Jump to content | menu | search engine

Sunday 18 June 2006

How NOT to wire a mains cable...

Yesterday I was doing some shopping in Paris when I came across the following advertising sign:

cable badly wired

(sorry for the very low quality of the picture; it has been taken with my cellphone as I didn't think I'll encounter such a "thing" to photograph ! I'll take one with a real digital camera ASAP...)

As you can see (circled in red), the owner of the shop (or his electrician or ...) removed the insulation layer from the mains cable coming out from the wall and from the two bare wires coming out from the electric sign, twisted the cables two by two, and isolated his ugly twisting with scotch tape...

No need to say that it is a very dangerous installation and that it is against the most basic safety rules !

Monday 12 June 2006

Stupid spammers

As you may have noticed, I didn't post on this blog for a few weeks, because I am having a hard working period at school...

This evening I looked at the DIY directory to see if everything was fine and to my surprise I found more than 400+ trackbacks in one of my posts... all from spammer's websites.

What is funny is that these spammers do not even know that they are having a hard time making bots that posts on blog for... nothing. DotClear, the blog engine that I use, automatically append a special invisible tag to every link posted by the users: the rel="nofollow" tag. This tag prevent the search engines to use the link in their rank calculation algorithm. For more informations, see the post about how to prevent comment spam at the official Google blog.

I was able to implement some preventing systems in the DIY directory blog engine thanks to the informations provided in several blogs (in French - sorry):

Thanks to these small modifications, most of the spams will be filtered out (at least for some weeks...), and user experience is not modified, i.e. you won't have to deal with unreadable CAPTCHAs to post a simple comment.

UPDATE (June, 18th 2006): A few days ago I made a modification to Sacha's script allowing blog owners to be notified when a trackback is notified. My modification has been included in his script and is currenctly being tested here.

Sunday 16 April 2006

The blog worm


Tuesday 11 April 2006

The poor man's RAID array

With the constant increase of the available bandwidth for consumer broadband Internet connections, people are starting to download more and more stuff (music/videos but also pictures, software, e-books, ...). Furthermore, digital cameras or digital camcorders are starting to be quite cheap. With all these new electronic toys, we need more and more storage available. Hard disk drives are available up to 500 GB, but that's for an high-end drive, and what happens if the drive fails ? You loose 500 GB of data, personnal photos, and so on. Not funny.

Commonly used in servers, RAID arrays offer an elegant solution to prevent loosing data in case of a hard drive failure while giving a lot of storage space. A RAID setup consists of a RAID controller, connected to several hard drives (from 2 to many). The RAID controller can then use the hard disk drives in different ways, according to what the system administrator decided, each way corresponding to a certain level of security and available space. Typically, the more security you have, the less space you have, because fault tolerance is achieved by storing special data in one or more hard drives, thus these hard drives can no longer be used to store real data. For more information about how RAID works, check out this page at the Advanced Computer & Network Corporation website.

For example, in a RAID 5 array, you have N+1 drives of equal C capacity. These N+1 harddrives will be seen by your computer as a single drive, of capacity N*C. There is some capacity that is lost because of the parity system that allows to find the data even if a single hard drive is faultly. RAID 5 offer a good security level at a very moderate cost. The problem is that RAID controllers are typically expensive, and it's the same for the physical arrays used to store the hard drives.

A wise guy at Inventgeek.com took a metal case, some cheap SCSI drives bought on eBay for a few dollars each, and a SCSI RAID controller also bought for a few bucks. He then simply screwed the drives in the case, and powered them with a big fat power supply unit. Simple ? Yes, for sure. But it's usually the simplest ideas that are the hardest to find, especially when they are elegant. Undoubtly, this one is.

raid case photo

Check out the project description !

Thanks to the Inventgeek.com team for allowing me to put the picture of the RAID array in this post.

Monday 10 April 2006

Ladyada's SpokePOV

You have probably already seen one of these nice POV (Persistence Of Vision) clocks, that quickly move some LEDs in the air to display the time, giving you the impression that the imte is floating in the air...

Today I came across a nice POV gadget: the SpokePOV. By attaching a row of leds to each of the wheels of your bike, you can display some nice pictures and even some simple animations. Unfortunately each wheel can display only one color, but it's still enough to do some pretty good looking displays :

[waiting for the right to put a picture here]

You want one ? Guess what ? Some kits and parts are available here.

Thanks Ladyada for sharing this great concept with us ! :)

Sunday 9 April 2006

Sockmaster's fridge lights

Take a few LEDs, a few magnets, some spray conductive paint, and some other common do-it-yourself gear, and you may end up with the pretty cool fridge lights of sockmaster as seen on this page.

I'd like to say more about it, but I have to to build one like that right now ! It's so cool !

PacMan caracters Fridge Lights written in the dark
Some fishes Some fire

The photos in this post are from sockmaster and are published here with his kind permission.

Friday 3 February 2006

Otherpower's homemade wind turbine

Sometimes there is a power outage there and there. Generally it happens when there is a combination of high wind speed and snow. Thus, wind is generally considered harmful by electricians, although you know that it can be used to produce electricity. What you do not know, however, is that you can make your own wind turbine out of a few pieces of wood and metal.

Even more interesting, you can find a four page guide explaining how to do that on Otherpower website, here. This wind turbine has very good performance as it can easily produce 2kW, and up to 3,8kW in fast wind speeds.

You have no excuse to miss any new DIY directory post as of now as you can produce your own electricity for your computer ! :)

Sunday 8 January 2006

Edward's automated house

Home automation is something that most people are dreaming of, while being a bit afraid of, because most of use think that having a fully automated house requires some maintenance and knowledge. There are, however, systems that are totally autonomous once they have been installed. Edward Cheung successfully built one of these system.

As he says on his home automation website,

Few of us can afford a butler. Fortunately electronics and technology can compensate for this by allowing us to remote control many devices in our home. However, home automation does not mean just being able to control your home's appliances from a distance, but also includes intelligence in the system to better serve our needs.

Thanks to his installation, he can control most of the electrical appliances of his house just from his watch ! He also automated most of the annoying tasks, from opening/closing the windows to irrigating his garden. He was also able to precisely estimate the cost of a shower by installing some sensors in his water system, his water heating system, and his electrical system. The amount of radioactive Radon was also quantified, and he was able to remove it thanks to a homemade geiger counter. As you can see, things can go pretty far once you're in it.

I can only recommend you to check his home automation website if you are interested in home automation. I am sure it will give you some ideas. Even if you do not end up with such a complex system, you could install some simplier, yet useful, home automation components.

Saturday 31 December 2005

Ilfak's hotfix for the Windows WMF vulnerability

For people who do not know it, there is a not so new (at time of writing) critical vulnerability in almost all recent versions of Windows. You can read the Microsoft advisory here. This vulnerability is extremely dangerous because it can be triggered with no specific action from the user. It can lead to remote code execution, which means that an attacker can execute the code he wants on your computer, without your consent, and with the rights of the user using the computer.

There is currently no patch from Microsoft to fix this problem, and as this bug is being actively exploited in the wild by malicious persons, I strongly suggest that you apply the hotfix that Ilfak Guilfanov made just a few hours ago. He speaks about it on his blog. Download and install the patch from his blog as soon as you can after having read Ilfak's post.

screenshot of the hotfix installer

I did not read the source code of the patch very carefully to check if it is good or not, but Ilfak is one of the head developpers of IDA, a very well known disassembler. F-Secure, an antivirus company, recommends applying the patch on its blog. That's why I think that you can trust his hot fix :)

If you cannot apply the patch for any reason, you should try to protect your computer until a fix from Microsoft is available by following the steps described in Microsoft advisory under the "Suggested actions" tab. Anyway I think that Ilfak's hotfix is better than the fix of Microsoft which is NOT a total fix.

I cannot say it enough: you must do something quickly or you will very likely get some worm or spyware on your computer because of this security flaw.

Why I am publishing this on this blog ? Because what Ilfak made is a huge improvement, as he was able to hack one of Windows core DLLs so as to remove a security vulnerability ! Also because I am involved in computer security discussion groups and I feel concerned about security issues. Finally, I feel some shame because I have been trying this afternoon to modify the shimgvw.dll and I didn't succeed... and this guy did ! (he didn't modify the DLL, instead he modified another part of the system which is used by the exploit) And he did a very good job by preventing any exploitation of the security hole without changing the behavior of the system in normal operation. When I tried to modify the buggy DLL, I wanted to prevent it from recognizing WMF and EMF images: as it will no longer parse these files at all, exploitation would not be possible anymore, and it would not annoy users a lot because WMF/EMF files are not widely used.

Tuesday 27 December 2005

Happy new year 2006 !

I wish you all a Happy new year and a Merry Christmas.
I hope that the year 2006 will come with a lot of new exciting creations that I'll happily publish here !

Yea, I know - I'm quite early for the first wish and a bit late for the last one; I was not able to update the blog on December 25th, and I'm afraid I'll be very occupied on the 31st... smiley: innocent o:)