Thursday, June 22, 2006

[Technology] Forever Lights: One Caveat

Forever Lights are a great, brilliant invention. In fact, any invention that uses alternative forms of energy are wonderful; hand-cranks, solar cells, magnets. Forever Lights—and their knock-offs—are flashlights which use one or more super-bright white LEDs instead of incandescents, which allow it to create pure, white (or bluish) light that remains cool and does not create heat, while also lasting—for all intents and purposes—forever without fear of burning out. Furthermore, Forever Lights use rechargeable lithium ion batteries instead of single-shot alkalines. Finally, the rechargeable batteries are recharged, not by plugging it into an outlet, but by simply shaking it. They have a powerful magnet inside which when shaken, passes through a tightly coiled wire. The magnetic field from the magnet passing through the coil creates electricity which charges the batteries.

To top it all off, if you get a good one (knock-offs are of poorer quality) they will also be waterproof. This makes these perfect for underwater use like in scuba diving or cave diving. A problem that many divers have feared is their flashlight batteries dying while they are down there (or other cave spelunkers above ground). With this, they just shake it a bit and they've got light again; wonderful. Nicer models even allow you to choose from using a single LED for less light up to three for a whole lot of light.

This is truly a brilliant device which uses human power instead of electricity. Another such device I've seen use a crank type device. These are great because they do not cost money for electricity or batteries, but also because since they use human power which when combined with the physical law that energy cannot be created or destroyed, just changed in it's form, means that it is a productive way to burn off some fat.

There is one warning about the Forever Light however. Because they use powerful magnets to create the electricity for the batteries, they cannot be used while working in or around computers, televisions, or any other device that uses magnets itself. You could very well wipe or at least corrupt disks or distort screens. For these tasks, a more traditional form of light is required but for everything else, Forever Lights are marvelous.

Tuesday, June 06, 2006

[Philosophy] No Such Thing As a Complete and Equal List

I have always had trouble with equally balanced lists; probably due to my obsessive compulsive disorder. A couple of years ago, I was auditing a University course (I believe it was a software project management course) when as usual, my mind wandered. After many years of trying to force it, it finally dawned on me that trying to make a perfectly symmetrical and complete list is literally impossible, it cannot be done, ever.

What does a complete list mean? Let's use an example to define it. A good example is billing. When entertainers perform shows with more than one star, one of them must get "top billing", that is, one of their names must come before the other; this is just the nature of a list. There is no way to list both names at the same time—just try to tell someone who the stars of the show are by saying both of their names simultaneously; you must say one before the other. Top billing is desirable because it implies importance. As a result, many co-stars end up arguing, even fighting over who gets top billing.

One solution is to give one top-billing, then follow it up by giving the other one top-billing. That way they each get top-billing. This does not work however because now one of them got top-billing first which is itself like saying that that person was more important, which is why they got it first.

You might propose to just balance it out by giving the second person top-billing first, in the next run, followed by the first person, and repeating, but this just ends up repeating itself. Let's represent this with symbols:

The original list with one name listed first:

The first solution, with the second person getting top-billing, but second:

The second attempt, with the second person getting top-billing first but in the second run:

The third attempt, the second person gets top billing but again in the second half:

One more try before giving up:

As you can see, once the list has begun and one item is listed before another, there is no way that the list can be completed and symmetrical/balance; you just get stuck in a recursive loop that grows forever. This is due to the nature of linearity. No matter what you do, A is the first item in the list and always will be! You could reverse the list so that B comes first or append the new items to the front instead of the back, but then we are in the same situation with all the symbols alternating yet never perfect:


Things get much worse with more than two symbols. The only list(s) that can be perfect are lists with only one symbol: A, AA, AAA, AAAA, and so on.

Unfortunately, there is no way to equally credit two performers, and there is no way to list two equal items. Even if you move into more dimensions there is still no way to present more than one item simultaneously.

[Computers::Security] Easy Rootkit Detection

An easy way to detect most rootkits is to use an old technology: DOS.

Most (read, pretty much all) rootkits require some sort of file component. In fact all malware requires some sort of file to be loaded to perform it's malfeasance. This is because malware is just software that does bad things and software means files. Even worms and other memory-resident applications require files at some point. This is why rootkits hijack directory listing commands to hide themselves.

So, how do you find files when they are being hidden? One way is to check the drive at a low-level, viewing the disk directly instead of using a file listing command. You can look at the disk and see if the entries in the cluster match up with the directory listing. This is a common method but has it's drawbacks. For one thing, a decent rootkit would be able to hijack sector-level disk access and hide it's entries just as it does with a directory listing command. Another problem is that it is difficult to use and can be unreliable.

Another easy to use method is to get a directory listing from within Windows, then boot into DOS mode and get another one, then compare the two. There are few if any DOS rootkits, but more importantly DOS is a lightweight, easy to control environment that can fit on a single floppy. This is important, because it means that you can ensure the integrity of a DOS boot disk because a minimal system needs just four files taking no more than 200KB. Make sure that the boot disk is reliable by making it from a secure system and then write-protecting it. Another option is to use a CD, for example a Windows 95/98 CD which allow you to boot to DOS.

To check for a Windows rootkit:

  1. Open a command prompt with the cmd command.

  2. Get a directory listing with dir c:\/s/a/o>d:\windir.txt.

  3. Reboot into pure DOS mode (do this ASAP after the previous step.)

  4. Get another directory listing with dir c:\/s/a/o>d:\dosdir.txt.

  5. Compare the two files (eg: WinDiff d:\dosdir.txt d:\windir.txt).

Obviously there will be some differences, since files are normally created, changed, and deleted while shutting down Windows. You'll have to use your best judgement and possibly a reference or the Internet to determine which files that are different are malicious. To minimize the noise, make sure to clean up any temporary files and such before getting the listing.

If there is no rootkit, then the two listings should be more or less the same. If there is a rootkit present, then the DOS listing will reveal the hidden rootkit files.

One drawback to this method is that the built-in DIR command returns the directory listings in different formats in Windows and DOS. As a result, it will be difficult to do a straight comparison of the two listing files. For example this is a listing made in Windows:

Volume in drive C is C-Windows
Volume Serial Number is 0123-4567

Directory of C:
Mar.03.03 03:03am 233,632 ntldr
Mar.03.03 03:03am 47,580
Mar.03.03 03:03am 193 boot.ini
Mar.03.03 03:03am <DIR> Windows
Mar.03.03 03:03am <DIR> Program Files
Mar.03.03 03:03am <DIR> Documents and Settings
3 File(s) 48,638 bytes
3 Dir(s) 123,456,789 bytes free

and the same in DOS (with DOSLFN for long file names on the right):

Volume in drive C is C-WINDOWS
Volume Serial Number is 0123-4567
Directory of C:
NTLDR 233,632 03-03-2003 03:03 ntldr
NTDETECT COM 502 03-03-2003 03:03
BOOT INI 502 03-03-2003 03:03 boot.ini
WINDOWS <DIR> 03-03-2003 03:03 Windows
PROGRA~1 <DIR> 03-03-2003 03:03 Program Files
DOCUME~1 <DIR> 03-03-2003 03:03 Documents and Settings
3 file(s) 48,638 bytes
3 dir(s) 123,456,789 bytes free

The formats are quite different and will require some reworking to make a comparison easy. One solution is to use a third party directory listing program instead of the built-in dir. A third party dir would give the listing in the same format in both Windows and DOS, just make sure that it can list anything, and everything (including hidden files, system files, volumes, etc.)

All software is limited and hackable, and malware is no different. With a little thought and the right tools, even a rootkit can be ferreted out.

[Science] No Evidence of Time Travel, Still Possible? Maybe

It occurred to me yesterday that I obviously will never acquire the ability to time travel (at least into the past) since I have no evidence of it. After all, if I ever do acquire the ability, then it does not matter at what point I do so (age 30, 60, 100, etc.) since whenever it does happen, I can always go back to any point in the past. The reasoning is that if I do acquire the ability to go back (presumably to help myself make my—uh, our—life better), then I would have done so and would know it. It does not matter if it happens tomorrow or 50 years from now; either way if I go back to my past then it has the same effect. Yet, I have never been visited by myself and so I clearly do not eveacquirere the ability in my lifetime.

However, that reasoning falls apart because there is no guarantee that if I dacquirere the ability, that I would come back to this point or any previous point in my life. It is entirely possible that for example, in 10 years I get the ability and then I come back in time tomorrow morning. Just because I have up until now, never been visited by my future self, does not mean that I do not eveacquirere the ability, since I did not need to come back this far. Tomorrow morning however is a different story, something may happen tomorrow morning which requires my intervention and so I will be visited by myself and thus know for sure that I do eventually come across the time-travel technology.

The point is that while there is no current evidence to support the idea that I will ever be able to travel back in time, it does not rule out the possibility since I may just not need to come back this far. This itrulyly the definition of "you never know what the future holds", since for all I know, tomorrow I may be visited by myself from the future who then helps to make my life better. It's impossible to completely rule that out withouentirelyly disproving the possibility of time travel altogether.

This page is powered by Blogger. Isn't yours?