The concept behind the Kin was to create a low price device that would allow people to stay connected to social media / cloud information. Essentially a blackberry to those not needing a blackberry. What I found interesting during the discussions of the “kin” project was how this all fit together with the upcoming windows 7 phone OS.

From the article it is unclear what Microsoft’s direction is. What I did take away was that a device that many people did not think would succeed is no longer being offered.

What are your thoughts on the KIN?

“More than 10% of all PCs worldwide now on Windows 7″. (http://windowsteamblog.com/blogs/windows7/archive/2010/04/22/more-than-10-of-all-pcs-worldwide-now-on-windows-7.aspx)

It stood out and made me interested. That is pretty amazing, since Windows 7 has only been out for a few months. Considering the volume of users that have a PC that is huge number and to get to 10% this quick is just outstanding. I have been lucky enough to use 7 for quite a while at home, but still use XP at the office.

I am continually amazed at how people upgrade and update their home PC’s. Not many of the people I know who are not technical would even be able to tell you how to upgrade their OS. In fact, most of the people I end up helping with their tech problems just purchase a new PC rather than upgrade the OS.

I wonder how many of the sales are tied to a new PC? I would even love to know what the numbers were of people upgrading from XP or Vista?

It offered me the advise that I should use IE8 instead of my current browser (Firefox). The reason is that IE is Faster, Safer, and easier. I was amazed, I did not know IE8 was safer.

Then when I went to the root of MSDN I got this advertisement (POP over)

I find it hard to believe that IE is better than firefox, but I guess Microsoft thinks so.

— Update —
I just got another site with a different advertisement for ie8. This time I was using chrome.

The move from community server to wordpress was successful.

Discovering this I was very confused. Why would Microsoft create these simple objects to gather information and not include them in c#? Very dissapointing.

I did some googling and found a few references to a helper object that will bring “MY” features to C#, called “that“. (download that)

After reading some of the comments out there, I found it would be easy to just reference vb and grab the MY logic. To do this you simply have to reference VB in your application “using Microsoft.VisualBasic.MyServices;” You then would have access to the My namespace.

Armed with that information and the joy of turning IISREPORTER PRO into a 2.0 C# app, I have completed about 40% of the re-write.

Dan keeps his blog (www.danwoolston.com) up to date with upcoming AJAX topics

Alfresco is a great project that allows for a good alternative. I was able to install in a few min (about 20) on windows. They also make a linux version. So go look at the site and view the flash demo.

Since my last post I have been thinking of ways to respond to the emails and feedback I have received. I think it may be best to do a 2 part series on wireless security. The first part will be to show what kind of information your laptop our application is sharing on the wireless network. I will just briefly walk through some typical situations where you may be sharing more information then you know about. In part one; I will discuss the common applications that may share information. I will also discuss the tools used to gather that information, to show how easy it is for someone to steal.

The second part of the series, I plan on discussing and showing methods to help prevent unknowingly sharing information to others. This will include software applications and techniques for securing your applications and systems.

It is amazing to me how many people are unaware of what their computer or applications do on the network. In reality your computer is very chatty, it likes to send information and it is up to the user to help secure and limit the amount of information that is sent. In the next few blog posts, I hope to show people what they can do to secure, encrypt, and defend when using their computers.

To keep everyone up to date from my last post. I did go back to the wi-fi hotspot and did not see the kid their sniffing the wireless network. But, if I do see him I plan on confronting him head on. I have not seen a clear argument that Sniffing a network is illegal yet, and plan on doing more research. It feels like it is illegal, but in a sense it is not much different than listening to people talk in a room.

I typically stop at a local coffee shop to get some caffeine and use their wi-fi network to check email and surf the web. I am gathering this is not unlike most people out there in the business world. I tend to visit places that offer wi-fi because of their ease of use. But the other day I saw some thing that upset me. The story I am about to tell is not anything new, but rather just an eye opener for me.

As I was standing in line for coffee I noticed a fellow wi-fi user in the corner and happened to glance at his laptop. Being a tech geek I noticed he was running linux (you may ask how?), well I noticed etherape running and ethereal. These are both tools I use often. Especially when trouble shooting applications or networks.

At first I did not think anything about it. Then as I was firing up my laptop, I started to think why someone would be using ethereal and etherape here? Then it hit me. This guy was grabbing network traffic on the wireless network and sniffing, probably for passwords and usernames. At this point I came up with a plan. I looked around at the other 10 or so people on their computers and realized that they were unknowingly giving their information away. Usernames and passwords were floating in plain text all over that coffee shop. The girl next to me was on yahoo mail, the guy on my right had outlook express open. I figured that the kid had at least 10 or so usernames and passwords by now, and I was angry.

To see if my mind was just crazy or corrupt I decided to test my theory that he was sniffing usernames and passwords. I first ssh’ed into my box and created a new email account. I created a username called jvandenbon. I figured since I am in a Dutch area that a dutch username made sense. I created a password of Alice6232001, hopefully a real enough password. Then I hoped into my inbox using mutt and forwarded some of my spam emails into the jvandenbon user account. So now I had a real account that had some mail in it.

I then fired up ethereal and then thunderbird. First I took a quick capture of what was on the network, and as I suspected there were lots of POP accounts being used which show Username and PASS in clear text. I opened Thunderbird and checked my mail, I use SSL / TLS when I connect to my mail server so I was not worried about this kid grabbing my info. But I had to make sure that I was safe so I watched my traffic and sure enough it was encrypted with TLS. I closed ethereal, and created a new account in thunderbird using the above jvanderbon account name and told it to use POP as the means of communication. Again, I opened ethereal and then did a send receive to watch my fake username and password be sent across the wire. I then wrote an email and deleted some others to create traffic. I closed Thunderbird and waited. I set a string filter for Alice623001 in ethereal and watched. Sure enough in a few min later(about 10) I saw my fake username and password being sent over the wireless lan. I captured the kids source address.

This kid was trying to access my fake account. By this point I was angry. I got to thinking about what kind of stuff I could do to him. I easily could have kicked his ass; however I am not sure that it would have helped. All these people had been cheated of their info and privacy. That is when I started to think about legal options. I don’t even know if it is illegal to sniff a public network. I have never even thought about it. I did a quick google search and did not find much. I guess you can kind of relate this to yelling across the room to a friend with your username and password. Whoever happens to be in the room has access to that information. The analogy does not sit well with me. I would like to think that people can be safe or feel safe even when their trusted programs (outlook, outlookexpress, thunderbird, and hotmail) send their information in plain text over the network.

Right now I am just angry. If I do see this kid again, I plan on approaching him and asking what he plans on doing with all the usernames and passwords he stole. I can only guess he is going to just mess around. But, what happens when he comes across a guy who happens to have admin rights on a system and sends his username and password over the line. I realize this is a gray area of the law, but what about people privacy. I am not a malicious person by any means. I have sniffed networks in the past to gather information to help me learn how to protect them. But when I watched this kid and the speed of which he attempted to open my POP account, I am a bit worried. He must have had a program that would just take a username, password, and mail server and check validation.

I guess I am now asking the community what they think of this event. Do you know if you are secure? Do you go to a coffee shop and check mail via POP and send your info? Do you use ftp at the coffee shop to update your web site or worse; your corporate web site? I would love some feed back on what people think. Just think, if someone got your email password? Does it match your bank account password or your paypal password? These are the questions on my mind. And how can I do something against this punk kid. Should I just walk over and kick his ass or should I call the police? And if I call the police, what do I say?

http://www.sitepoint.com/blogs/2005/11/16/google-sitemaps/

It is some very good info and interesting stats. Somewhat like google analytics.