Andrew Breese

Musings of a professional geek

Tag Archives: software

Sync Calendars between Lotus Notes, Outlook, and Google

For a while now I’ve been trying to sync my various work calendars, which run on three separate disconnected platforms: Lotus Notes (my current site), Outlook365 (my office), and Google (personal and phone). After trying an open source solution InGoogleCalSync which did half of what I wanted, I found a paid service called AweSync which is darn good – and worth talking about.

Essentially AweSync allows the calendar entries to be sync’ed both ways between Google’s calendar and Lotus Notes. It also syncs tasks and contacts, but I’ve not turned on that feature. The app is clever enough to understand that I have multiple Google calendars, and manage changes between them. The open source app was limited to one-way push, and events could not be edited in both places reliably, but AweSync handles this.

The Outlook calendar sync comes from the boilerplate MS Exchange config on the iPhone which supports contacts, tasks, events, etc. This means that events from my company are two-way sync’ed between Outlook and Google in one calendar, and events from my work site are sync’ed from  Lotus Notes to Google in another, and my third Google calendar is for personal information. I can see all these three sub-calendars now in Lotus notes, can tell by colour which is which, and also see an exact match on my mobile phone. Just like it should be when we try to have a central place to manage meetings and appointments – this small app and the darn large behemoth called Google have provided what I needed.

Awesync was a mongrel to setup due to the locked down permissions on my site computer, which essentially needed to be opened up so that it could run properly. The Support team from Awesync were wonderful, and it was their diligence in assisting me that really helped me decide to purchase it (USD$20).

So I still absolutely loathe Lotus Notes as an email and calendar application, but at least I can now manage my appointments properly.

Thwarting hackers with “honey encryption”?

A Boston Globe blog reported that a trickier approach to dealing with hackers might be a better approach. Essentially make the data messy and it will not be as desirable. It certainly sounds interesting as a concept. Brainiac wrote “rather than trying to block hackers, maybe it’s better to distract them.”

The approach is built into a new piece of software called Honey Encryption, created by Ari Juels and Thomas Ristenpart, and it works on a simple model. After hackers steal a trove of encrypted data, they hunker down to crack the code. It can take them thousands of tries before they’re able to guess the right cryptographic key, and Honey Encyyption makes them pay for each failed attempt.

Each time hackers enter the wrong password, Honey Encryption adds a piece of fake data to the dataset—by the time hackers finally get access to the data, it’s swimming with so many fake credit card numbers, for example, they’ll have no idea which ones are real.

Pardon? I think the readers might be missing a key aspect of the information here. This is a very specific circumstance and very unlikely frequency where this is plausible.

For this approach to work the “honey encryption” software needs to be running with the stolen data-set.  In fact it is unlikely that the data would be stolen at all, rather it is being attacked on it’s normal infrastructure. Frequently when data is stolen the database itself is extracted on mass; the encryption used on the information in the database is broken later. A hacker is not going to willingly run an application which does Honey Encryption on the data they are trying to hack. Is the assumption that the software for accessing the encrypted data is somehow packaged with the data in the DB? Huh? No! This means that for the times where the hack attempt is happening on the system live this approach might work, but otherwise it does not apply.

The same software could also alert very quickly to the admin teams that a potential attack is in progress too. This is the approach taken with the “honey words” concept, where a dataset is setup with a number of “deliberately bad” datasets for each user account so that when the hacker tries to decrypt the data an alert or action is triggered. That makes a heap of sense.

So this approach adds junk data into a live system to increase the ratio of bad data to good data for when it gets stolen? Yes, and as long as the good data is not altered by the “honey” then the end user is not affected, but the system owners can know of a potential exposure. Interesting.

Refs:

How to almost sync with BitCasa mirrors

BitCasa is a free cloud backup tool, which has a basic mirroring function for files that you want to be automatically backed up into the cloud instead of scheduling a backup. I was looking for a replacement for SugarSync’s folder synchronisation feature, and BitCasa’s functions are close but not really there yet. It seems that they have a beta app which is based upon bittorrent, but again not for a live sync.

Aside – the BitCasa cloud solution is pretty neat. I’m impressed by what they offer and their price point. The paradigm that it uses is not an attached storage volume really, but more like an external drive which happens to be on a remote server. That drive is almost read-only to your machine, and certainly read only from any other machine that tries to access the files. It is cloud backup, not a sync service.

This is the scenario:

Initial setup was a folder on my laptop and desktop were set to always be kept in sync. This meant that files were always kept in reasonable sync, and I didn’t have to worry about manual copying or a scheduled copy which I might forget.

Now what I have is a folder on each location which are both copied up into BitCasa’s servers (yes, up into that fluffy white cloud of absolute trust). The difference is that each machine is used for slightly different things, so that what I do on the laptop generally isn’t used on the desktop. The sync is for emergencies, so it might work.

The trouble is that each machine uploads the selected mirrored folder into a separate space in that cloud, and the two areas are never sync’ed together. I’d love them to, but for the purposes of having my files backed up somewhere, this is enough.

When it comes to wanting to use one of the files which is on the other machine’s backup it needs to be copied back down to the new machine and stored. Just like an offsite solution, you don’t go editing the back-up tape. Now that I get the mindset, I don’t mind so much. If something exceptional happens in the file-sync space I’ll probably post it here, but till then BitCasa will get a bit of playing around.

Happy backups.

Instapaper, a darn handy reading app

Image representing Instapaper as depicted in C...

Laura put me onto a darn handy app for bookmarking and reading content, especially when I find something that I want to read later. Instapaper. You mark content using a widget in the browser, or (I think) send yourself notes, and then the app downloads them locally.

This way I can keep a small smattering of scintillating summaries, and devour them at my pleasure. iPhone and web versions, with all sorts of goodies that I’m still finding. Thanks Laura.

%d bloggers like this: