Στην κβαντική κρυπτογράφηση που βασίζεται σε οπτικές ίνες, το μυστικό κλειδί που απαιτείται για την ανάγνωση ενός μηνύματος κωδικοποιείται σε κβαντικές καταστάσεις που αντιστοιχούν στα «0» και τα «1» της ψηφιακής πληροφορίας.

Η τεχνική αυτή θεωρείτο μέχρι πρόσφατα απόλυτα ασφαλής, δεδομένου ότι κανείς δεν μπορεί να μετρήσει τις κβαντικές καταστάσεις των φωτονίων χωρίς ταυτόχρονα να τις διαταράξει. Αυτό θα σήμαινε ότι ένας ωτακουστής που προσπαθεί να υποκλέψει το κλειδί κρυπτογράφησης θα επηρέαζε το σήμα και θα γινόταν αμέσως αντιληπτός από τον αποστολέα και τον λήπτη του μηνύματος.

Φαίνεται όμως ότι τα πράγματα δεν έχουν ακριβώς έτσι. «Η τεχνική μας μάς έδωσε 100% γνώση του κλειδιού με μηδενική διατάραξη του συστήματος» δήλωσε ο Βαντίμ Μακάροφ, επικεφαλής των χάκερ στο Νορβηγικό Πανεπιστήμιο Επιστήμης και Τεχνολογίας στο Τρόντχαΐμ.

Τα εντυπωσιακά αποτελέσματα της εργασίας του δημοσιεύονται στο περιοδικό Nature Photonics.

Όπως εξηγεί ο δικτυακός τόπος του περιοδικού, ο Μακάροφ «τύφλωσε» τον ανιχνευτή του παραλήπτη στέλνοντας στην οπτική ίνα μια σταθερή δέσμη λέιζερ με ισχύ 1 milliwatt.

Όσο η δέσμη παρέμενε ενεργή, οι χάκερ μπορούσαν να διαβάζουν την εισερχόμενη πληροφορία και στη συνέχεια να τη διαβιβάζουν στον παραλήπτη με παλμούς φωτός. Το σήμα που έφτανε στον παραλήπτη μετέφερε έτσι τη σωστή πληροφορία, ήταν όμως κλασικό σήμα και όχι κβαντικό. Αυτό σημαίνει ότι οι αρχές της κβαντικής κρυπτογράφησης έπαυαν να ισχύουν και ο ωτακουστής δεν γινόταν αντιληπτός.

«Εκμεταλλευτήκαμε ένα καθαρά τεχνικό “παραθυράκι” που μετατρέπει ένα κρυπτογραφικό σύστημα σε κλασικό σύστημα, χωρίς να το αντιληφθεί κανείς» εξήγησε ο Δρ Μακάροφ.

Η ομάδα του παραβίασε δύο συστήματα κβαντικής κρυπτογράφησης, ένα της εταιρείας IDQ με έδρα τη Γενεύη και ένα της MagiQ Technologies με έδρα τη Βοστόνη.

Οι δύο εταιρείες χαιρέτισαν την αποκάλυψη τρωτών σημείων στα συστήματά τους και σκοπεύπυν τώρα να βελτιώσουν τις τεχνολογίες τους.

«Παρέχουμε ανοιχτά συστήματα στους ερευνητές για να μπορούν να παίζουν, και χαιρόμαστε που το κάνουν» σχολίασε ο Αντόν Ζαβρίεφ, διευθυντής ερευνών στη MagiQ.

Οι δύο εταιρείες επισήμαναν πάντως ότι τα συστήματα που έσπασαν οι χάκερ δεν διαθέτουν τα επιπλέον επίπεδα ασφάλειας που υπάρχουν στα εμπορικά διαθέσιμα συστήματα.

Ο ίδιος ο Δρ Μακάροφ, επίσης, επιμένει ότι η κβαντική κρυπτογράφηση παραμένει η πιο ασφαλής που υπάρχει σήμερα. «Η εργασία μας θα οδηγήσει τελικά στην ισχυροποίηση αυτών των συστημάτων» είπε.

After reviewing the technological bits that make up ENUM, you might think it’s the best thing since the invention of the Web and e-mail, and you might want to know where you can sign up.

The answer (most likely) is that you can’t. A majority of nations haven’t activated their ENUM registries yet. Only nine countries have an ENUM registry in production, and another four are doing trials. Several other regions, like Australia and the North American Numbering Plan Region, have executed trials and subsequently stopped. Even in the countries that have an active ENUM registry, it’s not a very popular service. There are many reasons for this.

The main issue is that the ENUM standard (RFC 3761) demands that ENUM is a public service and that the control of the telephone number lies in the hands of the end-user. For this reason, it’s known as “Public-” or “User ENUM.” This is all in line with the Internet’s user- and endpoint-centric creed. This becomes quite clear if you read, for instance, the documentation of Nominet, which controls the UK’s ENUM registry (the +44 registry). It explicitly states that users can bypass their communications provider when they register in the ENUM registry. A significant amount of money is made by today’s telephony providers (be they traditional providers or ISPs providing VoIP bundled with Internet access). Telephony providers see User ENUM as a threat to their bottom line and are therefore not keen on introducing the technology nationally.

As a user, you may be able to do number portability, but it’s still their number and their telephony service. So, if you want to use ENUM then you’ll have to find a telephony provider that allows you to register your telephone number in the national ENUM-registry and is willing to receive phone calls to that number. In most countries, you’re referred to small operators and not the usual incumbents.

Even though the RFC says that ENUM has to be User ENUM by nature, this hasn’t stopped others from using the technology for less open purposes that do much the same thing. Because ENUM uses the Domain Name System, it can use the software used by DNS servers the world over and can benefit from some of the attractive features of the DNS. These features are high query rates, redundancy, and caching. Therefore, people have been using the technology behind ENUM to do exactly what ENUM does, but just in their own telecommunications network or in a non-public fashion between a group of networks. These options are known as Private ENUM and Infrastructure (or Carrier) ENUM, respectively. What these versions don’t require is long interactions with the ITU or national governments, or the RIPE NCC to be registered in the DNS -root. They can be implemented by a coalition of the willing, without outside interference in their business models.

Private ENUM isn’t too interesting, as it just sits in someone’s network, without connections to the outside world. Infrastructure ENUM looks like the place where ENUM will go in the coming years. There are various organizations that have defined services based on ENUM technology that are not open to the general public.

• The most notable and most powerful one is the GSMA’s Pathfinder service, which is based on ENUM technology provided by Neustar. Operated by the GSM Association, which represents almost 1 trillion dollars in revenue, it allows telephony operators the world over to interconnect IP-based services. Before you can join, you have to be vetted by the GSMA.
• There are various VoIP interconnection platforms (like Xconnect, Neustar, and the Voice Peering Fabric) that allow commercial VoIP providers to interconnect. They use ENUM as the lookup database to see if the number can be reached over their platform.
• National number portability databases (by, for example, Bahrain and the UK) will be ENUM-based. One of the great benefits according to this author in a paper for the ITU will be that it allows operators in these countries to quickly introduce new services. If a provider wants to introduce a new service, it can just register this in the NAPTR record and other providers can connect to that service, without the need for major upgrades to national number platforms.

The effect of all this may be that, in the coming years, ENUM will creep into every corner of the telephony world. Once it arrives in these corners, people will find new uses for the technology, much in line with the ideas of the standard’s original drafters. These ideas will be implemented more and more, especially when they can be tied to a new revenue stream or when the voice revenue stream diminishes in importance and the feature set becomes more important. The end result may be that every country will have a national number portability database based on ENUM with a feature set much like User ENUM, but with some restrictions on who can connect and under what circumstances.

Furthermore, ENUM may be in use in all kinds of coalitions between telecommunications companies on a global scale, hidden from sight for most people but still interconnecting us in many ways.

The brain simulation is a feat for neuroscience and computer processing—but it’s still one-eighty-third the speed of a human brain and is only as large as a cat’s. Will we ever get to truly capable artificial intelligence?

Scientists at IBM’s Almaden research center have built the biggest artificial brain ever—a cell-by-cell simulation of the human visual cortex: 1.6 billion virtual neurons connected by 9 trillion synapses. This computer simulation, as large as a cat’s brain, blows away the previous record—a simulated rat’s brain with 55 million neurons—built by the same team two years ago.

It was my first time facing critical problems in Leopard.Here is a small list with things to do in order to have a chance to fix your Mac.

• At first try to startup the system in Safe Mode.
• If you have logged in you safe mode system, do a backup of critical files and go to DiskUtility Application for Disk Check and Repair Permissions.
• If it is impossible to boot the system in graphical mode ( so you cat run DiskUtility app), Do a boot in Verbose Mode and try to see the problem.
• If nothing works, just get into Single User Mode and do fsk and mount rw.

For a complete table of boot combinations :

How to use OpenSSL to act as a CA to sign an IIS certificate request for SSL use

1. Create a certificate request via the Internet Services Manager under
'Directory Security->Secure Communication->Server Certificate'. This
is found under the property tab for the webserver you want to secure.
Follow the wizard to create a certificate request and fill up all
required details. At the end of the wizard, it will generate a
certreq.txt file. Move this to your favorite linux box (e.g Debian) or
run openssl under cygwin.

2. We now have to generate a private key using OpenSSL

openssl genrsa -des3 -out cakey.pem 2048

The process will prompt you to supply a PEM pass phrase to help secure the key.

3. Now we have to create a CA certificate for our bogus CA

openssl req -new -x509 -key cakey.pem -out cacert.pem -days 1825

4. Create the following directories in your home directory

demoCA
demoCA/private
demoCA/newcerts

Also create in demoCA a empty text file called 'index.txt' and a text
file called 'serial' with the numbers '01'

5. Move your private key cakey.pem to the demoCA/private directory
and cacert.pem to demoCA/

6. Sign our previously created IIS certificate request

openssl ca -in certreq.txt -out iis.cer

7. Open iis.cer in your favorite text editor (eg vi) and remove all the text
before the line '-- Begin Certificate --'. IIS is not able to handle
the text above that line and may get confused!

8. Move iis.cer back to your Windows machine and complete the

certificate request in IIS by importing the iis.cer file.

[HOWTO] Use Open SSL Cert in IIS

By using standrd  GIS information   ( for free – google maps etc..) and a set of API’s  that the new web application technology provides, its simple to create a useful platform for the community.

Such platforms can save lives in case of emergency ( watch the recent fires in Greece ).

Virtual Alabama Project

In the video is a presentation from Google’s website that presents the Virtual Alabama system.

Other applications will provide precision informations to the firefighters :

The Forest Service is now exploring ways to leverage the capabilities of Google Earth
and present fire specific data in the browser with Google Maps which also could be
used on mobile devices by firefighters at any location.

( A view from my workspace )