If you find yourself in China or some other country that puts up firewalls blocking access to web sites that offer views which governments don't want you to know then check out which tools a recent Harvard study found are the best to use to get around internet censorship attempts.
Ten tools--some commercial products and some open-source, nonprofit efforts--were tested for the new study, which was conducted partly in a lab setting at Harvard and partly in cybercafes in Beijing, Shanghai, Hanoi, and Seoul. Hal Roberts, a senior researcher at Berkman, visited the cafes and ran the circumvention tools through their paces. The best tools overall were found to be Ultrareach, Psiphon, and Tor, while Dynaweb and Anonymizer also scored well. Others suffered greater problems with usability or security.
Load up your laptop before international travel so you can get thru to your favorite sites from cyber cafes.
A recent terrorist attack in Mumbai (still really Bombay according to a friend from there) India focused on Americans, British, and Israelis. Terrorists seek out people from those countries as preferred victims for torture and killing. Well, chips built into American passports can make it easier for terrorists to identify a clustering of Americans abroad.
But RFID-chipped passports may present a terrible attack surface simply by existing. RFID chips don't actively announce their presence, but inexpensive and widely available readers can sense them -- and can sense when there are a number of them gathered together.
One security professional who travels internationally (and asked that he not be named) suggests that if terrorists wanted to pinpoint the location of large groups of Americans (a guided tour? a popular expat hangout?), the specific information on any one RFID chip would be far less useful than the simple ability to sense where a bunch of RFID chip carriers were grouped -- the very fact of their grouping may be information enough. Under those circumstances, grabbing the unique number(s) doesn't matter, since the specific ID data is unimportant; all that matters is the presence of the chips, and thus the targeted Americans.
Savvy owners of chipped passports or cards keep them in Faraday-cage wallets or sleeves. Faraday cages being what they are, not every kind of cage blocks every frequency, but the chips used in passports can be blocked fairly effectively...until you get to the TSA security checkpoint and your passport jacket sets off the metal detector.
Some security experts think these chips are too cheap and basically too easily hackable to provide a real increase in security.
My take: the chips could allow the automation of database look-up to find a relevant record for the person carrying the passport. Scan the card to get an ID number. Use the ID number to find the person's record. Then compare the record's information with results from a biometric scan (e.g. fingerprint or eye iris scan). In other words, we can't rely on a person to carry chip with a record that says anything accurate about them. But a chip, even if not reliable, could speed up the detection of whether the chip has been hacked or the person presenting the passport is trying to fake their identity.
What the web needs: A site with comparative feature matrices for various types of products. It is hard to wade thru and find what you need. I end up finding out about missing features by reading Amazon reviews ("you wouldn't believe it but this unit lacks a back-up battery"). Seems inefficient.
For example, I want to find a CD Clock Radio that can:
- Wake me up to the CD track of my choice.
- Has battery back-up so settings aren't lost on power outages (beware lots of Sony clock radios lack this feature)
- Has a clock that glows very dimly at night. I don't want a night light clock.
- Can connect with an MP3 player (or, better yet, even be an MP3 player).
- Has an aerial that lets you extend it for good reception.
- Date aware: Automatically handles leap days and daylight savings time.
- Good quality speakers and durable CD drive and generally good quality construction. I don't need low price.
- Shows the time even while playing music (beware they don't all do this).
Finding verification that any given CD clock radio product even can do the first two items on my list is hard to do. I don't expect to find a product that has all the items listed above. But I absolutely want a back-up battery and ability to choose the CD track to wake to.
TRAVELERS who don’t trust the water from a mountain stream or a hotel-room faucet have often used chemicals or filters to purify it. Now they have a high-tech option as well: swirl the water with a portable, lightweight wand that beams rays of ultraviolet light.
The wand can clean up a quart of water that is clear — but could harbor stomach-wrecking microorganisms — in 90 seconds. The high-frequency light damages the DNA of bacteria, viruses and protozoa in the water like giardia and cryptosporidium so they can’t reproduce and create havoc.
To make the disinfection process easier for users to monitor, one new device on the market, the Steripen JourneyLCD($129.95) has a liquid-crystal display that shows a countdown during purification (48 seconds for 16 ounces, 90 seconds for 32 ounces) and a smiley face at the end to signal that the job is done.
Steripen also has the Adventurer Handheld Water Purifier which appears to be an earlier model without the LCD display. It is about $30 cheaper. If you can trust yourself to wait a full minute to do the sterilization it could do the job for you. They've even got a solar recharger. So take it into the wilderness and purify water from mountain streams.
Note that floating pieces of leaves and other matter will prevent the UV light from penetrating and killing all the bacteria. You still have to filter the water. Also, the water can't be colored as the material that gives it color will also absorb the UV. You need clear water to use this device.
The title says it all. The practice of programming spam filters in POP servers to take email that is classified as junk spam and to "return" it back to the supposed sending email address is incredibly stupid.
Have you ever gotten junk emails "returned" to you that you never sent in the first place? I get them all the time. My web sites have email contact addresses that get used in spammer emailings. The spammers do not use my pop server. They use other pop servers and just put one of my email addresses as a return address. Actually, they usually do not even do that. They use the @futurepundit.com domain and put some string in front of that domain to create what looks like an email address. Then they send out spam with a fake return address that uses a known legal registered domain.
Oh the irony. The spam filter POP servers that bounce the spammer emails are themselves generating spam by bouncing the spam messages back to email addresses that do not exist. My pop server routes those spams to my default email address and I get dozens or even hundreds of bounced emails on some days.
POP server administrators and spam filtering software developers should not configure filtering software to bounce spam. They should just delete it and stop contributing to the problem.