called the NeoServer-OMS. This approach dramatically reduces the amount of information necessary in the barcode, and as pointed out by the reader, Neoreader also is capable of reading quite a few more barcode technologies than the before mentioned ScanLife product that's being pushed by Sprint. Neither is Sprint or some others pushing to converge the mobile device reader software, also mentioned by the reader's comment.
Neomedia: Brief description

My Spin:
I'm not sure I agree with the reader's comments...I'm not exactly wild about having a man in the middle arrangement where slow links, or links denied because someone's check was late paying for the sponsored link....use your imagination. So while I like the idea of less information in the barcode this also means less reader errors and smaller barcodes, I'm not sure the price is worth it in the long run. I also see this just as proprietary as that from ScanLife's solution, with the exception that once the direct barcode has been created, you don't seem to be tied back to the technology provider and recurring fees.

On a plus side, having a directory server means that advertisers can get quite a bit more information off the mobile browser and also have access to more historical browsing information than the direct method.

Since ANCL (Advanced Network Computing Laboratory at the University of Hawaii School of Ocean and Earth Sciences and Technology) was where Warren Togami chose to start the Fedora project while an undergrad here; I feel a certain leaning towards open source efforts like those by the folks at the zxing project that is supposedly going to become part of the Google phone project. One application already available is yelp where you can drag around on a Google map and have it generate 2D barcodes that give you references to things like restaurants, gas stations, etc in the area.

All in all, I think we're going to start seeing a whole heck of a lot more 2D barcodes showing up on ads, magazine stories, posters and the like. Will the 2D barcode go further and start pushing vcard information into mobile devices, well we'll just have to wait and see if standards actually start showing up instead of having to download a different reader app for every standard. It is my personal opinion that it will be someone like Symbian or Microsoft that will have to drive a standard by implementing barcode reader technology into the base operating system. Will this be one of the legacies that the Google phone will provide us? Or will Symbian and or Microsoft beat them to the punch?

Another reader suggested this URL as a source for more detailed information on the 2D barcode movement.
http://2d-code.co.uk/

Last minute update: It would seem that the IATA (International Air Transport Association) has decided upon a 2D standard for checkins.

Posted by Brian Chee on December 31, 2007 11:10 AM

December 28, 2007 | Comments: (0)

Mobile Phone Barcode system

ScanLife is the technology behind the new Sprint ads that have started to appear in print media. I found one in my issue of Wired and while I'm a T-Mobile user, you can still download the application from the ScanLife site and be able to read the 2D barcode. The main issue behind using a camera phone as a barcode reader has always been the poor image quality and the tendency for images to become skewed due to user hand positioning. In the US you can ONLY read the EZCode, however in europe you can also read the DataMatrix and QR codes. Oh by the way, the Sprint AD takes you to a free ringtone download site for Windows Mobile once you read the EZCode in the ad. I was able to get there just fine with the version I downloaded for my HTC/T-Mobile DASH.

Supported 2D Barcodes (EZcode, DataMatrix and QR)

All of these emerging 2D barcodes have handles on them to allow software to de-skew the image and little targets embedded in the image so that the software has a better chance at knowing where the code boundaries are.

The Sprint ad, and the talk on the street is that the lowly barcode is seeing a revival due to consumer pressure to be able to get more information on demand, but they don't want to have to type in long URL's to get there. The answer is the 2D barcode with some codes achieving upwards of hundreds of characters worth of information in a postage stamp sized image.

However, the big three (EZcode, DataMatrix and QR) can't hold a candle to the achievements of Gavin Jancke of Microsoft Research and his new color 2D barcode system that can achieve thousands of characters worth of information in an image not quite bigger than a US Penny. Enough information that you can embed enough information that Microsoft is tossing out the concept of a tamper proof ID.

So why barcodes? My spin is that it's tied to the now ubiquitous nature of the camera phone. Since it's there, why not make better use of it? I for one would love to see an apps (open source please) that will allow me to use my camera phone to read my club card barcodes, and then reproduce them on the screen. This way I can just scroll around to the appropriate club card and then wave it across the scanner. Though as I mentioned above, image skew is a pretty big deal and so is the fact that under normal conditions the barcode is displayed on a media that has a huge contrast ratio (upwards of several thousands to one) which the standard phone LCD hasn't quite achieved yet. So I just have to imagine that reader errors are fairly frequent.

As a counter point the folks at Ecrio claim that they have a much better solution. Since traditional UPC barcodes suffer from a collection of maladies ranging from grubby phone screens, reflectance, low contrast, stray light, etc, etc...Ecrio has instead come up with MoBeam, a method to flash the IR or the phone backlight to satisfy the checkout scanner. So instead of having the scanner attempt to read the varying size bars of the UPC off the phone screen, they instead fool the scanner into seeing the long and short flashes that represent the bar code. So while I'm unsure of just how well this works (So far Ecrio hasn't returned any of my email) they claim nearly full proof scans and are bragging about how it's being used for ticketing and a wash list of supporters.

So I just had to do more digging and found Mobiqua who doesn't seem to have the issues that Ecrio warns us about. In fact they're got an agreement going with the IATF (International Air Transport Association) that has a pilot (sic!) project going in an attempt to eliminate the ubiquitous and un-recyclable airline boarding passes (due to the magnetic strip). When I asked the IATA folks if they're having problems with reflectance causing barcodes to become unreadable, here's their answer:

... Air Canada and Continental are testing bar codes on mobiles, I'm not aware of reflectance issues. Actually when it does not read, it could be the size of the bar code, the shape of the screen, or simply unclean screen. Or light reflectance. Japan carriers have been using 2D on mobiles for 2-3 years, reflectance was not reported as an issue to my knowledge. I think it is more an argument from scanner manufacturers, between mounted hand-held and flatbed.
From: LEOPOLD Eric
Sent: Thursday, 20 December, 2007 15:07
To: RILEY Lorne
Subject: RE: barcode checkin on mobile devices...story for InfoWorld magazine

Another partner of IATA is RealTime and they're got a bit of a spin on how mobile phone checkin's will save time, money and the environment.

For a longer term look at the IATA's efforts, download a PDF status report.

Posted by Brian Chee on December 28, 2007 11:06 AM

November 05, 2007 | Comments: (0)

Microsoft Windows Server 2008

With the leaves starting to turn color on the Redmond Washington Microsoft Campus the world’s technical journalist have gathered at the Microsoft Executive Briefing Center to hear from the Windows Server team about the long awaited rollout of Server 2008 previously called LongHorn.

With the keynote talk by Bill Laing we got to hear about the timeline for the Windows Server family that stretches from the recently released Windows Home Server, to near future SMB versions, to new Clustering wizards, virtualization, and storage clustering. Officially named Windows Server 2008 by William “Bill” Gates at the WinHEC conference, Server 2008 promises increased flexibility for the IT professional. A key feature is that the Windows Server 2008 core is much slimmed down with the server role wizard adding in only the code you actually need.

The Dog and Pony show has had folks from the Hillsboro School District, CA Quest Software, and Microsoft’s own IT department all talking about how Microsoft has solved their IT needs and how key features like Virtualization in Server 2008 will continue to meet their computing needs in the coming years. One harbinger of things to come was Bill Laing’s expected announcement that this will be the last Windows Server version with both a 32bit and 64bit release. It was expected since Exchange has already taken the plunge with other key server products soon to follow. One piece of good news is that future virtualization plans seem to include continued support for Virtual Server 2005 R2 virtual disks (VHD: Virtual Hard disk) punctuated with Mr. Laing also talking about a push for VHD’s to follow an open standard.

I’ll be reporting on other presentations and this hoopla rolls along with hopes of being able to post some tasty power point slides once the Microsoft folks release them. I’ll also be cobbling together a report on future changes in Unified Communications (aka Microsoft Office Communication Server) and how Microsoft will be affecting the enterprise mobile phone of the very near future.

Posted by Brian Chee on November 5, 2007 01:35 PM

August 21, 2007 | Comments: (0)

Doing the right thing...

It was a bad week for the folks at Skype, with a system wide outage due (they say) to an algorhythm problem in the login process. I use skype to keep my international long distance charges under control and depend upon it to coordinate vendors for shootouts and product reviews. I know of a couple of companies that have setup Skype interfaces to their Asterisk based VoIP systems to handle all of their long distance. The bottom line is that the age of VoIP is here, but VoIP still hasn't reached that magical "five 9's" of reliability yet. (i.e. five 9's is 99.999% uptime) Nor will it ever reach the magic five 9's since VoIP typically runs over a general purpose network instead of the ultra expensive dedicated network that is POTS. (Plain Old Telephone System)

So finally getting to the point, the folks at Skype aparently did their homework and have resorted to an old fashion bribe to buy forgiveness from their userbase. In an email blast:

When the unexpected happens, it's important to remember the people who stuck behind us and whose loyalty humbled us. I want to thank everyone for their support, patience and being part of the Skype community. And for those of you who missed out on using Skype last week - I want to especially thank you as well.
As a goodwill gesture to all you faithful Skype Pro, Skype Unlimited, SkypeIn or Skype Voicemail customers, we're adding an additional seven days to your current subscription, free of charge. And even if you didn't miss out on using Skype last week - you can still have a week free on Skype, on the house!

Now if only the mobile carriers could learn to be so magnanimous when they have outages.

/brian chee

Posted by Brian Chee on August 21, 2007 10:08 AM

July 12, 2007 | Comments: (0)

Pssst...wanna buy a used router?

Regardless of what some of the network equipment manufacturers might say, used networking equipment is a reality of life. The problem is that they're some folks out there that are preying on the unsuspecting by selling them gear that's fallen off the back of the truck. The good news is that there is a thriving association of businesses that have banded together to remove the Hollywood image of a back alley shyster.

Who is UNEDA?
UNEDA is an alliance of more than 300 of the top used network equipment dealers worldwide. These secondary market suppliers work together to promote industry best practices, ensure the highest standards of product quality, and eradicate counterfeit and fraud in the secondary market.
Why You Need UNEDA
Our mission is to ensure that the secondary equipment market is an affordable, safe and reliable alternative to purchasing new networking equipment. With combined annual revenues of more than 2 billion dollars, UNEDA members provide millions of pieces of equipment to tens of thousands of customers each year.
Highest Standards for Product Quality and Service.
As in any industry, the secondary network equipment market includes providers offering products and services at varying levels of quality and integrity. UNEDA is a community of secondary market suppliers committed to maintaining the highest standards in product procurement, inspection, testing, warranty and post-sale service practices. Look for UNEDA members to ensure that you are purchasing equipment from reliable sources.
Exposing & Prosecuting Counterfeit and Fraud.
Original equipment manufacturers (OEMs) acknowledge that counterfeit has penetrated their authorized channel, yet there are few resources publicly available to educate buyers against this threat. With unmatched experience in current and past-generation equipment, secondary market equipment providers are the frontline in the battle to protect buyers from counterfeit, theft and fraud in the secondary market. UNEDA members work closely with various law enforcement agencies to identify and prosecute offenders.

This wonderful organization was brought to my attention by Gillian Canty-Ross of SubSpacecom.com a member out of Atlanta. As a spouse of a long time Interop NOC team member, the past-noc is a group that has a long history of helping each other out on projects (we do LOTS of community service) and private projects. Many of us would not have been able to get our project/company/school/etc off the ground if we had to purchase everything new.

I should point out to the Network Equipment Manufactures (NEMS) out there that used equipment should be viewed as a golden opportunity to print money. Once we get on our feet, the equipment that helped us get there is ripe for service contracts and free white hot leads! It's just a shame that some NEMS have decided to look only at the short term loss of new equipment sales, and make it difficult to get contracts on used gear. It's a sale that you wouldn't have gotten anyway, and now is the time to buddy up to that startup and make them your best buddy and pal. Salesmanship101 dude!

So to Gilly (aka Gillian Canty-Ross) and the rest of the members of UNEDA, my hat is off to you and I wish you folks MANY years of success and good luck on putting those back alley shysters out of business. Stolen gear is bad, properly checked out and supported used gear is good....thanks for the lead Gilly....

/brian chee

Posted by Brian Chee on July 12, 2007 06:11 PM

March 27, 2007 | Comments: (0)

The beginnings of a national ID for flyers?

Every road warrior has dreamt about a frequent traveler line for the security checkpoint. If you're willing to go through a process just like what you'd go through for a security clearance, Clear is now offering a solution.

CAUTION! If you're the type that does NOT want your life pried into, this is NOT for you. However, if you don't mind a bit of prying in exchange for MUCH faster trips through airport security, then keep reading.

The downside is that you MUST complete the application in person and unless you live in New York, the list of enrollment sites is limited at this time. (San Jose, JFK, midtown Manhattan for now)

After you've enrolled in the program AND paid your fee ($99/year with discounts for multiple year signup's) you get a smartcard, a Clear account and the ability to use an iris scan at the new checkpoints being setup around the US. (NOTE: at least you don't get charged until you actually show up for the in person portion of the signup.)

In a past life I used to do work for the US Federal Government and as part of that job I gave a similar set of information for my background check. What TSA and Clear is asking for is nothing compared to a military background check and I for one don't mind the minor intrusion. (Though TSA and Clear had better be VERY careful about storing this info!)

I've signed up and am going to give this a whirl. Overall, I was hoping that this program would have been run by Homeland Security instead of a contractor or at least a single entity. The process of Clear sending the info to TSA who then does the clearance introduces more points of failure than a single organization. I'll just have to cross my fingers that no one takes any short cuts.

Brian Chee

Posted by Brian Chee on March 27, 2007 11:18 AM

March 15, 2007 | Comments: (0)

802.11n Draft 2.0 is Approved

The 802.11 Working Group voted 83.4% affirmatively to approve the Draft 2.0 of the 802.11n spec. The overwhelming affirmative vote was a bit surprising considering the rollercoaster-like ride the 802.11n spec has taken so far. With the approval vote today, the Wi-Fi Alliance can now begin certifying vendor equipment as being compliant to the 802.11n Draft 2.0 spec, which means that it will be fully compatible with the 802.11n standard once it is finalized. So vendors will be able to start rolling out new gear en masse!

High Mobley
Co-owner of q!Bang Solutions

Posted by Josh Kuo on March 15, 2007 07:40 AM

February 26, 2007 | Comments: (0)

Dell, the new (free) Linux provider?

You have probably heard by now, from various web sites such as slashdot, Computer World, OS news, and also right here at Info World, that Dell is contemplating the possibility of selling machines pre-loaded with the Linux operating system. This started with Dell's Idea Storm web site, which is a community discussion style web site where users can provide feedback and discuss ideas. Looks like Dell is listening.

The users are not asking for a commercial version of Linux either (since Dell already offers Red Hat Enterprise and SUSE Enterprise on selected machines), people are specifically asking for three free distributions: Ubuntu, Fedora, and OpenSUSE. The second item on the Idea Storm list is Pre-Installed OpenOffice / alternative to MS Works & MS Office.

Further down the list are: Have "Firefox pre-installed as the default browser", "No OS Preloaded", and "No Windows Option". Looks like Dell customers want choices other than the standard Microsoft solutions, but can Dell deliver?

The idea of Dell selling machines pre-loaded with Linux is not all that new or shocking. After all, Dell is already doing this in China with Red Flag Linux. In fact, Dell has offered Linux as early as 1998, but eventually quietly dumped it in 2001. And let's not forget that Microsoft probably won't just sit still... This love affair between Dell and Linux, will it last this time around?

Update Mar 1, 2007 Well, it looks like we will have to wait a while. Dell announced that it is not planning to sell systems pre-loaded with Linux in the near future.

Josh Kuo
Co-Owner of q!Bang Solutions

Feb 26, 2007

Posted by Josh Kuo on February 26, 2007 01:42 PM

February 06, 2007 | Comments: (0)

Embracing Open Document Format (ODF)

Have you ever received a word document in email, only to find that it cannot be opened or edited by your version of the MS Office? Or perhaps you want to open a paper you wrote in 1996, only to find that you wrote it with Nisus on Mac OS 7, and you are now running Windows XP? Well, you can say goodbye to those days. It's time to take a look at the format of the future: Open Document Format (ODF).

ODF is a new ISO standard (ISO/IEC 26300:2006) that has already been adopted by several countries including Malaysia, Italy, and Belgium (and the state of Massachusetts). It is also backed by corporations such as IBM, Sun, Google, Red Hat, Novell, and Oracle. It is supported by applications such as IBM's Workplace, Sun's Star Office, the open source Open Office and KOffice suite, Mobile Office for your smart phones, and NeoOffice support for Mac is on the way. Heck, even Google Docs supports it, so when you receive a document as an email attachment, you can just open it up and edit it right there in your gmail! It would seem that everyone supports ODF, but the giant itself, Microsoft.

Until 4 days ago.

It was announced on 2007/02/02 (on sourceforge, no less), that the OpenXML Translator 1.0 is available for download. This enables users to use ODF in Office XP to Office 2007. There is also a proof-of-concept plugin for Microsoft Word 97 - 2007 that has been released by the Open Document Foundation.

ODF is not some distant, futuristic standard, it's something you can start using right this moment. It not only makes document sharing a whole lot easier, it also ensures what you write today, will still be accessible ten years from now.

Josh Kuo
Co-Owner of q!Bang Solutions

Feb 6, 2007

Posted by Josh Kuo on February 6, 2007 07:17 AM

January 30, 2007 | Comments: (0)

3rd Annual IFIP Working Group 11.9 Intl. Conf. on Digital Forensics

Held in Orlando, Florida at the National Center for Forensic Science at the University of Central Florida this IFIP Working Group is one part of the larger organization whose mission is:

IFIP's mission is to be the leading, truly international, apolitical organization which encourages and assists in the development, exploitation and application of Information Technology for the benefit of all people.

Parts of IFIP consisist of TCs (Technical Commitees) and WGs (Working Groups) contribute to, and often lead,
progresses in the state-of-knowledge andstate-of-the-art: voluntary work of its WG members is catalysed into creative synergy, with societal relevance.

I got the chance to co-author a paper on the Role of Calibration in Establishing the Foundation for Expert Testimony with Barbara Endicott-Popovsky (University of Washington Center for Information Assurance and Cybersecurity) and Deborah A. Frincke (Cybersecurity Directorate Pacific Northwest National Labs). In a nutshell, we did a bunch of testing using a Spirent Test Center regarding the actual performance issues surrounding an aggregating tap typically used for Network Forensics. In this case we started with a NetOptics 10/100 copper aggregating tap with 1Mb of buffer. The point we're trying to make is that aggregating taps can't be used blindly and investigators need to be aware of their proper use and limitations.

So anyway, our opening keynote was given by Peter "Mudge" Zatko now with BBN Technologies, former CEO and Chief Scientist, L0pht. So while his keynote covered quite a bit of territory he did raise some VERY interesting thoughts:

Functional Fixation:

Given the example of holding up a quarter, he would ask a group what it was. He related how he would get statements mostly along the line of "monetary exchange item" or such. Normally he would NOT get suggestions of how it is a:

Decision maker, ie. flip a coin
Door stop
screwdriver
etc

He also mentioned how a new vulnerability could appear in a major operating system, what would you do?

Wait for the vendor to release a patch with a set of system possibly open to attack?
Read that the vulnerability was in the dcom routines and just desensitize these machines to dcom attacks?

He also asked the group how many processors a typical laptop has in it? Most of us only counted CPU's. He pointed out that something like a new Mac Laptop might have upwards of 50 processors in it. Heck, the old Gateway keyboards could store 128 characters per key that was intended to be used for macros. What he was really trying to do was to get us to stop fixating on traditional functions and look at how IT gear could be used for malicious means.

Well, it was a great talk and we got to talk about some of the issues that the forensics community is going to have to deal with in the future. So while this is good news for malicious hackers, it's bad news for companies actually interested in protecting itself from litigation and regulatory scrutiny.

Look for more summaries on talks from the conference by forensic professionals from around the world.

Posted by Brian Chee on January 30, 2007 08:43 PM

January 27, 2007 | Comments: (0)

Google Analytics is Worth a Look

Have you checked out Google's Analytics package yet? No? Why not? It's a strong web analytics package and is offered for free from Google.

Let's first address the definition of "web analytics." Wikipedia offers the following explanation which fits the parameters of this article quite well:

Web analytics is the measurement of the behaviour of visitors to a website. In a commercial context, it especially refers to the measurement of which aspects of the website work towards the business objectives; for example, which landing pages encourage people to make a purchase.

Google Analytics is not a web log file analyzer - which is a good thing. Log file analyzers are dependent upon the web server to execute the analyzer scripts on a regular basis and can get a little resource intensive for a busy site. Plus, what happens if you lose those log files due to a disk error or filesystem corruption before they are analyzed and put into the web statistics database? And what good is your log file analyzer data when you're moving to a new server platform? You would most likely have to start from scratch with your data collection.

Enter Google Analytics. It works based on small snippets of code embedded in your web pages which cause the user's browser to call a script on Google's servers which culls the pertinent information from the user's browser. So web analytics doesn't take place on your servers or use your bandwidth! There is nothing for the IT staff to monitor or maintain.

Just in case anyone is entertaining thoughts of massive Google conspiracy theories, don't fret! The data which is being noted by Google Analytics is the same data that your web browser freely and happily gives up every time it hits any web site. This includes things like what type of web browser you're using, which operating system your computer uses, etc. It's pretty innocuous stuff, and every other web site that you visit gets the exact same information from your browser, so Google's not doing anything nasty.

Don't think that a free analytics package doesn't come with serious features. In addition to the standard statistics you would expect from a good web log file analyzer, Google Analytics provides you with the ability to view trends over time with user-definable date ranges. For your marketing department, Google Analytics has user-defined goals which are reported separately. You can also define the "funnel" or chain of URLs that the user is expected to follow to reach the goal URL. This enables you to track the effectiveness of your marketing campaigns individually and see which ones are really paying off.

And if that feature sounds attractive, then you will like the fact that Google has integrated its AdWords advertising program with the Analytics program. Your AdWords keywords are automatically imported into your Analytics account. And from within the AdWords interface, you can see ROI and other metrics for each keyword you bought on AdWords. Google Analytics plays nice with the competition too. The keyword campaign comparison reports show all your keywords from all the search engines.

Like any good analytics package, Google Analytics will track a user's navigation through your web site. However, Google's package has an additional feature that I expect many people will like. You can view an overlay of your site. For each clickable link on your web page, you will see a small bar graph representation of how many clicks that particular link gets. The longer the bar, the more clicks that particular link got during the time period for which you are viewing results. Sure, it's kind of eye candy, but some people work better with visual representations, and here they have it. Speaking of eye candy, I'm partial to the Geo Targeting feature which shows a world map and places colored dots based on where your web traffic is coming from. The dots get bigger for a region which has more traffic coming to your site.

Google Analytics has a lot to offer. It's packed with useful features, and it's free. Well... kind of free. You get up to 5 million page views per month. That's a lot of page views though, and if your site will go over the 5 million views per month, then all you have to do is open an AdWords account to get unlimited page views for your Google Analytics. It's still a darned cheap option. And if your site gets that much traffic, you could pay for the AdWords account by putting up Google's AdSense advertisements on your busy site, but that's another article...

High Mobley
Co-Owner of q!Bang Solutions

January 27, 2007

Posted by Josh Kuo on January 27, 2007 10:29 PM

January 26, 2007 | Comments: (0)

Computer Security Explained for the Masses

It is often cited that the biggest issue in the fight against worms and viruses and other such malware is uneducated users. If a person doesn't understand why it's a bad thing to open email attachments from people that he doesn't know, then you can bet that he will open every attachment which comes to him. Several email clients (not just MS Outlook!) will happily open and execute any Visual Basic or batch file that a user clicks on. Then wham! - You've got an infected machine that's probably already calling home to the nasty individual who wrote the malware and now "owns" the user's computer - which you as the IT department have to go and fix...

Of course the various network security and bug tracking sites are great about announcing the security flaws and exploits that are found, but arguably their audience is only people who are already pretty savvy about security issues. So I was pleased to see an article written more for public consumption at howstuffworks.com today, entitled "What's the problem with Microsoft Word?". The author, Julia Layton, does an excellent job of explaining some computer security jargon and bringing the layman up to speed with the MS Word zero-day flaws which were recently announced. I hope that this is a sign of a new trend of educating the end user in a comprehensible language.

When I was a full time sysadmin and helpdesk tech responsible for a few hundred users and 50 servers, I struggled to explain the same topics to the many end users individually. So instead, I sent out ocassional messages via email with some helpful tip on how to use their computer or a link to a web article that contained some useful information on a subject that I knew would tweak their interest. So I always had these sorts of articles bookmarked to send out to my users. They appreciated that I was trying to educate them and I appreciated that I had fewer infected machines to reformat and reinstall.

High Mobley
Co-Owner of q!Bang Solutions

January 26, 2007

Posted by Josh Kuo on January 26, 2007 02:33 PM

January 18, 2007 | Comments: (0)

Inexpensive manageable desk switch

Just when I was ready to give up hope of finding a small manageable gig desk switch, I got a sample unit sent to me by my university HP rep.

HP ProCurve 1800-8G:
8 ports of 10/100/1000 copper auto mdi/mdi-x switching
12volt wall wart power supply
Environmentals: 23F to 104F and 15-95% humidity non-condensing
Froogle price range: $172 to $200 MSRP: $209

So while this is a managed switch, there isn't the normal serial console port on it. In this case you're expected to set your IP address within the 192.168.2.0/24 subnet and browse to 192.168.2.10 to get into the ProCurve web management interface.

So while you shouldn't expect alot of advanced features, it at least does 802.1p vlan tagging so that you can feed a trunk line to the cubical and then break out your VOIP vlan from your data vlan and so forth. Considering that HP's new line of switches all have POE on them, it sure would have been nice if this sucker could have been powered by POE...

Here's some specs off the HP Site:
Layer 2 switching

VLAN support and tagging: support up to 64 port-based VLANs and dynamic configuration of IEEE 802.1Q VLAN tagging, providing security between workgroups
Resiliency and high availability

802.3ad Link Aggregation Control Protocol (LACP): provides link-level redundancy with support for up to 4 trunks on the ProCurve Switch 1800-8G and 12 trunks on the ProCurve Switch 1800-24G, each with up to 8 links (ports) per trunk
Quality of Service (QoS)

IEEE 802.1p prioritization: delivers data to devices based on the priority and type of traffic
Broadcast control: allows limitation of broadcast traffic rate to cut down on unwanted broadcast traffic on the network
Connectivity

Jumbo packet support: supports up to 9,216 byte frame size to improve performance of large data transfers
Monitor and diagnostics

Port mirroring: enables traffic on a port to be simultaneously sent to a network analyzer for monitoring

All in all I would have to agree with HP that this is a great way to transition away from dumb switches, and get you the ability to manage all the way into the cubical. Combine that with HP's ProCurve manager and you're got a winning combination.

Posted by Brian Chee on January 18, 2007 11:05 AM

January 12, 2007 | Comments: (0)

So where do those GPS maps come from?

So while the Global Positioning System (GPS) definately was born of military applications; GPS applications in the civilian sector has expanded beyond anyones wildest imagination. Heck, I normally have a GPS navigation system when I travel and have consistently able to cut several hours off driving time when making my way around an unfamilier city. In most cases I'm no longer afraid to cut it a bit close on appointments since I'm confident I won't be spending hours lost.

The folks at TeleAtlas have had a long list of milestones on their way to becoming one of the most popular map sources for consumer GPS & GIS products. Through the combination of using inertial navigation in combination with GPS data, TeleAtlas vans have been crisscrossing the world to create maps accurate within 5 meters in some key urban areas.

Interestingly enough this accuracy is apparently being used for some E911 (enhanced 911 emergency services) in parts of the US.

Another big change in the world of GPS is how long older GPS's take to find enough sattelites to get a position fix and that while radio signals penetrate buildings just fine (just like AM or FM radio) the weakend signal isn't always enough to get a position lock. Sirf Technology tackled the weak signal problem and has become one of the most popular GPS engines on the market today. Last year I got confused stares when I asked around about SIRF based GPS systems, but this year all the major GPS vendors has SIRF based systems.

On a geeky note, I'm hoping to get my hands on a Sirf development kit to see if I can get the open source NTP server software running with the new Sirf GPS engine so that I could possible provide super accurate NTP sync indoors.

Brian Chee is a Senior Contributing Editor with InfoWorld Magazine and is a researcher with the University of Hawaii's School of Ocean and Earth Science and Technology (SOEST).

Posted by Brian Chee on January 12, 2007 04:16 PM

November 29, 2006 | Comments: (0)

Microsoft Launches Windows Live Barcode Beta | 2D Barcode Creators

So how cool is this....the Japanese have long been in love with gadgets and now finally we have a mainstream company that seems to be putting some effort into playing catchup. So you've seen those new 2D barcodes, here's an enterprise reason to get that camera phone you've been lusting over.

So this 2D code came from the Microsoft site, and if you were to download the application for your Windows Mobile device you could then decode what the original author embedded into it.

So why am I writing about this you may ask? Well, barcode readers are mondo expensive, but almost everyone has a camera phone. So combine this recognition software withthe bar code printing software also mentioned at the site and you have a nice little SMB barcode inventory system.

However cool, I started wondering why Microsoft was getting into the bar code market when the answer slammed me in the face during the review of the Microsoft Office Sharepoint Server. The document library portion has an automatic barcode labeler so that you can more easily check documents in/out of the server. Just makes sense that Microsoft would abandon the older 1D Barcodes (like you see on soup cans and other UPC labeled items) in favor of the newer 2D codes with a much higher information density.

The recognition software also seems to be available as a standard windows app so with either a mobile phone or a camera on a Windows machine you could read information off biz card, a document, a computer, or just about anything else you may want to tag with a bit of information. Or just go crazy like our friends in Tokyo where posters for movies have a tag so that you can grab the URL with a simple snap of your cell phone camera.

Link to Microsoft Launches Windows Live Barcode Beta | 2D Barcode Creators

Posted by Brian Chee on November 29, 2006 04:34 PM

November 17, 2006 | Comments: (0)

You can help to find missing and exploited children!

www.wirelessamberalerts.org

It's simple and easy, just browse to the site, enter the zip codes that you're in regularly and your mobile number. You create an account during this process so that you can easily log back in to change the information.

I found out about this from a flyer that came with my replacement mobile phone from Asurion Insurance. (after your phone goes out of warranty, if you bought insurance, there is a good chance you're signed up with Asurion or a similar company)

We all say we want to help, now there is a way that you can be the eyes and ears to help protect our littlest techies!

/brian chee

Posted by Brian Chee on November 17, 2006 10:00 AM

November 16, 2006 | Comments: (0)

Virtualization = Power savings?

Server Virtualization News: For PG&E customers, it pays to virtualize By Alex Barrett, News Director 26 Oct 2006 | SearchServerVirtualization.com

One of the things that VMWare brought up after our blade server shootout was that there is a big movement going on to reduce power and cooling consumption through virtualization. So while I'm stealing a bit of Paul Venezia's thunder, I thought I'd toss out a few numbers.

Quantity 60: 1-2 RU servers typically can eat up to 21KW of power
Quantity 60: blade servers drop that to around 1.6kw
each blade can have between 4-6 virtual servers on each
the above doesn't always apply but for stuff like web, it could work

So just by moving to blades we save 19.4KW of power and cooling, and if we even go 2 virtual servers per blade we have HUGE power and cooling savings.

Then combine that with the APC (or similar) cooling system where the cold air is pushed closer to the heat load...well what we have is a huge downsizing in data center power requirements.

I've been tasked at UH SOEST to help determine just what kind of money we're talking about to setup a backup generator to support our critical research labs. HUGE dollars and a possible environmental impact later, it has become VERY obvious that reducing the overall load of our critical data center could save us enough bucks to justify the move to blades and virtualization.

I'm hoping that my local power company takes a hint from PG&E and also offers incentives to virtualize...

Posted by Brian Chee on November 16, 2006 12:36 PM

October 16, 2006 | Comments: (0)

Hawai'i rattles, then loses power statewide - The Honolulu Advertiser

Picture from the Honolulu Advertiser...the full article is at the link below...many thanks to the dedicated journalists at the Honolulu Advertiser.

Hawai'i rattles, then loses power statewide

Source: Hawai'i rattles, then loses power statewide - The Honolulu Advertiser
By Dan Nakaso
Advertiser Staff Writer

So one of the prices of paradise is that I live in an active volcanic region and we get some tremblers once in a while. However not since the 60's have we had one quite this big. The wife and I were shaken out of bed around 7am HST with a 6.7 shake, then minutes later a 5 aftershock that had a longer duration tossing some books off a shelf and knocking a few pictures off the wall. The overall status is that no one was badly hurt in the quake and since Hawaii is an active volcanic region our buildings are designed to handle tremblers like this.

So what does this have to do with technology, well I'm glad you asked. KSSKRadio.com is our biggest prime time radio station (2nd only to a station in Los Angeles) and they were setup to stream to a maximum of 60,000 internet listeners. When news of the quake hit, their internet service provider found themselves in a rare situation where all 60,000 licenses were gobbled up within a couple hours of the initial CNN story. Even this Honolulu Advertiser article about the quake took me almost 5 minutes to load due to the huge demand around the world.

My favorite example is the Victoria Secret Lingerie show made infamous on the internet a few years ago. Load balancing is now a way of life, but just how much can you anticipate? The reality is that you can only load balance what you already have setup. What we're going to be examining in the Honolulu lab in the coming weeks is how data center virtualization could have solved this massive unexpected load. The scenario is to have the vendor migrate a monolithic server (ie. one that takes up ALL of a standard server) and migrate it to a virtual environment. Then based upon demand, move the virtual image to a dedicated blade, and as an optional feature, then add more virtual images on dedicated blades as demand grows. Maybe I should pay a visit to the folks at the Honolulu Advertiser to talk about just how this can work for them?

/brian chee

Posted by Brian Chee on October 16, 2006 11:51 AM

September 19, 2006 | Comments: (0)

Network Instruments Announce 10Gig

As you may have seen in the Test Center blog, our friends at Network Instruments annouced 10gig support for their Observer product line.

So I just had to wander across the hall at Interop New York to corner Douglas Smith the CEO. Being a fellow propeller head, Douglas and I had a great time talking about some of the changes we had both seen in the market place. Here's a few of the highlights:

InfoWorld: Just why has there been a mad rush by the networking monitoring industry towards rapid adoption of 10 gig?

Douglas: It's really not a rush, the big change in the industry was when gigabit ethernet first showed up. That change forced the monitoring industry to implement full duplex monitoring as opposed to the legacy half duplex world common in the 10mb/sec and then the 100mb/sec world. So once the industry got the hang of being full duplex, 10 gig is really just faster. The secret sauce is more in the capture hardware.

InfoWorld: So why the hardware?

Douglas: Very early on we made a significant investment in capture hardware and being able to keep up with line speed capture, even on 10 gig really requires a significant investment in development.

InfoWorld: So is 10gig just on observer?

Douglas: Unlike some of our competitors, we made an early investment in the concept of a common code base. So yesterday when we made the annoucement; we are actually saying that 10gig is now available across our product line.

InfoWorld: Could you elaborate on that?

Douglas: Our investment has been in the Network Instruments Distributed Network Architecture (NIDNA) is the basis for our common code architecture and gives us a level of integration many of our competitors can only dream of.

So if you're in the New York area, come on down to the Javits Center for the Interop show. Drop by the Network Instrument's booth and have a chat with Douglas on his vision for Network Instruments. Get him started on forensics and have fun listening...

/brian chee

Posted by Brian Chee on September 19, 2006 12:39 PM

August 30, 2006 | Comments: (0)

Roll your own NTP Server

It was in the mid 1990's that I had a conversation with some folks at Novell about their NDS (Netware Directory System) where network (as opposed to just file server) authentication became based upon directories instead of older flat file systems. The conversation wasn't so much about the system itself, but rather about an age old data base problem called "deadly embrace". Basically the problem surrounds how computer clocks aren't terribly accurate and we chatted about the possibility of NDS server clocks getting too far away from each other and no longer able to figure out who updated whom first.

Example:
Server A contains user Harry Truman, but so does Server B which is a backup directory server for the enterprise. However, the admin for Server A updates the password for Harry but unknown to them the clock of Server B is ahead by a couple of minutes. Just after the Harry Truman record gets updated, it's time for the servers to synchronize their databases. So does Server A or Server B have the correct password for Harry? The record in Server B is newer according to the clock. In reality, directory systems don't ONLY go by time stamp, but we have seen a case during our Identity Management Shootout where the migration of Active Directory records from Fergensmeir Corp to TCP/IP Corp didn't work because the clocks on the machines were too far apart.

The solution isn't tough to imagine, get more accurate clocks. However, cesium clocks (based upon the atomic decay of cesium, also called atomic clocks) haven't gotten inexpensive enough yet to become prevalent in even high end servers. Even with new advances in single chip clocks, pricing hasn't dropped enough to make it economically viable solution for most corporations. The reality is that GPS already has super accurate Cesium clocks in them and through a mathematical formula can be accurate in the range of 40 nanoseconds or better. Truly accurate enough to eliminate the deadly embrace problem.

So I began the search to find a NTP (Network Time Protocol) server that would be inexpensive enough that even small business would be able to afford it. Failing this, I was looking at working with a Computer Science Grad student on modifying existing code to take advantage of a hardware hack that involved drilling a hole into an el'cheapo GPS. The biggest problem with this overall plan is that serial connections are inherently sloppy on timing and some sort of clock signal was needed to bring more accuracy to the clock feed from the GPS. The answer is the 1PPS (or 1 pulse per second) where we have the proverbial swinging pendulum with which to synchronize our clock with.

Fast forwarding this whole process, I'd like to bring your attention to a project started by Adrian Von Bidder and now maintained by BjÃ¸rn Hansen called pool.ntp.org where everyday folks setup time servers around the world to alleviate the load on the big popular time servers like time.microsoft.com. Interestingly enough, having local NTP servers available everywhere will also solve the deadly embrace problem I previously mentioned. So that's half the problem, but if an NTP server is going to cost upwards of $7,000/each this project is not going to get very many entries in the pool. The answer is another project by Philip M. White that utilizes a very inexpensive GPS from Garmin (under $100/each) that not only provides the serial time+location feed but also the all important 1PPS signal. Based upon the Garmin GPS 18 LVC (LVC is the barewire version) Mr. White outlines the process to build a very simple circuit to feed both the NMEA (National Marine Electronics Association) serial feed of time+location information and combining the 1PPS signal into a single serial interface.

One VERY important item to remember is that this system requires that you have a UART 8250 based serial port, anything else will skew the results and invalidate the accuracy of your clock source. Keep in mind that serial port are notoriously sloppy since it's an asynchronous interface and doesn't normally need to be that accurate. So by staying with a known quantity like the 8250 UART, the authors can predict a normalized delay for the circuitry.

So I've got an Garmin 18 LVC on order and will be hitting a local electronics store for the simple components needed for the interface. I'll update this post once I get it built, and include pictures of my version of the unit. From all indications, this circuit should be well within the realm of just about anyone that can do simple electronics soldering.

/brian chee

Posted by Brian Chee on August 30, 2006 06:52 PM

July 21, 2006 | Comments: (0)

Affordable Virtualization

My lab is littered with computers used during software trials that are in need of being regenned. While Norton Ghost has been truly wonderful for freshening a machine, I've always wanted to have a test machine on demand for quickly testing things.

Several years ago I stumbled over VMWare under Linux and liked it enough that I whipped out my credit card. After the sticker shock, I found it a great way to prototype my new Linux Servers and after a few rev's my Windows servers. However at a price tag that rivaled a low end desktop computer, I didn't go beyond that first license.

However, this has changed...previously Virtual PC from Microsoft limited me to a maximum of 10mb/second on the network, no multicast and limited virtual resources. Virtual Server R2 however is a significantly different beast. With MUCH closer ties to the metal, you can now create virtual networks, and attach the virtual machine's (VM) logical devices (ie. CDROM/DVD, floppy, serial port, etc) to physical ports and devices on the host machine. My biggest surprise was when the Debian netinstall was able to do a hardware probe and installed perfectly. So while the host is running at 1280x1024x32color for video, I purposely dropped it down to 800x60x16bit color and gave it a 16gb virtual disk. Everything worked, Debian partitioned the drive, and now reports exactly the physical conditions I gave it.

So the next time you need to do a test drive on a new release of an OS or application, think very hard about the newly free Microsoft Virtual Server R2 (x32 or x64) or the renamed VMWare Server (ex. GSX Server) from EMC.

debin-home (WinCE).bmp

Posted by Brian Chee on July 21, 2006 01:27 PM

Server Virtualization News: For PG&E customers, it pays to virtualize By Alex Barrett, News Director 26 Oct 2006 | SearchServerVirtualization.com

Technology White Papers

InfoWorld Technology Marketplace

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert