May 2005 Update - Recent Designs


USB Device Lock-Down

Particularly in the corporate arena, controlling USB ports can pose a problem, as large amounts of data can be purloined on tiny pen-like Flash drives, or on MP3 players. Here's a solution.

Its a clip-over USB connector. You take your USB device and you clip the device over the connector. The device is a USB pass-through with a PROM and a microcontroller.

The tiny clip-over connector IDs the USB peripheral on connection as a specific type of USB device requiring a secure device driver. The first time you plug it in, it boots the PIN protected driver and you have to type in your password. The software logs a unique MAC-like ID code and burns it into the PROM on the clip-over device. After this, the USB device will work.

The ID code is held in the PROM and burned once when you initialise the device. Now when you attach the USB device, it registers as the secure device, is validated by checking the code in the PROM, and then registers as the second device (the USB device itself) which the OS recognises and loads the driver for.

The microcontroller and the driver software is effectively telling the OS that the first clip-over device has been attached, then [virtually] removed, then the actual device has been attached, all on one port in a sequence. This is the only circumstance that allows the USB device to work. Until the security device driver has authenticated the device, it is the only USB driver available to the OS. Once authentication has been achieved, all the other USB drivers become available.

The clip-over epoxies in place. Removal destroys the chips. The security software logs the USB device that the clip-over is working with too, so if you cut the cord and splice a new device on, the alarm goes off.

This is the cheapest, quickest solution, and permits only certain devices from plugging into your network. They will need to have the connector replaced to work again in any other PC.

A 'Root Device' PC can be created on the network under ID authentication if someone needs a USB device that will work on both the network and another computer that is not running the security software. This can only accept files from the network under password control, file-by-file.

Client Remote for Home Networks.

Take a bog-standard cut-down Palm PDA and use it as a WiFi linked client to your home network, in landscape mode, with a touchscreen.

Now give away for free a piece of software that allows anyone to configure their PC (or Mac) software to be controlled from the mini-GUI on the Palm. And I mean anything from an obscure scientific app. to iTunes. The Palm becomes a remote control for every piece of software on every PC you have, networked.

So you can use it to play an MP3 file, check (and view your e-mail) and with the touch screen soft-keyboard, reply. From the comfort of your armchair, or WiFi-willing, your hammock.

Other add-on features (TV remote functionality, device interaction etc) can be added. So you stand on your scales to weigh yourself, the scales beam the weight to your Palm network client and your Palm network client passes it back to your spreadsheet software, which shows you a graph on the Palm network client's display of your weight over the last 6 months. It can even have a DECT phone chipset or a mobile phone chipset included.

So the Palm becomes your window on your PCs. A proxy screen and keyboard that you can magnetically mount on the fridge door, slide into a pouch in your armchair, clip on the wall, or sit with in the garden or the bath. In its holster it recharges.

It is only a client terminal, requiring minimal processing, and when it hasn't been touched for a few minutes, goes into power saving. The dedicated GUI builder allows individual apps to have a tailored best-fit GUI configured for them, but any application could be remotely controlled simply by replicating the functional parts of the network computers' GUIs using a scrolling display of their screens on the Palm network client.

Customised Electricity

Inspired by Power-over-Ethernet. When you connect a PSU circuit to the mains, a chipset can originate a handshake that identifies your account to the electricity provider using a companion chipset in the socket, validating via a mobile phone or network connection. So you can use an electrical socket as a pay-as-you-go mains supply to recharge your laptop, or just plug it in. Such sockets would work well in hotels, conference venues, and on public transport.

The original design was for an electric car recharging system, to remove the need to run a cable out and recharge it only at home. Whenever you park in your garage or in a suitable parking bay, you hit recharge. Two metal prongs descend under your car, one on either side, to make contact with pads in the parking bay.

The electronics determines the polarity and a data packet is sent identifying you, so you can be charged for the electric. Then, wherever you are parked, your car can recharge. Just hit 'retract', charging ceases, and off you go. No plugs.

The parking bay pads are entirely safe as the data packet is required to be passed before the charge is delivered, and it is all metered, so there is money to be made by the company installing the pads. Your car can be recharging when you are at work, or at home, or shopping.

A Censorship-Busting Dedicated Anonymous Proxy Server Script

Some unpleasant dictatorial low-life governments block search engines or specific websites as an act of political censorship. A small piece of code hosted by anyone on their website can act like a 3rd-party-hosted website search, but the search request is sent to, and the result received from the 3rd party website server. There is no IP trail to the original site or search engine. Its a dedicated anonymous proxy server function, aimed at allowing unrestricted access to any specific site, whether a search engine, or a political activist site, from an innocuous one.

This could be packaged as a small app. allowing folk to create their own, dedicated anonymising proxy-server script on their website, using scripts to allow functionality on the destination website, and so operating searches or pulling specific data remotely, without any IP or identifying trail. The Pro version can allow password gating and PayPal-style functionality to pay for access.

Using ADSL2 for Urban Phones and Hybrid Phones

Mobile phones that have extensive coverage cost more, as remote antennae must be subsidised. So create a new service that uses the massive spare capacity of forthcoming ADSL2 networks in high-density areas like cities. If your phone is calling from a city to another city, you use a WiFi link to connect the phone to a local ADSL2 landline, use VoIP, and then connect Skype-like at the other end to a compatible mobile. High powered mobile phone antennae are not required, and the service should offer cheaper calls. This also frees up bandwidth on the cellular RF network.

In theory, a lowest-cost Urban Phone could be produced Skyping across ADSL2 lines using a WiFi hop to and from the phones. A hybrid phone could offer both services in one unit.

WebCharts: A New Way to Surf

Every server has some form of logging of the most requested pages, and this logging is often detailed and public, using standardised presentational formats.

A small app. could query these on a daily basis and produce charts of the hottest links on any server (say AOL users pages etc). This beats the datedness of search engines and offers a new way to find stuff.

Free server software could be offered to collate such data in a way users can access as part of the service. So someone could download the app. and every time they go online see the AOL or MSN pages that had the most clicks that day.

A pro version could allow the user to pick and choose: ignoring front pages, picking servers to pull data from, and allowing server-matching for content on thematic grounds. Some servers will have academic stuff, some will have childrens' stuff.

Like a Top 40 chart of internet webpages, but always current. Search engines could themselves offer a 'top 10' of most visited sites in specific categories according to click-throughs, but these would be biassed by the nature of the access, and potentially of less value.

The Ultimate PDA

What are the two big problems with PDAs? The screen and the keyboard. The first kills your battery, the second is either too small to use or too big to keep in your pocket.

So..... the ultimate PDA has neither, just an auto-sensing WiFi link that uses any capable nearby PC/keyboard or TV/remote or even a phone/keypad as a secure terminal. Give the PC software to do this away for free, say to cybercafes and individuals, and work with a PDA company to produce the devices the size of thick credit cards. No display, no keyboard, no stylus. Just a photoconductive surface so when you leave it on your desk in the sun it recharges.

Its a solid state memory device with a processor and embedded OS and works like an RFID. If it detects a WiFi connection looking for such devices, it offers itself and asks for a login code.

Software can run on the device or on the dumb terminal (in a chipset or in software). You can host programs on the terminal but only allow access to them if your device has a serial number for the software, and then you can access your data through the application.

Whilst you use the device, it stays in your pocket or can even be sown into your belt. It can even be used as a secure credit card, interacting with the checkout.

Mobile Device Keyboard

Take the business bits of a keyboard and you have four rows of keys: 1 row of numerals and 3 rows of letters. So with full size, full travel keys, make each of these 4 rows separate, like 4 long pieces of lego. Now pop them in an umbrella case size pouch, and you have a mobile keyboard that assembles in seconds but which you can touch type on, for PDAs, mobile phones, sub-notebooks etc.


Back to Stig's Dump.