Archive for November, 2006

Public-Key Cryptography is a very common technique used to protect sensitive information by encoding it in such a way that decoding relies on the extreme difficulty of some mathematics techniques (like finding the root factors of a prime integer). Today, a large part of our security is relying on this (including most of the secure communications over Internet).

But German cryptologist, Jean-Pierre Seifert (Universities of Haïfa and Innsbruck) seems on the bring of reavealing an unusual line of attack to this critical technology. He is set to present this in the next RSA conference in 2007. This could be a shattering blow to Internet security as we know it.

Essentially, the attack relies on the possibility to observe the operation of the CPU itself. Today’s microprocessors include a technique known as predictive branching that tries to anticipate results of some calculations. If the prediction is right, everything is very fast, if not the microprocessor still has to do a lengthy calculation. This results usually in huge performance improvements, but for the cryptologist it means that without knowing too much you can identify (from the exterior) what the microprocessor calculation results are, just by looking at the time it takes to do the computation steps.

This opens the door to a new generation of spying software that could rather easily crack the secret keys of some of the communications we consider quite secure. For the moment, since no precise details have been given, and since no demonstration has been made in the public, we are rather secure, but the vast majority of the specialists already consider that approach will certainly lead to a flurry of new easy-to-write spyware (before that cracking the secure key of those communications could take from years to millions of millenia of heavy computation; now we are speaking of near instantaneous break through).

Solutions exist. In most cases, it involves either a heavy modification of the microprocessor (Intel security manager is currently reported as unavailable for comments for the coming weeks and it does not look like an easy solution) or many software modifications that could have impacts from minor to nearly-impossible-to-implement in the real-life computer (software patches may not be possible to create for some of the applications since the problem comes directly from how the microprocessor makes its computation).

Sources: Various including PhysOrg.com and Le Monde.

You can expect this to be discussed at length in the coming months.

Even if I am usually in favor of designing web sites using tables, I wanted to provide a link to an interesting article taking exactly the opposite position: Why tables for layout is stupid.

For those wondering, my preference goes to HTML tables because they are easier to implement the 3-column designs that I prefer (those are really difficult to grasp in pure CSS).

OpenSUSE is one of the most famous GNU/Linux distributions. It got a recent additional attention when Microsoft announced that they would support specifically the execution of SUSE in the virtual environment that will come in the future Microsoft Windows Vista.

Knowing my previous failed attempt with SlackWare Linux, I decided to try again with another (hopefully better GNU/Linux distribution). Here is my experience for those who would like to know.

(more…)

Not only for exclusive insect and arhtropod lovers, but also for those who want to see nice photo snapshots, the spiders are a bottomless source of nice pictures. A web site is offering an impressive link collection about these: Arachnology.

Not all links are working (far from it), but the choice is impressive and leaves a lot to look at.

After a previous post about a photo ballad I made in Rambouillet, I decided to go back to the same location (a little South of Paris, France) and to try by myself again to surprise a few of the large animals that can be found here.

Since I was alone, I could take advantage of being more silent and discreet than a full group of amateur photographers and I could approach more easily some roe-deers.

Click on the thumbnails to enlarge them.

I had recently a significant problem while trying to upgrade a Windows 98 installation to Windows 2000 pro. Everything turn ugly (I clicked to fast on a button and could not provide drivers for my motherboard, the installation went bad in the middle of the update of system parameters), leaving the system in a very bad situation: Impossible to finish the installation, impossible to come back to the previous OS (it was already partly replaced) and the backup I had was so partial that I was not sure I could be confident.

That is when I decided to apply a solution that I knew existed but I did not try before. Knoppix is a GNU/Linux distribution that does not need to be installed to start on a computer. Actually, what they call a LiveCD is a CD-ROM that holds a full OS ready to start from the CD-ROM without any installation. Exactly what I needed!

A simple boot on the CD drive allowed to access to my hard drives, do the adequate backup, check the exact status of the installation and be confident enough to start a full Windows 2000 installation from scratch knowing that everything was fine.

Knoppix is recommended as a kind of insurance: Get yourself a copy on a CD-ROM. You never know when it will come handy.

Interestingly, even in the default distribution that I advise to use as a system toolbox, there is enough software to just play with multimedia files (I tried successfully to play MP3 audio and DivX video files). And there are also very useful applications like the OpenOffice desktop suite, Internet web browsers, a few games, a GDB debugger for those using the GNU development suites, etc.

We all noticed that our digital cameras offer a button (or a menu) to choose different sensitivity ISO settings. The casual user would note that the higher this value (let’s say 800 or 1600 ISO), the easier it is to snap a photo in a dimly-lit room or to stop the motion of a fast moving model (like kids, for example).

So, why not always set the higher possible ISO?

Actually, there is a big disadvantage to it. The higher the ISO setting, the worse image you get. Like for analog film cameras, high ISOs mean that the technology has to grab more information out of less light. The digital camera sensor needs as much light as possible and setting a high ISO just means that the sensor has to amplify the image more. Just like a relatively bad HiFi equipment, the higher the volume the more noise you’ll get. In film cameras, it meant grainy pictures.

In digital images, noise is this grainy slightly colored spots that appear all over the image and most spectacularly in the dark areas. In small compact cameras, 800 ISO may be much more than what we would accept as reasonable. Often, 200 ISO is a maximum acceptable level. In most Digital Single Lens Reflex (DSLR) cameras, 800 ISO is nearly always Ok. 1600 ISO may be usable but it’s not sure you’ll appreciate fully the resulting images.

So, I keep my camera locked to the lowest ISO setting (100 ISO for my Konica-Minolta Dynax-Maxxum 7D camera). I only go higher if the image cannot be shot any other way and I know for sure that the noise will only be a small inconvenience (small size prints, not trying to do artsy photos).

It’s your choice, now.

The dontclickit.com web site is an experience definitely interesting for all who (like you and me, no doubt) are used to intereact with a web site using the click of our mouse. This special web site - it is a research experiment about man-machine interfaces - is 100% usable without ever clicking on anything.

It’s really worth a try to learn how much we are now trained to use this simple tool. Just try it. But don’t click it!

Plenty of web sites try to attract you with free fonts (or other free items) and fail to deliver this. If you are lucky you will find a couple of ugly (but still free) fonts. Now, it is quite exceptional to find true top-quality fonts on the web. Vitaly Friedman just did this on his notebook with his 25 Best Free Quality Fonts.

According to my tastes, one of the best is Cardo. Have a look.

You certainly remember the (somewhat ephemereal) success of the many cultural CD-ROMs that appeared on the shelves five years ago to offer quality presentations of painters, museums, cities or historical periods (they were flourishing just before Christmas of course). Even if it did not disappear completely, this market seems to have been overwhelmed by the Internet and its nearly endless source of information.

Today, this is a 100% digital museum that you can find on the Internet: The musée Achéménide (the Achaemenid Museum). But if you no longer have to queue up in the entrance, the presentation of these museums is not always perfect. This is exactly what attracted me here: The excellent quality of the presentation of the web site of Collège de France where Pierre Briant, professor of “Histoire et civilisation du monde achéménide et de l’Empire d’Alexandre”, opened an exceptionnal set around the Achaemenid Persian Empire.

Here, you will find 8000 objects, including coins, seals, photographs and no less than 32,000 text documents or comments. The enormous data comes from the best scientific institutions (Le Louvre, British Museum, Bibliothèque Nationale de France and many others). This makes it a powerful tool for the scientific researcher and a very pleasant visit for the common tourist.

Another good web site about the Persian Empire: Persia.

Some time ago, I had noticed a technique to present and organize ideas whose name is Mind Mapping. I’m sure that specialist will say that I over-simplify things (an may want to add comments to complement this), but I got the feeling that it is merely a hierarchical organisation of ideas insisting on easy re-organisation (more a technique for managing ideas than a theory of idea organisation, but this is secondary).

For a long time, I kept the intent of verifying what tools could support such a promising approach and I recently found the opportunity to evaluate FreeMind, an Open Source Mind Mapping software for Windows, Mac, Linux, etc.

As a matter of fact, FreeMind behaves as well as could be expected for a small software application that must mix graphical and textual data, user-friendly interface (when you are trying to think straight about your important problem, you don’t want a klunky Man-Machine Interface to fight against you), and speed of execution. It is a real pleasure to entre ideas, modify them, re-organize them, browse them. What looks - at first - like a small application appears to be a very well-thought tool. A real success.

Then, it is up to you to decide whether or not the hierarchical organisation (or rather the spider-like or octopus-like organisation) fits your way of thinking, but I admit I was quickly won to the approach. The example I provide along this post may not be the best (the upcoming (?) availability of Windows Vista obviously infuenced my choice, I did not find the time or the mind to to do better and I could not decently present the mind map I worked upon at my job), but my feedback is very positive and I urge you to try it.

Side note: The wiki help web site is extensive and it also contains other examples and screenshots.

Slackware is a GNU/Linux distribution known for its simplicity, stability, and security. They announced the release of their latest production in terms of Linux installation CDs, so I decided to test-run it on one of my machines. Here is my experience with it. I hope it can help some people.

(more…)