Book Review (April/2008)

I had been set target to read 1 books within 1 months which balance out ratio of 2:1 technical books and novels. Here is the list which i had finish reading and unfinished reading as well.

Finish Reading

Non-technical book

Digital Fortress : Author by Dan Brown (1999).

Comment : This book was quite interesting and fascinating which i think the combination of action and a bit of romance. The main character which I assume were Susan Fletcher the genius NSA Head Crypto and her fiance David Becker. This book mention a little inside of NSA. Since this was a fiction-based novel, of course there were several mistakes based on encryption and impossible crypto machine knowns TRANSLTR. The thing that i don’t like this book was, several scene seems kept repeating itself. For example, when it said that the commander (one of the characters of the novel) mention he wanted to go to shut down the “Impossible Machine” but it seems like it kept continue on and said, “Ok, Now i will be going down to shut it down”. I though you (Commander) already said that like few chapters before. Anyway, this is a really good book which i think only for person who interested and work in IT field.

Plot Twist
Susan Fletcher, a brilliant mathematician and head of the National Security Agency’s (NSA’s) cryptography division, finds herself faced with an unbreakable code named “Digital Fortress”, which is resistant to brute-force attacks by the NSA’s 3 million processor supercomputer dubbed “TRANSLTR”. The code is written by Japanese cryptographer Ensei Tankado, a fired employee of the NSA, who is displeased with the agency’s intrusion into people’s privacy. Tankado auctions the algorithm on his website, threatening that his accomplice “North Dakota” will release the algorithm for free if he dies. Tankado is found dead in Seville, Spain. Fletcher, along with her fiancé, David Becker, a skilled linguist with eidetic memory, must find a solution to stop the spread of the code.
References from Wikipedia.

Securing Wireless Access Point

If you have wireless router broadcast on your workplace or home, you might be at risk of intrusion. Yes! You might have configured your wireless router with password protected or using MAC filtering. None of both method provide bullet-proof solution. For example in my hometown, i got plenty of free wireless access which are not protected by password or MAC filtering. Most of them are not Tech-savvy user and the technician from the store their bought from never help them to protect the wireless router by educate or hints their consumers.

Nowadays, WEP cracking are so easy and tutorial are wide available to grab.

How about MAC filtering protection mechanism? Well, using MAC filtering does not protected data confidentiality when transmitting from your computer to the wireless router. Crackers can easily grab all information you had send from your computer to the wireless access point. For example, when you login to certain sites which was poorly design and use http authentication instead of https (using ssl) authentication, your password can be easily grab and exposed. Using tools like WireShark can easily analyze your network settings and data transmission. You might be wondering that since we are using MAC filtering protection, the attackers cannot be able to access our router because their Network Card MAC address was not being set in the router configuration. Thing are not as easy as you though.

First, what attacker needs to do was, to grab your or other computer Network Card MAC Address in your wireless network that had been set in the router configuration. Attackers can either perform packet injection (too advance skills) or use MAC Grabber to obtain the correct Network MAC address.

Then, with the list of Network Card MAC address, attacker can use tool like macchanger from Linux to change their MAC Address on their computer to the list of MAC address which their had successfully obtains. Now without any barrier he/she are now in your network and wandering around to collect information.

Below are some of the baisc solution to protect your wireless router being access by unwanted intrusion :
1. Change your WEP password every week or use WEP2 password protection instead.
2. Use combination of WAP and MAC filtering.
3. Broadcast thousand of fake AP (Access Point) where this might confused them which AP to connect.
4. Turn off broadcasting of your SSID
5. Use strong and long password for your wireless router login.
6. Check your wireless log every single day to see whether their were unwanted intrusion accessing your router.
7. If possible turn off your wireless broadcast if you don’t need so.

Web Personalization Technique

Regarding my previous post, i mention that i had been writing minor report paper based on Amazon Personalization. The paper already got marked and proof reading from my lecture. So below here is the summarize :

“Web personalization can be known as a way to tailoring the user’s need and improve user’s experience over the web. Recommendation products to the customers are often part of business strategy because it helps to maintain the relationship between the E-commerce sites and their customers. Not only it does cater for the users it helps companies profiling user’s browsing habits and purchase patterns through data mining or other techniques from web-usage logs. Companies then, used these data to generate statistic based on user’s behavior over nightly, weekly, monthly or yearly. With these statistic, companies now knows what their customer needs better without requiring them to ask their customers explicitly.”

Here is the Intelligent Web Personalization version.

Photoshop over the web.

If you don’t have photoshop installed on your Computer machine, your can consider trying out new Web 2.0 Cool Application from Adobe. You can edit your photo and their offer 2gb free hard drive space. Not only that, you can link those images to your blog. How cool is that. Currently it still beta version, that mean some functionality only offer for US Resident. But anyway, check the cool killer apps.

Try it out here.

Regards,
Charles.

Mysql Tips 1#

If you having trouble using mysql 5++ load data option and having an error message when issues that command
1. “ERROR XXXX: The used command is not allowed with this MySQL version” or
2. Denied access when trying to import csv file into your database table.

You might try looking something –local-infile. The default setting for –local-infile was off. You had to enable it by include in you mysql command.

For Example : mysql –host=.. –port=.. –local-infile –password=..
Then it should works now!.

For the second problem it might because the client you try to access is not root. It might be the privileges problem. Add the –local-infile line to the mysql command when you try to excute the user.

For more information you can refer to here : Load Data Error
For Connection Access Denied : Access Denied