jump to navigation

Windows NT Security Systems March 2, 2012

Posted by John Ruby in Archives, Security, Technologies.
Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
add a comment

Windows NT Security Systems

The starting point for strong Internet security is the operating system of any machine connected to it. Fortunately for the organizations using IIS 4.0, strong levels of security were built into the core of Windows NT in order to meet and exceed certifiable security standards, i.e. the C2 security guidelines required by the U.S. Department of Defense’s evaluation criteria. Windows NT security contrasts sharply with the thin and weak security layers that are bolted on to the top of some other operating systems.

Compliance with the C2 security standard was originally only required for government organizations. However, many commercial organizations are demanding the same level of security, and they recognize the value that such standards offer. The main requirements for C2 compliance are:

  • User identification and authentication. Before gaining access to the systems, a user must prove their identity. This is typically done by providing a user-id / password combination, for example by entering the details via a keyboard or by the presentation of a device such as a smart card which stores such information.
  • Discretionary access control. Each object within the system, for example files, printers and processes, must have an owner—who can grant or restrict access to the resources at various degrees of granularity.
  • Auditing Capabilities. The system must provide the ability to log all user actions and object access, and include enough information to identify the user that performed any operation. Such information must only be accessible by system administrators.
  • Safe Object reuse. The system must guarantee that any discarded or deleted object cannot be accessed, either accidentally or deliberately, by other entities.
  • System integrity. The system must protect resources belonging to one entity, from being interfered with by another entity.

The C2 guidelines are applicable to standalone systems, and are specified in the document Trusted Computer System Evaluation Criteria (TCSEC). Fortunately, to make life simpler, this is often referred to as the Orange Book, thanks to the color of its cover. Other specifications that expand on the Orange Book include the Red Book for networking, and the Blue Book for subsystems.

Obtaining C2 certification is a long and complex task, and Microsoft are pushing hard for complete certification. Windows NT has passed the Orange Book certification process (for a standalone PC, not connected to a network) and is on the DOD’s official list of evaluated products. At the time of writing, Windows NT 4.0 is undergoing Red and Blue book evaluations.

Read More…Windows NT Security Systems


Microsoft TechForum unveils three research projects (video) — Engadget February 28, 2012

Posted by John Ruby in Microsoft Research, Technologies.
add a comment


Microsoft TechForum unveils three research projects (video) — Engadget


TechForum is a Microsoft-sponsored shindig where the company can get together, party, and then show off its latest and greatest research projects. First up we’ve got a transparent interactive 3D display which builds on technology from Cambridge University’s HoloDesk project. Next is Holoflector, a "magic mirror" that overlays LCD projections onto your reflection. Both of these two projects rely heavily upon Kinect as more projects find the potential in the little sensor. Finally there’s Illumishare, a pair of overhead projectors / cameras that share a desktop space with a colleague when you need to look at the same thing. After the break you can see all three concepts in action and you can learn a little more about each at our source links.

Forget Intel’s Thunderbolt, Wireless USB is the game-changer | ZDNet March 13, 2011

Posted by John Ruby in Technologies.
add a comment


Last week Intel made a big deal about the official launch of its Light Peak technology — now called Thunderbolt — which enables much faster data transfers (10Gbps) and the ability to consolidate accessories and video connections into one cable with a connector that is half the size of a USB plug.

While those are useful features, the arrival of Thunderbolt had me scratching my head and asking two big questions:

  1. What happened to USB 3.0?
  2. Where’s Wireless USB?

Both of those technologies have been in development for years, but somehow Light Peak/Thunderbolt was able to leapfrog them, at least in terms of getting the green light from Intel and its partners.

Some of that certainly has to do with Apple getting on board with Thunderbolt. Apple’s new line of MacBook Pro laptops are the first computers to include Thunderbolt. Also, while Thunderbolt was originally expected to use the same type of connector as USB (a confict with USB-IF apparently prevented that), when Thunderbolt was unveiled last week it was surprisingly announced that it will use a Mini DisplayPort connector — a technology developed by Apple and licensed without a fee.

One of the big advantages of Thunderbolt is that it’s capable enough to handle LCD monitors and other displays so it can replace the need for VGA, DVI, or HDMI ports on laptops and desktops. That means users only need to worry about one type of cable for all of their accessories. However, USB 3.0 (also called “SuperSpeed USB”) has been developing the same thing. A number of display manufacturers have mentioned to me in recent years that USB 3.0 will eliminate the need for those other video connectors in computers and allow users to connect their monitors to a USB port. Will display makers dump the work they’ve been doing preparing for USB 3.0 and switch to Thunderbolt? I doubt it, at least not right away.

Also, keep in mind that USB 3.0 is backward compatible with the millions of existing USB peripherals as well, while Thunderbolt will require adapters to work with them. The only drawbacks to USB 3.0 versus Thunderbolt are 1.) it’s half as fast (5Gbps for USB 3.0 vs. 10Gbps for Thunderbolt) and 2.) the USB 3.0 connector is a little larger.

However, the real missed opportunity here is Wireless USB. That’s the technology that I would love to see Intel pushing instead of Thunderbolt. Sure, Thunderbolt will deliver faster file transfers and consolidate cables, but Wireless USB is a much bigger game-changer. It can reduce accessory cables altogether and has the potential to introduce a universal wireless docking solution that could turn the computing industry on its head. In fact, the latter is probably why Intel isn’t pushing it — that type of radical change isn’t in their self-interest. More on that in a moment.

First, let’s talk about the elimination of accessory cables. This is long overdue. At the same time Wi-Fi first came on the scene a decade ago and launched the concept of the WLAN (that’s wireless local area network), there was another hot new term at the time called PAN (personal area network). The idea was that not only would computers connect wirelessly to corporate networks and the Internet, but that there would also be mini wireless networks centered a desktop or laptop machine itself, in order to connect mice, keyboards, monitors, printers, scanners, headphones, PDAs (now smartphones), etc. The hope back then was that Bluetooth would be the enabler of the PAN, but that hasn’t happened because Bluetooth is flaky, slow, and difficult to set up. To make the PAN happen, we need something more robust like Wireless USB.

Building on that concept of the PAN is the idea of the wireless docking solution — this is the killer feature of Wireless USB. Accessory makers have been chomping at the bit for a couple years to get this because it would make it infinitely easier for mobile users to dock a laptop to a full monitor, keyboard, and mouse (using a Wireless USB connection a laptop could simply connect to a dock that has legacy peripherals plugged in).

In fact, it would not only be easy, it would turn Wireless USB into a universal docking solution instead of the current situation where each laptop maker has its own proprietary docking connectors and then badly overcharges for the docks. A universal wireless docking solution would have two big effects for mobile users — it would make docks a lot cheaper and it would likely spawn a lot more places to dock. For example, offices and other institutions could set up public work areas where people could dock to work no matter what platform they are running (Windows, Mac, Linux, iPad, etc), as long as it has Wireless USB. I can even imagine Internet cafes offering docking areas.

However, once we take this idea one step further, then we start to see why Intel may not be so enthusiastic about it. Think about the Motorola Atrix. This is a dual core Android smartphone with 1GB of RAM and Motorola’s “Webtop” software, which allows it to look and act like a full PC when loaded into the desktop dock (with monitor, keyboard, and mouse) and the laptop dock.

Now imagine if the Atrix and other dual core smartphones could perform the same feat, but without having to dock at all by simply using Wireless USB — which offers plenty to speed to accomplish this with 480Mbps at 3 meters and 110Mbps at 10 meters. Suddenly, a lot of smartphones would become potential PC replacements. Same goes for tablets. They could wirelessly dock and become full desktop computers when people needed to do more serious work. Since virtually all smartphones and tablets are powered by mobile ARM chips rather than Intel chips (and Intel has repeatedly been unable to break into the mobile market), this scenario could be apocalyptic for Intel because it would enable people to replace (Intel-powered) laptops and desktops with (ARM-powered) smartphones and tablets.

However, this scenario would be fantastic for consumers and business professionals. But, without Intel to push Wireless USB, who will step up and lead the charge? I’m looking at you, NVIDIA, Qualcomm, Motorola, and Samsung.

Forget Intel’s Thunderbolt, Wireless USB is the game-changer | ZDNet

Talking about Connecting to Kademlia in eMule | THE source for BitTorrent & P2P Tips, Tricks and Info. | FileShare July 26, 2009

Posted by John Ruby in Torrents.
add a comment

Connecting to Kademlia in eMule | THE source for BitTorrent & P2P Tips, Tricks and Info. | FileShare


Kademlia (KAD or Kad) is a serverless network used primarily to index files shared by eMule clients. Clients can connect to the eDonkey network and use it to find sources for files, without the need for mediary intervention (in this case, “servers”) to track down and find files among connected peers.

The Kademlia Network & its Significance

Since KAD is a decentralized (DHT) network, eMule users don’t have to rely on the validity of eDonkey (eD2k) servers. Think of it as a ‘direct connection’ to other peers on the eDonkey network – without the (otherwise necessary) interaction of a centralized eDonkey server.

KAD is a viable implementation, for the reason that it nullifies the dependency upon eDonkey servers:

1.If a server is temporarily offline, closed or even shut down (purposely or forcibly), users can still search, find and download files from other KAD-connected peers (nodes). Not only does this increase search results from nodes spanning across all of the servers, but it also significantly heightens the number of sources for files. Residual benefits include higher download speeds and access to otherwise unfindable “rare” material.

2.“Bad” eDonkey / eD2k servers have no ill-effect to the KAD network (directly), thus there are fewer decoy and spoof files. It’s safe to say that anti-P2P agencies have a much more difficult time polluting the network as a whole.

However, this does not take away from viruses and malware that are relatively common throughout eDonkey releases. Take extreme caution when searching for applications and software (and never search for ‘crack’ files or keygens).

eMule & KAD

Concurrent Usage of KAD and eDonkey Servers – the Significance:

Technically, eMule v0.48a users can connect to KAD without the need to connect to eDonkey “servers” – although we recommend using servers and the Kademlia network for added connectivity. Both are recommended due to the fact that some spinoffs of the original eDonkey client don’t support KAD (such as eMulePlus and certain “mods”, and other offshoots), thus these users won’t appear in eMule ‘KAD-only’ connections (or search queries). Plus, some people simply can’t connect to KAD – hence the persistent popularity of using eDonkey servers / serverlists.

It’s recommended to connect to a good ‘viable’ server, in addition to using KAD. We’ve found that after a fresh installation of eMule (v0.48a), it won’t connect to KAD nodes when previously not connected to any servers. This is because eMule attempts to connect to KAD (by default) by bootstrapping to known clients (typically, ‘nodes’ that it imported through the initial connection of a server). It should be noted that there are workarounds for connecting to KAD without initially connecting to servers (such exceptions include using eMule “mods” with built-in KAD-nodes (either lists or updating URLs), or manually adding in nodes from a pre-ordained database or URL).

Using KAD through eMule

By default, eMule automatically attempts to make a KAD network connection between peers. During the installation of eMule v0.48a, it will prompt you whether or not you wish to connect to KAD (when starting eMule). Put a checkmark in this box. These settings can be changed in eMule > OPTIONS > Connection. Here’s a few other things to check, as well:

1.Select “Autoconnect on startup”, and select the desired “Networks” (KAD, eD2k).

2.Change your Download/Upload speeds.

3.Use “good” port numbers (The Dynamic and/or Private Ports are those from 49152 through 65535). These normally work best.

4.You can test your ports by clicking the “Test ports” button.

5.Save your new settings – click “Apply” and “OK” to close.

Back in eMule, select the KAD menu icon, click “Connect” – the ‘Contacts’ number should begin to update. If not, try connecting to an eD2k server and then re-attempt the KAD connection.

Another option to connect to KAD: Connect to an eD2k server with a high user-count – i.e. Razorback 3.1. Conduct a search, and download a file (any file will do – preferably something with many sources). Wait for the sources to update and the download to commence. Now, go back to the Kad window, and click the “Bootstrap” button. This should launch a connection to the KAD network.

Manually adding ‘KAD Nodes’

If the KAD connection fails, or doesn’t appear “connected” (and Bootstrapping didn’t work), you have the option to manually input a viable list of KAD-nodes into eMule. One reliable source for working nodes is www.nodes-dat.com. Here you’ll find a constantly-updated online nodes.dat (database) file for use in eMule. Here’s how to import it:

1.Visit www.nodes-dat.com and click on “download live nodes.dat“, save it to your hard drive.

2.First, make certain that eMule is completely shut down. Copy “nodes.dat” into your C:\Program Files\Emule\config directory (assuming that’s where you’ve installed eMule). If asked, replace the older nodes.dat file with this newer one.

3.Start eMule. Click on the “KAD” menu icon, and click on the “Connect” button to the right. Be sure that “From known clients” radio-button is selected:

NOTE: KAD connectivity will engage regardless of whether or not you’ve ever connected to any servers through eMule (although it sometimes works best when connected to a server in conjunction to KAD). The KAD-only connectivity is validated in the bottom right corner, noting that eD2k is not connected:

Next to that line, verify the number of connected users. You should notice the statistics are for ONLY KAD-connected peers, while not connected to any eD2k servers. Stats below show a connection to 2.9 million other KAD users, sharing a total of 348 million files.

NOTE: Another ‘nodes.dat’ file can be found here – www.emule-inside.net/nodes.dat. Download, save and add to eMule the same way as above.

‘Searching’ the KAD Network

To conduct a search from within the KAD network, click on the SEARCH menu icon, and from the “Method” dropdown box, select ‘Kad Network‘. All queries will now be sent through only KAD.