Terms and Conditions

I am stayting at a hotel during my vacation. They have free wireless Internet. However you need to agree to their terms and conditions. I am interested in figuring out how they make your browser open up to their TOC page. However I did find the list of conditions interesting.

• Do not display disturbing images


• Do not do anything illegal


• Do not harass others


• Do not destroy stuff belonging to others


• Do not copy protected material


• Do not access any porn


• Do not bypass any security


• Do not install any viruses

They did try to provide some guidance if you need encrption. They recommended some third party virtual private networks (VPN). You should use SSL to access email. You should also make use of SSH. Use your computer's personal firewall. Make use of antivirus software. Don't open attachments.

The Case for Emacs

When I am on UNIX, I use vi for file editing. However I read an article today about emacs that was most interesting. It touted some of the emacs power that I would like to have at my fingertips. I tried emacs before. It just did not feel natural. Maybe it is time for another look.

One thing is certain. Emacs is not easy to learn. A key tenet of emacs is that you should be able to do anything by just pressing keys. There is not cut and paste per se in emacs. They have something like it though.

You can open a whole lot of files in emacs. They each get their own buffer. Emacs has a built in spell checker. Nice. It also has sophisticated undo and selective searching.

The list of emacs featues goes on and on. There is support for regular expressions. You can also execute shell commands directly from the program. I just may have to give it a try.

Best Things are Free

I just went through a huge list of free .NET tools. Thanks to Qink for providing the links. I chose the top four tools I thought you might be interested in. Here is the low down on these freebies.

DotNetZip can do everything you want with zip files. Any dot Net apps can use it. It even works undo Mono. You obviously need the .NET framework to use this thing. It is distributed as a DLL. You can make self extracting zip files with it. The tool even supports AES encryption. Damn. Get this now.

PDFSharp lets you create PDF files. It is open sourced under the MIT license. The routines to draw on the PDF file are the same types you use to draw on the screen (i.e. GDI commands). It supports transparent images. Nuff said.

Selenium is a tool to help test web apps. You can record a session using Firefox. Then you can play back what happened. Alternatively you can export the activity to your programming language for modification. Your app can then work with the Selenium server to play back the actions. Sweet.

Finally there is DocX. It allows you to create Microsoft Word documents. It is released as a DLL. DocX requries .NET and Visual Studio. All the Word goodies such as tables, headers/footers, and pictures are supported.

Hacking Tools

I have been talking about free tools recently. But instead of any old tools, I should focus more on hacking tools. Let's do that here.

Date Cracker 2000 gets you past most time sensitive software. You know. It pwns trial software that expires in 30 days. It also works on shareware. The tools is distributed "for educational purposes only". LOL. The authors have agreements with some software developers. So it won't crack all trialware. It can come in handy when you are coding up some software that expires.

PuTTY is an SSH client. It also does Telnet as well as xterm terminal emulation. The web site where you download it from has a warning. The software is illegal if encryption is illegal in your country. Weird. This program is better than the stock applications that come with Microsoft Windows.

The Advanced Port Scanner is a tool that runs on Windows. You enter an IP address or a range of addresses to scan. This program is fast because it is multithreaded. You actually specify how many threads you want it to run. The latest version of the program was released in 2006. You can save the options for reuse.

Some other tools of interest include nmap and p0f. They are a network mapper and passive listener respectively. Maybe I will review them in depth some time later.

More Free Tools

I just finished reading a post about the massive amount of plugins that are available for Notepad++. There were a bunch of them that sounded cool. The post states that these plugins can make developers ultra productive.

Notepad++ is a free application that replaces Windows Notepad. It runs only on the Windows platform. The app is released under the GPL license. It is written in C++, and uses raw Win32 calls plus the Standard Template Library (STL). This thing is fast.

Let's talk about the plugins themselves. XML Tools lets you edit XML files. The Compare Plugin shows you the difference between two files. Windows Manager shows the files you have opened in Notepad++. XBrackets Lite matches up brackets in your code. TopMost puts the Notepad++ window on top of all others always.

Open Source Tools

It seems like there are a lot of free open source tools out there in the security sector. I just read an article that listed 59 such tools. I checked most of them out. Some of them look worthwhile. I am going to highlight three of them here.

Take a look at Bacula for doing backups. You can perform the backup over a network. This tool is truly simple to set up. It is called "enterprise ready". This tool has its own conference. Damn. It is released in an AGPL license. Code is stored in Sourceforge.

How about AxCrypt? It is totally integrated into Windows. Right click to encrypt. Double click to decrypt. It does not get any simpler than that. Currently there are 2 million users of this product. The developers request a $5 or $10 donation if you love this software.

You may have heard of tcpdump for UNIX. Well now we have WinDump for Windows. This is a command line network analyzer. It needs the WinPCap library. It can deal with wireless networks. This software is being released under the BSD license.

Front Running

You want to register a domain for yourself. The first thing you do is search whether somebody else already owns the domain. The problem is that by doing the search, people get informed that you are interested. Registrars will then do some front running, actually registering the domain for themselves. Then you need to deal with them to buy it from them. That can be prohibitive.

What a sleazy business some of these registrars run. I have heard about this nonsense before. The trick to making sure somebody does not scoop up the new domain you want is to do the query against the actual registry database. Don't go through one of the registrars. Don't even do a Google search for the domain. Somebody is most likely going to snatch up your domain.

I thought about this problem a bit. Why not attack the source of the problem? Stick it to the greedy registrars. Let's flood them with a bunch of queries checking for domains. I can write a problem that comes up with random domain names and then checks them. If the cost to pre-register all these domain names is too high, perhaps they will stop this idiotic behavior. Sounds like a nice little project for me to code up. What language should I used?