Anthony Vance

I have recently discovered TrueCrypt, a great open source data encryption tool that has recently gained the attention of security experts Bruce Schneier and Steve Gibson. TrueCrypt is cross-platform, meaning it runs on various versions of Linux and Windows (an OS X version is in the works). With TrueCrypt, you can create a folder or volume that encrypts/decrypts data on the fly in a seamless way. Further, TrueCrypt volumes are platform independent, so you can encrypt a volume in Linux and then decrypt it in Windows.

Data encryption is useful for many situations. I use it to encrypt my research data and documents on my laptop. As a researcher, I am required to keep confidential any personal data I may collect in my studies. With TrueCrypt, I can store potentially sensitive data on my laptop without fear of data theft. There are many other practical reasons why someone may wish encrypt his/her documents.

The fact that TrueCrypt is open source is a strong benefit. One advantage TrueCrypt has over Microsoft’s optional encryption scheme for Windows and other commercial solutions is the peer review of source code. The security and encryption communities have full access to the TrueCrypt source code, making any vulnerabilities or errors in the implementation of encryption algorithms plainly visible and more readily remedied.

For information about TrueCrypt, check out Steve Gibson’s “Security Now” podcast (or read the transcript). You can download TrueCrypt here.

One of the neat new features coming in the next version of Java (codenamed Mustang) this October is support for many different programing languages. Although commonly thought of as a programming language, Java is also a platform?a virtual machine that can be run on many different kinds of computers and still function in the same way. The Java programming language is the primary means of creating new applications that run on top of the Java Virtual Machine (JVM).

However, last week at the JavaOne conference, announcements were made about support for several new programing languages in the JVM , including Visual Basic (VB) and Javascript, as well as plugins for other scripting languages like Python. This means that VB programmers (which some studies estimate at over half of all software programmers) can use their VB skills to develop Java programs that can be run on any platform with a JVM. To read more on how this works, click here.

GSU requires a Cisco VPN client to access many of its network services. I use Linux on my laptop and unfortunately GSU does not offer support for a Linux client. However, after searching and trial and error I now have the Cisco VPN client working. I’m posting this for any interested GSU Linux users.

First, I looked into using VPNC, the open source Cisco-compatible VPN client because it doesn’t require the use of a new kernel module. However, VPNC requires the knowledge of a group password which GSU tech support declined to share with me (the official Cisco VPN client uses an obfuscated hash of the group password which VPNC doesn’t currently support).

I next turned to the Cisco VPN client for Linux. Below are the steps I took to get the Cisco client to work on my Ubuntu Dapper Drake version of Linux:

1. Download the Linux kernel headers for your kernel version. Check your Kernel version using: uname -r
2. Dowload the Cisco VPN Client version 4.8 for Linux. GSU doesn’t provide this, so try this Google search instead.
3. Untar the archieve: tar -xzvf vpnclient-linux-4.8.00.0490-k9.tar.gz -C /usr/local
4. Change directories to the new location: cd /usr/local/vpnclient
5. Make sure the vpn_install script is executable (chmod +x ./vpn_install), then run: sudo ./vpn_install
6. The installer will ask for the location of the kernel heard source. On my machine this is located at: /usr/src/linux-headers-2.6.15-22-686
   
7. Choose “no” when asked if the Cisco file should start at boot time. After the vpn_install script ends, set the VPN_init file to start up automatically: update-rc.d /etc/init.d/vpnclient_init defaults
8. From a Windows machine with the GSU VPN profiles installed (you can find the installer file which includes the profiles here), copy the PCF profile files to :/etc/opt/cisco-vpnclient/Profiles. Rename the PCF files so that the filenames do not include any spaces.
9. After starting the vpn_init file (/etc/init.d/vpn_init start), start the VPN client by entering: vpnclient connect
   profile, where profile is the filename of one of the PCF files in /etc/opt/cisco-vpnclient/Profiles.

In all, this is a good example of why Linux isn’t quite ready for mainstream usage. However, Linux is a very powerful system that is becoming increasingly more user-friendly as a desktop system.

Programming author Bruce Eckel has posted series of several audio interviews he conducted with respected programming luminaries such as Guido Van Rossum (the creator of Python), Josh Block (one of the lead Java architects), and others. You can download the interviews here.

I am currently researching ways that web services and RFID technologies can be combined to create dynamically integrated supply chains. As technologies, web services and RFID are very similar in that they both rely on XML-based transfer protocols to transmit information over the Internet.

Within the web services suite of technologies is the capability to create software agents to automatically find and transact with other businesses. RFID, on the other hand, has the capability of unifying a disparate supply chain members by tracking inventory goods at a very granular level and communicating this information up and down a supply chain.

If these two technologies can be successfully combined, entire supply chains could be dynamically formed and automatically integrated. Of course, for such an arrangement to work would require industries to establish standards to support this type of activity. However, from a technological standpoint, the capability already exists.

I’ve recently found a great new podcast on open source software, FLOSS?or Free (as in Libre) Open Source Software (hence the acronym). The show is hosted in part by Chris DiBona, a long-time member of the open source community. You can access the RSS feed for the podcast here.

I have a relatively new computer after my old Dell laptop failed while under warranty. Before returning my old laptop to Dell I decided to securely delete my hard drive to make my personal information unrecoverable.Secure file deletion is important because data can be recovered from even reformatted hard drives using tools like the Forensics Toolkit (FTK). However, most people don’t even bother reformatting their hard drive before donating their computer or throwing it away.

At any rate, I found a great secure deletion tool: Darik’s Boot and Nuke?or DBAN. DBAN is Linux boot disk that writes random zeros and ones over the entire hard disk according to secure deletion algorithms published by the US Department of Defense and Canada’s RCMP. DBAN also supports the Gutmann algorithm even though it is considered overkill by most experts.

If you want to securely delete a single file rather than an entire hard drive or partition, try GNU’s shred

I recently found The Java Posse, an excellent Java podcast that discusses news in the Java world. The podcast features four veteran Java software engineers from Sun, Google, Apple, and NewEnergy Associates. All four participants are very knowledgeable about Java and have a have a firm pulse on new developments in the Java community.

I also appreciate that none of the Java Posse members are Java zealots?those who believe that Java has no imperfections or that Java is always the best tool for the job. In fact, at least one of the members, Dick Wall, prefers Python as a language to Java.

Bruce Eckel has announced the availability of the 4th edition of “Thinking in Java”. Eckel says that he worked longer on revising this edition than he took writing the original. He also says this book is his best yet.

“Thinking Java” examines Java (and object-oriented programming) at considerably greater conceptual depth than many programming texts.

While Eckel has made the full text of previous freely available online, online a sample of the first seven chapters will be available for the 4th edition. Download a sample of the first seven chapters here.

If you have ever performed system administration work, check out the these comments on Slashdot. It is said that humor comes from being true to life—boy, is that the case here.

Coincidentally, these Slashdot comments highlight the major advantage Slashdot has over sites like Digg. Slashdot has a rich user community built into it. I often don’t even read articles posted on Slashdot (especially the ones that were covered already on Digg the week before . I read Slashdot for the level-5 comments.