Gathered from 6-28-05 meeting…

* Pilot group is projected to include approx 100 people (all from IT)

* Eventual roll-out will be to all users (approx. 600 — there’s apparently some controversy about this)

* Client stressed that the transition should be “painless” and “transparent” (I project that “painless” is mostly achievable but “transparent” is a fantasy)

* Senior ranking personnel’s workstations will be done in person

* Investigate software distribution methods for new client connectivity app

* There won’t be (as far as we know now) an upgrade of firmware/operating system of 3030
* Create back out plan

* Note that user profiles set on current connection app performs fail-over from one 3030 to another
* There is no Win2k3 in the environment

* There won’t be any load balancing employed

* There won’t be an analysis of SSL over VPN

* Sign On Manager should be carefully studied

* Impact assessment: Citrix infrastructure

* Citrix impact should be determined before Sign On

Rough draft

client —> 3rd party auth service —> auth token passed on to 2-factor infrastructure

file under tech annoyances…

If you’re only talking about simple communication — i.e. wireless access point talking to wireless card without encryption enabled — the Linksys BEFW11S4 router is fully compatible with the Linksys WPC54G wireless card.

Things get hairier however once encryption is enabled.

With the following settings:

* WEP 64 bit

* open system/ or shared key

* key generated by paraphrase

The card, installed on WinXP SP2 is unable to connect to the AP.

With this security config on the router:

* WPA TPIK

or

* WPA PSK

The card and the AP are able to communicate but the key renewal cycle causes an unacceptably high number of connection drop outs (which makes general networking and web browsing bad enough but chokes any streaming media connectivity to practical impossibility).

Didn’t try this with a Linux client (Ubuntu, which I have handy) to see if the behavior’s different — didn’t want to deal with NDIS wrapper issues on top ofthis.

So, what have we learned?

We’ve learned that the WPC54G is not, at all encryption levels, a nice player
with the BEFW11S4 b router.

So, I’m going to upgrade the router to the WRT54GS.

.d.

file under SMB tales to be saved…

According to ancient legend (by which I mean, a message left on my answering machine just yesterday) there once was a stripper who was too, too fond of OxyContin.

One day, while rounding the pole and performing some stripper-tastic maneuver she slid onto the stage…

…and fast into a narco-assisted sleep.

There’s an alternate version of the story (an alternate which I’m making up, even as I type this): she reanimates and becomes a latter day version of the sonambulist featured in “The Cabinet of Dr. Caligari”

Only, a stripper, and in color.

file under information freedom…

The People Own Ideas!
By Lawrence Lessig June 2005

We entered the youth camp that morning by passing down a long, white gravel road and under a wooden gate. Spread to one side, and for as far as you could see, were rows and rows of tents. In front were scores of showers, with hundreds of kids in swimsuits milling about, waiting to rinse. It felt like a refugee camp.

In a sense, it was. More than a hundred thousand had descended upon Porto Alegre, Brazil, to attend the World Social Forum, a conference intended to offer a progressive alternative to the much smaller, and much more famous, World Economic Forum meeting at Davos, Switzerland (see “Letter from Davos,” April 2005).

Just past the showers was a sprawling collection of wooden huts, connected by a canvas spread across their roofs. This was the free-software lab. To the right, there was a training room, with more than 50 PCs arranged along long tables. At the far end was a large screen, where 20 to 30 kids were watching an instructor explain the workings of some video-editing software. Every machine was running free software only–GNU/Linux as the operating system, Mozilla as the browser, and a suite of media production software, most of which I had never seen on any machine anywhere.

The room was being prepared for what seemed like a disco. Three DJ-like characters were huddled over a table full of machines, testing sound and twiddling fantastically elaborate controls. They were not DJs, however, but VJs: video jockeys who were preparing a demonstration of the tools they had built (as they described it) for “recycling culture.” The music would, for all I know, not have been out of place in the coolest New York dance club; but the images were a collage of television and color presented in a way that I had never seen before, anywhere. As the music played, video samples were scratched across the screen. The VJ operated a turntable-like controller, which drove powerful digital video equipment designed to mix images, not records.

In another room, the yellow light filtering through the canvas roof bathed another 50 machines. John Perry Barlow, former lyricist for the Grateful Dead and cofounder of the Electronic Frontier Foundation, sat stooped over his PowerBook chatting with someone. He looked up with a smile. “It’s [New York Times writer John] Markoff at Davos.” Obviously, Wi-Fi bathed the room as well.

Inside the room, a group of five or six Brazilians was waiting there to meet us. A film crew waited as well. They were shooting a documentary. The Brazilians were our guides, and I was there to understand what a “free software lab” was all about.

[...]

full here…

file under computer security….

We describe a new web entity attack technique HTTP Request Smuggling. The attack technique and the derived attacks are relevant to most web environments and is the result of a HTTP server or
devices failure to properly handle malformed inbound HTTP requests.

HTTP Request Smuggling works by taking advantage of the discrepancies in parsing when one or more HTTP devices/entities (e.g. Cache Server, Proxy Server, Web Application Firewall, etc.) are in the data flow…

[...]

full here…

file under new tech…

The world’s smallest brushes, with bristles more than a thousand times finer than a human hair, have been created by researchers in the US.

The brushes can be used for sweeping up nano-dust, painting microstructures and even cleaning up pollutants in water.

The bristles’ secret is carbon nanotubes, tiny straw-like molecules just 30 billionths of a metre across.

They are incredibly tough and yet flexible enough that they will yield when pushed from the side.

The researchers behind the brushes were led from Rensselaer Polytechnic Institute in Troy, New York. Their work is reported in the journal Nature Materials.

[...]

full here…

New music