Category: Technology

Competition Is Necessary…and Wonderful

Lorin Olsen

Crome's New Search Preview of Firefox v4b7

Over the past few months, Firefox has been smoked by Chrome, Safari and even IE9 (beta).  As of this morning, that finally changed.  The new Firefox 4 beta now showcases the new Jaeger Javascript engine.  And it is quite fast.
But the competition is not resting on its laurels.  There are new addons to preview search results w/o clicking through to the underlying page.  It’s a cool little feature that should help speed searches for many folks.  And it will certainly boost the page fetches for most sites.  I would guess that this will also boost the page rank for most Adsense sites.
So why do I care about these two browser features?  I care because it is proof that the browser competition is still active.  We will see brave new features and accelerated development as long as development stays active… and stays open to the public.
May the browser wars never cease.
-Roo

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

What Does Your Wife Think About Wardriving?

Lorin Olsen

For those who have read my blog for any amount of time, you already know that I am oddly fascinated with security.  Am I a certified information security professional?  No, I am not – at least, not yet.  Nevertheless, I have been fascinated by both the techniques and the ethics of hackers.
And that fascination is nothing new.  I installed my first WiFi access point last century.  And I have had WiFi access within my home ever since.  I did my first “war-walking” through my neighborhood in 2002.  Then, I had a laptop an a PCMCIA card.  And it was fun to know just how few of my neighbors had installed WiFi into their houses.  Those that had taken the plunge were woefully under-secured.
But things sure have changed in the last decade.  Now, over half of my neighbors also have WiFi.  And more importantly, most have some form of security on their networks.  At the same time, the tools I use have also changed.  I now have a Droid 2 phone.  And I am using tools like Wardrive and Wigle Wifi.
I have done two simple “wardriving” runs since I got my Droid 2.  The first was on a car drive coming home from work.  The second was on a bike ride to work.  What fascinated me was just how many access points I found within such a small area.  And more startling was the fact that I had found a thousand “new” access points and networks.  [Note: “New” means that wigle.net did not have a record of this device at the specific GPS coordinates that I provided.]
After a very long day yesterday, I decided not to ride my bike home.  I just didn’t have the heart to fight traffic after eleven hours at work.  So I rode home with my wife.  And I talked to her about my day.  When I told her that I had done some wardriving, she was appalled.
As a geek, I was perplexed by her response.  When I was riding my bike and collecting data, I was just inventorying the packets that were available from the street.  And I was not even trying to probe the defenses of these networks.  I was just cataloging the packets that my phone collected as I rode by.  Nevertheless, my wife thought that I was doing something nefarious.  I bristled at her “lack of understanding” of the simple and innocuous inventory I had collected.
But after several hours of thinking about her comments, I think I can understand her objection.  Most of the people that have WiFi access points have no idea about computer security, licensed and unlicensed RF spectrum, existing law (in the form of local, state and federal statutes) or even the curiosity of hackers.  What these users are doing is simple: they are using their home systems to perform simple tasks.  And they are expecting a certain degree of privacy – even if they are doing the equivalent of electromagnetically shouting through their windows.  Basically, people are assuming and expecting privacy.  And to collect their carelessly scattered packets is a violation of an implicit trust arrangement.
But was I a party to that trust arranggement?  No, I was not.  Nor were these people’s neighbors party to any such agreement – either implicit or explicit.  Nor was Google a party to this implicit agreement.
Nevertheless, I can hear my wife blaming Google as well as blaming myself.  Is she right?  As a geek, I scream my objections to her misunderstanding.  But when I really consider her argument, she may very well have a point.  Yes, these people are ignorantly casting their data out into the air and onto the streets.  And I willingly picked up that data.  Am I attempting penetration of their networks?  Of course I’m not doing that.  But I am sifting through the junk they are throwing out.
I’ve come to a simple conclusion: I wasn’t “wardriving” at all.  Instead, I was doing the equivalent of electronic dumpster diving.  They are leaving important trash un-shredded.  And I am rummaging through their ignorance.
Should I stop collecting such small and insignificant packets?  After all, I am not doing anything illegal.  Nevertheless, I must now carefully consider my wife’s thoughts before I do my next “wardriving” run.
And even more importantly, I must rethink whether or not this activity become illegal/immoral when someone like Google does it.  It may be tenable when it is done by a lone and curious geek.  But does it become something more “sinister” when it is done by a large and “menacing” corporation?   I don’t know.  But I’ll have to think about it.  What are your thoughts on the matter?
-Roo

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Coincidence and Convergence

Lorin Olsen


It’s a Saturday.  That means I can play with things at home.  This weekend, my wife is in Houston with my oldest daughter (Meredith).  Bailey came home to “help” me with Jayden.  Of course, that means that she is out with her boyfriend – and I’m here alone with Jayden.  [Please know that this is very cool with me as my grandchild is a gem.]
But it is Saturday.  So I have to play with some kind of technology.  Earlier this week, I watched the new Iron Man 2 on Blu-Ray.  But before the movie began to play, I got a popup on the TV about a new firmware load for the Blu-Ray player.  So I loaded the firmware, rebooted the player and watched the movie.
But Saturday is for play so I had to know what had been loaded.  I went to the menu and noted that the Viera menu on the player had been updated.  OK, that must mean a problem was fixed, a feature was added or both.  I didn’t see anything in the Amazon Video on Demand screens.  But I did notice a “More” button that seemed new.  So I pressed it.
Lo and behold, there was now a menu option for Pandora.  For those who don’t know what Pandora is, you probably need to browse the web more often.  Pandora is an excellent streaming music service.  Yes, it plays your music – or music that someone thinks that you might like.  It is fairly good at picking music that I like.  But I like almost any music.
So I logged into Pandora and now I can stream any of the playlists/channels that I want to hear.  There is a fairly good on screen menu.  But most importantly, it plays the sound through my Blu-Ray player – which is hooked into a fairly good audio system.
Now I have good sounds whenever I want them.  What started as a good computer service has now morphed into a service that I can use with my home entertainment complex.  This is very cool convergence – and I wouldn’t have even noticed this except that I noticed the firmware patch that Panasonic released.
-Roo

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Secure Access…On the Go

Lorin Olsen


For the past few years, I’ve enjoyed the ability to log onto my home system while I’ve been at work.  The process was simple: I would launch PuTTY from my USB drive.  From there, I’d set up a encrypted tunnel through my router to my primary home system.  I would then use a VNC client to tunnel my desktop access through SSH.  But all of that changed when I started my new job.
At my new employer, I was no longer able to use SSH to access my home system.  I totally understand why port 22 was blocked.  But I really didn’t want to start tunneling stuff through DNS.  Fortunately, my new phone provided the answer to my need for desktop access.  After doing a bunch of research, I decided that I would use ConnectBot and androidVNC on my Android phone.
But there are always hiccups when doing something new.  At first, I had trouble with public key encryption to my home system.  I would never back down from this requirement.  So I let the issue sit until I had a few more hours to fiddle with parameters.  And tonight was that time.
I tried to use my existing public keys.  But that strategy was fraught with trouble – i.e., I couldn’t get it to work.  So I decided to reverse polarity on the device.  OK, I’m not Scotty.  But I decided to generate the key on the phone (via ConnectBot) and mail the public key component to myself.  I then imported the key into WinSSHd.  Unfortunately, this didn’t solve the problem.
So more research revealed that WinSSHd only supports ‘xterm’ emulation.  So I updated my ConnectBot settings and tried yet again.  And voila, my phone could connect to my home system.  So I had a command prompt.  And everything looked good.  But the job wasn’t done yet.  I wanted full screen access.  So it was time to do more research.
It was easy to set PuTTY up on my desktop.  I just needed to find out where the options were in the ConnectBot tool.  Enter the work of Wayne Perg.  His excellent tutorial pointed me to the port forwarding directives in ConnectBot.  Within a few minutes, I reconfigured androidVNC.  I am now able control my desktop from my phone.
Folks, technology is fantastic.  And it is even more fantastic when you can find the answers to your questions through the previous work of others.  If there is one thing I can still teach my kids, I hope that I can help them to use Google (or other search engines) to find real answers.  The truth is out there.
-Roo

A Little Bit of Firmware Magic…

Lorin Olsen


My Droid 2 is one month old.  And up until a few minutes ago, I was happy but not ecstatic.  That’s because I could never connect my D2 up to my home WiFi network.  Since this wasn’t my number one priority, I let the situation fester until I had a few moments – and a need to have more bandwidth at home.
Well, the time came tonight.  I had a few hours and I have been toying with the idea of rooting the D2.  I haven’t done that yet.  If I do, you will be the first folks I tell.  But I knew that if I wanted to do his, I’d need to download a lot of stuff to the phone.  So the guantlet was thrown down and I eagerly picked it up.
I did the simple stuff first:

  • I turned off MAC filtering as I didn’t know what MAC address my phone used.
  • I enabled SSID broadcasts.
  • I stepped down my default encryption to WPA.

None of these solved the problem.  So I started to do some research.  Unfortunately, there was nothing obvious in Google about DD-WRT incompatibilities that prevented Motorola D2 devices from connecting.
But I did see enough to make me scratch my head.  I thought, “what if the beta build I was using was to blame for the inability to connect.”  So I went to the DD-WRT site and noted that I was on an April test build.  I grabbed the latest build (i.e., 14896 from August).  And what to my wondering eyes did appear, but a connected D2 and a wh0le lot more cheer.  Folks, I truly love being able to research my own problems and solve them myself.  This is what systems analysis is all about.
BTW, it really is nice to have so much more bandwidth for the phone.  I can’t wait for 4G to become ubiquitous.
-Roo
 

I Really Love Technology

Lorin Olsen

This isn’t the first time you will hear me say that “I Really Love Technology.”  But it’s true.  In March of this year, I got a chance to remember how technology has saved my life.  I had my first defibrillator replaced at that time.  I got a shiny new Medtronic Virtuoso II unit.  And things were fine for over six months.
And then I got a new bike.  OK, it isn’t the bike’s fault.  But it always seems that I find out more about these units when I’m cycling.  And here is where the story begins…
Eight years ago, I was riding my bike when I learned that there was a problem with the lead that was inserted into my left ventricle.  That problem resulted in a total of eight (8) unnecessary shocks.  And the resolution was a surgery to have the leads replaced.
Last week, I was riding home from work when my new ICD proved its existence by nudging me with a 300V shock.  OK, it wasn’t a nudge.  It was more like a really big th-wack in the middle of my chest.  But it only happened once.  After making it home, I sent the digital data via modem to my cardiologist.  And the EP tech told me I had experienced another inappropriate shock due to t-wave over-sensing by the ICD.
If you take a look at the EKG strip (above), you will see what happened.  My heart was beating at about 130 bpm.  But my device thought that my heart was beating at over 200 bpm.  So in the first row, you will see where the device tried to pace my heart back down to a “normal” rhythm.  And in the second row, you see what happens when your heart get a 300V shock.
So I went to the cardiologist today.  The EP tech and a kindly Medtronic tech sat with me and re-programmed my ICD.  It was no big deal.  It took about five minutes of real work and about fifteen minutes of discussing everything with the overly curious patient.  The device was reprogrammed to ensure that my t-wave won’t be mis-identified as a QRS-wave.  I then asked for a printout of the strip so I could post it for your review.
Two dozen years ago, I would have died – on numerous occasions.  A dozen years ago, I might have gotten an ICD; but I wouldn’t have been able to maintain my active lifestyle.  Now I have a next-generation device.  And this technology will someday save my life.  It is quite cool.  It can communicate wirelessly.  It can be reprogrammed while I’m awake and sitting in a chair wearing my normal clothes.  And I can be part of the entire process.  Couple that with the computer technology in my house and I can share part of the experience with you.
But despite all of the advances found in this device, I still live with the product of man’s ever-increasing knowledge.  It’s not perfect.  But it does save lives.  And with each generation, we know more and more.  But as I think about the Creator who designed and built us, I realize just how far we’ve come – and just how far we have to go to approach the healing power that is in His hands.  I really like my doctor.  But I really love my Creator, my Savior and my Lord.
Last week, I got a tangible reminder of how fragile and how temporary my current life is.  Tomorrow, I am on my bike again.  And I will be reminded of what a blessing every day truly is.
I want to thank each and every one of you for the prayers you’ve raised before our Lord.  He has heard them.  And He has answered your prayers through technology, through doctors and through His unparalleled mercy and grace.
-Roo

What’s On Your Home Screen

Lorin Olsen

Now that I have a smartphone of my very own, it’s time to highlight what is on my home screen.  But before I do that, I need to note how I got the screen capture.

For those who have rooted their system, the process of a screen capture is quite simple.  But for those who are still clinging to a stock firmware build (like me), the process is slightly different. Nevertheless, the process is relatively straightforward.  You need to update your device driver on the computer system that will be connected to your phone.  Then you need to download and install the Android SDK.  Finally, you need to make sure you update your copy of the Java Development Kit.  [Note: The current Java build as I write this is JDK SE 1.6.21.]  The entire process is fully documented over at Simple Help.  And the results of my first screen capture are shown above.

So what do I have on my home screen?  Well the current favorite apps are as follows:

Location-based tools: Navigation (from Google), Places Directory (from Google), Yelp, and Foursquare.

  • With Navigation, my phone can literally answer the question of “Where Do I Want To Go Today?”  And it can tell me how to get there.
  • I use Places and Yelp to find cool places to visit and explore.  Places is very simplistic.  But its simple approach saves time when you’re in a hurry.  And for those times when you absolutely, positively need to know everything that is around you, Yelp is an astonishingly good tool to find all the hidden things that are close by.  Finally, I am like many techophiles.
  • I use Foursquare to tell folks where I am.  And I have fun trying to be the mayor of someplace other than my household.

Messaging Tools: Google Voice (from Google), GMail (from Google), Text Messaging (from Google), and Seesmic.

  • I use Google Voice for all my voice integration needs.  Indeed, it is my voicemail – even for the mobile phone itself.
  • As everyone know, GMail is my email client.  I love and use it for everything – including integrating other mailboxes across the net.
  • I used Text Messaging for just that: texting.  For the most part, SMS messaging is a dying art.  But my kids still use it a great deal.  I use Google Voice for most of my SMS needs.  But if someone does send an SMS message to my carrier, this app fills the bill.
  • Finally, I use Seesmic as my main tool for Twitter.  Have I used other tools?  Of course I have.  But Seesmic is always current.  It allows me to integrate multiple Twitter accounts.  And it look quite good.

Commerce-related Tools: Mobile Banking (from BoA, of course), Barcode Scanner (from Google), AppBrain, and Google Goggles (from Google).

  • I like having instant access to my bank statement.  So the banking app is self-explanatory.
  • The barcode scanner allows me to read UPC codes and determine the best prices in my local area.  It also reads QR codes.  So you can point your phone at a QR code and jump to the URL embedded within the code.
  • The AppBrain tool is an excellent market system for Android apps. It won’t replace the Android market. But AppBrain has a great review system to go along with the software inventory it houses.
  • Finally, I do use Google Googles to take pictures of things and see what the web has to say about the things that I snap pictures of.

Words and Thoughts: Dolphin Browser, Congress (from Sunlight Foundation), Kindle (from Amazon) and DailyBible (from Joansoft).

  • The Dolphin Browser runs circles around the basic Android browser.  When I needed to download an email attachment whose extension wasn’t registered, the basic browser failed while Dolphin succeeded.
  • Congress is an exceptional app that can tell you how your representatives are doing in Washington.  You can see pending and passed laws.  You can see what your Congressman or Senator has done.  And you can get their direct phone number – and call them directly.
  • The Kindle app is an excellent tool for e-reading.  For me, I have downloaded a few important books – but not my whole library.  For that, I still need my Kindle.
  • Finally, I use DailyBible to ensure that I geta great Bible verse to start each and every day.

There are a few other apps that I should note.  First, I use NASA’s Astronomy Picture of the Day (APOD) for my screen saver.  I use ConnectBot to securely log into my servers at home.  I use Astro to perform miscellaneous file management tasks.  I use the Astrid Task Manager for my day-to-day task entry. I use Google Sky Map for really cool nighttime star-gazing. I use Pandora for streaming music. Finally, I use Shazam for recognizing music and buying miscellaneous songs while I’m on the go.

All in all, my Droid 2 is getting a good workout.  I’ve even updated the SD card already.  This is so reminiscent of PC systems in the nineties.  It’s kind of like the wild west and Star Trek – all at the same time.  I guess that means that the first movie I must play on my phone will be Joss Whedon’s “Serenity.”

-Roo

What's On Your Home Screen

Lorin Olsen


Now that I have a smartphone of my very own, it’s time to highlight what is on my home screen.  But before I do that, I need to note how I got the screen capture.
For those who have rooted their system, the process of a screen capture is quite simple.  But for those who are still clinging to a stock firmware build (like me), the process is slightly different. Nevertheless, the process is relatively straightforward.  You need to update your device driver on the computer system that will be connected to your phone.  Then you need to download and install the Android SDK.  Finally, you need to make sure you update your copy of the Java Development Kit.  [Note: The current Java build as I write this is JDK SE 1.6.21.]  The entire process is fully documented over at Simple Help.  And the results of my first screen capture are shown above.
So what do I have on my home screen?  Well the current favorite apps are as follows:
Location-based tools: Navigation (from Google), Places Directory (from Google), Yelp, and Foursquare.

  • With Navigation, my phone can literally answer the question of “Where Do I Want To Go Today?”  And it can tell me how to get there.
  • I use Places and Yelp to find cool places to visit and explore.  Places is very simplistic.  But its simple approach saves time when you’re in a hurry.  And for those times when you absolutely, positively need to know everything that is around you, Yelp is an astonishingly good tool to find all the hidden things that are close by.  Finally, I am like many techophiles.
  • I use Foursquare to tell folks where I am.  And I have fun trying to be the mayor of someplace other than my household.

Messaging Tools: Google Voice (from Google), GMail (from Google), Text Messaging (from Google), and Seesmic.

  • I use Google Voice for all my voice integration needs.  Indeed, it is my voicemail – even for the mobile phone itself.
  • As everyone know, GMail is my email client.  I love and use it for everything – including integrating other mailboxes across the net.
  • I used Text Messaging for just that: texting.  For the most part, SMS messaging is a dying art.  But my kids still use it a great deal.  I use Google Voice for most of my SMS needs.  But if someone does send an SMS message to my carrier, this app fills the bill.
  • Finally, I use Seesmic as my main tool for Twitter.  Have I used other tools?  Of course I have.  But Seesmic is always current.  It allows me to integrate multiple Twitter accounts.  And it look quite good.

Commerce-related Tools: Mobile Banking (from BoA, of course), Barcode Scanner (from Google), AppBrain, and Google Goggles (from Google).

  • I like having instant access to my bank statement.  So the banking app is self-explanatory.
  • The barcode scanner allows me to read UPC codes and determine the best prices in my local area.  It also reads QR codes.  So you can point your phone at a QR code and jump to the URL embedded within the code.
  • The AppBrain tool is an excellent market system for Android apps. It won’t replace the Android market. But AppBrain has a great review system to go along with the software inventory it houses.
  • Finally, I do use Google Googles to take pictures of things and see what the web has to say about the things that I snap pictures of.

Words and Thoughts: Dolphin Browser, Congress (from Sunlight Foundation), Kindle (from Amazon) and DailyBible (from Joansoft).

  • The Dolphin Browser runs circles around the basic Android browser.  When I needed to download an email attachment whose extension wasn’t registered, the basic browser failed while Dolphin succeeded.
  • Congress is an exceptional app that can tell you how your representatives are doing in Washington.  You can see pending and passed laws.  You can see what your Congressman or Senator has done.  And you can get their direct phone number – and call them directly.
  • The Kindle app is an excellent tool for e-reading.  For me, I have downloaded a few important books – but not my whole library.  For that, I still need my Kindle.
  • Finally, I use DailyBible to ensure that I geta great Bible verse to start each and every day.

There are a few other apps that I should note.  First, I use NASA’s Astronomy Picture of the Day (APOD) for my screen saver.  I use ConnectBot to securely log into my servers at home.  I use Astro to perform miscellaneous file management tasks.  I use the Astrid Task Manager for my day-to-day task entry. I use Google Sky Map for really cool nighttime star-gazing. I use Pandora for streaming music. Finally, I use Shazam for recognizing music and buying miscellaneous songs while I’m on the go.
All in all, my Droid 2 is getting a good workout.  I’ve even updated the SD card already.  This is so reminiscent of PC systems in the nineties.  It’s kind of like the wild west and Star Trek – all at the same time.  I guess that means that the first movie I must play on my phone will be Joss Whedon’s “Serenity.”
-Roo

These May Be Your Droids

Lorin Olsen

With the new job came a need for a new phone.  The natural and obvious choice for me was the Verizon Droid 2.  Why was it obvious? That’s easy: we are now replaying the ascendancy of Microsoft over Apple that culminated in 1995.
This time, Google is playing the part of Microsoft.  Google has the more “open” platform.  No, I’m not talking about open source.  But I am talking about the fact that Android runs on far more platforms.  Because of this, it is open for others to use, customize and extend.  And this fact places Android in a position where it can claim both continuing market share growth as well as increasing developer loyalty.
Is Google still interested in a competitive advantage over Apple?  Of course it is.  And is Google gaining the attention of regulators as well as state and federal judiciaries?  It most certainly is.  If you’re not sure of this fact, just read the headlines.
But this is all political theater.  For me, I wanted the platform that would be the most “open” to new apps and new possibilities.  And I wanted a platform with more developers.  While Android isn’t there just yet, it will be there very shortly.  And for now, I can do everything I want with Android.
So here is my application manifest:

  • Advance Task Killer: A good utility to kill errant processes
  • Amazon Browser/Store: ‘Nuff said
  • Astrid Tasks: A great (and simple) task manager
  • Astro: A oool file manager for Android
  • Astronomy Picture of the Day: Great pics make great backgrounds for my smartphone’s desktop
  • Bookmarks to SD: Great bookmark manager for the Dolphin Browser
  • Chrome to Phone: Post links from my desktop instance of the Chrome browser
  • Congress: A phenomenal tool to know what your representatives are doing while in DC – and how to contact them (to provide praise or criticism)
  • DailyBible: A great little verse-of-the-day program
  • Dolphin Browser HD: A phenomenal browser
  • Google Goggles: This tool allows you to take pictures and have your phone scour the Net for info about the picture you take.
  • Google Voice: Great tool for consolidating your voice communications needs
  • Kindle for Android: I love my Kindle – and I’m glad to have some of my books on my phone (e.g., the NIV Bible).
  • Mobile Banking (for BoA): Great way to check your balances
  • Seesmic: A great cross-platform Twitter client
  • Shazam: An audio tool that can identify songs and even buy MP3 instances for your phone
  • WordPress for Android: Blogging just got a whole lot more mobile

And these apps are just the apps that I’ve added.  There are a plethora of apps that come on the Droid 2 itself.  Chief among them is the Barcode Scanner.  This app is fantastic.  You can use it to scan any UPC symbols and bring up a wealth of important data – including where it can be purchased and for what price.
I’ve also been impressed with the Navigation tool.  This tool allowed us to find a bike shop in Pittburg, Kansas.  And it also let us know that the store was closed Saturday because the store was sponsoring the Gorilla Century Ride.  Next year, I think I’ll have to do this ride with my son!
So am I psyched about my new phone? Absolutely, I am. Would I recommend it for other people? Well, I just bought another Droid 2 for my wife (who is replacing a BlackBerry Storm).  So we now have double the pleasure of Android at the Olsen residence.  So far, Cindy likes the phone almost as much as I do.
If you need a new phone, get an Android phone. If you need a phone with a real keyboard, consider the Droid 2.
-Roo

A Maze of Twisty Passages…

Lorin Olsen


I am definitely an old school gamer.  My son plays games like Modern Warfare 2 and Left 4 Dead 2.  But I started when games required thought and not just lightning-fast reflexes.  And one of the very first computer games I remember was Colossal Cave.  I first played it on an IBM S/370 that ran MVS and TSO (i.e., Time Sharing Option).  But some of my most favorite memories of the game were when I played it on the Heathkit H89 PC that I soldered together with my own hands.
And there was one part of the game that always fascinated me: the maze of passages.  Actually, there were two such mazes: one had twisty passages that were all alike and the other had twisty passages that were all different.  And in these tunnels, you could either become lost forever or find the pirate’s treasure.
So what does this game have to do with anything?  It’s simple: the use of tunnels can lead to frustration or it can lead to treasure.  For today, I’m going to talk about tunnels that can be used for treasure.
Most of us know about one form of tunneling or another.  Many people use (or know about) SSL tunnels and/or IPSec tunnels.  These kinds of tunnels are commonly used by many folks who must use VPN technologies to access resources that are secured behind corporate firewalls.   Most people have no real idea of what is going on “behind the scenes” when they use their corporate VPN’s.  But the basic premise is simple: one kind of data that is commonly blocked can be “wrapped” within another kind of data that can be allowed to pass.  Think of this as the knife in the birthday cake.  The guards won’t allow the knife to be given to a prisoner.  But the guards can be fooled if the real payload is hidden from sight.
Of course, this analogy is simplistic – and somewhat deceptive.  Tunnels are not used just to hide nefarious objects from the prying eyes of the world.  They are more commonly used to control the kinds of data that passes the sentry points in a system.  Think of it this way: if the cargo hole in a ship is shaped like a square, then valid cargo must also be shaped to accommodate the size and shape of the square entryway.
For those who have a little more knowledge, there are other forms of tunnels that are commonplace.  For example, SSH tunnels are de rigeur for most system administrators.  SSH tunnels can be associated with commercial tools (like VanDyke’s Secure Shell or BitVise’s Tunnelier).  But they can also be used with open and freely available tools (like sshd and PuTTY).  I use SSH tunnels for so many things.  SSH is used to secure my router.  It is also used to securely access my home systems from any location on the Internet.
But amongst those who work with security for a living, there are many other forms of tunneling – some widespread, others obscure.  For years, TOR (The Onion Router) has been used as a means of anonymous (and encrypted) browsing.  And TOR has often been used with local proxies that ease the burden of tunnel configuration and workload separation.  But recently, the use of TOR and local proxies has gotten a whole lot simpler.  You can now downlod a single package that will install and configure a browser, a proxy and TOR onto a portable platform (i.e., a USB key).  In this kind of configuration, you can insert a USB device into almost any system connected to almost any public hotspot.  Once the browser is launched, you can commence anonymous and secure browsing of the Internet.
And these tools can now be combined with all sorts of other tunneling tools.  For example, you could tunnel TOR traffic within SSH and then forward it across a DNS tunnel.  This would allow you to bypass most content filters established on the networks to which you might be connected.
Is this cool technology?  Most definitely it is.  Can this technology be used for good things?  Of course it can.  Consider an evangelist within a repressive country.  Such a person can connect and communicate with others within his country or with those who are outside his country.
But can this technology also be used for nefarious purposes? In candor, it certainly could be used for illegitimate purposes.  But I think of these kinds of technologies in the same way that I think of freedom of speech.  We must allow gross and unseemly speech if we want to have any freedom of speech.  Otherwise, our speech (however comely and delightful it might be) could be considered objectionable – and hence, controllable.
So what should we do about the maze of twisty passages?  In my narrow view, I must come down on the side of allowing such technologies.  They can be used for good or “twisted” into unacceptable uses.  Of course, the same thing is true about guns.  They can similarly be used for unsavory purposes.  But the protection of our liberties will lie in our ability to use tools that allow us to secure and protect individual liberties – even when this means that the state will have a more difficult time dealing with the criminals.
-Roo