Possible mutations of a Gmail email address

August 17, 2010 by Leave a comment

The Blog Senseful Solutions has a good article on How Gmail Filter Email-Matching Works.

To quote them:

The default account you use (e.g. john.smith@gmail.com) will match all variations of your address. This includes dot notation, plus addressing, and using the googlemail.com domain.

Here’s a brief explanation of each:

  • Using dot notation: You can enter as many non-consecutive dots in your email as you want. For example, if your email is john.smith@gmail.com, mail sent to j.o.h.n.s.mith@gmail.com will still arrive at your account.
  • Using plus addressing: After your account name, you can enter the + sign and whatever text you want afterwards followed by the Gmail domain. For example, mail sent to john.smith+foo@gmail.com will arrive at john.smith@gmail.com.
  • Using googlemail.com domain: Any mail sent to your @googlemail.com will arrive at your @gmail.com address. For example, mail sent to john.smith@googlemail.com will arrive at john.smith@gmail.com.

Any of the above can be combined (e.g. j.o.h.n.s.m.i.t.h+foo.bar@googlemail.com will still go to john.smith@gmail.com).

Filed under Fixing computer problems, News, Useful sites

SQL Server 2008 “Can’t Generate SSPI Context” error on remote connection

August 12, 2010 by 4 Comments

While trying to setup a remote connection to a new SQL Server 2008 installation which uses Windows authentication (aka Kerberos) I encountered this error:


Can't generate SSPI context

A good high level explanation of what causes the error can be found on MSDN and a detailed explanation can be found at Microsoft Support but neither article has any detailed explanation of how to fix the problem.

In my case, during install, I had the server start under my user name when I should have instead had it start under the Network Service group. This is a problem because when user Bob tries to log into the server remotely, my user (the one the server is running under) doesn’t have the necessary permissions to run as Bob so Bob gets an error that SSPI can’t be generated. To fix this I needed to change the user that SQL Server runs under to Network Service. To do this:

  1. Open the Task Manager and go to the Services tab
  2. Click the Services button in the lower right corner
  3. Sort by name and find all the SQL entries
  4. In the “Log on as” column you should see some of the services have a user name. For each:
    1. Right click and select Properties
    2. Select the Log On tab
    3. Make sure This account is selected
    4. Fill in Network Service in the box next to “This account”
    5. Delete both passwords
    6. Click Ok
  5. Restart the SQL Server

This should cause the server to run under Network Service instead of a particular user.

Some extra technical details about my setup:

  • The SQL Server was already setup to accept remote connections
  • The Windows Firewall was already setup to accept incoming SQL requests
  • The SQL Server was configured to accept incoming TCP requests

Filed under Fixing computer problems Tagged with ,

SOUPS: Feasibility of Structural Network Clustering for Group-Based Privacy Control in Social Networks

July 15, 2010 by Leave a comment

Simon Jones presented Feasibility of Structural Network Clustering for Group-Based Privacy Control in Social Networks this week at SOUPS

The researchers accessed the participants friend connections (list of friends), they also looked at connections between their friends. Used list of friends to do a card sorting exercise. One contact per card (“cards” were digital and shown on the computer).

They found six common grouping criteria

  • Social circles & cliques
  • The strength of their relationship – commonly used to divide other groups into people with strong ties or weak times
  • Geographical locations
  • Organizational boundaries
  • Temporal episodes – For example childhood or undergrad
  • Functional roles – People they had met at events

Used the groups created by participants and compared them with groups created by a clustering algorithm. You can read the details of the algorithm in the paper.  Their algorithm was 45% similar with the user created groups.

Had users find a privacy sensitive item and asked them to rank their willingness to share with different contacts in their network. People who were outliers in the social network were more often not shared with. The authors hypothesize that outliers could be used to automatically identify people who users may not want to share sensitive information with.

Filed under Research Tagged with ,

Getting the Office 2010 API for C#

July 12, 2010 by Leave a comment

The following link is for the Microsoft Office Outlook 2010 API documentation.

http://msdn.microsoft.com/en-us/library/bb610835.aspx

For some reason finding this link initially was much more challenging than I would have thought.  So I’m blogging about it here both as a way for me to find it again and hopefully a way for others to not wast the amount of time I had to to find it.

Filed under Fixing computer problems Tagged with , ,

Using web technologies for research

May 23, 2010 by 1 Comment

At the NSF IGERT 2010 Project Meeting this week I will be giving a set of 5 minute talks on how Blogs, Twitter, Wikis, and GoogleDocs can be used in research. Below are some of the links and examples I used in the talk along with short descriptions of how these technologies can be used.

Blogs

My lab, CUPS, maintains a blog where we post everything from news about the lab to detailed reports from conferences we go to. The blog lets us post information others might be interested in even if it isn’t necessarily a paper worthy event.

Blogs are also an excellent way to learn about new information related to your area. Since there can be many blogs to track I use an RSS feed aggregater, such as Google Reader, to subscribe and keep track of multiple blogs.

Finally, blogs can be an excellent way to collect information about your area in one place where you and others can find it again. I use my personal blog, http://kamivaniea.com, to keep track of news articles related to my research. Also when I solve a particularly intricate technological problem that was impeding my research I post the solution to my blog for others to use.

Twitter

Twitter is an excellent way to aggregate and disseminate information quickly.  Good examples are: CyLab, Electronic Freedom Frontier, and Wombat Security. You can easily create a Twitter account for a lab or research group and post interesting and exiting news about your lab.

Twitter is an excellent way to keep track of what others are doing. For example I have a list of security and privacy twitter feeds that I follow. Everyone on the list posts interesting things about security and privacy so I monitor their feeds for important information.

Twitter is also an excellent way to connect with people online during conferences. In Twitter anything that starts with a # symbol is called a tag. Using Twitter it is easy to search for tags. For example searching for #igert on Twitter brings up a list of all the Twitter posts tagged as #igert.

Wikis

Wikis are a type of website that let people easily create linked content. Wikis are extremely useful for research for keeping track of information. Basically, using a wiki, you can setup your own Wikipedia that is dedicated to just your research. There are many different types of wikis, most wikis let you create web pages like what you see on Wikipedia but each type of wiki is special in its own way.  Here are some popular ones:

  • MediaWiki – Originally designed to support Wikipedia, one of the more popular wiki softwares.
  • Trac – Wiki software designed to support people who are all working the same project or code base. It has an issue tracking system built in which lets people submit bug reports and mark bugs as fixed. It also integrates with SVN (version tracking) installations.
  • TikiWiki – Fairly standard wiki software with lots of features and plug-ins.

Not all Wikis are public like Wikipedia. My lab manages a wiki that is only visible to members of the lab that we use to coordinate shared resources such as laptops and archive information, such as study procedures, for latter use.

Some good wiki examples:

Google Docs

Google Docs is an online document editing site that lets you create and edit Document, Presentation, Spreadsheet, Form and Drawings online through Google’s interface. What is really nice about GoogleDocs is that you can create one document online and let other people see and edit it.

Google Docs is an extremely useful tool for working with collaborators in other parts of the world. You can easily create a shared document and edit it together at the same time. GoogleDocs also supports a chat functionality so you can talk to the other person while you are both working on the same document.

Google Docs is also very useful for running surveys or setting up registration forms. I’ve created an example form where you can rate this presentation and tell me about how you use these types of technology in your research.

Filed under Education, Research

The Boucher Bill

May 13, 2010 by Leave a comment

Issues of behavioral advertising and online collection of personally identifiable information have been major issues of late. I previously blogged about behavioral advertising and the different ways online advertisers can track you as you move around the internet. But behavioral advertisers aren’t the only source of concern.

Large social networking sites have access to a bewildering amount of personally identifiable and potentially very private data. Sure they have privacy policies in which they claim to respect your privacy but most of the policies also state that the company can change their privacy policy at any time and the new policy immediately applies to all exiting data they have on you. The EFF recently posted a nice time lapse of Facebook’s privacy policy changes from 2005 to 2010 and the New York times recently showed that the current Facebook privacy policy is longer than the US Constitution.   Amongst its many clauses is the fact that other websites are automatically given access to your data when you use Facebook Connect, developers can infinitely store your data, and any applications your friends use have the right to access and store your data too.

The Boucher Bill is an attempt by law makers to force organizations who collect data online and off to provide informed consent to their consumers. The information law group has an excellent breakdown of the Boucher Bill which is definitely worth a read.

Some major points from the bill:

  • Organizations need to provide privacy policies but they can assume that users who use the service have implicitly consented to the policy (opt-out).
  • The bill requires companies to have users opt-in to major privacy policy changes.
  • Express affirmative consent (opt-in) must be obtained before personal data can be sold to other organizations.
  • Organizations can share personally identifiable information with parents and affiliates without notifying users provided the information is not used for marketing purposes.
  • Organizations must provide the policy and get express consent (opt-in) from customers before collecting any sensitive information such as medial information.
  • Consumers must opt-in to any sharing of location information.
  • Organizations cannot collect information about consumer’s browsing across site behavior unless they obtain express consent from the consumer before collecting information (0pt-in).
  • Organizations collecting information from less than 5,000 people per year are exempt.

Update: The CDT has a set of comments on the Boucher Bill.

Filed under News, Research Tagged with , , ,

SIGBOVIK Paper

April 7, 2010 by Leave a comment

For April Fools Day this year I published a paper entitled “How to successfully prevent the flow of information in research presentations” in SIGBOVIK.

Its an excellent satirical guide on how to create good but incomprehensible research presentations that emphasis that the presenter has an important research goal but obfuscate what they actually did.

Filed under Research

Architecture Is Policy: The Legal and Social Impact of Technical Design Decisions

March 30, 2010 by Leave a comment

Over on the CUPS blog I wrote up a summery of the EFF board panel on the legal and social impact of technical design decisions.

Abstract:

Technology design can maximize or decimate our basic rights to free speech, privacy, property ownership, and creative thought.  Board members of the Electronic Frontier Foundation (EFF) discuss some good and bad design decisions through the years and the societal impact of those decisions.

Filed under Education, Research Tagged with , , , ,

Book: Applied Security Visualization

March 30, 2010 by Leave a comment

I just ordered a book entitled “Applied Security Visualization” written by Raffael Marty. The author previously wrote a chapter in “Security Data Visualization: Graphical Techniques for Network Analysis“, another book on how to bring visualization techniques and tools to the aid of the security community. I was somewhat disappointed with the Security Data Visualization book as I felt that it was just throwing eye candy at what I consider to be a serious problem. Many of the tools put forward by the Security Data Visualization book fail to follow the principles put forward by Edward Tufte on how to create useful and effective data visualizations. I have not yet had a chance to review “Applied Security Visualization” but based on the author’s other work I am hopeful for a clearer and more useful application of visualizations to the security domain.

Filed under Education, Research Tagged with , ,

Value of “who is stalking me” functionality

March 15, 2010 by Leave a comment

The Register has an interesting story today on a Facebook app which claims to offer the ability to see who is looking at your profile information but really is just a spam application. The claim is of course bogus as Facebook doesn’t give any application information about who has viewed your profile. Instead the application posts all over your wall and sends out spam messages with the goal of getting ad revenue from people visiting the site and adding the application.

What is interesting about this is that people are intrigued enough by an app that offers feedback on who has viewed their profile that they are continuously falling for the scam. In fact there are at least 25 different versions of this application on Facebook.

Filed under News, Research Tagged with ,

Older posts

Newer posts