Scientific blogging: Is it worth it?

Web 2.0 technologies have enabled the merging of different types of publications into one, the Internet, with millions of authors and billions of readers. Science is not an exception. Countless articles are presented in the Web as “scientific” in content, but there is a thin line between solid science and speculation. Are personal blogs appropriate for such everyday-science content and, more importantly, can they be trusted as true?

Well, blogs are not meant to publish research papers. Everybody knows that. The reason is not because of the content or the medium; it’s because of the intended audience. Many respectable public repositories of scientific papers like arxiv.org and citeseer.net contain a vast amount of true scientific knowledge. Scientific publications like Nature, Scientific American and New Scientist have their own blogging sections. Dedicated portals like Science20.com and Scientceblog.com publish thousands of science-related posts daily. There are even Facebook-like social networks for scientists, like ResearchGate and Academia.com.

There is a notorious “guide for authors” (pdf) for those who wish to actually publish a research paper in one of IEEE’s scientific journals. It illustrates, in a very graphic and hilarious way, the difference between a simple statement like “1+1=2” and the way it should be presented in a more impressive scientific form. The sad thing is, it’s not very far from the truth! Everyone who’s working on research and writes such papers has at least a few similar stories to tell, where a submitted paper was rejected in one journal as insufficient, only to get published in another with honors.

READ MORE >>

Advertisements

Remote office on demand via web 2.0

Ok, let’s say you left home this morning for an important meeting and, when you got there, you discovered that you have left the presentation file and the whole USB stick plugged on the PC back home. What do you do?

Most people would prefer a typical solution for remote access, like the Remote Desktop service on Windows or a VNC server on Linux. Usually, these server applications are configured to start on system boot and stay up, regardless if you need them or not. In the worst case, you may even forget all about them after some time, creating yet another security vulnerability for your system. Ideally, we would prefer the option of turning these servers on and off on demand, but the problem is that you’re not in front of your desktop PC to do so.

We have not yet found a way to “wake up” a server that it is not even running, so that you can connect to it and start it. Nevertheless, a combination of tools and web services can enable just that. I was wondering if it is possible to signal my home computer to start a server on demand, via a telephone (modem) or something, but I ended up in a much different and much more efficient way.

It seems that web 2.0 is becoming much more than a social thing. It can also be used a public “bulletin board”, accessed through various means and devices, making it a perfect “triggering” platform for web-enabled applications. Likewise, VNC is now becoming a standard practice for home and small-scale remote accessing, something like a mini-cloud architecture, for individual users for their own private needs. A combination of all these technologies can build up into a seamless service that can be characterized as a true “remote office via web 2.0” – definitely science fiction for those who have witnessed the birth of World Wide Web, only two decades ago.

Read the full article in my homepage >>

Reviving old hardware with Linux

A few months ago I decided it was time to replace my old laptop. It is an Acer Aspire 1302 series, with AMD AthlonXP @ 1.6 GHz, 512 MB RAM and 20 GB hard disk. As I wrote in the previous article about openSuSE 11.1, this machine is now so deprecated compared to today’s mini netbooks, that searching the net for “Acer Aspire 1300” returns almost entirely shops for battery replacements. It’s true, the main problem with old laptops like this is finding a “live” battery, so that it runs as a real “moving” laptop and not pugged into a power socket all the time. Of course, The second major problem is that, if someone wants to be up-to-date in some serious programming (or other) suite, every new software version renders the machine slower and slower…and slower……and slower…………..

Until now, my laptop used to “struggle” under Windows XP Home SP2. I had the chance to get a spare hard disk exactly as the one bundled with this model and I decided it was time to put the current disk away as-is and try something entirely new from scratch with the new disk, something more efficient and lightweight. I had already tried several live-CD distributions (primarily Linux) and most of them they ran smoothly, despite the tight fit into 512MB of RAM.

A set of live-CD tests, along with comments on performance and screenshots, are available on my website.

READ MORE >>

Everyday’s downtown adventure

It’s funny how easy it is to start the day with a specific “mind-conditioning” and, without even realizing it, ending up with another, just a few hours later. Maybe that’s why the tourists and foreigners who happen to see one of the (almost daily) demonstrations in the center of Athens can not understand how this is “just another day” for the rest of us.

Knowing that the center was blocked early in the morning, I went out heading to the University across town with the very real possibility of never getting there on time or never getting there at all. Underground, the city functions as coordinated and busy as always, people coming in and out of the metro stations normally. Above ground, the center looks like it’s mid-summer and half the population is on vacations. Almost no cars at all in some areas, tourists watch the “crazy Greeks” walking by demonstrators and heavy police forces completely indifferent, as if this happens every day (and it almost does). Tourists look around surprised, taking pictures, wondering if this is a national holiday or something, since many of the “restless natives” are sitting back in coffee shops, reading newspapers, laughing, arguing, nobody seems to care about it.

Well, since I’m not a tourist, I wouldn’t be an exception. I went out in the morning, stressed up and looking at my watch regularly, sending messages that I’m gonna be late. But when I realized that it was simply impossible to get to the University, at least not before all was done in our group meeting with colleagues and everyone else had left, suddenly everything became more “relaxed”. Half an hour later I was drinking my double-espresso too, reading a newspaper, just spending the time that I had already allocated to the meeting before returning to the rest of today’s work…

Reviving old laptops: the Linux option

Recently, I got the chance to “revive” my old laptop: an Acer Aspire 1300, with AMD AthlonXP 1.6 GHz, 512 MB RAM and 20 GB hard disk. This machine is so deprecated, compared to today’s mini netbooks, that searching the net for “Acer Aspire 1300” returns almost entirely shops for battery replacements.

Until now, it used to “struggle” under Windows XP Home, but I decided it was time to try something more efficient and lightweight. And here it is, as good as new, with openSuSE 11.1 (32-bit of course), full installation plus Matlab and some other tools:

openSuSE 11.1, setup finished

It seems that Linux is still the best way to revive old PC machines, discover more free space in the hard disk and get the most out of legacy hardware.

Old Nokia 1100 mobiles sold for 25.000 euros, firmware exploit for e-banking fraud

The news is a bit old by now, yet it still hasn’t gotten the proper attention by the mainstream media. Of course, for security experts, it’s no news at all. Everybody knows that cellular networks today are far from secure when it come to proper user/device authentication and firmware protection against tampering.

This incident proves two facts. First, the security in an ICT system is as string as its weakest link. And second, the public is totally unaware and uninformed about how security affects everyday life now, it’s not something that only freaks and scientists think about.

In short, the situation is this: The company (Nokia in this case) has used weak keys and/or encryption to its proprietary firmware on, very deprecated by now, Nokia 1100 mobile phones, or the keys have somehow leaked to the “public”. As a result, someone could read, decrypt, modify, re-encrypt and re-embed the firmware into the device’s EEROM. As all mobiles can be reprogrammed to recognize any phone ID in the network they’re connected (similarly to re-configuring a MAC address in an Ethernet card), a malicious user can reprogram such a mobile to “listen” to data packets sent to another person’s mobile.

In this case, it’s not just eavesdropping. If that person uses mobile banking services, he’s at great risk. Typically, banks use TAN codes (transaction authentication number) from a one-time pad or a similar random number generator device, commonly referred to as TAN generator. In case of mobile banking, the bank simply sends such a code called “mTAN” to its client’s mobile via a SMS (text) message that the user can enter in order to complete a transaction. In theory, this works perfect, unless someone else gets that mTAN message too and uses it first to do a large money transfer to an off-shore account…

The discovery was made by Ultrascan-AGI last April (2008), a securty analysis consulting company, when it detected that the eBay prices of that particular mobile phone when from 100 euros to 1.000, then to 7.500, then to 10000, reaching 25.000 euros in late April 2008. The firmware hacking was tested and confirmed, but Nokia never admitted any key leaks for the firmware.

More on this subject:

New site up and running!

“It’s alive…” (“Frankenstein” classic movie, 1931)

It’s finally here. I’ve managed to assemble tons of material, programs and code from almost 25 years back (before the Web was invented…), technical reports and academic assignments, and here it is. A special gift to my fellow students, friends and colleagues I’ve worked with throughout the years, plus a pool of teaching material for my students today.

This site was developed almost entirely on-line in Joomla 1.5 (MySQL/PHP). It has been a great experience, mostly due to the great documentation, exceptional coding of the 1.5.x platform and great availability of freeware modules and components that worked just fine. All the available material here is about 95 MB in total (33 MB for platform), including hundreds of files of reports, theses, source code and datasets.

Feel free to send me any feedback and comments, but please don’t make me explain any 20-year-old code that was written with ‘vi’ in VT100 terminals running EP/IX

NOTE: The site is currently in testing (beta) version and several pages are still under heavy construction or empty. Please stay tunned for frequent updates and of course feel free to send feedback on any bugs, broken links, etc.