Automatic Login for Windows XP & Mac OS X

 Computers, Macintosh, Tech Support, Windows  No Responses »
Nov 162010
 

This feature allows other users to start your computer and use the account that you establish to automatically log on. Enabling auto logon makes your computer more convenient to use, but can pose a security risk since anyone can just turn the machine on and access your files.

Mac OS X

This may vary slightly depending on the Version of Mac OS X you are running on.  The steps should be the same, but the positioning of the buttons / prompts can be different…

  1. Open System Preferences
  2. Choose Accounts
  3. Click on Login Options
  4. Unlock System Preferences (if Necessary)
  5. Click on Automatic Login, and choose from the pop up the account you wish to use.  Verify the password.
Windows XP

You can configure Windows XP to automate the logon process if your computer is not part of a domain. Computers configured in a business environment generally have a domain and for those machines the option “Users must enter a username” is not necessary since password has to be used when accessing the local area network or domain.

  1. Click Start, click Run, and type control userpasswords2. This is a shortcut instead of having to click on Start -> Control Panel -> User Accounts.
  2. Uncheck the “Users must enter a username and password to use this computer” check box.
  3. Click Apply.
  4. Enter the user name and password you wish to automatically log on with, and then click OK.
  5. Click OK again and you’re all done.
 Posted by Benjamin at 5:49 pm  Tagged with: , , , , , ,

First Google TV Teardown reveals 2008 netbook inside…

 Computers, Hardware, Recreation, Television  No Responses »
Oct 252010
 

iFixit has torn apart a Google TV Revue, and discovered a few things…  I’ll summarize, but please go to First Google TV Teardown for the full details…

  • 1.2 Ghz ATOM processor
  • 1 GB DDR3 RAM
  • 5 Gb of NAND (Flash) memory for storage

So not a remarkable machine for $400-500, plus accessories….

 Posted by Benjamin at 10:09 am  Tagged with: , , ,

Not so shocking: TV networks block Google TV

 Recreation, Television  No Responses »
Oct 222010
 

Surprise, Suprise, Suprise…

Evidently ABC, NBC and CBS appear to be blocking Google TV from accessing the TV shows on their own sites…. And Ars Technica looks at the background of this…

Not so shocking: TV networks block Google TV.

 Posted by Benjamin at 1:24 pm  Tagged with: , , ,

What Does “On My Mac” mean in Apple Mail? Or “On My Computer”, etc.

 Computers, Education, Tech Support  No Responses »
Oct 072010
 
Apple-Mail-On-my-mac.png

We’ve all seen it.  The little “On My Mac” label in Apple Mail, or Entourage’s “On My Computer” label…

Apple Mail - On my mac.png

Almost every modern mail package offers a similar feature, but many people don’t understand what this means…  So here’s the scoop.

There are three different major ways to handle email:

  • Post Office Protocol (POP 3)
  • IMAP

POP, or Post Office Protocol is an older standard from 1984.  The core issue with POP is it is designed to remove your mail  from the server and it is only stored on your local machine.

Pros:

    • Your Mail is stored locally so the server does not have to have much storage or processing power, excellent for old hardware.
    • Supported by just about every mail package on the market due to it’s age

Cons:

    • Your Mail is stored locally, so you can not share mail between mail clients, without duplicating each mail message.
    • Does not support folder access on the Server (all folders are local to your machine).
    • No multipart messages, or Flag Support

IMAP, or “Internet Message Access Protocol”, was designed in 1988 to fill in gaps that Pop created.  For example, the major issue with pop is that you are unable to share basic information between different mail applications.  So IMAP allows the server to track if a message has been read, deleted, forwarded, etc, so that all IMAP clients are aware of this.

Simply stated if you check your mail from home, when you get to work, your work mail will be read as well.  Anything you delete from your work computer, will also be deleted from your home computer.  You also can have folders that are on the server so you can organize your email, and depending on the installation IMAP supports server based searches.

Pros:

    • Tracks the state of your email, and your mail clients can use this information to keep themselves all in sync.
    • Supported by almost all major email packages
    • More robust, and you can have multiple email programs using the same email account simulateously.
    • Folders can be created, and stored on the server, allowing all applications to access those mail messages.

Cons:

    • Your mail is stored on the server, but most email packages cache the mail locally to help reduce any lag…  As well as granting off-line access to your mail.
    • More complex then POP, and slightly slower, depending on the mail application used.
    • Has a larger “disk storage” requirement than POP3.

So, in Apple Mail, you will see the Server name, and the “Inbox”.  If you have an IMAP connection, you can place folders on the server and organize your mail on the server.  The “On My Mac” or “On My Computer” refer to folders / mailboxes that have been created on your local computer and stored there. If you have a computer failure, and don’t have backups, that mail will be lost with no way to recover it.

Now, Pop3 does have unofficial support for “Keeping your mail on the server for XXX days”.  But this is not a standard and how it works will vary widely  depending on your mail applications.  For example, some applications only allow 7 days, or up to 30…  But even so, your read / delete and reply status will not be stored with the mail.  So if another mail package connects and downloads the mail it will appear to be unread.

IMAP is currently the better choice, assuming it’s available.  In most cases your mail provider should support IMAP connections…

 Posted by Benjamin at 9:21 am  Tagged with: , , , , , ,

Driving & texting bans not effective… Of course, not…

 Education, Government, SAN Loss  No Responses »
Sep 282010
 

Texting bans for drivers not putting a dent in accident rates from Ars Technica:

Study after study shows that distracted drivers are far more likely to get into accidents, which has led a number of states to craft laws intended to limit one of the most significant distractions: the cell phone. Initial efforts focused on keeping both hands on the wheel by mandating hands-free use, but more recent versions have cracked down on texting while driving. Now, a study of accident rates indicates that the bans may not be having the desired effect, as accident rates may actually be increasing in some states that have enacted them.

The study was done by the Highway Loss Data Institute, a nonprofit that is supported by auto insurers and has access to their data on accident claims. This isn’t the first time that the HLDI has waded into this territory; earlier this year, it performed an essentially identical study on accident rates that followed cell phone bans, and also concluded that the legislation had little effect. (Other studies indicate that there may be strong regional effects that are missed in statewide analyses.)

Here’s my view point.  It’s virtually impossible to enforce, after all, here in NY State it is also illegal to be on a cell phone without a handsfree device.  Does that stop anyone?  Not at all, I see plenty of people just talking away with their phones craddled inbetween their ear & shoulder while driving.

If the law is not enforceable, then don’t pass it.  There are already way too many non-enforceable  laws in place as is.  A 1% (a made up percentage!) enforcement rate doesn’t encourage other people toobey the law.  For anyone to be concerned about the law, they must know that they will be caught, or believe that it is likely that caught.

Marginal enforcement will not change people’s attitudes, all it does is act as a slight penalty, and give the state additional funding (via the fines).  It also allows the law to be used retroactively.  For example, someone was caught speeding, and the officer see’s the person on the phone without a handsfree device, or texting, he now has two charges instead of one.

via Google Reader (602).

 Posted by Benjamin at 2:43 pm  Tagged with: , , ,

Finder reporting -10004? What’s that?

 Macintosh, Tech Support  No Responses »
Sep 132010
 

Snow Leopard introduced significant changes in user permissions. That error is:

-10004 A privilege violation occurred.

Now in layman’s terms, what does that mean?

It simply means that whatever user is attempting to write to the directory doesn’t have permission to do so.  In otherwords, let’s say that the computer has two users:

  • Parents Account
  • Kids Account

And the Parent’s install “Wonderful Kids Game ABCDEF”.  When the kids login, and attempt to run “Wonderful Kids Game ABCDEF”, and it works for a few minutes, but then dies with a -10004 error…

Why?  The game was designed to save to a folder that the kids can’t write to.  That could be the Game’s folder in the Applications folder, or a different folder, but the Kids account doesn’t have access privileges to write to that folder.

Now often, this doesn’t happen, but this scenario is what the -10004 error is designed to report.

It likely means that you’re trying to write to a directory that isn’t writable (after your upgrade) from the IndigoServer process. You’re going to have to look carefully through any directories you write to and make sure that they are writable by the same user that launches the IndigoServer process.

via Google Reader (246).

 Posted by Benjamin at 10:40 am  Tagged with: , , , ,

How many access points are recommended (for Insteon)?

 House and Home, Indigo & Home Automation  No Responses »
Aug 262010
 

Well, this is a tricky question, since there is no one answer that is correct.

First, use the Insteon Health Tool, run it a few times, and get a decent average to see what s working and what is not.

Second, pull out your existing SignalLinc, and AccessLincs, and try the health tool again.

Next, with the SignalLinc and Accesspoints still disconnected, attempt to optimize your setup as is using the Insteon Health Tool.  If you have Dual-Band devices, can you switch them around to get optimal coverage?  etc.

Then introduce the AccessLincs back and test again.  Does changing the outlet with the Accesspoints improve the performance?  Once your satisfied, if you have any signallincs, add them back in, checking different outlets to see if it makes a difference.

In the past, the average Access point count is usually been 2-4 depending on the size of the house, if it’s a multiple floor building, etc..  But with the Dual Band devices coming out, it reduces the need for SignalLincs / AccessLincs.  A safe recommendation is that if  possible, when purchasing hardware, purchase dual-band devices…

In my house, I have 2 AccessLincs, and 2 signallincs…

Also, remember, Signallincs are not AccessLincs.  AccessLincs have a different center frequency, data rate, and better RF hardware.  I also believe that the Signallincs just repeat the command received by the other signallinc.  It is simple a repeater, whereas the AccessLincs will also handle as a RF transceiver.   So remember to have your Wireless devices near a AccessLinc, not a Signallinc.

 Posted by Benjamin at 1:02 pm  Tagged with: ,

Indigo Server authentication

 Computers, House and Home, Indigo & Home Automation, Networking  No Responses »
Aug 122010
 

I am working on an python wrapper around the Indigo Restful interface, and discovered that the Indigo Server requires remote logins to be with a Digest based password.  Is this good?  Yes, indeed it is.  Digest authentication is designed to be the significantly more secure and when your talking about the security of your home authomation you would prefer it to be secure.

But what is Digest Access Authentication?  The digest access authentication was originally speced in RFC 2069.  In this, the password is encrypted by a nonce (Number used once), and is used to calculate a MD5 digest of the password.  So no plain text passwords, and due to the nonce (among other things) your password is not a simple reversible hash.

What does the Nonce do to help?  Why a Nonce?  This makes the encryption key change each time there is a authentication challenge, and thus making replay attacks, and dictionary attacks, virtually impossible to break the encryption.

But this security is not impossible to defeat.  If your password is too simple, for example, 12345.  In theory, an attacker could attempt an brute force attack, and see if they could match an valid password digest.

Advantages

HTTP digest authentication is designed to be more secure than traditional digest authentication schemes; e.g., “significantly stronger than (e.g.)CRAM-MD-5.

Some of the security strengths of HTTP digest authentication are:

  • The password is not used directly in the digest, but rather HA1 = MD5(username:realm:password). This allows some implementations to store HA1 rather than the cleartext password.
  • Client nonce was introduced in RFC2617, which allows the client to prevent chosen plaintext attacks (which otherwise makes e.g. rainbow tables a threat to digest authentication schemes).
  • Server nonce is allowed to contain timestamps. Therefore the server may inspect nonce attributes submitted by clients, to prevent replay attacks.
  • Server is also allowed to maintain a list of recently issued or used server nonce values to prevent reuse.

Disadvantages

Digest access authentication is intended as a security trade-off. It is intended to replace unencrypted HTTP basic access authentication, which is extremely weak. It is not, however, intended to replace strong authentication protocols, such as public-key or Kerberos authentication.

In terms of security, there are several drawbacks with digest access authentication:

  • Many of the security options in RFC 2617 are optional. If quality-of-protection (qop) is not specified by the server, the client will operate in a security-reduced legacy RFC 2069 mode.
  • Digest access authentication is vulnerable to a man-in-the-middle (MitM) attack. For example, a MitM attacker could tell clients to use basic access authentication or legacy RFC2069 digest access authentication mode. To extend this further, digest access authentication provides no mechanism for clients to verify the server’s identity.
  • Some servers require passwords to be stored using reversible encryption. However, it is possible to instead store the digested value of the username, realm, and password.
 Posted by Benjamin at 8:28 am  Tagged with: , ,
Page 1 of 6 1 2 3 5 6
© 2011 The Matrix Data BankSuffusion theme by Sayontan Sinha