Category Archives: News

My own news on technology and all the one i’m specially sensitive
Petits mots sur mon actualité technologique où celles du monde auxquelles je suis sensible.

How to choose a SaaS service

Posted on by
2

More and more, companies are going to SaaS (Software as a Service) solutions. They offer a quick and generally less expensive solutions compared to standard software approach. This has been made possible by a standardization of the solution, a mutualization of the hardware resources and a pay as you growth economic model. In a business point of view it is also a nice way to bypass the terrible internal IS and IT services to obtain tomorrow what they dreamed to have since a long time.

Beyond this nice view, even if SaaS sellers expect you to trust them, they only provide services, you should never forget that there is under an hadware and It Ops layer your IS/IT team must review before contracting.

This article, follow a brainstorming we had on this topic and gives some area we should investigate before contract anything.

Continue reading

Private Copy tax

Posted on by
Reply

As you may know, in France as in a lot of other countries, we are  paying a Tax for private copying, this tax is printed nowhere like State Tax but it exists as a part of each of the storage product we are buying, even if this product is never use to store any copy of your music & video. This is also payed to store your original Mp3 like in an iPhone, iPod for example. This tax does not help the gaming and software industry even if this is where it made sense to apply it some decade ago before it has been locally destroyed.

This tax is apply to many device and grow regarding the size of the storage space. The price per GB is reviewed yearly and generally become higher and higher. The following Graph (copied from numerama) is showing how many euro has been transfered from consumer to music & movie industry in France during last 25 years.

 

 

 

 

 

 

 

This is about 181M€ / year actually with an interesting growth which is also something like 3€ per French and also about 7€ per family. This money is going directly to the artists and it is like, according to different sources,  if we buy 7 album per family per year. In my point of view it is more than the average.

Then, coming the question ? what is the right i get for this price… actually ?

 

Related link : www.chere-copie-privee.org

Oracle DB performance over low latency networks

Posted on by
Reply

Here is an interesting article on the impact of the latency on some usual Oracle SQL statement over Local, LAN and WAN networks.

http://markbairden.blogspot.fr/2012/03/database-performance-measuring-effects.html

Wan latency uses is 12ms which is small for this type of connection. Impact is huge with a factor of 10. To be taken into account in your designs !

Thank you Mark for this article !

New low consumption Atom devices

Posted on by
Reply

Not really a news, but an interesting update on two new devices sold since march 4th, Atom family have, at least, two new Core, the first one is the N2650, the second one the N2850, they are two dual core, 4 thread CPU for netbook with a really low TDP.

The N2850 offers a 2GHz system with a 10W TDP, the N2650 offers a 1.7GHz system with a 3.6W TDP.

This has to be compared with my current reference (making no sens for you … but …) the D525 offering 1.8GHz for 13W. More over the IGP has been push from 400MHz to 640MHz on the N2850.

This configuration sound really interesting to build small and fanless machine… now we need to see the first box including these chips.

See Atom family on wikipedia : http://fr.wikipedia.org/wiki/Intel_Atom

Why behind concept PirateBox is just an experiment ?

Posted on by
1

After a couple of days hacking PirateBox based on MR3020 i’m really happy to give this concept life, but behind the announcements like “share freely for less than 40€ with your neighborhood” the reality differs.

The first main thing is that 40€ is the price, port excluded to get the MR3020 router, then you must add a storage (25€ for 16GB), add a battery if you want to be mobile (50-100€). Which made a big difference as it becomes quite as expensive as a tablet PC where you can install the software and be mobile with higher storage, higher mobility and much more capabilities.  So, no magic around this.

Ok, i’ll tell me you can reuse an old external hard drive and not being mobile, just switching it up at home… and you’re right, this is a good capability for a reasonable price. But, once again, you’ll have to deal with the low Wifi power offer by this low cost router. I mean you’ll be able to exchange with your direct neighborhood : the one you cross daily in the stairs. Why not, it sounds good …

That last argument I also would like to share to finish to be a party killer, is about the Hadopi stuff and piracy freedom feeling…. Are you mad guys ? As much as I know, getting address of pirate is not so easy when you are downloading on Internet, even if it has been simplified, you’re one on million and the chance to be kept is small, then you will be identified more as a consumer  than a provider. To identify the owner of the PirateBox is is quite easy by triangulation, then you just need to request a judge to get the needed paper to catch a provider..

In my opinion, PirateBox has to be mobile to not being kept or need to not be owned and hosted on public domain and sourced on solar power. (Like the USB Stick embedded in walls, but for more money) Which would be a great and interesting thing but requires investment.

For all these reasons, I love the idea, I like the product in a technological point of view, interesting and easy hack, but I do not consider it as something really ready for mass. It’s hype, it’s geek, not consumers.

How to improve PirateBox ?

Posted on by
1

PirateBox is an interesting concept, but it had a lot of limitations based on the fact that the distance covered by a wifi connection is really limited. The mobile devices, able to cover a larger distance also have limitation due to the time needed to transfer any content.

In fact, you can’t imagine to grab content from someone you cross on the street because you might be out of signal before finished to transfer your file. More over due to the actual memory size of the portable devices you can’t imagine to share a lot of stuff on it.

So the idea is great, and the future could change all what I just said. But, today, the reality is that this system is not really usable as a real anonymous and unlimited sharing system.

To improve the system, I would imagine a network of PirateBox, this idea requires to have a larger number of devices but it would allow to share a large amount of data even on restricted memory cards. The idea is that each PirateBox would have a second wifi adapter to connect to another PirateBox. To get the list of its files and share it across this point to point connection. As each of the Piratebox is connecting to a second one we could imagine to build, dynamically a large piratebox network.

The file requests and data transfers would goes from a point to another point without keeping trace of these transfer out of the point to point exchange.

I assume there are some interesting research around this idea as the system has to build a dynamic network, avoiding cycles and optimizing the communications to make the network larger as possible, using a non centralized system to manage all of this.

Anyone to start developing a such stuff ?

Hadopi, pourquoi la sécurisation est une fausse piste

Posted on by
Reply

Un appel à expérimentation vient d’être publié par  l’Hadopi  concernant les logiciels de sécurisation, arlésienne que le texte prévoit dès l’origine mais qui depuis plus de deux ans ne débouche sur rien. Cet appel est une sorte de demi aveux d’échec d’une idée politique qui comme je l’ai déjà  évoqué ne repose sur aucun fondement technique.

Un premier projet envisageait de mettre le module au sein de la box, comme je l’envisageait dans mon article de 2009, solution que je ne jugeai pas faisable pour des raisons de couts et de standardisation, d’une part, mais aussi de par le fait qu’elle ne prouve aucunement de l’innocence de qui que ce soit dans la majeure partie des cas. Le nouveau projet envisage donc l’utilisation de composant interne au réseau, distribué sous forme d’un logiciel à installé. Voila en gros le cahier des charges de l’Hadopi en manque d’idées.

Voici maintenant en quoi il ne sera jamais possible de prétendre de l’innocence ou de la culpabilité d’un personne avec un tel produits, ni même, ce qui pourrait être acceptable, de la bonne foi du prévenu :

Continue reading

Ainsi Fon fon fon …

Posted on by
Reply

L’histoire en soit à peu d’importance d’autant que rien n’en prouve la véracité. Cependant, d’un point de vu technique la situation est totalement probable. Après avoir creusé le sujet de FON avec le peu d’information disponible quant à la sécurité, voici ce que l’on peut en dire.

FON est un systeme de HotSpot mondial qui permet d’ouvrir votre réseau aux autres, je ne vais pas détailler le fonctionnel, mais d’un point de vue technique, le systeme (une AP) gère deux réseaux Wifi, le premier privé, protégé par WPA dans lequel vous mettez vos propres machine et un second réseau, lui public sans sécurité dans lequel viennent se connecter les inconnus de passage. L’Internet est ensuite accessible comme sur tous les hotspot : tant que vous n’êtes pas authentifié vous n’accedez qu’a une page de login et ensuite vous avez un accès HTTP/HTTPS classique.
Le point important est qu’une fois authentifié, vous accédez à l’Internet exactement de la même façon qu’un ordinateur du reseau privé (hors mis que bcp de ports sont filtrés), c’est à dire que l’adresse IP des utilisateurs hotspot se trouvera être la même adresse IP que celle du propriétaire de la ligne. Du point de vue des traces laissées sur Internet, c’est donc la personne qui met à disposition le point d’accès qui se retrouve responsable des action faites par des inconnus.
Le système semble logguer les actions de connexion/deconnexion mais pas le détail de ce qui est fait (après le login, les échanges ne sont plus centralisés et les box ne peuvent stocker un historique important, enfin du point de vue provider il n’est pas possible de dissocier les flux).Ainsi, s’il est possible de prouver qu’une autre personne utilisait Internet au moment de faits, il n’est pas possible de prouver qui était l’auteur de ces faits. En conséquence le système est donc dangereux pour la personne mettant en ?uvre le service. Prenons un exemple:
Une personnes se connecte à des sites pédophiles ou terroristes en utilisant cet accès, (cette personne aura d’ailleurs tout intérêt à utiliser ce type d’accès puisqu’il permet assez facilement d’y être anonyme (point à vérifier)), elle laisse des traces sur les serveur accédés. Dans le cadre d’une enquête de police ces traces sont recueillies et un beau matin à 6:00 vous pouvez voir débarquer un peu plus de monde que prévu à cette heure-ci. Même innocent, cette situation sera loin d’être agréable je l’imagine.

J’adore le principe ouvert de FON, mais d’un point de vue technique, je trouve que les capacité de log sont un peu légère, il est certes difficile de totalement protéger la personne qui partage sont adresse IP, mais je pense que le niveau de log inscrit dans le système devrait être très détaillé avec une rétention de plusieurs années. Voir, le recours à un proxy FON serait une solution bien plus sécurisante pour celui qui partage, ainsi ce n’est pas son IP mais celle du proxy qui serait visible des services de police, qui se tournerait vers FON pour obtenir des informations. Ceux-ci seraient donc alerté dès le début de la procédure de l’innocence présumée forte de celui qui a prété son acces.