Happy World IPv6 Day!
Posted by Alan B. Johnston in Internet on June 8, 2011
Today, June 8, 2011 is the first World IPv6 Day!
IP or Internet Protocol is what makes the Internet the Internet. The current version most of us use is version 4, or IPv4. However, IPv4 is running out of addresses – no one had any idea how big the Internet would grow back when it was invented. Fortunately, there is a solution to this, the next version of Internet Protocol known as IPv6. (Whatever happened to IPv5, no one is saying…)
Unfortunately, it will take a bit of work to move our computers, apps, and websites to IPv6. The process is underway, and anyone involved in Information Technology will no doubt be aware of the effort, but we need to speed up the conversion.
Ask your favorite website, vendor, or app when they will support IPv6. If you are tech savvy yourself, find out if your Internet Service Provider supports IPv6 using these tests. And on a day like today, it is a good thing to recognize all the people who have put in so much effort and energy into making the Internet what it is today!
Free Ebook Giveaway at LibraryThing!
Posted by Alan B. Johnston in Book on June 3, 2011
I have an eBook giveaway of my cyber crime mystery thriller ‘Counting from Zero’ underway at LibraryThing. Until June 17, 2011 you can enter to win one of 100 free eBooks! Winners will be able to download an eBook in all the formats supported by Smashwords.
Good Reading with Goodreads
Posted by Alan B. Johnston in Book on May 25, 2011
I’ve learned a lot over the past three months since I threw caution to the wind and self published my first novel, Counting from Zero. One discovery that is likely to have a lasting impact is the social reading site Goodreads.
I discovered Goodreads, along with Scribd, and Shelfari in the weeks after I launched my book. At first, all these sites seemed similar, and just another site to promote and do publicity. But Goodreads has really grown on me.
For one thing, it is fun to have Goodreads ‘friends’ and to read their updates. Reading is solitary by nature, so to find out about others reading in real-time is really quite addictive. Some even give progress on a page-by-page basis. Others go into the future with their to-read lists. It can encourage and inspire you to read more, and provide a new way to discover great books.
I’ve previously written about electronic bookshelves in Books vs Bits, and how important this is. With Goodreads, when you lookup another reader, the site compares your bookshelf to theirs, showing what you have in common, just like I do when I visit someone’s house! It is amazing the breadth and range of some people’s reading. If you love to read, you should sign up and give it a try, then add me as a friend! One note: there is an option to sign in using Facebook, Twitter, or Google. I tried this once with Facebook, and when I added a book to my bookshelf Goodreads posted it on Facebook without warning me… so be careful of this option.
Reading about other’s reading, getting ideas for future reading is all great, but as an author, a few features of Goodreads really impressed me. For one thing, you can message and interact with your readers. By finding reviewer of similar books, I was able to get my book into the hands of some good reviewers. I’ll never forget that feeling when I first realized I could find and interact directly with like-minded readers…
Then, I discovered the Goodreads publisher giveaways. As a publisher, I just had to agree to give away a certain number of books (had to be paper books, not eBooks – this was actually a major motivator in getting my book out in paperback.) and Goodreads would find me interested readers. I also had to agree not to contact them in any way, just ship the books. The giveaway winners are encouraged, but not required to write reviews.
Counting from Zero
I happily signed up to give away ten copies. I chose a date for the end of the giveaway weeks out, when I would return from a trip to Australia for a conference and to visit friends and relatives. Then, an amazing thing happened. Goodreads started contacting like-minded readers, some of whom indicated they would be interested in receiving a copy of my book. I watched in amazement as two hundred signed up after a few days. By the end of the first week, nearly five hundred had requested it! Excited, I blogged about it. More requested it. At the end of two weeks, over a thousand people had requested a copy of my book! Prior to this Goodreads giveaway, I’m sure that fewer than a thousand people even knew my book existed!
So, when I returned from my trip, I got the list of ten names and addresses and mailed the books. Now, as a result of this, 90 people as of today have marked my book on a shelf, mostly their to-read shelf.
Now, I can follow as readers begin reading my book, marking it as ‘currently reading’ then watch as reviews and ratings show up! Just amazing!
Social reading sites are definitely a great tool for an author, and so far I’m really, really impressed with Goodreads!
Connect with SIPconnect
Posted by Alan B. Johnston in Uncategorized, VoIP Security on May 23, 2011
Just a few days ago, the SIP Forum’s SIPconnect recommendation was published! This is an interesting milestone for something that I’ve spent most of last decade of my working life on.
SIP, or Session Initiation Protocol, is used on the Internet for making phone calls. In technical terms, it is a signaling protocol.
I was involved very early in the development of SIP. It was my introduction to the world of open Internet standards, something I believe very strongly in. Let me explain.
In the early days of computers, everything was proprietary, which in thus situation means that it was unique and different for every brand and type of computer. As hard as it is to imagine today, there wasn’t even a common standard for representing characters – a simple text document would have to be converted in order to display correctly (some examples, for those of you interested were EBCIDIC, Baudot, and ASCII – which became the standard?). The same was true for networking – each manufacturer had their own protocols and interfaces – it was virtually impossible (by design) to connect them together.
Fortunately we have come a long way since then, and the Internet, with its open standards helped a lot. I’ve enjoyed working on open standards with the Internet Engineering Task Force or IETF for quite a few years now.
SIPconnect is a great example developed by a not-for-profit that I am proud to be involved with, the international SIP Forum. SIPconnect is a standard that helps connect a telephone network with a business phone system, known as a PBX in the business, when the connection is made over the Internet instead of old fashioned wires and leased lines. It isn’t very exciting but it solves an important problem for both service providers and businesses. In short, it does what a standard does best, and works behind the scenes to reduce costs and increase efficiency.
Here is good article by Russell Bennet entitled “Finally, a SIP Trunking Standard that Makes Sense” which gives some good background on PSTN Trunking and SIP Trunking with SIPconnect.
Unfortunately, there are lots of examples today where standards are not being followed, and single-company, proprietary systems are in use. Some of the most prominent examples relate to some of the most popular hand held and personal electronic devices used by many people (including myself!)
But standards are always evolving, and business models change – today’s successful proprietary lock in is replaced by next year’s standard. Technology is both fast moving and fast changing.
For today, I’m happy to celebrate the publication of this SIP document and remember all my friends and colleagues who have worked so hard on it over the years!
As we jokingly say as we raise our glasses, “SIP, SIP!”
Win a Free Copy of ‘Counting from Zero’
Posted by Alan B. Johnston in Book on May 6, 2011
For the next week, you can enter to win a free copy of the paperback edition of ‘Counting from Zero’!
Goodreads Book Giveaway
Giveaway ends May 14, 2011.
See the giveaway details
at Goodreads.
Taking Down Botnets
Posted by Alan B. Johnston in Book, Security on April 29, 2011
I read with interest this week about the attempts by Internet Systems Consortium (ISC) to take down the Coreflood botnet with the cooperation of the FBI.
I was even quoted in an article about this today in TechNewsWorld entitled “FBI May Hunt Down and Destroy Botnets in Zombie PCs”.
So what is a botnet? A botnet, short for ‘robot network’ is a collection of compromised computers, known as ‘zombie computers’ organized together on the Internet. These computers have been compromised by a worm or a virus, or by a user downloading or installing some malicious software or malware. Once the botnet software is installed, it goes underground, hiding itself from the owner of the computer, or should I say the former owner of the computer. Once a botnet has control of your computer, it can do anything it wants to including copy any of your files or documents, monitor all your Internet activity, record everything you type, turn on your microphone or webcam, etc. I don’t mean to be too melodramatic about it, but your own computer could be part of a botnet – millions and millions around the world are.
Taking down botnets takes a lot of work and effort. In this case, researchers managed to identify the command and control IP addresses and domain names that were being used to give commands to the zombie computers. They then had those IP addresses and domains disconnected and replaced with their servers.
Now, the FBI has asked the courts and received permission to send ‘stop’ commands to the zombies. Pretty amazing, stuff!
'Counting from Zero' Book Cover
It also has more than a passing similarity to what happens in my novel Counting from Zero. In the book, security researcher Mick O’Malley discovers a huge botnet. With help from his friends, he goes about trying to shut down the botnet, and has all kinds of adventures along the way. The fictional botnet I write about is bigger than Coreflood and has an even more malicious purpose. Also, it has a much more complicated command and control infrastructure than simple IP addresses and host names. I can’t say more without spoilers… you’ll just have to read the book if you are interested.
So lets hope that this new level of effort to take down the Coreflood botnet is not an isolated incident, but the first steps in an effort to rid the Internet of this dangerous malware.
Books vs Bits
Posted by Alan B. Johnston in Book on April 19, 2011
Lately I’ve been thinking a lot about books vs ebooks, or books vs bits. I’m sure I’m not alone in this, as reading is undergoing a mini revolution due to technology.
I admit that I came to the ebook party fairly late. I read my first ebook after I got an iPhone and discovered Stanza and Project Gutenberg. I was amazed at all the books that were available. I think the first thing I did was download then read every novel by Jane Austen! I hadn’t read a book on Kindle until just a few months ago, as I describe in my first blog entry My First Foray into Fiction.
Since then, I have published my first novel, Counting from Zero. The advantages and disadvantages of books and bits has become even more clear to me. For example, some advantages of ebooks:
- It is wonderfully easy to give away copies of my ebook – I just email the EPUB file or a coupon to download it from Smashwords (BTW, a fantastic site for ebook distribution). The recipient gets it immediately at no cost to me!
- It was terrifically quick to get my book out there – Amazon only took a few hours, Smashwords took a few days, and it was even on Barnes & Noble and iBooks within a week or so!
- One can carry an entire library in the palm of your hand, and it is always with you. I love to just pull out my iPhone and read when I am stuck somewhere waiting, very pleasantly filling in what would otherwise have been wasted time.
- Some people just don’t have any reading devices for ebooks, and printing out pages on an inkjet printer, or trying to squint at a computer screen is no way to enjoy a book.
- Your ebooks don’t end up on your bookshelf when you are done. How will you rediscover them years from now, or how will friends or family happen upon them and ask about them and perhaps borrow them? How will do you learn about friends and acquaintances without nosily browsing their bookshelf when visiting their house?
- How do you loan or give away an ebook?
- In some ways, an ebook doesn’t quite feel ‘real’. I know it is silly, but there is nothing like a book in your hand.
Now, some of these things are slowly being solved. For example, most people will have a tablet or phone with an ereader soon – I think the days of everyone owning a conventional desktop computer or laptop are really numbered (sorry Microsoft…). Most people do not create content, they just consume it, and the computer requirements for this are much different. Also, the security of these devices is so much better than a Windows PC, so this will really help with problems like botnets, but that is a topic for another day…
I recently discovered Shelfari and started putting up my bookshelf online, which I found kind of fun. Goodreads lets you do this as well. I’m not sure how well it works, but here is, my virtual bookshelf.
Loaning now is possible on Kindle and some other devices. However, DRM (Digital Rights Management) protected ebooks will continue to be a problem. Could you imagine a conventional book that wouldn’t let you read it unless it could verify your purchase license?
As for the feel and look, I’m not sure how this one will go away. Perhaps paper books will always be with us, as a ‘backup’ to our digital versions. If only the Library of Alexandria had backup stone or clay editions of those books…
This discussion leads me to today: I just opened a box containing the first printed version of my novel, Counting from Zero.
I did it using the print-on-demand service CreateSpace. I must say, the process has been very smooth and nice so far. I was able to upload a PDF of the interior and a PDF of the cover. I created both with template files provided, and some work in Word and Photoshop. There really are NO upfront costs. As in none. Zero, if you like! This was the hardest thing for me to believe – I was sure there was some hidden fees or costs, but there aren’t. Of course, most of the website describes various packages that provide support and services which do cost money. However, look carefully and you will find a do-it-yourself option where you prepare and format all the files yourself!
The only fee I have paid was a $39 Pro Plan which allows my book to be included in book store catalog distributions. Otherwise, I only paid for copies of the proof book ($4) and shipping ($12 2nd day). Once I OK the proofs, my book will be ready and can be purchased at Amazon! Just amazing!
So, my proof copy looks really, really good! CreateSpace has done an excellent job, and they have printed exactly what my PDF files showed. I do need to fix a few formatting issues that I didn’t notice in the PDF files (and typesetting in Word is just awful!) Here are pictures of my ebook and my book…
Both books and bits have their pros and cons, and I expect both will be with us for a long time. I’m just really, really excited to have Counting from Zero as a paperback now. Look for it on Amazon in about a week or so!
ZRTP Published Today as RFC 6189
Posted by Alan B. Johnston in Book, VoIP Security on April 12, 2011
Today ZRTP was published by the IETF as RFC 6189. This is a big deal to me for a number of reasons. Let me explain.
RFCs or Request For Comments are the publications about how the technical details of how Internet works. They go all the way back to the earliest days of the ARPANET, used to share information among a small group of researchers. RFCs are published by the RFC Editor and cover Internet fundamentals such as TCP, IP, and SMTP. My first RFC was one for Session Initiation Protocol or SIP which was published as RFC 3261. Since then, I have published 14 others, but I’m most proud of this one.
ZRTP is a security protocol for providing privacy for VoIP calls over the Internet. It was invented by Phil Zimmermann, who invented PGP (Pretty Good Privacy) for email encryption in the 90’s. When I met him in 2005, he had an idea how to encrypt voice calls and some very rough prototype code. I helped him turn it into a protocol, and wrote the outline of the document that was published today. I’ve been the editor of this document for the past 5 years.
I think ZRTP is the best way to secure voice and video over the Internet. The reasons are a bit technical, but perhaps I’ll attempt explain why in another post. In the meantime, Phil Zimmermann’s Zfone Project web page has some good points in it.
Oh, and there is one other reason why I’m proud of this document – I came up with the name ZRTP. RTP stands for Real-time Transport Protocol. And of course, Z stands for Phil! It was a joke at first, but it kind of stuck.
ZRTP even makes an appearance in my techno thriller novel, Counting from Zero. The protagonist, Mick O’Malley uses ZRTP to ensure that all his voice and video communication is private, thwarting those who would like to wire tap his communications.
It has been a lot of work getting this RFC published, and I’m quite proud of the work. And over the years, I’ve become good friends with Phil, which is a real bonus.
Today I’m going to have a mini celebration – happy first birthday ZRTP, RFC 6189!
The Lecturing Life
Posted by Alan B. Johnston in Book, Teaching on April 10, 2011
Since I love teaching and lecturing, I think it is fitting that the first review of my novel Counting from Zero should come from the Science Editor at Washington University where I teach. My favorite part of the review is this quote:
Counting from Zero brings Dashiell Hammet and Raymond Chandler into the computer age.”
My first experience of teaching was as a grad student at Lehigh University. I was a teaching assistant or TA throughout the four years I worked on my PhD. I didn’t actually teach classes, but I ran tutorials and labs. I enjoyed it a lot and found I was kind of good at it. I used to enjoy the student reviews at the end of each semester. My favorite comment from one student was: “Alan is a chill guy.”
Later in my career, I got involved with Voice over IP or VoIP and Session Initiation Protocol or SIP. As this was a new technology, I needed to help train other engineers at my company. I started running sessions for 25, 50, and even 100 engineers at a time, teaching SIP. My books on SIP came out of this experience.
About this same time, I contacted Washington University in St. Louis and asked if they wanted to hear the latest about SIP and VoIP. I met Professor Paul Min who was in charge of running seminars for the Electrical Engineering Department. Soon, I gave the seminar and started meeting the staff. I did some teaching for other professors when they were out of town. Next thing I knew, they asked if I wanted to teach an evening class the next fall. I said yes!
That was 10 years ago. I have taught a variety of classes but found my home in the Joint Engineering Program with UMSL, the University of Missouri St. Louis. I particularly enjoy teaching in this program because most students have jobs and practical experience. One highlight was developing and teaching a class in Internet Communications. My text book: one of my SIP books!
My teaching style is fairly traditional – I like writing on the blackboard. I’ve also experimented with newer technologies such as Google Wave. My least favorite part is marking HW and assigning grades.
I’m currently not teaching this semester due to my travel load but I can’t wait to be back in the Fall. I miss the energy and enthusiasm of students.
So thank you to Washington University and UMSL, my colleagues and students. Perhaps one day I can teach an Internet security class and use Counting from Zero as the textbook – that would be fun!
Who Do You Trust? Not these Certificates!
Posted by Alan B. Johnston in Book, Security on March 24, 2011
A Digital Certificate
In my techno thriller Counting from Zero one character asks “isn’t it just about who you trust?” It is a key question in Internet and computer security, as well as in life.
One every day example on the Internet relates to something called digital certificates. When we do online banking, enter our credit card information, or login with a secret password to a site, we rely on our web browser to provide us a secure browsing connection – a connection across the Internet that is encrypted in both directions. Our web browser uses digital certificates to ensure that when we do our online banking, we are communicating with our bank, and not some site pretending to be our bank so they can steal our information and empty our bank account. You will see a padlock or other icon displayed to show that the connection is secure.
Certificates are issued by companies called Certificate Authorities. We trust these companies not to issue certificates to the wrong people or bogus certificates. However, apparently that is what has just happened. Here is an article in Network World about it. Bogus certificates were issued for a number of sites including Google, Yahoo, Windows Live, and others.
When a certificate has been issued in error, it is possible to revoke it, so that your browser will no longer accept it. The bad certificates have already been revoked, and good browsers, listed in the Network World article will stop trusting the bad certificates immediately. However, Microsoft has issued an emergency software update to fix an issue in Internet Explorer related to this. If you use IE you should install the update right away, and perhaps consider switching to a browser such as Firefox.
In Counting from Zero, digital certificates and revocation play a part in the plot, relating to the main character’s attempts to fight a botnet, a collection of compromised computers on the Internet. Also, other issues relating to certificates are discussed, including the question: “What does it mean when my browser gives me an error message about a certificate? Should I just click OK?” The short answer is, of course, No!
Another time I’ll write about my personal difficulties in buying and installing a certificate for my book website https://countingfromzero.net. Notice the URL begins with ‘https’. If you click on the padlock on your browser, you can see details of the encryption and the certificate. I’ll also blog another day about a VoIP security protocol called ZRTP that I’ve been involved with that does away entirely with certificates and all these problems.
Counting from Zero 