The bridge is up and running and the Audiotron is getting its data via the wireless bridge.  Next I will remove the wire, which I had strung along the edge of the ceiling using an adhesive wire track.  After that I will look into hooking up the Tivo so I can get rid of the phone wire as well.

I think that I’m going to have to acquire a new cordless phone, though.  My 2.4GHz Panasonic absolutely stomps my wireless connection when the talk button is pressed.  Some research that I’ve done on Google this morning suggests that the Panasonic phone happens to be the worst offender at this.  I’ll either get a 5.8GHz phone or go back down to 900MHz (and whatever it is, it won’t be a VTech 5.8, which is a dual-frequency phone that uses 2.4GHz for the handset).

I have almost completed my quest for wireless.  The router/access point is up and running, my primary Linux system is communicating with the outside world (including incoming SSH), and I’m writing this from my laptop over the wireless network. 

All that’s left now is to set up the Wireless Ethernet Bridge so I can hook up the Audiotron and get rid of that unsightly wire running down the hall.  I think I’ll save that for tomorrow, since working with the rat’s nest of wires behind the entertainment center is a real pain in the nether regions. 

Ok, so I’m a geek.  I enjoy playing with technology (and my job these days doesn’t let me “get my hands dirty” anymore). 

* Brownie points to whomever gets the reference in the title.

Lexar will be introducing flash memory cards with 2GB and 4GB capacities.  This means that you could take a tremendous number of photographs with a digital camera before having to download, even at the highest resolutions.  My 2 megapixel digital camera can store approximately 400 pictures on a 256MB flash card at the highest quality and resolution.  My recent experience with a film camera has definitely brought me back around to the digital camp.  There is no developing cost, no waiting for the pictures to come back, and with large memory capacities you can take lots of pictures in the hopes of getting the shot that you want.

I have been considering a couple of upgrades for my home network.  First, I’d like to move the firewall and router duties off of a PC and onto a dedicated router (less power, less heat, less noise, and less cost).  And secondly I would like to be able to use my laptop without having to plug into the network.  The network equipment companies are now starting to deliver 802.11g devices, which have a maximum possible throughput of 54Mbps (as compared to 11Mbps for the older 802.11b standard).  One downside, though, is that 802.11g is still a draft standard and is not yet finalized.  However, most of the devices that I am considering have upgradeable firmware that will allow them to be upgraded should the standard change by the time it is finalized.

One of the great things about having the Internet as a resource is that companies can make available more information than they could in the past, when they would have to rely on salespeople (who are mostly clueless about this stuff) and glossy brochures (which often weren’t worth the paper they’re printed on).  Getting answers to technical questions could be difficult (even if the company has a technical presales group).  In my case, one of the things that I need is the ability to forward SSH requests through the firewall to my Linux system.  I’m considering the Linksys WRT54G, which is a wireless access point with a router/firewall (and 4 wired 10/100 Ethernet ports).  Linksys actually provides the manuals for almost all of their devices on their site, which made answering my question much simpler.  I downloaded the manual and was able to determine that the router does support port forwarding and as a bonus it can also directly update the DynDNS.org database with the latest IP address (which was a pleasant surprise and appears to be a new feature they’ve added since the last time I looked at their routers).

This kind of information availability is one of the things that has kept me using their products for all of my home networking for the past 5 years.  I got started with them because of their LNE100TX PCI cards, which were inexpensive and easy to use, and it’s grown from there.  So, when I finally decide to pull the trigger on this network upgrade, it’ll probably be with the Linksys equipment.

This is the kind of thing that really gets me steamed.  Here’s the overview:

To: ukcrypto-at-chiark.greenend.org.uk
Subject: Citibank tries to gag crypto bug disclosure
Date: Thu, 20 Feb 2003 09:57:34 +0000
From: Ross Anderson <Ross.Anderson-at-cl.cam.ac.uk>

Citibank is trying to get an order in the High Court today gagging public disclosure of crypto vulnerabilities:

http://www.cl.cam.ac.uk/ftp/users/rja14/citibank_gag.pdf

I have written to the judge opposing the order:

http://www.cl.cam.ac.uk/ftp/users/rja14/citibank_response.pdf

The background is that my student Mike Bond has discovered some really horrendous vulnerabilities in the cryptographic equipment commonly used to protect the PINs used to identify customers to cash machines:

http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-560.pdf

These vulnerabilities mean that bank insiders can almost trivially find out the PINs of any or all customers. The discoveries happened while Mike and I were working as expert witnesses on a `phantom withdrawal’ case.

The vulnerabilities are also scientifically interesting:

http://cryptome.org/pacc.htm

For the last couple of years or so there has been a rising tide of phantoms.  I get emails with increasing frequency from people all over the world whose banks have debited them for ATM withdrawals that they deny making. Banks in many countries simply claim that their systems are secure and so the customers must be responsible. It now looks like some of these vulnerabilities have also been discovered by the bad guys. Our courts and regulators should make the banks fix their systems, rather than just lying about security and dumping the costs on the customers.

Curiously enough, Citi was also the bank in the case that set US law on phantom withdrawals from ATMs (Judd v Citibank). They lost. I hope that’s an omen, if not a precedent …

It’s bad enough that we often get dinged for the incompetence of some corporations (like Charter Communications starting to charge me rent for a cable modem I bought two years ago), but I understand that mistakes happen.  However, attempting to cover up mistakes really gets me going.  In this case, it appears that Citibank is trying to cover up something that is costing people money.  It’s the kind of thing that (on an emotional level) makes me hope that Citibank gets their ass handed to them in this case.

The above link also contains more information about the process of the attack.

Via Slashdot.

PCWorld is reporting that a company called StorCard has created a credit card-sized data storage device that can store from 100MB to over 5GB.  It uses a mylar disc inside the card to store the data and includes a magnetic stripe for possible future use in magnetic readers.  Additionally, it includes an integrated processor that can perform data encryption.  The company claims that the readers will retail for under $100.00 and the cards will be under $15.00. 

I could think of some handy uses for an inexpensive storage medium that could hold lots of data in a small form factor.  However, I noticed that the company claims that their technology “targets government, healthcare, law enforcement and public safety markets.”  This sets off alarm bells for the civil libertarian in me.  I have some concerns about misuse of this technology by those who would number and control us every second of our lives.  I hope this company doesn’t think it’s going to profit from some kind of national ID card scheme.  If so, then I won’t care anymore about the handy uses of the technology.  I will regard them as my sworn enemy and will work to do everything in my power to destroy them.  That may sound harsh, but don’t understimate the power of a sufficiently vocal group of unhappy people.  If you think we can’t make a difference, just ask Richard Sharp (former CEO of Circuit City) about DIVX (and the $100 million he threw down the toilet on it).

Via Slashdot.

Via this article at News.com (.com.com.com….) I have learned that those damn pop-up and pop-under ads are going to suck even more, thanks to something called “kick-through”.

Pop-ups add new twist

By Stefanie Olsen
Staff Writer, CNET News.com
December 20, 2002, 1:09 PM PT

Pop-up advertisements, already the bane of millions of Web surfers, are becoming more intrusive.

Pop-up and pop-under ads open a new window when people visit many popular Web sites, often littering the computer desktop with multiple browser screens. Advertisers hope people will visit the promoted Web page by clicking anywhere on the window, although many simply close it by selecting the “X” box in the top-right corner.

But a relatively new feature may make it harder for people to avoid these windows. Using a technique called the “kick through,” advertisers can direct a person to another Web site if they simply move their cursor across the pop-up ad—no clicking is necessary.

Discount travel retailer Orbitz, for example, is delivering millions of holiday-themed kick-through ads on The New York Times, ESPN.com and CondeNast sites in addition to others. The ads feature various animated games, and recipients who simply “mouse” over them are shuttled to Orbitz’s home page.

Many people who have encountered the ads say they overstep the boundaries of an already intrusive and loathed form of Web advertising.

“When I tried to close the window it kicked me to the site, which is really annoying when I have six windows open and three of which were not by my own doing,” said Diane Schreiber, a high-tech executive who lives in Brisbane, Calif.

I’ll take Alt-F4 for $500, Alex.

But here’s where we enter the fantasy world of the online marketer:

Chicago-based Orbitz, which appears to be the only advertiser using the kick through, defended the strategy. The company regularly uses pop-unders to invite people to search for discount travel fares. Because online travel has such widespread appeal, ads that “roll over” directly to the site hold value for many people (emphasis added), according to the company’s interactive ad agency, Otherwise.

What the hell kind of name is “Otherwise?”  Who names these companies?  And I’d like to meet these people who get value out of these roll over ads.  Perhaps I could convince them to stop screwing it up for the rest of us.

“The enormous success for Orbitz is directly related to these pop-unders,” said Mark Rattin, creative director for Chicago-based Otherwise. “There’s an enormous segment of the population that are appreciating these ads.” (emphasis added)  He said that similar commercials have appeared online over the last eight months.

And some people appreciate genital torture, but you don’t see the rest of us clamoring for it, you obtuse prick.

Oh well, it’s not like I could withold any further business from them.  I already make a point of avoiding any company that uses pop-ups or pop-unders.  Short of random carpet bombing, there’s not much left that I can do to Orbitz.

I once found a huge spider in one of my case fans when I was cleaning it, but this takes the cake.

Link via this article at Samizdata.net.

I received an email this afternoon that someone was having problems accessing this site.  Specifically, the browser was spewing out a bunch of XML followed by an error message (“The XML page cannot be displayed.  Cannot view XML input using XSL style sheet. Please correct the error and then click the Refresh button, or try again later. “).  I started poking around and found a few problems with my coding (I forgot to put some of my image attributes in quotes and I forgot to close some <img> tags with a space and a slash—e.x. <img src=”…” width=“x” height=“y” />).

The person having the problem was running IE 5.5 (with no fixes), so it appears to me that it was incorrectly interpreting the page as XML rather than (X)HTML.  I was able to duplicate the error by copying index.html to testindex.xml.  But after fixing the above problems I realized that there are a couple of cases where I use characters that require escaping in XML but that are valid in HTML (the ‘&’ symbol in a CGI call, for example, requires escaping).  Unfortunately, fixing that would break the site for most browsers (Update—apparently not true according to the XHTML docs I’ve been reading).

My suspicion is that this is a bug in the original IE 5.5 and that it is not interpreting the first line of the file correctly.  Incidentally, the first line of the file was “<?xml version=‘1.0 encoding=‘UTF-8’?>”, which was added to fix the infamous F11 bug with IE 6.0.  I’ve temporarily removed this line to see if the person having the problem can load the page.

I should note that I’ve verified that the page loads correctly in IE 6 with the latest fixes applied (at least on my XP system) (and without the F11 fix), in IE 5.5 with SP1 (on Win2K), and Mozilla 1.1 (Linux).  The site looks like crap with NS 4.7x (but is anyone still using it?).

Update: I put the xml line back and added some other magical incantations to the source to see if I can accomodate both browsers.

Update 2: No joy.  I took out the xml line for now.  It’s kind of disappointing, because the XHTML standard strongly recommends it (although it doesn’t require it).  In any event, I ran this site through an XHTML validator and discovered several problems, especially with blockquotes.  I will continue fighting with XHTML later.

It was with a bit of nostalgia and sadness that I greeted this article about the final demise of OS/2.  I worked with it from 1993 until sometime in 2000.  My first job was doing NetWare technical support and I was the OS/2 client guru for the team (we also had a version of NetWare that would run with OS/2, but it never caught on).  My next job involved doing OS/2 Presentation Manager programming, and that’s what allowed me to get into the position that allowed me to grow into my current position.  We moved all of our client code to Win32 in 2000, and I finally migrated off OS/2 on my work desktop shortly after that.

I was never a fanatic about it (I didn’t go around preaching the gospel of OS/2, like some people do with Macs or Linux today), but I thought that OS/2 had a lot of potential and I liked working with it.  The WPS was a true technical innovation, and the underlying kernel was pretty solid.  A well configured OS/2 LAN server could match or outperform both NetWare and MS servers.  I was disappointed at how it was handled and I was ultimately chased away from it because of technical problems (as OS/2 got less and less attention from IBM and vendors, it became increasingly difficult to interact with web sites and to find programs to read documents).

Oh well, all things must eventually come to an end.