If you’re reading this blog from within the UCLA residence halls, you probably have installed that mysterious little program called TrustedInstaller.exe, SafeConnect, or PolicyKey, all of which are names for the same program, which I will call PolicyKey. You get this warning, and then download this file. It doesn’t seem to do anything, and yet magically you suddenly have internet access! What happens? How does it work? And most importantly, what does it do?
If you’re like me, you hesitate to install programs unless you know what they do. Well search the internet all you want, and there’s very little information about PolicyKey out there, other than it is the Product of Impulse and is a Network Access Control (NAC) product. What does that mean?
We are blessed with a blazingly-fast on-campus network. We are better than DSL, Cable, or even Verizon’s FiOs offering. We are very fortunate in that regard. Unfortunately, with great speed comes great responsibility, and that means we are also an attractive target for viruses, botnets, and other forms of malicious software. And because we’re all connected to each other, if one person on your floor has a virus, that virus will quickly spread to everyone unless you are protected. A virus that has taken over the network is not only dangerous to you, since it could facilitate identity theft (and take out loans in your name, or worse), but it also slows down, attacks, and damages the university’s network. Therefore it is in everyone’s interest to stop the spread of viruses.
Therefore to use the residential network, you are required to have virus protection software installed. PolicyKey is the method the university has chosen to enforce this.
Here’s how it works. When you access a website, your request to view that document goes through a UCLA server, which checks to see if you are a permitted user of that system. If you are, it lets it through.
If you are not, you will be asked to identify yourself first by logging in with your UCLA username and password. What happens next depends on your operating system:
- If you are running Windows, you will be asked to download PolicyKey. Once this software is downloaded and is allowed to communicate with the Impulse servers, you will be unlocked and have full network access.
- If you are running Mac OS X, you have to download PolicyKey as well, however at the time this post is written it does not enforce anything on this platform.
- If you are running a flavor of Linux (Ubuntu, Debian, Kubuntu, Gentoo, or Red Hat just to name a few) then you do not have to install anything; instead you have to periodically log in every couple of hours.
So if you’re running Mac OS X or Linux, you are up and running! If you’re running Windows, a few more things happen:
- PolicyKey downloads a list of authorized antivirus programs and rules for how to detect them. At the time of this writing the list includes at least Sophos, including the free UCLA-provided edition, McAfee, TrendMicro, EZAntivirus, Symantec (Norton), Panda, AVG, AntiVir, Authentium, Avast, Microsoft OneCare, BitDefender, Kaspersky, SpySweeper, Nod32, and ZoneAlarm.
- PolicyKey also gets a list of required Windows Updates – these include the Windows Firewall and all the latest service packs for the version of Windows you are using.
- PolicyKey checks to ensure that all virus definitions are up to date.
If all of the following are true, it sends a message to Impulse, identifying your computer and the specific antivirus software you have running. Impulse then unlocks your computer and you have unrestricted network access for a while. PolicyKey checks frequently (every second) to ensure that these conditions are still valid, and notifies Impulse if any of these conditions ever fails. Your computer must check in periodically to maintain this access, which is why the software must be running in the background.
So what’s the take-away from all this?
- At no time does the current version of Impulse PolicyKey access or send any of your private files to anyone – not Impulse, not UCLA, not anyone.
- The only things it enforces are antivirus programs and updates. It does NOT scan for peer-to-peer filesharing applications, illegally downloaded software, or non-genuine versions of Windows. HOWEVER, and this is a big disclaimer, this does NOT in any way mean it’s okay to do any of this! It just means you do so at your own risk.
- The rules it is enforcing are common sense. Keep your computer up to date and that helps you. And what’s good for your computer is good for everyone’s computer.
Hopefully this was able to answer some of your questions, or put any suspicions or nagging doubts to rest. Happy safe computing everyone!
Posted in Software, UCLA | Comments (0)
Maybe it’s just me, but I often wish I knew the temperature outside, and maybe the temperature inside too. Not because it is really significant or anything, but just out of curiosity. Then I thought, why not log the temperature so I can graph it over a long period of time and see weather trends?
So I think for a moment, and think… how can I read the temperature? Immediately I think of the Lego Mindstorms RCX and its temperature sensor. So I rig up a program for the RCX that logs temperature values and a Linux program that periodically uploads the datalog, and I have success!
But not quite.
First, the RCX is rather finicky, not to mention expensive. I need to have it plugged in via a wall plug, which means I need to take out the batteries, which means that if the cord is jostled or the power fails, I need to re-download the firmware and the program. It also communicates via IR, so if the sun hits it in the right direction or it loses line-of-sight with the transmitter, the data is lost. Annoying. So I set out to do one better.
My current set-up is available from my room in Saxon, dutifully logging away every fifteen seconds for as long as the computer is running.
So I’m blogging on a time crunch (never a good idea!) so here’s a teaser for next time: I’m using the One-Wire Bus to communicate with a transistor-shaped device over phone wires. A USB->Serial port interface, on a breadboard, provides the PC to one-wire bridge, and a custom program grabs the data and logs it. More to come!
Posted in Hardware, Software | Comments (0)
Hello again… I’m back!
Miss me while I was gone? No? You didn’t even know this was here… how rude!
All kidding aside, as you can see I have revamped my website layout, making it hopefully look nicer, be more functional, and ideally just… work better. Whether or not I attract an audience remains to be seen, but I hope that at least one or two people find me and comment. Getting a legitimate comment out of the thousands of spam comments I have received since creating this blog would seriously make my day.
Please be sure and check out my Jeopardy program that I have put many hours into writing. Leave a note if you like it or find it useful! It’s nice to finally have something I can ‘release’, per se. I find it amusing too that my programming knowledge was to some extent based on creating a Wheel of Fortune game, and one of the first pieces of software I release is… based off its sister show Jeopardy.
What will I write about? Programming could be one thing. But there are already so many good programming blogs, what can be gained from another one? Perhaps nothing. Perhaps a different perspective. Perhaps it will prove useful to some Google searcher who happens to stumble across it and it explains something they were searching for.
But unless you share the interest of programming, talking about remote code injection, thunking, DNS, port I/O, etc. is bound to be dull and uninteresting. Raymond Chen already wrote an 11+part series on scroll bars. Yes, those little things that tell you how far down the page you are. But he can get away with that because, well, he’s Raymond Chen. I can’t.
On one hand I could get quick publicity by making a political rant. I’m sure if posted to the right places I would have a comment thread about as civil as a Thursday-night frat party. but with an even lower collective IQ.
For now though I’m EOW. Going to take a code seven and work on a photo gallery.
Posted in Thoughts | Comments (1)
So, as evidenced by the timestamps, I haven’t updated this thing in a very, very long time. It seems that whenever I start a blog of any kind, I either abandon it, or half my posts are me ranting about how infrequently I update it. Instead, this is more of a personal note reflecting on things I can write about in the future.
Someday, I plan to write a few guides to setting up a linux web server. Things that are less well-documented, or that have taken me ages to figure out. For instance:
- My .prompt
- DNS configuration, self-hosting
- NSS and PAM, and hooking that up to MySQL
- My postfix configuration
- Backup system – automated backups between two Linux servers and a Windows desktop
- Giving a DNS name to a dynamic IP, without using DynDNS or any of those services.
- Secure FTP, as in FTPS and not SFTP. How to set up a server of such a service.
- Server monitoring tools – including a power-usage graph.
- 1-wire bus. Temperature sensors, graphing, etc.
Other than computer-related topics, someday I want to write about all the random, obsure, funny, or awesome things I’ve discovered on the UCLA campus. “Martha’s Garden” to the best views in south campus. For that matter, a history of the hill – the dorms here at UCLA – or a collection of interesting tidbits.
I find I have all sorts of cool projects in mind, and no time to do them, without either my grades, work, or sanity suffering. But I’m sure that’s common to nearly all college students. Oh, and at some point I’d like to learn programming for Mac OS.
And that’s it for now. Signing off from Ackerman, eating lunch right before a final exam. Fun.
Posted in Software | Comments (0)
Isn’t it odd how our brains notice things? For example, I seem to have a habit of looking at the clock at exactly 11:34, which when turned upside-down spells out “hell”. Now do I really have that habit, or do I just happen to notice those times because 11:34 has a (somewhat immature and meaningless) significance?
Recently the MacBook Air computer has caused some issues on airport security: http://www.michaelnygard.com/blog/2008/03/steve_jobs_made_me_miss_my_fli.html
To make a long story short, some ppor traveller missed his flight because the TSA didn’t know that the MacBook Air was a real laptop.
Recently the TSA gave their explanation for the whole issue in a blog post: http://www.tsa.gov/blog/2008/03/apple-macbook-airs-are-cleared-for.html
Basically what happened was that this traveller was simply trying to bring his laptop through security. Quite simple… not a problem. Certainly not intended as an attempt to bring down a plane.
To the TSA agent, however, this was a unknown traveller bringing some odd-looking electronic device through a checkpoint. And if it’s your job to make sure that no dangerous devices make it on the airplane, you sure aren’t going to let an odd-looking device through without further investigation.
Unfortunately for our poor traveller, being pulled aside for a secondary screening, and missing his flight, sure seems like overkill for what was an innocent piece of luggage. But the TSA agent didn’t know that, and if the “device” did end up causing a tragedy, even if he wouldn’t be legally responsible, he’d certainly feel terrible.
So next time you fly, and get hassled by the TSA, remember that they are just trying to keep people safe. And keeping people safe requires that if there’s even a shadow of a doubt that something might be dangerous, it must be treated as a real danger.
Something to think about next time you go to an airport.
Posted in Hardware, Thoughts | Comments (0)
So I migrated servers a long time ago, and never completed moving the database that runs this blog. So for a long time, this has not been functioning. For a looooooong time. Well hopefully I’ll have some time to actually post to this now.
Posted in Thoughts | Comments (0)
Well if you read in Building my first PC, you’d know I was having video card issues – the GeForce 7200 card was running too hot. My case doesn’t get much ventilation down there.
So I bought a Zalman VGA cooling fan, thinking I’d hook it up to the card. A large fan would provide better cooling and be quieter than the tiny excuse for a fan that comes with the card.
It didn’t fit! Despite claiming compatability with the GeForce 7xxx series cards, it didn’t fit the 7200! So I did the most logical thing and returned the video card. The video card? Now that I had a fan, I wasn’t worried about those tiny noisemakers from before. I now have a GeForce 8500 card, with DirectX 10 support, and a nice quiet fan. My graphics performance subscore jumped to 4.8!
All in all, I’d say I have pretty good performance for the price. I still need to run some tests on it (Prime95) and perhaps try overclocking it a bit, provided it doesn’t become too hot or less stable.
Posted in Hardware | Comments (0)
I’ve recently embarked on a mission to build my own PC, which is disappointingly less technical than it would seem. I opted for a middle-of-the-road PC, trying to get the most for my money (ie. no $500 graphics cards, sorry).
I am now typing this on the new PC, it’s up and running. Some specs:
- Intel Core 2 Duo E6400: 2.13 GHz, 64-bit, virtualization support (the OS developer in me is drooling about now)
- Gigabyte GA-965P-S3, 6 SATA, plenty of USB, 3 PCI, 3 PCI-X x1, 1 PCI-X x16, serial port (for OS debugging), high-def audio, up to 8GB RAM.
- 2GB of RAM
- 300GB 7200RPM SATA hard disk
- Antec Solo case, Antec Earthwatts 80+ 380W PSU
- eVGA GeForce 7200 fanless video card
- SATA CD/DVD-RW drive
- 3.5″ internal USB memory card reader
I’ve installed Windows Vista Ultimate 64-bit on this, and so far it’s running perfectly. The provided Intel processor cooler seems to have trouble starting up – the fan takes a while to get going. I have a feeling the motherboard isn’t providing enough voltage until the chip heats up a bit. But the thing idles around 30C, pretty good. The video card is another issue entirely.
The first video card I got was the eVGA GeForce 7600, which was only $20 more at my local Frys. I stuck it in the motherboard and booted up, and was dismayed to find a snake in my computer. The video card hissed like a snake. Try clenching your teeth, opening your lips, and blowing. For me at least, that’s what the fan sounded like. It seems to be because the fan is blowing air through the narrow slats of a heatsink.
Without the fan noise, the computer would be almost silent. Given I didn’t need a super-high-power card anyways, I returned it for the 7200. A fanless card obviously will be silent. And I was pleasantly surprised by its performance, although it tends to run rather hot. But that’s to be expected of something passively cooled.
Vista’s performace statistics are:
- Processor: 5.0
- Memory: 5.5
- Graphics: 3.6
- Gaming Graphics: 3.0
- Hard Disk: 5.7
Because I do also run Linux (now Ubuntu Feisty – sorry Dan!) I made sure to install Ubuntu on it and give that a try. Didn’t have a chance to see if XGL would work, although with an nVidia card I’ve got a chance. Maybe I’ll set up a dual-boot configuration sometime.
My only regret is that the case is shiny – I was expecting a matte black finish. Oh well, it’s good enough and not worth the hassle of sending it back to Newegg.
As for dual-booting, I’ve got a few tricks about that (including how to keep Windows happy) that I don’t see anywhere else on the internet. Expect a post coming up about that.
Posted in Hardware | Comments (1)
It is no surprise to any college student that final exams suck. They don’t just suck, they suck like a heavy-duty industrial vacuum cleaner rewired by Tim “the Toolman” Taylor. Well, not really. Further proof I shouldn’t ever think of being an English major.
The first of my three finals this quarter was for CS 33, the introduction to (MIPS) computer architecture and assembly language. The final had very time-consuming questions on it – not hard ones, just time consuming ones. For instance, I had to find the five errors in an eight-page program. Pure evil, especially when four of the five were near the end!
The next final was the exact opposite – Math 33A, Linear Algebra. I finished in an hour, checked my work, and turned it in. Easy stuff. Which was good considering the final started at 6:30pm and could have gone until 9:30.
Now I have a day off until I get to enjoy the thrill of waking up at the ungodly hour of 6 am to get ready for my final at 8. Differential equations. Good stuff.
Posted in UCLA | Comments (0)