tag:blogger.com,1999:blog-32031874100457772812024-02-07T02:14:48.315-08:00Brain BarfSoup of Computers, Tech, Philosophy, India, History, Energy, Economics, World ...Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.comBlogger66125tag:blogger.com,1999:blog-3203187410045777281.post-9130519332384162612011-08-18T23:26:00.000-07:002011-08-19T08:22:30.761-07:00"Lo mashalon ko jala dala kisi ne" - Prasoon JoshiBelow is Prasoon Joshi's beautiful poem "Lo mashalon ko jala dala kisi ne" on the current rise of the country against corruption. I heard it on TimesNow during Arnab's newshour on Aug 18th. As an aside, if anybody is interested I used the Hindi language ITRANS method on my Ubuntu 10.10 for keying in the poem. It works like a charm.<br />
<br />
लो मशालों को जगा डाला किसी ने<br />
भोले थे अब कर दिया भाला किसी ने<br />
<br />
है शहर ये कोयलों का<br />
ये मगर ना भूल जाना<br />
लाल शोले भी इसी बस्ती में रेहते हैं युगों से<br />
रास्तो मैं धूल है<br />
कीचड भी है पर याद रखना<br />
ये जमीन धुलती रही<br />
संक्लप वाले आसुओं से<br />
मेरे आंगन को है धो डाला किसी ने<br />
<br />
लो मशालों को जगा डाला किसी ने<br />
भोले थे अब कर दिया भाला किसी ने<br />
<br />
आग बेवजह कभी घर से निकलती ही नही है<br />
टोलियों जत्थे बनाकर चींख यूं चलती नही है<br />
रात को भी देखने दो आज तुम सूरज के जलवे<br />
जब तपेगी ईट तब ही होश में आयेंगे तलवे<br />
तोड़ डाला मौन का ताला किसी ने<br />
लो मशालों को जगा डाला किसी ने<br />
भोले थे अब कर दिया भाला किसी ने<br />
<br />
<br />
<br />
The poem is also available at http://blog.lipikaar.com/prasoon-joshi-poem-against-corruption/. A video is available at http://indiatoday.intoday.in/site/video/prasoon-joshi-poem-against-corruption/1/148420.html.Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com2tag:blogger.com,1999:blog-3203187410045777281.post-80443507966343195162011-02-16T09:07:00.000-08:002011-02-23T19:36:54.928-08:00Ghostnet, Stuxnet, What next ??<div style="text-align: justify;"><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;">I recently attended the <a href="http://www.isoc.org/isoc/conferences/ndss/11/program.shtml">18th NDSS</a> conference in San Diego from Feb 6-9, 2011, which was keynoted by <a href="http://www.symantec.com/connect/blogs/liam-o-murchu">Liam O' Murchu</a>, a Stuxnet expert from Symantec. Though the <a href="http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf">technical details about Stuxnet</a> have been available since long, I found the talk exciting for the larger lessons that were shared from the whole episode. Below is a mix of notes from the talk and my ramblings. Warning: experts on this topic may find it boring !</span></div></div><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;"><br />
</span></div></div></div><div style="text-align: justify;"><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;">By <a href="http://www.symantec.com/connect/blogs/w32stuxnet-dossier">Symantec's own admission</a>, Stuxnet is probably the most complex piece of targetted threat seen to date. It contains seven methods to propagate:</span></div></div></div><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"></span><br />
<div style="text-align: justify;"><ol><li><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><a href="http://www.sophos.com/pressoffice/news/articles/2010/07/stuxnet.html">Using USB drives</a>, which contained a rootkit exploiting a vulnerability in windows explorer's handling of .LNK files. </span></li>
<span class="Apple-style-span" style="font-family: Verdana, sans-serif;">
<li>By exploiting a <a href="http://www.computerworld.com/s/article/9187300/Microsoft_confirms_it_missed_Stuxnet_print_spooler_zero_day_">print spooler vuln</a>. </li>
<li>By exploiting <a href="http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx">MS08-067</a>, which allowed remote code execution on a vulnerable MS Windows 2000, XP or 2003 server by sending a specially crafted RPC request. </li>
<li>Spreading via Network shares. </li>
<li>Using P2P sharing for updating itself and for communication between different infected machines on a network. </li>
<li>By exploiting hard-coded passwords in WinCC (a Siemens software for SCADA process visualization). </li>
<li>Spreading via Step 7 projects (the IDE used for programming PLCs).</li>
</span></ol></div><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"></span><br />
<div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;">In essence, Stuxnet used 4 zero-day exploits, 1 known exploit, 3 rootkits, and 2 compromised certificates (from JMicron and Realtek semiconductors) to sign the rootkits. </span></div><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;"><div style="text-align: justify;"><br />
</div></span></span><br />
<div><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;">Stuxnet is not a 'yet-another-worm' that randomly goes about accumulating vulnerable machines for spam/DDoS gains or brownies for its perpetrators. Its highly-targeted nature - targeting specific uranium enrichment facilities in Iran - suggests a focused military-style operation involving </span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;">(a) extensive and careful intelligence gathering and planning, (b) </span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;">a structured software design and development cycle and (c) </span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;">an extensive test cycle involving various hardware and software.</span> In addition, Stuxnet's highly configurable architecture (~430 different settings) gives its controllers incredible control and precision over its lethality and spread. Apart from its technical sophistication, Stuxnet convincingly demonstrates the oft-quoted "<i>threat from targeted attacks</i> " and acts as the quintessential bellwether of times ahead. While its predecessors, like the Chinese cyber-espionage network <a href="http://www.scribd.com/doc/13731776/Tracking-GhostNet-Investigating-a-Cyber-Espionage-Network">Ghostnet</a>, brought to light the new face of remote-controlled espionage in the 21st century, Stuxnet ups the ante many notches by demonstrating the lethal potential of targeted cyber-power.</span></div></div><div><div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br />
</span></div><div><div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;">Stuxnet is the first known malware to target control systems hardware (PLC). PLC (Programmable Logic Controllers) are critical elements in industrial automation and are traditionally programmed from a Windows control PC which is air-gaped - disconnected from any network - for security. In my opinion, Stuxnet big achievement was in bridging the air-gap.</span></div></div><div><div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br />
</span></div><div><div style="text-align: justify;"><div style="text-align: left;"><div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;">Key to Stuxnet's success lay in the detailed understanding of its target gathered during the intelligence gathering phase. Stuxnet had clear understanding of (a) the PLCs being used (Siemens s7-300, s7-400), (b) the detailed configuration within PLCs controlling the uranium enrichment, and (c) the software development environment (<em>Step 7 </em>from Siemens) and the methodology used for developing and deploying code.</span></div></div><div style="text-align: left;"><div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br />
</span></div></div><div style="text-align: left;"><div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;">It is believed that Stuxnet was delivered initially via USB to a small number of industrial process control companies connected to the uranium enrichment plant. Contractors from such companies write the actual </span></span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;">PLC programs (as </span><span style="font-size: small;">Step 7 projects) </span><span style="font-size: small;">on workstations connected to the corporate LAN. </span></span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;">Stuxnet thus spread using zero-day network exploits to as many LAN workstations possible. </span></span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;">Workstations containing Step 7 were then infected </span><span style="font-size: small;">by hiding a dll (containing the PLC rootkit) into a Step 7 project such that the dll got loaded as soon as the project was opened. </span></span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;">Stuxnet then relied on the </span><span style="font-size: small;">Step 7 </span><span style="font-size: small;">project zip file being transferred across the air-gap to a Windows control PC via removable media like USB. Once on the control PC, Stuxnet modified the PLC as necessary, making sure to hide its modifications.</span></span></div></div><div style="text-align: left;"><div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;"><br />
</span></span></div></div></div></div><div></div><div><div style="text-align: justify;"><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;">There were 100k infections reported worldwide with more than 60% coming from Iran. It is believed that infections outside Iran were not intentional and probably spread due to infected Step 7 projects shared between contractors in various countries. Additionally, the zero-day .LNK vulnerability proved widely successful. It is believed that Stuxnet managed to finally infect the Natanz and Busheir plants in Iran and there was a reported shutdown of Natanz. An <a href="http://www.israelnationalnews.com/News/News.aspx/142361">IAEA report</a> states 1000 centrifuges in Natanz were offline in Nov 2009 which is close to the type of PLC configuration that Stuxnet was targeting. </span></div></div></div><div style="text-align: justify;"><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;"><br />
</span></div></div></div></div><div></div><div><div style="text-align: justify;"><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;">Stuxnet increases the bar for security professionals and system architects by derailing the commonly held belief of air-gaping critical systems for providing extraordinary security. My personal opinion is that Stuxnet, in some way, only reinforces what Albert Einstein famously quipped, <em>"Every day, man is making bigger and better fool-proof things, and every day, nature is making bigger and better fools. So far, I think nature is winning". </em>The lesson for security professionals is thus simple: <em>Air-gaps don't exist! There will be a human (read fool) bridging the gap.</em></span></div></div><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;"><em><br />
</em></span></div></div></div></div><div></div><div><div style="text-align: justify;"><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;">With the world racing towards making things 'smart', from smart washing-machines to smart power grids, one really wonders whether all this 'smartness' will end up making us look dumber than ever. The landscape seems to be shifting faster than we can grasp it.</span></div></div><div style="text-align: left;"><div style="text-align: justify;"><span style="font-family: Verdana, sans-serif; font-size: small;"><br />
</span></div></div></div></div><div><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"></span><br />
<div style="display: inline !important; text-align: justify;"><div style="text-align: left;"><div style="text-align: justify;"><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="font-size: small;">The last decade witnessed has already witnessed the rise in politically motivated cyber attacks like the <a href="http://en.wikipedia.org/wiki/Titan_Rain">Titan Rain</a> (2003 - 2005), </span></span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"> <a href="http://asert.arbornetworks.com/2007/05/estonian-ddos-attacks-a-summary-to-date/">DDoS attacks on Estonia</a> (May 2007), <a href="http://asert.arbornetworks.com/2008/08/georgia-ddos-attacks-a-quick-summary-of-observations/">DDoS attacks on Georgia</a> (August 2008), <a href="http://www.scribd.com/doc/13731776/Tracking-GhostNet-Investigating-a-Cyber-Espionage-Network"> Chinese cyber-espionage network Ghostnet</a> (May 2009), <a href="http://blogs.mcafee.com/corporate/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-others">Operation Aurora</a> (Dec 2009-Jan 2010), Stuxnet (July 2010), </span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><a href="http://www.guardian.co.uk/media/2010/dec/11/wikileaks-backlash-cyber-war">Operation Payback</a> (Dec 2010). </span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;">The question is: </span><span class="Apple-style-span" style="font-family: Verdana, sans-serif;">What next?</span></div></div></div></div></div></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-36347138862162910192009-12-01T22:14:00.000-08:002009-12-01T22:19:16.297-08:00Observations and Suggestions using Chromium OS - Part 1<pre wrap=""><span style="font-family: Verdana,sans-serif; font-size: small;">I synced my old repository and updated it to the Developer build (Mon Nov 30 4:35:10 UTC 2009). Build was successful. I copied image to a USB and booted my Acer Inspire from USB.</span>
<span style="font-family: Verdana,sans-serif; font-size: small;"><b>Observations</b></span></pre><ol><li>Boottime was about 12 seconds from USB. But still great!</li>
<li>My network did not connect at boottime so had to login using the local username and password. This happened every time i booted. Maybe the network settings will get saved once i boot from a local harddisk.</li>
<li>Once logged in i had to manually select my network and then login to gmail etc. etc. using my google credentials.</li>
<li>I then connected my Acer to a 19'' widescreen with 1440x900 resolution. Had to use xrandr to get the screen resolution right but was no fuss. Used the following command:<br />
<br />
<blockquote>$ xrandr --output VGA1 --mode 1440x900 --rate 60.1<br />
</blockquote><br />
<br />
</li>
<li>Tested using youtube, google docs, google reader, picasaweb, a couple of flash-heavy sites (royalsociety.org), google chat, google books, google wave. Everything seemed 'much much' faster than same accesses via firefox.</li>
<li>Clicking on PDFs opens them up in google docs. But trying to download did NOT seem to work.</li>
<li>For adjusting sound, had to use alsamixer from commandline to get the sound volume up. I wish there was a sound button in the GUI itself for the same.</li>
<li>Could not figure out how to setup my network printer to print my google docs.</li>
<li>While playing a youtube video it felt as if the browser crashed and then recovered itself. I cannot describe what exactly happened unless i debug this further.</li>
<li>Could not play any silverlight videos. I guess the plugin will come someday.</li>
</ol><pre wrap=""><span style="font-family: "Trebuchet MS",sans-serif;"><span style="font-family: Verdana,sans-serif; font-size: small;">I have started seriously using this as my preferred OS for my netbook even though i am running it off a USB. It actually doesnt feel any different at all. It is a fresh new experience and thats what makes it exciting i guess.</span>
</span>
<span style="font-family: Verdana,sans-serif; font-size: small;"><b>Suggestions</b></span></pre><ul style="text-align: justify;"><li>It strikes me now after using Chromium OS that we were actually having redundant software for most needs all the while. If the browser is capable of showing photos, opening PDFs, editing documents, playing music, videos and games then when the heck have any other software. What is missing if you are a programmer, is a platform for developing and testing software in the popular languages. But maybe even that can be incorporated into the browser easily. For example, a tab of the browser could upon up as a text editor and perhaps google could host a variety of popular compiler and library stacks to compile,link and run code (think like LAMP stacks but for developing code). A user then just submits his code and gets his output. Ofcourse, such a system would require careful thought and design as there are many many issues to be tackled. But just a thought.</li>
</ul> On a side-note, i remember that i read somewhere a couple years ago that Blake Ross (the firefox guy) was working on an operating system called Parakey which was pretty similar in spirit to Chromium OS. Dont know what happened to that. Anybody?<br />
<br />
<ul style="text-align: justify;"><li>Have a sound button in the GUI for adjusting volume.</li>
<li>Have a key accelerator (like Ctrl+/? from google reader) to display Keyboard shortcuts.</li>
</ul><pre wrap=""></pre>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-86963317502345429152009-11-20T03:50:00.000-08:002009-11-23T13:35:06.494-08:00My notes, screenshots and first impressions on Google Chromium OS on VMware!<div style="text-align: justify;">I was eagerly awaiting the release of Googles ChromeOS (Chromium OS). Google opened up the <a href="http://googleblog.blogspot.com/2009/11/releasing-chromium-os-open-source.html">source</a> at about 10:30AM today and i have it compiled on my Ubuntu 9.04 and working on my Vmware Workstation. Phew! The following are my notes, screenshots and first impressions of the whole experience.<br />
<br />
<i><b>Updates : </b>A few corrections based on comments by Ethan.</i><br />
<b> </b><br />
<i><b>Updates: </b> I have uploaded my VMWare disk (.vmdk) <a href="http://www.arunviswanathan.com/content/uploads/chromeos_vmware_arun.vmdk.tar.gz">here</a>. Its about 350MB tar gzipped. MD5 Checksum is </i> 8b158acfff42572dce632fdcb0707009<i>. To use this <b>vmdk </b>one needs to first create a virtual machine and give the path to this vmdk file as the logical disk. Note that this is NOT <b>.vmx </b>but <b>.vmdk</b>. Thus you cannot open this file in VMWare directly. You will need to create a virtual machine.</i><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><span style="font-size: small;"><b>ChromeOS Getting Started Documentation </b></span><br />
</div><div style="text-align: justify;">The documentation is pretty neat and things worked out-of-the-box for me. I did not have to hack even a line of script. Started by watching the videos and reading the documentation <a href="http://sites.google.com/a/chromium.org/dev/chromium-os">here</a>. <br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><b>Setup</b><br />
</div><div style="text-align: justify;">My compile environment was a Ubuntu 9.04 ACER Aspire Netbook. I actually wanted to get ChromeOS running on the same Netbook but the documentation suggested that the Chrome install process will nuke the entire harddrive and so i opted for creating the VMWare Disk Image instead.<br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><b>Building the Image</b><br />
</div><div style="text-align: justify;">The whole process, right from reading the initial documentation to getting up the VMWare took me about 5 hours and most of it was spent creating the chroot environment, compiling the packages and the kernel. After that, the image building and the creation of the VMWare Disk was pretty quick.<br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><b>Running ChromeOS on VMware</b><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><i><b>1. Bootup Time</b> </i><br />
</div><ul style="text-align: justify;"></ul><div style="text-align: justify;">Ofcourse, running it on VMWare meant that i could not test its claimed bootup speed! But the bootup definitely 'felt' faster relative to my other OS bootups on VMWare. ChromeOS creates a file called /home/chronos/chrome_startup.log which showed bootup time as 47seconds. I believe that is good on VMware.<br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><i><b>2. Login Prompt</b></i><br />
</div><ul style="text-align: justify;"></ul><div class="separator" style="clear: both; text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDJh-osdmDIeyfjuihxYmI4_0dIIDr7fY4pYvgkdW6_awGo-Es6lSHD2E8C9XSOaxFD4F3tbsR8TgKg5p2QdTCJSoglxUlpGTmuzJY-KMfy0_BR2WfQf5me6czv3SpkVDOmiBN-VF4D1A/s1600/Screenshot-Ubuntu+%282%29+-+VMware+Workstation-4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDJh-osdmDIeyfjuihxYmI4_0dIIDr7fY4pYvgkdW6_awGo-Es6lSHD2E8C9XSOaxFD4F3tbsR8TgKg5p2QdTCJSoglxUlpGTmuzJY-KMfy0_BR2WfQf5me6czv3SpkVDOmiBN-VF4D1A/s640/Screenshot-Ubuntu+%282%29+-+VMware+Workstation-4.png" /></a><br />
</div><div class="separator" style="clear: both; text-align: justify;">The login prompt is plain and simple blue with two boxes for username and password.I noticed two things here:<br />
</div><ol style="text-align: justify;"><li>The username/password could be your gmail credentials.That means that your Google account could act as a profile store.Does this mean someone can use a ChromeOS device only when online? Or only having a google account? I am not sure as of now.<br />
</li>
<li>It also accepts the username/password that i created while i was building the code. I think this option would be disabled for regular users. </li>
</ol><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><i><b>3. Login Using Google Credentials</b></i><br />
</div><div style="text-align: justify;"><i><b> </b></i><br />
</div><div style="text-align: justify;">To begin with, i logged in with my Google credentials and was presented the following error page saying that the security certificate for <i>google.com</i> was revoked. My login had succeeded.<br />
</div><div class="separator" style="clear: both; text-align: justify;"><br />
</div><div class="separator" style="clear: both; text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi17j84QrAcRHxdP0MSAxNK4kMN52wiLEmY_1e6Y1rZxOevlzg8Y6u2lchGYAFcWi8qqpQJauAdzZKgiEutddZGIYlPVDZzh4JXrKX7XYDVjgXz9VA5_nwGEU16zsceNuFU63TuTbgZDdM/s1600/Screenshot-Ubuntu+%282%29+-+VMware+Workstation-5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi17j84QrAcRHxdP0MSAxNK4kMN52wiLEmY_1e6Y1rZxOevlzg8Y6u2lchGYAFcWi8qqpQJauAdzZKgiEutddZGIYlPVDZzh4JXrKX7XYDVjgXz9VA5_nwGEU16zsceNuFU63TuTbgZDdM/s640/Screenshot-Ubuntu+%282%29+-+VMware+Workstation-5.png" /></a><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">This seems to be like a bug to me but i will have to do some more trials before concluding that this is a real bug. <br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><i><b>4. Login Using regular credentials</b></i><br />
</div><div style="text-align: justify;">I tried logging in with the <i>testuser</i> account that i had created earlier. That seemed to work fine and i finally got presented with a functioning chrome browser.<br />
</div><div class="separator" style="clear: both; text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgB5tuQIx3Y-A-ZH6lNob6CurBOWOCxoYpl76BbEm4sG5b0Ur7T7yIJ6r_1_a9S5Y_lguekpj-5PKDPZRQzyrIuxallttJX70N1LXVAmBnCO0edP4hwp7HPBcmQC7TmS9BYJJvfJ-IiuoQ/s1600/MenuBar.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgB5tuQIx3Y-A-ZH6lNob6CurBOWOCxoYpl76BbEm4sG5b0Ur7T7yIJ6r_1_a9S5Y_lguekpj-5PKDPZRQzyrIuxallttJX70N1LXVAmBnCO0edP4hwp7HPBcmQC7TmS9BYJJvfJ-IiuoQ/s640/MenuBar.png" /></a><br />
</div><div class="separator" style="clear: both; text-align: justify;">I could login into gmail.com, reader.google.com, docs.google.com etc. with my regular gmail credentials and could operate my account as usual. No problems. Things even seemed a tad faster in my slow VMWare.<br />
</div><div class="separator" style="clear: both; text-align: justify;"><br />
</div><div class="separator" style="clear: both; text-align: justify;"><i><b>5. Some UI features<br />
</b></i><br />
</div><div style="text-align: justify;">From the above screenshot, its clear that all the user sees when he logs in is the chrome browser interface. There is no desktop and no icons. The only icons that i could spot are 4 on the top right: time, an inactive icon, networks and a drop-down menu. A single chrome icon exists to the top left. Clicking on it takes you to <i>Google Shortlinks</i> which i believe is Googles replacement for desktop icons with links to Google Products. Smell a monopoly in the making?<br />
<i>Update: Ethan points out that it will be far from a monopoly because whatever is web-based would be supported. I agree but i would like to wait and watch and would be happy to be wrong.</i><br />
<br />
</div><div class="separator" style="clear: both; text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiPH_KHVavDFl7A9HuDiIElXr5OEyQOzbsM_fNfDLJIlIjZFGnlP95wDd43bhlpXQ95RWcVWGU-zgDStw9gZPgZWPJJDgBqv3NX8DdBJ-fOvolm7dYHdEOOCiP7PZN1rlKsPlKcQO6jxI/s1600/shortlinks.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiPH_KHVavDFl7A9HuDiIElXr5OEyQOzbsM_fNfDLJIlIjZFGnlP95wDd43bhlpXQ95RWcVWGU-zgDStw9gZPgZWPJJDgBqv3NX8DdBJ-fOvolm7dYHdEOOCiP7PZN1rlKsPlKcQO6jxI/s640/shortlinks.png" /></a><br />
</div><div class="separator" style="clear: both; text-align: justify;"><br />
</div><div class="separator" style="clear: both; text-align: justify;"><i><b>6. Task Manager and Resource Stats<br />
</b></i><br />
</div><div class="separator" style="clear: both; text-align: justify;">Clicking on the top gives an option to open the <i>Task Manager </i>which looks as below. This is pretty much the standard task manager except that we see a lot fewer tasks in it. Also, it hints at the multiprocess nature of the Chrome browser.<br />
</div><div class="separator" style="clear: both; text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQNJREXk-2BHOYTleYc8dnznKPsOISDNx_MHUq2hoWyuGNON45yA7RR__4WsrAYX7F3jiEym20xvZ6U-gw4LVLYm0n8W2ItPDZWVcTebgM7Qv-dshBT7kH00wLDXdcSRBstKFpGqFCEWg/s1600/Screenshot-Ubuntu+%282%29+-+VMware+Workstation.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQNJREXk-2BHOYTleYc8dnznKPsOISDNx_MHUq2hoWyuGNON45yA7RR__4WsrAYX7F3jiEym20xvZ6U-gw4LVLYm0n8W2ItPDZWVcTebgM7Qv-dshBT7kH00wLDXdcSRBstKFpGqFCEWg/s640/Screenshot-Ubuntu+%282%29+-+VMware+Workstation.png" /></a><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Clicking on <i>Stats for Nerds</i> shows an additional memory usage view. This is equivalent to typing <i>about:memory</i> in the browser tab. I don't understand everything in the stats yet but will dig in later. For example, i don't understand what <i>Proportional Memory</i> is.<br />
</div><div style="text-align: justify;"><br />
</div><div class="separator" style="clear: both; text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7EUxD2-urGPFmGlNXAMgyajbX-er17PsOLaYfGBFiu895Amobpm_JSyro9tmSDbd6zUmBqZONAWHf0thoAU9yo43xbyN2Db7cK1AAEB7CVd1kuxL3OGy9hjmFhrnCObS34LCxHHmtKZI/s1600/Screenshot-Ubuntu+%282%29+-+VMware+Workstation-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7EUxD2-urGPFmGlNXAMgyajbX-er17PsOLaYfGBFiu895Amobpm_JSyro9tmSDbd6zUmBqZONAWHf0thoAU9yo43xbyN2Db7cK1AAEB7CVd1kuxL3OGy9hjmFhrnCObS34LCxHHmtKZI/s640/Screenshot-Ubuntu+%282%29+-+VMware+Workstation-1.png" /></a><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">A minor point: the note in the above figure states that other browsers like IE and Firefox will also be shown here if they are running. This could be due to the fact that the Chrome browser code-base used is the one used for Chrome on desktops. Or maybe they really intend to do that in the future ?<br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">I couldn't navigate any further and could not find out additional shortcuts or additional interesting options and settings. Will need to dig more in the documentation to see if there are more interesting peeks here and there.<br />
</div><div class="separator" style="clear: both; text-align: justify;"><br />
</div><div style="text-align: justify;"><i><b>7. Browsing of files</b></i><br />
</div><div class="separator" style="clear: both; text-align: justify;"><br />
</div><div class="separator" style="clear: both; text-align: justify;">The file browser is contained in the Chrome browser itself. Typing<i> file:///</i> in the address bar shows the root file system as seen when browsing a remote directory. Not the best way to navigate a local file system i guess.<br />
</div><div class="separator" style="clear: both; text-align: justify;"><br />
</div><div style="text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9C7fQnTlU44qsFsW3sqOoz-fe-qEZP-tKwf4IEIRauW71a1NCbcNP6V43zvubnaUI-umfk2z_AhpRNtKjIlsBgDhU6HhiC_KG0qZoFo4rXtI4iz_0jzVCB_7XCeG11WWg8orVOel5Nfs/s1600/Screenshot-Ubuntu+%282%29+-+VMware+Workstation-2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9C7fQnTlU44qsFsW3sqOoz-fe-qEZP-tKwf4IEIRauW71a1NCbcNP6V43zvubnaUI-umfk2z_AhpRNtKjIlsBgDhU6HhiC_KG0qZoFo4rXtI4iz_0jzVCB_7XCeG11WWg8orVOel5Nfs/s640/Screenshot-Ubuntu+%282%29+-+VMware+Workstation-2.png" /></a><br />
</div><div class="separator" style="clear: both; text-align: justify;"><br />
</div><div style="text-align: justify;"><i><b>8. Shell and command line tools<br />
</b></i><br />
</div><div style="text-align: justify;">To get to the command line<b>,</b> one has to press Ctrl+Alt+T. Frankly, i could not figure out how to navigate back to the GUI or to other open command-line and i had to keep doing Ctrl+Ds on the command line to get back to the GUI.<br />
<i>Update: Ethan points out that typing exit takes us back to the GUI. It is essentially the shortcut Ctrl+D</i>.<br />
<br />
</div><div class="separator" style="clear: both; text-align: justify;"><br />
</div><div style="text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiid7HVawd9qqxc0GTyYPS0-e0NOac6ATrQVVEc23zrxLODfvljm2uq-_s5Kj5qGgAWvq599Io3w6AHaDMQJ_Im8o7-jndMeHcIaxcvx_oZmcb9JgHFaVxeLYaASfduzEviVksbkaR5ka0/s1600/shell.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiid7HVawd9qqxc0GTyYPS0-e0NOac6ATrQVVEc23zrxLODfvljm2uq-_s5Kj5qGgAWvq599Io3w6AHaDMQJ_Im8o7-jndMeHcIaxcvx_oZmcb9JgHFaVxeLYaASfduzEviVksbkaR5ka0/s640/shell.png" /></a><br />
</div><div style="text-align: justify;">The most irritating aspect to me was that standard utilities like ifconfig, route etc. were missing.<br />
<i>Update: I missed this completely. You can access all of these commands by using sudo as Ethan pointed out correctly. Thanks for the correction. </i><br />
<br />
I could use vi, python and the standard shell builtin commands as far as i tried. Also, I found apt-get and dpkg installed but it would not let me install any packages using apt-get (the locks were read-only). I am not sure if this is intentional or a bug.<br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Thats all i could get my hands on for today but this is the beginning and the exploration would continue.I will be digging into the documentation and source code and keep reporting nuggets of information as and when i discover it for myself.<br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><b>Conclusion</b><br />
</div><div style="text-align: justify;">ChromeOS is exciting and would get even more exciting in the coming months and years. I remember my Professor telling us in class that systems should be like 'Toasters' i.e. it must not be required to read a manual to operate it. ChromeOS is definitely a step in that direction. Also, the lean philosophy adopted by ChromeOS should reduce the burden on end users as far as managing and securing systems is concerned. Ofcourse, there will be newer challenges but atleast ChromeOS reduces the surface area of problems.<br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">I think Google needs to watch out and not make ChromeOS a Google-Centric product. That may not be well received by consumers already struggling to break free of existing monopolies.<br />
</div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com4tag:blogger.com,1999:blog-3203187410045777281.post-33840552048204214422009-11-16T14:34:00.000-08:002009-12-28T11:02:07.915-08:00What can we learn from Craigslist?<span style="font-family: Arial,Helvetica,sans-serif; font-size: small;">Ref: <a href="http://www.wired.com/entertainment/theweb/magazine/17-09/ff_craigslist" id="mw8d" title="Why Craigslist is such a mess?">Why Craigslist is such a mess?</a></span><br />
<br />
<span style="font-family: Arial,Helvetica,sans-serif; font-size: small;"> There is lots to ponder, learn and unlearn from Craigslist in this new information age. The following are a few simple lessons that i extracted from the following quotes in the above referenced article on Craigslist. The article is a great read. <br />
</span><br />
<h2 style="font-family: Arial,Helvetica,sans-serif;"><b><a href="http://www.blogger.com/post-edit.g?blogID=3203187410045777281&postID=3384055204820421442" id="Lesson_1_08222655230354525_7407918785904453" name="Lesson_1_08222655230354525_7407918785904453"></a></b><span style="font-size: small;">Lesson 1: <span style="font-weight: normal;"><b>W</b><b>e may not have a single definition for doing good business but we can all agree on the fact that businesses exist to serve the public. </b></span></span><b><span style="font-size: small;"><br />
</span></b></h2><blockquote style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><i>But seen from another angle, craigslist is one of the strangest monopolies in history, where customers are locked in by fees set at zero and where the ambiance of neglect is not a way to extract more profit but the expression of a worldview.</i></span><br />
</blockquote><h2 style="font-family: Arial,Helvetica,sans-serif;"><a href="http://www.blogger.com/post-edit.g?blogID=3203187410045777281&postID=3384055204820421442" id="Lesson_2_4168969045328299" name="Lesson_2_4168969045328299"></a><span style="font-size: small;"><span style="font-weight: normal;"><b>Lesson 2</b>: </span><b>D</b><span style="font-size: small; font-weight: normal;"><b>a</b><b>vi</b><b>d(s) have, are and will always trump Goliath(s) in every age</b></span><b><span style="font-size: small; font-weight: normal;">.</span></b><br />
</span></h2><blockquote style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><i>It is difficult to overstate the scale of this accomplishment. Craigslist gets more traffic than either eBay or Amazon .com. eBay has more than 16,000 employees. Amazon has more than 20,000. Craigslist has 30.</i></span><br />
</blockquote><h2 style="font-family: Arial,Helvetica,sans-serif;"><a href="http://www.blogger.com/post-edit.g?blogID=3203187410045777281&postID=3384055204820421442" id="Lesson_3_22000232165744316" name="Lesson_3_22000232165744316"></a><span style="font-size: small;"><b>Lesson 3: </b><span style="font-weight: normal;"><b>P</b><b>eople work the best when they are allowed to work.</b></span><br />
</span></h2><blockquote style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><i>The long-running tech-industry war between engineers and marketers has been ended at craigslist by the simple expedient of having no marketers. Only programmers, customer service reps, and accounting staff work at craigslist. There is no business development, no human resources, no sales. As a result, there are no meetings. The staff communicates by email and IM. This is a nice environment for employees of a certain temperament. "Not that we're a Shangri-La or anything," Buckmaster says, "but no technical people have ever left the company of their own accord."</i></span><br />
</blockquote><h2 style="font-family: Arial,Helvetica,sans-serif;"><a href="http://www.blogger.com/post-edit.g?blogID=3203187410045777281&postID=3384055204820421442" id="Lesson_4_5601642429177941" name="Lesson_4_5601642429177941"></a><span style="font-size: small;">Lesson 4: <span style="font-weight: normal;"><b>If there are sufficient economic incentives, things will get done. Doesnt matter what side of the fence you are.</b></span><br />
</span></h2><blockquote style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><i> Captchas—distorted words that can be interpreted by humans more easily than by machines—tamed spam on craigslist for a while. Then it came back full force, not because the spammers had solved the difficult problem in artificial intelligence but because they had hacked an easier problem in global economics</i></span><br />
</blockquote><h2 style="font-family: Arial,Helvetica,sans-serif;"><a href="http://www.blogger.com/post-edit.g?blogID=3203187410045777281&postID=3384055204820421442" id="Lesson_5_37726719517952345" name="Lesson_5_37726719517952345"></a><span style="font-size: small;">Lesson 5: <span style="font-weight: normal;"><b>Simplicity and usability go hand and in hand. K.I.S.S always works</b>.</span><br />
</span></h2><blockquote style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><i> Without a computer science research department to work on evil-fighting algorithms, or a call center to take complaints, Buckmaster has settled on a different approach, one that involves haiku. The little poems he has written appear on the screen at times when users might expect a helpful message from the staff. They function as a gnomic clue that what you are seeing is intentional, while discouraging further conversation or inquiry.</i><i>Attempt to post a message that is similar to one you've already entered, and this may appear:</i></span><br />
<div style="color: #666666; margin: 10px 0pt 10px 30px;"><span style="font-size: small;"><i>a wafer thin mint<br />
that's been sent before it seems<br />
one is enough, thanks</i></span> <br />
</div><span style="font-size: small;"><i>The slight delays in cognitive processing that these haiku cause are valuable. They open a space for reflection, during which you can rethink your need for service.</i></span><br />
</blockquote>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-66108521436967863862009-10-28T14:06:00.000-07:002009-11-16T15:06:03.017-08:00Using Mendeley effectively on multiple systems using an external storage drive<b></b>If you do not already know, <a href="http://www.mendeley.com/">Mendeley </a>is soon to become the defacto standard for storing, indexing, searching, ordering and sharing all your academic research papers. Its free download and easy to setup. Check the website to get a feel for it. I will not describe Mendeley here but will get to my point.<br />
<br />
<span style="color: red;">WARNINGS</span><br />
<br />
The solution presented below worked for me. It may NOT work for you. There is destruction of state involved so please go through the complete post and decide for yourself. I am making certain assumptions about this solution, so make sure your assumptions match mine before trying this out.<br />
<br />
<b>Assumptions:</b><br />
<ul><li>My environment is Mendeley Desktop v 0.9.4.1 running on Ubuntu 9.04.</li>
<li>I assume good familiarity with Linux and esp. Ubuntu.</li>
<li>I assume you have 2 working Mendeley setups on both systems. <i>Will still work if you dont have but all steps may not apply.</i><br />
</li>
<li>I assume that you have access to the original data that you indexed with Mendeley.</li>
<li>The solution may break with future releases of Mendeley esp. if they change some of the document paths.<br />
</li>
<li>This solution may not easily port to Windows/ MAC though i believe the line of reasoning should still apply.</li>
<li>I have used Mendeley possibly since its first release and i am quite familiar with its interface / settings etc. </li>
</ul><br />
<b>My Problem</b><br />
<br />
I have 2 Ubuntu 9.04 systems (home and work) that i use for my research and i spend equal time on both of them. So i end up storing a lot of papers (my total collection is about 5000) on both. Once i discovered Mendeley (about 5-6 months back), i would index documents on both my systems separately and then sync up the bibliographies (and corresponding metadata like notes) with Mendeley Web (which is the online component of the Mendeley system). Now, though i had access to the full bibliography on both my systems, i could not access the corresponding documents on both systems i.e. i could only access documents on the system on which they were indexed.<br />
<br />
Mendeley currently gives an online account with 500MB storage and allows storing documents in it. My collection is somewhere about 5GB and its not worth syncing that much anyway esp. since some of it is of proprietary nature. But i desperately needed a solution since i am so used to using Mendeley now and need it whenever i am doing my work.<br />
<br />
So this is what i did:<br />
<br />
<b>Initial Setup</b><br />
<ul><li>I got a 120GB external harddrive and formatted it with ext4 (filesystem doesnt matter).</li>
<li>Then I set the properties of the external drive to always mount as<span style="font-family: Courier New;"> <b><span style="font-size: 85%;">/media/extstor2</span></b></span>. This ensures that we always have a constant path prefix whenever you attach the drive. This can be easily done by clicking properties of the drive, selecting Volume tab and fixing the mount point settings (works on Gnome).</li>
<li>Created two folders called <b><span style="font-size: 85%;">db</span></b> and<span style="font-size: 85%;"><b> papers</b></span> on the new drive.</li>
</ul><blockquote style="font-family: Courier New;"><span style="font-size: 85%;">mkdir /media/extstor2/db</span> <br />
</blockquote><blockquote style="font-family: Courier New;"><span style="font-size: 85%;">mkdir /media/extstor2/papers</span><br />
</blockquote><b>On my home system</b> <br />
<ul><li>I first reset my complete database. <span style="color: red;">WARNING: This will completely destroy the database (i.e. your bibliography and notes but NOT your documents)</span>. <i>I hate this step but this was necessary because mendeley stores absolute paths to all its documents (you can dig into their sqlite3 database and see for yourself) and so if you just shift the database onto a new folder all references to documents get messed up. Even using the repair option of Mendeley doesnt fix this. This should be a good feature for them to add soon.</i><span style="font-size: 85%;"> </span></li>
</ul><blockquote><span style="font-family: "Courier New",Courier,monospace; font-size: x-small;">mendeleydesktop --reset</span><br />
</blockquote><ol></ol><ul><li>After this i logged into my online account and deleted the entire collection from there. Note that if you have any notes attached to the document, this is the time to save them. There is no easy way to do that except cut and paste into some text editor.<i>Note that the above step is essential because i think Mendeley has a bug where if it synchronizes again with the online account after you have created a new local database things get extremely messy and it crashes. Talking with experience here.</i></li>
</ul><ul><li>Now come the tricks:</li>
</ul><blockquote style="font-family: "Courier New",Courier,monospace;"><span style="font-size: x-small;">cd /media/extstor2/db<br />
mkdir Mendeley\ Ltd.<br />
cd ~/.local/share/data<br />
rm -rf Mendeley\ Ltd.</span><span style="font-size: x-small;"><br />
</span><span style="font-size: x-small;">ln -s /media/extstor2/db/Mendeley\ Ltd./ Mendeley\ Ltd.</span> <br />
</blockquote><ul><li>What i am doing above is essentially repointing the database location to the external drive.<span style="color: red;"> Note that this also means that you will always require the external harddrive to use Mendeley.</span></li>
<li>Opened up Mendeley again. This time it should start with nothing in it and offer you to login into your online account. <span style="color: red;">DO NOT LOGIN YET.</span></li>
<li>Opened <span style="font-family: Courier New; font-size: 85%;">Tools->Options</span> and clicked on <span style="font-size: 85%;"><span style="font-family: Courier New;">File Organizer.</span></span></li>
<li>Enabled the<span style="font-size: 85%;"><span style="font-family: Courier New;"> 'Organize My Files'</span></span> tab and set the path to <span style="font-family: Courier New; font-size: 85%;">/media/extstor2/papers</span></li>
<li>Enabled other options as desired.</li>
<li>Now logged in to my online account and let it sync. Nothing should sync as nothing exists but it is good to let the desktop handshake with the web account.</li>
<li>I then added all my folders where i keep my collection. Luckily i had not deleted them.</li>
<li>After this i let Mendeley index my complete collection (takes time proportional to your collection and system speed). Took about 5-6 hours.</li>
<li>Once done, coped all the saved notes to the corresponding papers. Had to do manually :(.</li>
<li>Then i synchronized again with the online account.<br />
</li>
</ul>At this point we have a working database stored on the external harddrive. Now take this drive to your other system and proceed as follows:<br />
<br />
<b>On the work system</b><br />
<ul><li>Connected the drive to the system and mount it as <span style="font-family: Courier New;"> <b><span style="font-size: 85%;">/media/extstor2 </span></b><span style="font-size: 85%;"><span style="font-size: 100%;"><span style="font-family: Arial;">to begin with</span></span></span><b><span style="font-size: 85%;">.</span></b></span></li>
<li>Then set the properties of the external drive to always mount as<span style="font-family: Courier New;"> <b><span style="font-size: 85%;">/media/extstor2</span></b></span>. This ensures that we always have a constant path prefix whenever you attach the drive. This can be easily done by clicking properties of the drive, selecting Volume tab and fixing the mount point settings.</li>
<li>Reset current database.<span style="font-size: 85%;"> </span></li>
</ul><blockquote style="font-family: "Courier New",Courier,monospace;"><span style="font-size: 85%;">mendeleydesktop --reset</span><br />
</blockquote><ol></ol><ul><li>Tricks Again <br />
</li>
</ul><blockquote style="font-family: "Courier New",Courier,monospace;"><span style="font-size: x-small;">cd ~/.local/share/data<br />
rm -rf Mendeley\ Ltd.</span><span style="font-size: x-small;"><br />
</span><span style="font-size: x-small;">ln -s /media/extstor2/db/Mendeley\ Ltd./ Mendeley\ Ltd.</span><br />
</blockquote><ul></ul><blockquote></blockquote><ul><li>Opened up Mendeley. </li>
<li>Opened <span style="font-family: Courier New; font-size: 85%;">Tools->Options</span> and click on <span style="font-size: 85%;"><span style="font-family: Courier New;">File Organizer.</span></span></li>
<li>Enabled the<span style="font-size: 85%;"><span style="font-family: Courier New;"> 'Organize My Files'</span></span> tab and set the path to <span style="font-family: Courier New; font-size: 85%;">/media/<span id="SPELLING_ERROR_0">extstor</span>2/papers</span></li>
<li>Enabled other options as desired.</li>
<li>Now logged in to my online account and let it sync. Now i saw everything just the same way as my home system.</li>
<li>Added your desired folders for watching files on my work system.<br />
</li>
</ul><br />
<span id="SPELLING_ERROR_2">That's</span> it!!! Problem solved. Enjoy. Let me know if this solution solves somebody <span id="SPELLING_ERROR_3">else's</span> pain.Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com31tag:blogger.com,1999:blog-3203187410045777281.post-22730145952331881312009-10-13T01:02:00.000-07:002009-11-16T14:50:39.283-08:00A possible Twitter Worm or Scam!<div style="text-align: justify;">I got 4 email messages today saying that 4 people (whom i do not know) are following me on Twitter. Seems to me to be a possible twitter scam with a possibility that it might be a new worm.<br /><br />These are my observations for now:</div><ol style="text-align: justify;"><li>All four accounts belong extremely good looking girls</li><li>All seem to be from Mumbai, India.</li><li>All have the same Bio line which says "I am smart and simple girl, wanting to make some good friends"</li><li>All have about 800 followers and are following about 400 people.</li><li>All have almost the same tweets which are a combination of marketing website links and some mundane tweets albeit in different order.</li><li>All accounts were created on Oct 6th.<br /></li><li>The tweets are posted using a combination of API and Web with lots of them being from the web.API alludes to a script doing the posting.</li></ol><div style="text-align: justify;"><br />Questions i have:<br /></div><ol style="text-align: justify;"><li>How did they get so many people to follow their accounts in such a short time? Seems to me like some bug is being exploited. Or maybe people really fell into the beauty trap?</li></ol><div style="text-align: justify;"><br />If anyone is interested these are the four twitter accounts<br /></div><ul style="text-align: justify;"><li>http://twitter.com/mariya_gonzales</li><li>http://twitter.com/pari_choudhary</li><li>http://twitter.com/mansi_joshi</li><li>http://twitter.com/janhavi_agarwal</li></ul><div style="text-align: justify;"><br />More updates as i debug this further!<br /><br /></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-59854282061894334662009-10-12T15:08:00.000-07:002009-10-12T18:24:34.056-07:00Simple way to show India's DiversityWesteners who have never been to India or have never heard about it do not seem to get the fact the there is no language called "Indian" or food called "Indian Food" or music called "Indian Music". They just dont get the fact that India is NOT "yet another country with a language, food, culture and tradition". There is so much diversity in the country that the only way to think of India is as a country of countries (I am purposely not saying of 28 countries because there is so much diversity even within states).<br /><br />A simple way to show India's diversity would be to take a currency note of any denomination and count the number of languages in which the denomination is translated. There are 17 in total. See for yourself<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7v9ipIW4ub65DErfe3E27wlNeqIQijTYEzPseVfMInkIK5_z0wOkHF-jO0vPhdkpxpRDMSfn8uXEyrHXyxPHtL_MDTLKMllkhI8TQT4224Uoa5PgfleCjejiKTZmP9xkXcllXyxXEj-U/s1600-h/DSCF3259.JPG"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 320px; height: 162px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7v9ipIW4ub65DErfe3E27wlNeqIQijTYEzPseVfMInkIK5_z0wOkHF-jO0vPhdkpxpRDMSfn8uXEyrHXyxPHtL_MDTLKMllkhI8TQT4224Uoa5PgfleCjejiKTZmP9xkXcllXyxXEj-U/s320/DSCF3259.JPG" border="0" alt=""id="BLOGGER_PHOTO_ID_5391846070754435650" /></a><br /><br />To know what those languages are check this link from Reserve Bank of India website. <a href="http://www.rbi.org.in/scripts/ic_languagepanel.aspx">http://www.rbi.org.in/scripts/ic_languagepanel.aspx.</a>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com2tag:blogger.com,1999:blog-3203187410045777281.post-58380775528156522282009-03-17T23:29:00.001-07:002009-03-20T07:29:26.243-07:00My critique of the article "Religion, Marxism and Slumdog<span style="font-family: arial;font-size:100%;" ><br />My comments on this article </span><span style="font-family: arial;font-size:100%;" >"<a href="http://www.expressbuzz.com/edition/story.aspx?title=Religion,%20Marxism%20and%20Slumdog&artid=10ACvtR0cZA=&type=">Religion Marxism and Slumdog</a>" by Francois Gautier. </span><span style="font-family: arial;font-size:100%;" ><br /></span><div style="text-align: justify; font-family: arial;"><ol><li><span style=";font-size:100%;" >I disagree with the notion that "Slumdog Millionaire" conveys an utterly negative image of India and should be protested by the Indian Government (like the Chinese would have done). I dont understand why? The film shows the real life of people living under those conditions. Slums, poverty, corruption are an unfortunate part of our society today and we cannot run away from it. By not showing it we would not be getting rid of it. And in todays connected world (in the age of google and youtube), i am not sure information can be controlled anyways.</span></li><li><span style=";font-size:100%;" >Why should we be like China? Comparison between a Communist and a Democratic government is an apple and orange case. If China would have responded, its because they want to maintain a controlled global image irrespective of what happens inside their country. India cannot do it because we are a democracy and rightly so. </span></li><li><span style=";font-size:100%;" >Leaving aside the missionary part, which of the following : caste, poverty, child marriage, superstition, widows, sati, are a virtue of Hinduism? They may have served a purpose centuries back when the society was different but they have no purpose now. The mere fact that these are still used by upper caste people as exploitation tools is infact a huge shame on us. There is no doubt that missionaries have capitalized on this. But, what will the lower castes who become the victims of these vices do? For many of these people, escaping into another religion was probably the only answer. </span></li><li><span style=";font-size:100%;" >Author says, "</span><span style="font-size:100%;"><span id="ctl00_ContentPlaceHolder1_lblDetailNews1">Today, billions of dollars that innocent Westerners give to charity are used to convert the poorest of India with the help of enticements such as free medical aid, schooling and loans." But, who is responsible for this? It is we ourselves. Everyone dreams of a good life and so do the poor. If the Government cannot fulfill its promises for the poor, the poor are going to find some other means of fulfilling their needs. I think instead of blaming the missionaries (whose work can be viewed as both good and bad in different contexts), we (the people of India along with the Government) have to solve our problems of poverty and caste. If that is done, there wont be any incentive for anyone to either get converted or convert others.</span></span></li><li><span style="font-size:100%;"><span id="ctl00_ContentPlaceHolder1_lblDetailNews1">Author says that western authors portray detrimental images of India and especially talk of 'Hindu fundamentalism'. I personally believe that fundamentalism of any kind is wrong be it Hindu, Islamic, German etc.. What i would defend is "Hinduism" and its core principles and not fundamentalism. What RSS,Bajrang Dal and Shiv Sena do in the name of Hindutva is precisely what Osama Bin Laden does in the name of Islam. This is what Hitler did half a century ago. Do you agree with them? </span></span></li><li><span style="font-size:100%;"><span id="ctl00_ContentPlaceHolder1_lblDetailNews1"> The immediate paragraph says "</span><span id="ctl00_ContentPlaceHolder1_lblDetailNews1">Hinduism has given refuge throughout the ages to those who were persecuted at home: the Christians of Syria, the Parsees, Armenians, the Jews of Jerusalem, and today the Tibetans, allowing them all to practice their religion freely." </span><span id="ctl00_ContentPlaceHolder1_lblDetailNews1">The author is now talking of Hinduism here and not of any extremist philosophies and he is absolutely right now. </span></span></li><li><span style="font-size:100%;"><span id="ctl00_ContentPlaceHolder1_lblDetailNews1"> The notion that India only belongs to Hindus is complete bullcrap and Hinduism does not say anything like that. "Hindu Fundamentalists" say that.The central idea should be for people to unite and live in harmony irrespective of their religion, caste and color.<br /></span></span></li><li><span style="font-size:100%;"><span id="ctl00_ContentPlaceHolder1_lblDetailNews1">Finally, author asks, </span><span id="ctl00_ContentPlaceHolder1_lblDetailNews1">When will the West learn to look with less prejudice at India, a country that will supplant China in this century as the main Asian power? My question is why do we need an approval from the west. If we eradicate our own vices and solve our problems, everything will fall in line automatically. I believe that asking this question is what makes us subservient to the west more than anything else.</span></span></li></ol><span style="font-size:100%;"> <span id="ctl00_ContentPlaceHolder1_lblDetailNews1">I found this article completely off. The line of reasoning did not appeal to me at all and the conclusions drawn do not follow from the arguments. </span></span><span style=";font-size:100%;" ><br /></span></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-63462270492505966842009-01-30T22:14:00.000-08:002009-11-16T15:11:09.056-08:00Gold Farming in the digital age<div style="text-align: justify;">Ever heard of 'Chinese Gold Farmers'? Read on.<br /><br />Check out the following documentaries which investigate gaming workshops in China that hire people to play online games like World of Warcraft. The workers, called 'Gold Farmers' by Westerners, sweat it out in front of their consoles to collect virtual currency, equipments and produce whole characters, which are then sold for nifty amount to other players over ebay or trade portals.<br /><br />Why does this industry exist? Well, because not everyone who wants to enjoy the game can spend insane amounts of time collecting virtual money and building their armory. Thus, many prefer to just buy characters and virtual currency from people who have already done the hard work.<br /><br />Check out <a href="http://www.wowgoldchina.com/buy-gold.php?code=MTAwLDAsMw==&n=Aerie%20Peak%20US-%3EAlliance&g=World%20of%20Warcraft%20US">this link</a> to get a taste of the amount of money involved in gold trade. To quote a price from the site, 30000G (i.e. in-game currency) is valued at 494USD. That is almost 60G per dollar. <span style="text-decoration: underline;"></span><a href="http://www.wowgoldchina.com/buy-gold.php?code=MTAwLDAsMw==&n=Aerie%20Peak%20US-%3EAlliance&g=World%20of%20Warcraft%20US"> </a><br /></div><br />People also trade characters. Some websites which i found out are<br /><ul><li>http://www.wowtrades.com/</li><li>http://www.buymmoaccounts.com/</li><li>http://mmotp.com/trade/</li></ul><br />BBC News Coverage of this phenomenon<br /><br /><a style="left: 0px ! important; top: 15px ! important;" title="Click here to block this object with Adblock Plus" class="abp-objtab-05453082225379997 visible ontop" href="http://www.youtube.com/v/kBz211cryhU&hl=en&fs=1"></a><object height="344" width="425"><param name="movie" value="http://www.youtube.com/v/kBz211cryhU&hl=en&fs=1"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed src="http://www.youtube.com/v/kBz211cryhU&hl=en&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" height="344" width="425"></embed></object><br /><br /><object height="344" width="425"><param name="movie" value="http://www.youtube.com/v/kBz211cryhU&hl=en&fs=1"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"></object><a style="left: 0px ! important; top: 15px ! important;" title="Click here to block this object with Adblock Plus" class="abp-objtab-08518499383955678 visible ontop" href="http://www.youtube.com/v/ho5Yxe6UVv4&hl=en&fs=1"></a><a style="left: 0px ! important; top: 15px ! important;" title="Click here to block this object with Adblock Plus" class="abp-objtab-05453082225379997 visible ontop" href="http://www.youtube.com/v/ho5Yxe6UVv4&hl=en&fs=1"></a><object height="344" width="425"><param name="movie" value="http://www.youtube.com/v/ho5Yxe6UVv4&hl=en&fs=1"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed src="http://www.youtube.com/v/ho5Yxe6UVv4&hl=en&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" height="344" width="425"></embed></object>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com1tag:blogger.com,1999:blog-3203187410045777281.post-89628102921904686062009-01-22T14:25:00.000-08:002009-11-16T15:00:21.489-08:00My favorite moments of Obama's Presidential Inaugaral SpeechThe following two lines from Obama's speech were my favorite moments<br /><br />Moment 1:<br /><blockquote>To those who cling to power through corruption and deceit and the silencing of dissent, know that you are on the wrong side of history;<span style="color: rgb(0, 0, 153); font-weight: bold;"> </span><span style="color: rgb(0, 0, 153);">but that we will extend a hand if you are willing to unclench your fist.</span><br /></blockquote><br />Moment 2:<br /><blockquote>We reject as false the choice between our safety and our ideals. </blockquote><br /><div style="text-align: justify;">I believe that both these lines symbolize his philosophy of <span style="font-style: italic;">change and hope. </span>They show his commitment to shedding worn-out dogmas and notions which have traditionally influenced US foreign policy decisions. The start has been great and one has to see how it all plays out over the next 4 years.<br /></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-45513263468419666372009-01-16T12:58:00.000-08:002009-11-16T15:03:38.871-08:00Interesting reads for the weekend<div style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;">1. <a href="http://www.pcmag.com/article2/0,2817,2338796,00.asp">30th Anniversary of the Spreadsheet</a> (Very interesting and sarcastic perspective on how the spreadsheet has shaped our society)<br />
</span><br />
</div><blockquote style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><i><span id="intellitxt">2009 marks the 30-year anniversary of the now-ubiquitous spreadsheet program. And society as a whole has deteriorated ever since its invention. It was the spreadsheet that triggered the PC revolution, with VisiCalc the original culprit. Can anyone say that we've actually benefited from its invention? Look around: I think we've suffered.</span></i><i><br />
</i></span><br />
</blockquote><div style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><br />
2. <a href="http://packetlife.net/blog/2009/jan/02/submarine-cable-repair/">How undersea cables get repaired</a><br />
<br />
Videos of how the repair process works. <br />
<br />
[Update] <a href="http://www1.alcatel-lucent.com/submarine/products/marine/index.htm#">This Alcatel page</a> explains the process with text and a cool flash animation. It also has a section on how cables are laid in the first place.<br />
<br />
3. <a href="http://philosecurity.org/2009/01/12/interview-with-an-adware-author">Interview with an adware author</a><br />
<br />
Very interesting business and technical insights into the dark part of the cyber-world.<br />
<br />
4. <a href="http://www.infoworld.com/article/08/10/06/40TC-power-myths_1.html">10-power saving myths debunked</a><br />
<br />
<br />
5. <a href="http://www.infoworld.com/article/09/01/14/02TC-dc-power_1.html">Saving power in datacenters with DC power</a><br />
<br />
Interesting article on how converting from AC to DC in datacenters may help save power.<br />
<br />
</span><br />
</div><blockquote style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><i> In a typical datacenter environment, power conversions abound along the path from the outside utility pad to the servers. With each conversion, some power is lost. The power starts at the utility pad at 16,000 VAC (volts alternating current), then converted to 440 VAC, to 220 VAC, then to 110 VAC before it reaches the UPSes feeding each server rack. Each UPS converts the incoming AC power to DC power, then back to AC. The UPSes then distribute that AC power to their respective servers -- where it's converted back to DC. As much as 50 to 70 percent of the electricity that comes into the datacenter is wasted throughout this long and winding conversion process.<br />
<br />
There's a more efficient approach, one promoted by Validus DC Systems: taking the utility-supplied 13,000 VAC and converting it directly to 575 VDC (volts direct current) using an outdoor-rated conversion unit, then running power into the datacenter over 1.5-inch cabling. Each rack in the datacenter then has a 575-to-48-VDC converter that is 95 percent efficient. The direct DC approach can save users 50 percent or more between cooling savings and elimination of conversion losses, according to Ron Croce, COO of Validus<i><br />
</i></i></span><br />
</blockquote>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-13008028532803529832009-01-16T11:35:00.000-08:002009-11-16T14:54:42.336-08:00The worlds first flying car : Terrafugia Transition<div style="text-align: justify;">OMG ! Check this out. The future of travel is here. Has the Jetsons era begun?<br /><br />Terrafugia, a Massachusets based company is purportedly test driving its road-cum-air vehicle, the Terrafugia Transition, next month. Check out the animation of this vehicle in action <a href="http://www.timesonline.co.uk/tol/driving/features/article5483226.ece">here</a>. The animation shows the vehicle as a two-seater with ability to fold its wings. Its currently priced at $200,000 :-) .<br /><br />It will be interesting to see how this concept picks up. For one, it will require a host of changes in current laws and infrastructure. Simple problems like, how would one take-off and land and license issues (will a pilot license be required or a driving license will suffice?) will hinder the concepts adoption. It will be interesting to see if it solves any energy related issues or adds to existing problem.<br /><br />Whether it takes off or not in the immediate future, it may well be the pioneer of things to come. I am certainly excited and would have even bought one if not for the current economic crisis :)))).<br /></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com1tag:blogger.com,1999:blog-3203187410045777281.post-51214674950788940842009-01-12T11:10:00.000-08:002009-11-16T15:03:38.871-08:00A dose of my photography<div style="text-align: justify;">Please visit my website to get an (over)dose of my <a href="http://www.arunviswanathan.com/?q=node/40">photography</a>. Pretty amateurish stuff but i am learning.<br /><br />Also, i hacked up a simple perl script for generating web albums called <a href="http://www.arunviswanathan.com/?q=node/39">geekalbumz</a>. The idea behind this was to display the photograph metadata (or EXIF information) along with the photographs. This helps newbies like me to compare various photographs and learn the nuances.<br /> </div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com1tag:blogger.com,1999:blog-3203187410045777281.post-37136795912568973202009-01-05T01:15:00.000-08:002009-03-20T07:30:47.042-07:00Frank W. Abagnale and the irony of security industry<div style="text-align: justify;">If you remember that name then most probably you have seen the epic movie <a href="http://www.imdb.com/title/tt0264464/">Catch me if you Can </a>starring Leonardo DeCaprio and Tom Hanks. In short, the movie is about this guy Frank Abagnale, (played by DeCaprio) who figures out novel ways to commit check fraud and embezzle money posing as various people (as a pilot, as a doctor and as a lawyer). The movie is all about how the hacker mindset works and is a must watch if you are in the information security field. The movie is replete with examples of social engineering tricks that determined hackers so often use. Its a good way to train ones thinking in the ways of the hacker.<br /><br />This movie not a work of fiction but is based upon a real guy who did these things in real life. <a href="http://www.abagnale.com/index2.asp">This</a> is the website of the real Frank Abagnale, who is now, not surprisingly, one of the world's most respected authorities on the subjects of forgery, embezzlement and secure documents. Check out his website for more details on his lifes work in the last 30 years. Ironically, the guy who literally started check-fraud has been at the helm of defending against it for the better part of his life.<br /><br />This irony presents itself in the security industry again and again <span style="font-style: italic;">with the guys who now defend the world were the ones who were once defended against</span>. There is nothing wrong with it and maybe thats the way it should be but i just found the thought very interesting.<br /></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com1tag:blogger.com,1999:blog-3203187410045777281.post-65327729347771469882009-01-02T20:50:00.000-08:002009-11-16T14:56:33.938-08:00Art of Elevator Pitching<div style="text-align: justify;"><i>Elevator Pitching</i> is the art of getting your point across to an executive in less than 60 seconds, i.e. about the time you have with an executive in an elevator.<br /><br /><a href="http://pitches.techcrunch.com/">This</a> website is a place where enterpreneurs have to pitch their products to the audience in less than 60 seconds. Some of the pitches are really great. Check it out !<br /><br />I remember my mentor once telling me the importance of "back-of-envelope" or "back-of-napkin" presentations to executives and this seems to be the same concept but on steroids. It makes a lot of sense, especially for IT Security guys where the investments don't always translate to a predictable ROI.</div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com1tag:blogger.com,1999:blog-3203187410045777281.post-71140304837024243822008-12-08T11:38:00.000-08:002009-11-16T15:09:48.061-08:00How the Indian IT Industry is tiding the current global crisis ? - A Nasscom Report<div style="text-align: justify;"><a href="http://punetech.com/how-is-the-indian-it-industry-handling-the-recession-facts-and-figures-from-nasscom/">PuneTech blog</a> reports about a recent talk by Ganesh Natarajan of Nasscom on how the Indian IT industry is tiding the current IT crisis. The presentation can be found <a href="http://conference.indicthreads.com/presentations/2008/GN_Industry%20Update_nov_2008.pdf">here</a>. The report is full of graphs and figures and is a very interesting and motivating read.<br /><br />My summary of the report<br /></div><ul style="text-align: justify;"><li>Inspite of global uncertainities, the revenue aggregate (from IT-BPO sector) as a percentage of GDP continues to rise (albeit a little less compared to the rises in previous years).</li><li>This growth (in the face of current global crisis) is partly due to entry into new market verticals like Airlines, Media and healthcare apart from Banking, Financial, Insurance and Telecom. This reduces dependency. </li><li>The industry is progressing towards providing more end-to-end services. The report cites the BPO industry as an example, where in addition to customer support, services like finance, accounting, HR, procurement and knowledge services are also being offered. </li><li>India is exporting its services to more and more regions (though US still holds 61% of the share). The fast growing areas are Europe and Middle East. This makes us less prone to mistakes made by "Superpowers" :).<br /></li><li>The report indicates that by 2020 India will lead the world in working age population. The estimated work force in India will be <span style="font-style: italic; color: rgb(255, 0, 0);">47mn compared to -17mn in the US</span>. This extreme imbalance in work force will work towards India's sustained growth.</li></ul>To ensure that India does not lose its advantage a number of initiatives are being undertaken:<ul style="text-align: justify;"><li>IT Export services are being spread across more cities to manage pressure on Bangalore, Pune, Hyderabad, Chennai, Delhi.Nasscom identifies around 43 Tier 2/3 cities.<br /></li><li>There is a comprehensive program in place for making Indias large talent force "employable". These include short-time objectives like making large investments in training, medium-term objectives like faculty development programs to train and sustain faculty (<span style="font-style: italic;">this is very very important</span> <span style="font-style: italic;">given the current crisis of good teachers in our country</span>) and long-term objectives like setting up new IITs, investing in technology innovation etc.<br /></li></ul>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-1523769774536222322008-11-18T14:44:00.000-08:002009-11-16T15:05:17.012-08:00Embracing New Technology : The Twitter Case<div style="text-align: justify;">I am a technogeek and try to integrate new technology in my everyday life as much as possible. This post is about how i am using twitter.<br /><br />As most of you may know, <a href="http://www.twitter.com">twitter</a> is this short messaging service which people use to convey updates in real time. It has become the micro-blogging platform of choice and has many cool advantages, one amongst them being able to convey live updates using a computer, regular mobile or smart phones. These updates can then be fetched via RSS feeds.<br /><br />I use twitter to tell people (whoever is interested) what i am currently upto. These are normally sent to my twitter account as an SMS from my mobile. The current status then appears on my <a href="http://www.arunviswanathan.com">webpage</a>.<br /><br />So the next time, you call me and i do not pick up the phone, please check the <span style="font-style: italic;">twit</span> on my webpage!<br /></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com0tag:blogger.com,1999:blog-3203187410045777281.post-8126432515116143022008-11-16T17:31:00.000-08:002009-11-16T15:00:40.266-08:00IPv4 Countdown vs. State of IPv6<div style="text-align: justify;">The Internet Assigned Numbers Authority (IANA) is the body that manages the unicast IPv4 address pool (ie from 0.0.0.0 to 223.255.255.255.255). IANA assigns blocks of this space to the 5 RIR's (Regional Internet Registries) i.e. AFRINIC, APNIC, ARIN, RIPENCC and LACNIC. The RIR's use their distribution policies to further allocate addresses to local registries and ISP's which propogate them to the endhosts.<br /><br /><a href="http://www.potaroo.net/tools/ipv4/index.html">Potaroo.net</a> predicts the following dates for the exhaustion of IPv4 address space.<br /><blockquote style="font-weight: bold; font-style: italic;">Projected IANA Unallocated Address Pool Exhaustion: 04-Feb-2011<br />Projected RIR Unallocated Address Pool Exhaustion: 05-Mar-2012<br /></blockquote>A live down-counter counting number of days until we hit exhaustion of the IPv4 address space can be found <a href="http://penrose.uk6x.com/">here</a> . This counter is generated using data from potaroo.net report The report is pretty detailed and explains the modelling used for predicting the dates. Please note that the modelling is based on current address distribution policies used by RIRs and current consumption trends. The following graph (from potaroo.net report) shows the current status of IPV4.<br /><p> <img src="http://www.potaroo.net/tools/ipv4/fig01.png" /><br /><span style=""></span></p><p>An explanation of the graph follows:<br /></p><p>Note that there are 256 /8's where each /8 is 16,777,216 addresses.<br /></p><p><span style="font-weight: bold;">IETF_Reserved :</span> Blocks reserved for special purpose. It consists of 16 /8 Multicast blocks + 16 /8 reserved blocks + 1 /8 (0.0.0.0/8) block for local identification + 1 /8 (127.0.0.0/8) for loopback + 1 /8 (10.0.0.0/8) for personal use + 1 /8 (14.0.0.0/8) for public-data networks.<br /></p><p><span style="font-weight: bold;">IANA_Pool </span>: Pools of /8 left with IANA for allocation to RIRs.</p><p><span style="font-weight: bold;">Allocated :</span> Allocated by IANA to RIR. This does not reflect current consumption because RIRs may have a pool of their own. </p><p>So much for IPv4. Now lets look at IPv6.<br /></p><p>In 2008, there have been atleast 2 big studies around the state of IPv6. <span style=""><span style="font-family:Courier New,Courier,monospace;"><a href="http://rosie.ripe.net/ripe/meetings/ripe-57/presentations/uploads/Thursday/Plenary%2014:00/upl/Colitti-Global_IPv6_statistics_-_Measuring_the_current_state_of_IPv6_for_ordinary_users_.7gzD.pdf"><br /></a></span></span></p><ul><li><span style=""><span style="font-family:Courier New,Courier,monospace;"><a href="http://rosie.ripe.net/ripe/meetings/ripe-57/presentations/uploads/Thursday/Plenary%2014:00/upl/Colitti-Global_IPv6_statistics_-_Measuring_the_current_state_of_IPv6_for_ordinary_users_.7gzD.pdf">Google Study on State of IPv6 for ordinary users</a></span></span><span style=""><span style="font-family:Courier New,Courier,monospace;"><a href="http://asert.arbornetworks.com/2008/08/the-end-is-near-but-is-ipv6/"><br /></a></span></span></li><li><span style=""><span style="font-family:Courier New,Courier,monospace;"><a href="http://asert.arbornetworks.com/2008/08/the-end-is-near-but-is-ipv6/">Arbor networks study on overall state of IPv6<br /></a></span></span></li></ul><p>The reports are detailed but these are a few interesting points.<br /></p><p>1) Arbor networks experiment measured the total amount of IPv6 flowing in the backbone , and they note that<br /></p><p></p><blockquote><p>At its peak, IPv6 represented less than one hundredth of 1% of Internet traffic. </p></blockquote><p>2) The biggest reason cited in the summary for the above observation is money.</p><p></p><blockquote> Specifically, the department of commerce estimates it will cost <a onclick="javascript:urchinTracker ('/outgoing/www.nist.gov/director/prog-ofc/report05-2.pdf');" href="http://www.nist.gov/director/prog-ofc/report05-2.pdf">$25 billion</a> for ISPs to upgrade to native IPv6.</blockquote>3) Googles effort measures the state of IPv6 from a end node perspective as opposed to the Arbor measurement. Their key observations are :<p></p><blockquote><p></p><ul><li>0.238% of users have useful IPv6 connectivity (and prefer IPv6).</li><li>0.09% of users have broken IPv6 connectivity.</li><li>Probably a million distinct IPv6 hosts exist.</li><li>Russia leads the chart in IPv6 penetration.<br /></li><li>IPv6 prevalance is low but increasing steadily by the week.</li><li>IPv6 - IPv4 tunelling is the most common transition mechanism.<br /></li><li>MacOS has better IPv6 penetration than Vista because of its default policies in the OSes.<br /></li></ul></blockquote><p>So given the predictions about end of IPv4 and the rate of adoption of IPv6, are we ready for migration? In Feb 2008, ICANN added IPv6 addresses for 6 of the 13 root DNS servers (<a href="http://www.icann.org/en/announcements/announcement-04feb08.htm">news here</a>) which is a step in the right direction but is it enough to prod people to migrate?</p><p>I have the following concerns about the migration:</p><ul><li>What would dictate the migration: <span style="font-style: italic;">economics or a better-future-internet</span>? </li><li>Will ISPs be willing to pay the price?</li><li>Even if they are willing to do so, can the consumers and business transition to IPv6 seamlessly?<br /></li><li>Will security products continue working the same way?<br /></li><li>Are the vendors testing their implementations with IPv6 to make a simple software update to the tons of software already out there? </li><li>How will this migration be different in impact than the Y2k bug of the last century? Are these comparable in any sense?<br /></li></ul><p>I have a feeling that <span style="font-style: italic;">economics</span> will dominate this race more than anything else. If the migration is going to cost a lot of money for businesses without any added value then there is bound to be a huge pushback. Somehow the cost has to be justified to them to make this transition happen and just saying <span style="font-style: italic;">address space exhaustion</span> may not strike a chord with every business.<br /></p></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com1tag:blogger.com,1999:blog-3203187410045777281.post-60393638382930663002008-11-02T23:34:00.000-08:002008-11-03T00:03:00.905-08:00The Rise and Fall of Gas!<div style="text-align: justify;">People who have been following the economy know the state of gas (petrol) prices. But, I can provide a visual reinforcement of that fact, clearly showing the bumpy ride that gas prices have followed over the year. The following graph is plotted using data collected by me over the last one year on gas prices in the Southern California region (in Los Angeles County and Orange County). The way i collect the data is by diligently recording the <span style="font-style: italic;">date, the mileage since the last fuel fill, price of gas, gallons filled and location </span>every time i visit a gas station to refill my car . This data helps me keep a check on my car's fuel efficiency and also serves as an early warning diagnostic system for problems. (As an aside, i once noted a consistent drop in my mileage over a period of 2-3 weeks. It turned out to be due to carbon buildup in my EFI system. Quick action probably helped me save some engine life :) ).<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEji1bkN36U_8k9n6A4dK2MBjNdDeDUFQaZ8oo7BbRq9Qonz_hrsMNQMwlirBGfkypwLlsv7Bqfh-8ndV4d5lHvN6t3bBgI42_7cAo0HtkvnllNScy6xhqTUEqUKumumjpTetWG3XHDJQTc/s1600-h/chart.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 449px; height: 237px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEji1bkN36U_8k9n6A4dK2MBjNdDeDUFQaZ8oo7BbRq9Qonz_hrsMNQMwlirBGfkypwLlsv7Bqfh-8ndV4d5lHvN6t3bBgI42_7cAo0HtkvnllNScy6xhqTUEqUKumumjpTetWG3XHDJQTc/s320/chart.jpg" alt="" id="BLOGGER_PHOTO_ID_5264335308131994114" border="0" /></a><br /></div><div style="text-align: justify;">The plot clearly shows that gas prices started around $3.0 per gallon beginning of year, climbed all the way upto $4.7 / gallon in mid of 2008 and are falling to less than $3.0 / gallon at the end of year.<br /><br />Can one predict which direction the curve is headed now ? I cannot.<br /></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com2tag:blogger.com,1999:blog-3203187410045777281.post-33115691601355269592008-10-30T00:01:00.000-07:002009-03-20T07:33:26.483-07:00The Anonymity Paradox<div style="text-align: justify;"><a href="http://www.wired.com/politics/law/news/1999/01/17538">Scott McNealy</a>, the former founder CEO of Sun Microsystems, once famously remarked on Privacy : <span style="font-style: italic;">'Get over it</span>'. This was a very bold statement to make especially for the CEO of a reputed company but he nevertheless spoke out of his experience. Its almost ten years since that statement was made and anyone who even barely uses the internet today wouldnt disagree much with Scott, though all of us would still want to believe in a perfect world. <br /><br />As an aside, Privacy and anonymity are closely linked though there are subtle differences. Anonymity is keeping ones identity secret while privacy can imply keeping identity plus other information secret. For the purposes of this post i will consider privacy and anonymity the same and use them interchangebly. <span style="display: block;" id="formatbar_Buttons"><span class="on down" style="display: block;" id="formatbar_CreateLink" title="Link" onmouseover="ButtonHoverOn(this);" onmouseout="ButtonHoverOff(this);" onmouseup="" onmousedown="CheckFormatting(event);FormatbarButton('richeditorframe', this, 8);ButtonMouseDown(this);"><img src="img/blank.gif" alt="Link" class="gl_link" border="0" /></span></span><br />In my opinion, <span style="font-style: italic;">privacy</span> and <span style="font-style: italic;">connectivity</span> are complimentary ideas i.e. both cannot coexist. The moment you are connected to the internet, your privacy ceases to exist. I believe that this is an unfortunate but true fact and one that people often find hard to digest. But believe it or not, <span style="font-style: italic;">total privacy does not exist in a connected world</span>. At some level, privacy is just like security i.e. <span style="font-style: italic;">there is nothing like total privacy just as there is nothing like total security</span>. <br /><br />I can offer many reasons for this :<br /><ul><li>Every time we do an online transaction and give out our Name, Address and Credit Card details, we are essentially "hoping" and trusting that the website will not leak out our data. Some informed users may go one step further and check if the website displays a secure logo like HackerSafe or McAfee Secure etc. Unfortunately, as detailed in <a href="http://skeptikal.org/index.php?entry=entry081009-213000">this blog</a>, it turns out that these certifications are mostly useless and can be easily sidestepped. <br /></li></ul>But name, address and credit cards are not the only definitions of identity and hence privacy. There are still many ways of inferring identity. A few of them are :<br /><ul><li>Almost all websites that you browse will always log your IP address which can always reveal you or your ISP or your Organization. That is, you can almost always be tracked back. </li><li>With the explosion of social networks and Wikis, we are getting into the habit of revealing too much information about ourselves, our families, pets and everything that was once personal to us to a much wider audience. This voluntary discloure of information is in effect resulting in very complex attacks on privacy as witnessed in the <a href="http://blog.wired.com/27bstroke6/2008/09/palin-e-mail-ha.html">Sarah Palin</a> and <a href="http://lifehacker.com/software/security/paris-hiltons-sidekick-hacked-033639.php">Paris Hilton case</a>.<br /></li><li>The notion of Googling for information has caught on so much that we inadvertently reveal "stuff" about ourselves to google when we type in the search bar.</li><li>Every time we open our gmail account and browse our emails, we also get with it some relevant advertisements placed alongside our emails. What this means is that there is a program out there that is parsing our emails and trying to "understand" us.<br /></li><li>Websites that measure website usage statistics such as Google Analytics also impact privacy in some way by storing information about your visits to websites(tracked by your IP) on its servers. </li></ul>All this is fine, but where is the paradox in all this?<br /><br />To state simply, my <span style="font-style: italic;">Anonymity Paradox</span> is :<br /><span style="font-style: italic;"></span><span style="font-style: italic;"></span><blockquote><span style="font-style: italic;">While it is difficult to maintain anonymity on the internet for the common user, the same internet offers a magical cloak of anonymity for hackers.</span><br /></blockquote>I was myself amazed when this realization struck me. Users find it difficult to keep their identies secret but hackers get away with their mischief without hardly ever being tracked down. The big reason for existence of the malicious hacking industry is because of this cloakability that the internet offers. <span style="font-style: italic;"></span>Purists might argue that the law has been able to track down hackers but i do not think they will disagree over the fact that the ratio of captures to hacking incidents is very apalling at best. Hackers typically get caught when they themselves make a stupid mistake which compromises their anonymity (for instance see how <a href="http://gawker.com/5051557/palin-hacker-may-have-left-traces">Palins hacker was caught</a>).<br /><br />So at one end we have people cribbing about privacy on the internet while at the other end we have bad elements basking in the glory of the anonymous internet. To me, it looks like this is the way it is going to stay. Just like <span style="font-style: italic;">fire</span> does not know intent and it just burns whatever it is asked to burn, the internet just does what its being asked to. <br /><br />Does this all make sense ?<br /><br /><br /></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com4tag:blogger.com,1999:blog-3203187410045777281.post-82134260495576834682008-09-20T21:47:00.000-07:002009-11-16T14:56:58.979-08:00A Linux solution for copying and burning DVDs<div style="text-align: justify;">The following are my experiences with copying and burning DVDs on Linux. To summarize the experience in a phrase : "It was a <i>walk in the park</i>". <br /><br /><b><i>Operating System</i> </b> Ubuntu 8.04 <b><i><br /><br />Tools of the trade </i></b> </div><ul style="text-align: justify;"><li>k9copy (for copying DVDs) </li><li>brasero (for burning DVDs)</li></ul><div style="text-align: justify;"><i><b>Installation</b></i><br />Installation in ubuntu for the above packages is as simple as <br /><span style="font-family: courier new;">$ sudo apt-get install k9copy </span><br /><span style="font-family: courier new;">$ sudo apt-get install brasero</span><br /><i><b><br />Procedure</b></i> </div><ul style="text-align: justify;"><li>Insert DVD into tray and open <span style="font-weight: bold;">k9copy</span>. </li><li>Choose <i>File -> Open. </i>This will load the DVD and show the chapters and titles as shown below. Select all the titles that you wish to copy. </li></ul><ul style="text-align: justify;"><li><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD-sLTRYQK50KPycPruTZMlXW2eCMcnjxUmfW2jfUEdJpt_3J6v1lRleEx_MEO6LZlsxeYYWhFkIFomEYZ-KmDBsDTw1h9kwuvYey3ZmkzHzeed2xozwpQ86USb9j987KmZHBa7dcstTk/s1600-h/Screenshot-k9copy-1.png"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD-sLTRYQK50KPycPruTZMlXW2eCMcnjxUmfW2jfUEdJpt_3J6v1lRleEx_MEO6LZlsxeYYWhFkIFomEYZ-KmDBsDTw1h9kwuvYey3ZmkzHzeed2xozwpQ86USb9j987KmZHBa7dcstTk/s320/Screenshot-k9copy-1.png" alt="" id="BLOGGER_PHOTO_ID_5248332025812138162" border="0" /></a>Select <i>Action -> Copy</i>. You will be prompted for a location where the final iso file will be saved. Make sure that you have disk space atleast 2 times the size of DVD. </li><li>Leave all the options in the below pane as is unless you know what those options mean. </li><li>Once the copy starts you will be able to view the progress in the right-side pane. </li><li>The copy process creates a folder called <span style="font-style: italic;">dvd</span> and an iso image in the location specified earlier.</li><li>You can remove the folder <span style="font-style: italic;">dvd</span> as it is not required during the burning process.<br /></li><li>Now to burn the iso image, open <span style="font-style: italic; font-weight: bold;">brasero</span> and<span style="font-weight: bold;"><span style="font-weight: bold;"> </span></span>select the option for burning iso images.<br /></li><li>Insert and blank DVD and start the burn process. </li><li>Enjoy !<br /></li></ul><div style="text-align: justify; font-family: georgia;">In my experience, i have copied 4 DVDs and burnt around 12 DVDs and the whole process took slightly more than half a day. There were absolutely no errors and the original DVD quality was maintained in all the copied DVDs. </div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com1tag:blogger.com,1999:blog-3203187410045777281.post-64179886679728406172008-09-15T09:09:00.000-07:002009-11-16T15:07:47.708-08:00Announcing another blog !<div style="text-align: justify;"><span class="Apple-style-span" style="border-collapse: collapse; "><span class="Apple-style-span" style="font-size:medium;"></span></span></div><span><div style="text-align: justify;">Hello dear readers (if any). I have started another <a href="http://indian-jugaad.blogspot.com">blog</a> (with a better purpose this time). The blog is about Indians and our innovations i.e. Jugaadu Indians and our Jugaads. The inspiration for the blog came to me while reading an article in August 24 issue of The Week. The article is about Indian Ingenuity and our innovations (or colloquially called Jugaads). The following quote by Dr. R. Mashelkar puts everything in perspective </div><div style="text-align: justify;"><blockquote>"we should think of innovation as a movement. The I in India has stood for imitation and inhibition for far too long. It is high time it stood for innovation. And the best thing about this movement is that we have the jugaad energy of a billion of us to power it forward. "</blockquote></div></span><div><div style="text-align: justify;"><span class="Apple-style-span" style="border-collapse: collapse; "><span class="Apple-style-span" style="font-style: italic; "><blockquote><span class="Apple-style-span" style="font-size:medium;"></span></blockquote><span class="Apple-style-span" style="font-size:medium;"></span></span></span></div></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com1tag:blogger.com,1999:blog-3203187410045777281.post-80448109039470543832008-09-11T12:18:00.000-07:002009-11-16T14:57:36.754-08:00The NEWS Equation<div style="text-align: justify;"><blockquote></blockquote>Our life today is controlled by media. Be it newspaper, television, radio or the internet, we depend on news for a lot of our day-to-day decisions and sometimes even blindly. This fact is well understood by Media companies, Governments and Businesses alike. Unfortunately, it is also being used actively to mislead the common man. News today is no more the simple raw information but it undergoes a complex process of editing and mixing before being delivered. Thinking over it for some time, i feel that the Media companies operate a huge mixer which continuously churns out news according to the following equation <span class="Apple-style-span" style="font-weight: bold; "></span></div><div style="text-align: justify;"><span class="Apple-style-span" style="font-weight: bold;"><br /></span></div><div style="text-align: justify;"><span class="Apple-style-span" style="font-weight: bold; "><blockquote>NEWS = x% Information + y% Hype + z% Personal Biases + w% Political Biases </blockquote></span></div><div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Different media companies use different values for x, y, z and w and yield different types of news. A case in point is the recent news about the bootup of Large Hadron Collider (LHC) in CERN. A channel called <span class="Apple-style-span" style="font-style: italic;">Aaj Tak </span>in India ran a TV series which would have made a layman believe that the bootup of LHC would destroy the world. In this case, their percentage of hype was very high and little factual information was presented. Even if they would have done a simple google search for LHC and the myths surrounding LHC, they would have realized that speculations about formation of massive black holes have been long dismissed by emminent Scientists. But the media today is more interested in their own TRP ratings and very little interested in presenting facts. </div></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com3tag:blogger.com,1999:blog-3203187410045777281.post-7148863500539246892008-08-23T12:00:00.000-07:002009-11-16T15:07:26.148-08:00When will people learn ?<div xmlns="http://www.w3.org/1999/xhtml"><div align="justify">Airtel (one of India's leading cell phone providers) has recently tied up with Apple to offer the iPhone 3G in Indian market. Everything is good but is the following sort of sales pitch necessary to sell of iPhones?? Airtel is quoted <a href="http://www.engadget.com/2008/08/23/indias-airtel-claims-deadliest-hackers-still-cant-crack-its/">here</a> as saying :<br /><br /><blockquote>"even the most deadly hackers on the planet won't be able to crack the<br />codes that support the iPhone's Airtel applications with rival company<br />SIMs."<br /></blockquote><br />My question is : WHY ???. Even if you really have provided tamper-proof security, throwing a n open challenge to the highly skilled and distributed hacker work force on the internet is nothing short of the proverbial "hitting the axe on your own leg". Such stunts may be good to test your products before entering the market but not once the products are already out there. Such stupidity has surely attracted the bees and its just a matter of time before the bees sting.<br /></div></div>Arun Viswanathan aka n30bli7zhttp://www.blogger.com/profile/03355069018136283755noreply@blogger.com2