Saturday, December 23, 2006

Biggest Readable AutoID Code ... Ever!

A QR Code printed 36 feet by 36 feet on a banner and hung on the side of a building in Hiroshima, Japan. Image Credit: PlusD Mobil/IT Media, Inc.

Biggest Readable AutoID Code ... Ever!

A new first, and it comes back to the strength and dynamics of the best Auto ID Code created. The Quick Response Code (QR Code) that was first developed by DENSO Wave (a Toyota company) is finding its way around the applications world in many and unique open and closed source application environments.

In this case, this application and display (pictured above) may go down as the World's Largest readable automatic identification symbology EVER ... that is if the Guiness Book of World Records agrees.

This QR Code was created and displayed on the side of a new apartment building in Hiroshima, Japan. Since most of the camera mobile phones in Japan take clear pictures, users can just snap the QR code and read the content with their cellphone.

The information contained in the cameraphone readable display has the URL of the website for the apartment along with other information such as a map and directions to this location.

Directly translated form Japanese to English at Plus D Mobil -

Plus D Mobil/IT Media, Inc.

Recognition of the QR cord/code corresponds at many of camera equipped carrying, the object just is photographed has URL to ahead the notification sight and the feature which can verify various character string informations with carrying. The thought of utilizing also the expedient which can acquire information easily with impact and carrying of the super enormous QR cord/code the leaflet and the television and the newspaper etc in addition to the announcement expedient which has done from the past, liking to do notiifying widely.

As for size of announcement curtain 15.3 (height) ×14.58 (width) as for meter and size of QR cord/code 10.97 (height) ×10.97 (width) meter. The same company makes “size the greatest in the world as the QR cord/code which can be grasped,” is the register application to the Guinness book that it did.

Installation features of enormous QR cord/code

Installation features: The hiroshima city Aki Ku Yanotou 1 Chome wall surface of "[hurorensu] Yanotou gland arc first mansion" and "[hurorensu] Yanotou gland arc second mansion"

Installation period: [hurorensu] Yanotou gland arc first mansion: 2006 December ~2007 year

February schedule: [hurorensu] Yanotou gland arc second mansion septentrional wall surface: 2007 March ~2007 year

May schedule: Information of offer Apartment feature, campaign contents, model room MAP other things
Reference Here>>

Friday, December 22, 2006

Broadly Used Consumer Technologies Driving IT?

"Stuff" from another world - Image Credit: The Economist

Broadly Used Consumer Technologies Driving IT?

"Off the shelf/over the portal" applications made easy ... too easy.

A contributor to SlashDot - fiannaFailMan writes to point out The Economist's reporting on the way consumer-driven software products are increasingly making their presence felt in the corporate world. Some CIOs are embracing the influx while others continue to resist it.

Excerpts from an article in The Economist -

Work-life balance
From The Economist print edition - Dec 19th 2006 SAN FRANCISCO

IN OCTOBER, shortly after taking over as head of information technology (IT) at Arizona State University, Adrian Sannier gave the nod to his contact at Google, the internet giant known for its search engine, and with one flick of the proverbial switch 65,000 students had new e-mail accounts. Unlike the university's old system, which stores e-mails on its own server computers, the new accounts reside on Gmail, Google's free web-based service. Mr Sannier is not forcing anybody to change but has found that the students, many of whom were already using Gmail for their private e-mail, have been voluntarily migrating to the new service at a rate of 300 an hour. Crucially, they can take their "asu.edu" e-mail addresses with them.
----
For Mr Sannier, however, a bigger reason than money for switching from traditional software to web-based alternatives has to do with the pace and trajectory of technological change. Using the new Google service, for instance, students can share calendars, which they could not easily do before. Soon Google will integrate its online word processor and spreadsheet software into the service, so that students and teachers can share coursework. Eventually, Google may add blogs and wikis - it has bought firms with these technologies. Mr Sannier says it is "absolutely inconceivable" that he and his staff could roll out improvements at this speed in the traditional way - by buying software and installing it on the university's own computers.

In the past, innovation was driven by the military or corporate markets. But now the consumer market, with its vast economies of scale and appetite for novelty, leads the way. Compared with the staid corporate-software industry, using these services is like "receiving technology from an advanced civilisation", says Mr Sannier. He is now looking at other consumer technologies for ideas. He is already using Apple's iTunes, a popular online-music service, to store the university's podcasts.

Mr Sannier is ahead of his time because most IT bosses, especially at large organizations, tend to be skeptical of consumer technologies and often ban them outright. Employees, in return, tend to ignore their IT departments. Many young people, for instance, use services such as Skype to send instant messages or make free calls while in the office. FaceTime, a Californian firm that specialises in making such consumer applications safe for companies, found in a recent survey that more than half of employees in their 20s and 30s admitted to installing such software over the objections of IT staff.

Executive toys
Consumer technologies such as IM usually make employees more productive, says Kailash Ambwani, FaceTime's boss, so IT bosses should concentrate not on stopping them but on making them secure. In the case of IM and some kinds of file-sharing, the risks are that viruses or spyware could come into the corporate network from the outside, or that employees could ship vital information outward.

With Google Apps for Your Domain and other software services that are accessed through a web browser, the security issues are more subtle. Since the software and the data reside on the service provider's machines, the danger is of losing control of sensitive data, which is now in somebody else's hands. Most IT bosses find this scary. Not so Mr Sannier. He remembers a picture that Google showed him of one of its data centres burning to the ground; it looked awful. The point, however, was that no users of Google services anywhere even noticed, because Google's systems are built to be so robust that even the loss of an entire data centre does not compromise anybody's data.
----
This trend could cause problems for traditional software firms such as Microsoft, Oracle and SAP. Already, start-ups such as Salesforce.com and NetSuite provide "software as a service", supplying sales-force automation, accounting, payroll and other features via the web. (Marc Benioff, the founder of Salesforce.com, had the idea for his firm while browsing on Amazon's online store one day. Why, he wondered, could business software not be delivered the same way?) Other firms, including Google, provide web-based e-mail, word processing, spreadsheets and databases.

Big companies will probably keep "mission critical" systems in-house. But as everything else migrates to web-based services, software will increasingly resemble the web technologies of the consumer market, says Mr Benioff. Those enterprise firms, such as his own, that follow the lead of consumer-oriented websites will do well in this environment, he argues.

Security concerns, Mr Benioff implies with a wink, are red herrings thrown by ageing IT bosses trying to justify their salaries.
Read All>>

This comment found in reaction to the Slashdot posting -

I can see many companies might have issues with the security of their documents or data being held by 3rd party companies but once that hurdle has been jumped it seems to me to make sense so long as you (the company) can still have the same control you would were you hosting the service yourself.

Really, this is just outsourcing particular aspects of your business to specialists which is something a lot of companies now have a lot of experience in.

For example, the company I'm currently working for - develop software for their own warehouses and distribution network because the success of this directly affects their ability to compete in the market - but they also have a team of people managing their mail servers and providing support for office applications which they could certainly benefit in not doing themselves provided the alternative was cheaper and as effective.

Wednesday, December 20, 2006

Mickey D's Inventive Use Of 2D QR Codes

Image taken from video showing cellphone datacapture from a hamburger wrapper. Image Credit: McDonald's CM

At Symblogogy, we have explored the use of symbologies and cellphone camera technology working together in harmony.

Here is a unique consumer information application which is simple to implement and an effective way to meet a customer's need for information.

McDonald's CM


A customer with a cellphone, programmed to read QR Codes, simply points the camera to the QR Code printed on the wrapper and - Voila! - nutrition information at one's fingertips - quick, simple, and easy ... providing that the catsup (or cheese) isn't smeared on over 30% of the code ... otherwise, the QR Code will reconstruct and it's good to go.

Friday, December 15, 2006

Sick RFID tags - A Real Threat To Systems

When an unsuspecting reader scans an infected tag, there is a danger of the tag exploiting vulnerability in the middleware to cause unwanted actions to occur, which may include infecting the database. This is a photo of the world's first RFID tag identified with a virus. Image Credit: Department of Computer Science, Vrije Universiteit Amsterdam

"Sick" RFID tags - A Real Threat To Systems

Many who work with RFID systems falsely believe that the only threat of virus infection to the computer's programs is through the standard entry points (new program downloads and transference, emails, hackers, and etc.).

A new entry point has been found and at this point, there are no ironclad defenses to this simple act of just "scanning a tag".

Excerpts from the Department of Computer Science, Vrije Universiteit Amsterdam -

RFID Viruses and Worms
By Melanie R. Rieback, Patrick N. D. Simpson, Bruno Crispo, Andrew S. Tanenbaum - Department of Computer Science, Vrije Universiteit Amsterdam

Unfortunately, businesses and governments are not the only ones interested in RFID. Civil liberties groups, hackers and criminals are also keenly interested in this new development, albeit for very different reasons. Civil liberties groups are concerned about RFID technology being used to invade people's privacy; RFID tags enable unethical individuals to snoop on people and surreptitiously collect data on them without their approval or even knowledge. For example, RFID-enabled public transit tickets could allow public transit managers to compile a dossier listing all of a person's travels in the past year -- information which may be of interest to the police, divorce lawyers, and others.

However, privacy is not the focus of this website and will not be discussed further below. On the other hand, we are intensely concerned about privacy in an RFID-enabled world and have built an entire sister website about a device we have constructed, called the RFID Guardian, which could potentially help people protect their privacy from RFID snooping in the future. Those interested in RFID and privacy might want to check it out at www.rfidguardian.org. The website even includes a video of the prototype RFID Guardian in action.

A completely different category of threats arises when hackers or criminals cause valid RFID tags to behave in unexpected (and generally malicious) ways. Typically, computer-bound or mobile RFID readers query RFID tags for their unique identifier or on-tag data, which often serves as a database key or launches some real-world activity. For example, when an RFID reader at a supermarket checkout counter reads the tag on a product, the software driving it could add the item scanned to the list of the customer's purchases, tallying up the total after all products have been scanned.

Here is where the trouble comes in. Up until now, everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify back-end software, and certainly not in a malicious way. Unfortunately, they are wrong. In our research, we have discovered that if certain vulnerabilities exist in the RFID software, an RFID tag can be (intentionally) infected with a virus and this virus can infect the backend database used by the RFID software. From there it can be easily spread to other RFID tags. No one thought this possible until now.
----
While we have some hesitation in giving the "bad guys" precise information on how to infect RFID tags, it has been our experience that when talking to people in charge of RFID systems, they often dismiss security concerns as academic, unrealistic, and unworthy of spending any money on countering, as these threats are merely "theoretical." By making code for RFID "malware" publicly available, we hope to convince them that the problem is serious and had better be dealt with, and fast. It is a lot better to lock the barn door while the prize race horse is still inside than to deal with the consequences of not doing so afterwards.

Real-World Scenarios

To make clear what kinds of problems might arise from RFID hacking by amateurs or criminals, let us consider three possible and all-too-realistic scenarios.

I.) A prankster goes to a supermarket that scans the purchases in its customers' shopping carts using the RFID chips affixed to the products instead of their bar codes. Many supermarkets have plans in this direction because RFID scans are faster (and in some cases can be done by the customers, eliminating the expense of having cashiers). The prankster selects, scans, and pays for a nice jar of chunk-style peanut butter that has an RFID tag attached to it. Upon getting it home, he removes or destroys the RFID tag. Then he takes a blank RFID tag he has purchased and writes a exploit on it using his home computer and commercially available equipment for writing RFID tags. He then attaches the infected tag to the jar of peanut butter, brings it back to the supermarket, heads directly for the checkout counter, and pays for it again. Unfortunately, this time when the jar is scanned, the virus on its tag infects the supermarket's product database, potentially wreaking all kinds of havoc such as changing prices.

II.) Emboldened by his success at the supermarket, the prankster decides to unwittingly enlist his cat in the fun. The cat has a subdermal pet ID tag, which the attacker rewrites with a virus using commercially available equipment. He then goes to a veterinarian (or the ASPCA), claims it is stray cat and asks for a cat scan. Bingo! The database is infected. Since the vet (or ASPCA) uses this database when creating tags for newly-tagged animals, these new tags can also be infected. When they are later scanned for whatever reason, that database is infected, and so on. Unlike a biological virus, which jumps from animal to animal, an RFID virus spread this way jumps from animal to database to animal. The same transmission mechanism that applies to pets also applies to RFID-tagged livestock.

III.) Now we get to the scary part. Some airports are planning to expedite baggage handling by attaching RFID-augmented labels to the suitcases as they are checked in. This makes the labels easier to read at greater distances than the current bar-coded baggage labels. Now consider a malicious traveler who attaches a tiny RFID tag, pre-initialized with a virus, to a random person's suitcase before he checks it in. When the baggage-handling system's RFID reader scans the suitcase at a Y-junction in the conveyor-belt system to determine where to route it, the tag responds with the RFID virus, which could infect the airport's baggage database. Then, all RFID tags produced as new passengers check in later in the day may also be infected. If any of these infected bags transit a hub, they will be rescanned there, thus infecting a different airport. Within a day, hundreds of airport databases all over the world could be infected. Merely infecting other tags is the most benign case. An RFID virus could also carry a payload that did other damage to the database, for example, helping drug smugglers or terrorists hide their baggage from airline and government officials, or intentionally sending baggage destined for Alaska to Argentina to create chaos (e.g., as revenge for a recently fired airline employee).

Some companies with a vested interest in RFID technology have said their software can withstand attacks such as the ones we have proposed. We hope that is the case. These claims would be much more believable, however, if the companies made their software available to universities and other neutral parties for exhaustive testing, along with a large reward (say, $100,000) for the first person to construct a virus that successfully infects it. If no one is able to infect the software after, say 6 months, the claim that the software cannot be infected is a great deal stronger than merely stating it without proof. The nice part of this for the company is that if the software is bulletproof, it costs the company nothing.

Reference Here>>

STOP sneezy, drippy, virus laden tags now!

Suggested research links (the links give more technical detail about possible attacks and how to prevent them) - best viewed in order of listing:

RFID Middleware

Classes of RFID Malware

The Architecture of RFID Systems

Vulnerabilities that Can Be Exploited

How to Write an RFID Virus

How to Write an RFID Worm

How to Defend against RFID Malware

Monday, December 04, 2006

"Touchscreen" ANYTHING

Two or more sensors are attached around the edges of the surface. These pinpoint the position of a finger, or another touching object, by tracking minute vibrations. This allows them to create a virtual touchpad, or keyboard, on any table or wall. The system, called Tai-Chi (Tangible Acoustic Interfaces for Computer-Human Interaction), was developed by researchers from Switzerland, Italy, Germany, France and the UK. "We have made a system that can give any object, even a 3D one, a sense of touch," says Ming Yang, an engineer at Cardiff University, UK, who is coordinating the project. Image From Video - Image Credit: Ming Yang/Tai-Chi Project

"Touchscreen" ANYTHING

Really ... and you don't even need a screen.

"Touchscreen" a plywood board, a plate of glass, a school chalkboard, a field of grass, an icerink, a kitchen sink, a block of wood, and an automobile hood.

Now any surface can be a computer interface surface with the software and microphone sensors used in a system called Tai-Chi which translates to Tangible Acoustic Interfaces for Computer-Human Interaction (demonstration video link below).

So feel free to "touchscreen" for the good ... your whole neighborhood!

This from New Scientist -

Acoustic sensors make surfaces interactive [plus video links]
By Tom Simonite - NewScientist.com news service - 14:22 28 November 2006

A series of acoustic sensors that turn any surface into a touch-sensitive computer interface have been developed by European researchers.

Two or more sensors are attached around the edges of the surface. These pinpoint the position of a finger, or another touching object, by tracking minute vibrations. This allows them to create a virtual touchpad, or keyboard, on any table or wall.

The system, called Tai-Chi (Tangible Acoustic Interfaces for Computer-Human Interaction), was developed by researchers from Switzerland, Italy, Germany, France and the UK. "We have made a system that can give any object, even a 3D one, a sense of touch," says Ming Yang, an engineer at Cardiff University, UK, who is coordinating the project.

A video produced by the researcher shows four sensors attached to a flat, vertical surface, being used to trace a researcher's finger (4.6MB, wmv format). Another video shows a simple interactive instrument developed using the system. The sensors were also used to create an interactive globe that accesses geographical information on a computer screen when the user touches different regions.

'Sonar' tracking

"One advantage of the system is that for little cost you can have a much larger touch-sensitive area," says Yang. "The whole surface of your desk could become your keyboard and mouse-pad."

Tai-Chi uses tiny piezoelectric sensors to sense surface vibrations. The sensors are connected to a desktop computer loaded with software developed by the team and the system can track up to two objects at once, in one of two ways.

One method involves measuring differences in the amount of time vibrations take to arrive at two or three different sensors – a similar approach to sonar. Using this method any surface can be made touch sensitive simply by attaching the sensors.

The other method requires just one sensor and can actually be more accurate – to within just a few millimetres. But this method requires the calibration of the system beforehand, so that it recognises the vibrations caused by contact at different points on the surface. It then uses a database of vibration "fingerprints" to identify the point of contact.

Hygiene

Workplaces in which hygiene is critical, such as hospitals, could particularly benefit from Tai-Chi, says Wang. "Keyboards are very difficult to keep clean and can harbour infection," he explains. "We could have a keyboard drawn onto the desks that would work perfectly and could be disinfected much more easily."

William Harwin, a haptic interfaces researcher at Reading University, UK, thinks Tai-Chi has promise. "It is a very clever idea," he told New Scientist. "The technology is a neat and relatively simple solution to making ordinary objects touch sensitive."

But Harwin adds that users might not find it easy to switch from a normal keyboard to simply tapping on their desk. "People expect a degree of feedback from pushing buttons and switches," Harwin explains. "It is important in giving people a sense of quality."
Reference Here>>