The Refresh Orlando Heirs

A candle, consisting of an internal wick and a column of solid fuel, illuminates the surrounding area. Due to the invention of modern equipments used for illuminating the surrounding, candle is not an essential product for this purpose. But the demand for candles has gone up as a work of art. Different varieties of candles have flooded the market. The candles are of different colors, aroma, and shapes.

The making of a candle involves various equipments. Paraffin wax, melting system, candy thermometer, and scales to measure the amount of water and wax are required. Ladle and spoons are used for stirring and pouring wax. Chemically treated wick that burns for a longer period of time are used. Since wax is soft, stearic acid is used to make it solid. Color dyes are used to make the appearance brighter.

It involves a very simple process to make the candle. Suspend a wick in the center of a mold. Dissolve stearic acid and color dye in a container and heat the wax to 190 degrees. Combine the stearic mixture with paraffin and stir it continuously to blend it. Pour the mixture in a mold, allow time for it to cool and then remove it from the mold.

Acquiring a gel candle has now become a fashion. You can prepare it easily at home. All you need to get are a container, gels, pans, wicks and the basic necessary items. While selecting containers, it is best to use a heat resistant glass. Gel wax, paraffin, candle scent, dye, wick, wick clip, and wick base are the other requirements. Different colors can be mixed together to form a new color according to your taste. The oil based liquids; pellets and wax solids are the sources of scent. The scent has to be added before pouring the candle to avoid evaporation.

Items like buttons, marbles, toys and jewels can be added in the candle. Avoid inflammatory items. Candles are used for various reasons. They are used in almost all the religions. The candles represent the light of God in Christianity. Candles are lit at the start and end of the weekly Sabbath celebration. For Kwanzaa and for other reasons of humanism, candles are lit. Thus, the candle not only serves illuminating and decoration purposes, but also serves religious causes.

Sharon Albright is the owner of Candle Making Site. Read more articles on candle making and visit her recommended resources.

The Monster Mash
The Graveyard Smash

Have you heard of the Monster Mash? I suppose you know the story of how it came to be, right? Well, I’m here to tell the TRUE story to you.

It sarted out late one night, when all monsters where out of human sight. Then a tune started playing and I jumped from fright! The monsters appeared! What an eerie sight!

They were movin’ and a grovin’! Rockin’ and a rollin’! There was no way to stop this party, except to say “Do the Mash!”

As soon as I did everyone stared! Frankenstein and Dracula said “The Mash?” So I explained, “Yeah, you know? The monster Mash? THe graveyard smash? Please tell me you know the Mash!”

“Um…” all the monsters replied “no.”

Then I taught all the monsters the Mash! We were dancing for six hours straight!

It was such a delight that I go everynight! Sometimes I even invite my human friends!

Last night there was a huge surprise. We found out that the swamp monster from the Black Lagoon was also doing the Monster Mash! So if you see Piranha’s jumping around they are just grovin’ along with the music!

The dance has become so popular that their is now a song!

Last time I went dancing the Coffin Bangers came! They’re the best ever! Of course you won’t believe me until you here them!

Wolfman, Dracula, and his son came! So did many others, including ghouls and zombies. Next time you should come!

Well, if your monster fiend ever needs some dancing help come straight to me! Some where inside him he knows the Monster Mash!

Now the question is….

DO YOU??

I wrote this when I was 11 and was wondering what you thought of it? I think there are some places where I want to change things, but I won’t. When I wrote this I was happy with, so why change it now?

What do you think of it?

Are you sick and tired of paying too much for your HP C4182X high yield hp c4182x toner cartridge?

Your maximum capacity, HP LaserJet 82X Ultra-precise print cartridge is designed precisely with HP LaserJet 8100 and 8150 Series printers, for optimum quality and reliability.

The ultra-precise cartridge advancements ensure breakthrough quality and usability.

Step-by-Step “How-to-Remanufacture the HP C4182X” Instructions:

Let’s get straight to the point, no beating around the bush during this lecture.

First, you will need the necessary Tools & Supplies Required:

Tools & Supplies Required:

•Phillips Head Screwdriver (tool)
•Small Flat Blade Screwdriver (tool)
•Small Hammer (tool)
•Needle nose Pliers (tool)
•5/32” Drift Punch (tool)
•Anhydrous Isopropyl Alcohol (supply)
•Soft Lint Free Cloth (supply)

Here you will also be provided with the OEM (original equipment manufacturer) information:

HP 8100:

•Part Number - C4182X (high yield)
•OEM Gram Load - 1100 grams
•Yield @ 5% coverage - 20,000 pages / min:32
•Resolution - 1200dpi (dots per inch)

Below are your 20 easy steps to know how to remanufacture your HP 8100 LaserJet C4182X toner cartridge.

Step #1:

•Find and remove the cartridge clip on both sides of the cartridge using a small thin flat screwdriver. Gently pry up on the clip until it pops up then pry the other end away from the cartridge gently while working the clip in an upward and downward position.

Note: It is very likely that these clips will break while they are being dismantled. If these happen to break, simply replace the clip with an aftermarket part. You may need to re-use the springs from the OEM (original equipment manufacturer) clip.

Step #2:

•Using a hammer and punch knock the two locking pins inward until they fall inside.

Step #3:

•You can now separate the two halves of the cartridges. Simply remove the locking pins from inside (the longer pin goes on the large drum gear side).

Step #4:

•Set the toner hopper aside. If you happen to have a waste hopper fixture, set the waste hopper in it. If not, place the hopper on your work area; drum facing upward with the large drum gear facing you.

Step #5:

•The drum axle is a metal rod that goes through the center of the drum end to end. Using a drift punch and a hammer, tap directly on the shaft (larger gear end) and drive it toward the other end.

Note: On the larger gear end of the axle is a small white plastic retaining ring. Make sure you don’t lose the retaining ring. The ring fits into the groove on the drum shaft to hold the shaft into its proper position. Continuous removal will wear this ring and it will no longer snap into position. If the ring does snap, replace it.

Step #6:

•Rotate the hopper at 180 degrees and pull the drum axle the rest of the way out. Then remove the drum from the waste hopper. If you intend to re-use the drum, wrap it in a protective paper or cloth and set it aside in a dark, protected place.

Step #7:

•Remove the primary charge roller from its clips, clean it with a soft cotton cloth and set it aside for now. Clean the PCR saddles with a cotton swab and alcohol.

Step #8:

•Remove the two Phillips head screws holding the wiper blade and remove the blade. Be careful not to break the plastic positioning posts or lose the two white plastic washers. Empty out the waste hopper and clean it with a vacuum or compressed air.

Note: Be careful not to damage the recovery blade or foam seals, only
replace it if necessary.

Step #9:

•Now you can either replace or clean the wiper blade and reinstall it at this time. Clean the PCR with a soft cloth and reinstall it. Place the drum in the correct position and reinstall the axle and the white plastic axle ring.

Step #10:

•Set the waste hopper aside for now. If you have a toner hopper fixture, place toner hopper inside or place toner hopper on your work area.

Step #11:

•Remove the two screws holding the end cap on the gear side of the toner hopper. Depress the small plastic clip and slide the end cap off.

Note: The position of the gears is for reassemble.

Step #12:

•Swivel or turn the cartridge around. Remove the two screws that hold the end cap on and remove the cap by depressing the small plastic clip.

Step #13:

•Lift out the mag roller. Remove the mag roller stabilizer, mag roller sleeve bearing from the non-gear side of the mag roller.

Step #14:

•Remove the two longer silver screws that hold the doctor blade and lift it out.

Note: Be very careful not to break the plastic alignment pins or lose the two small springs behind the doctor blade.

Step #15:

•Deposit the remaining toner from the toner hopper and vacuum or clean with compressed air. Clean the magnetic seals with vacuum or compressed air. Clean the toner sensor bar lightly with a cotton swab and alcohol. Be careful not to bend the bar.

Step #16:

•At this point, if you are not going to seal this cartridge, you can fill it with toner now through the mag roller opening. Then proceed to the next step. If you want to split and seal the toner hopper it must be done so, along the weld line.

Step #17:

•After splitting the hopper and installing a gasket seal add the toner through the fill plughole and reinstall the plug. Use rail clips or hopper clips to re-attach both pieces of the hopper back together, being careful of correct alignment.

Step #18:

•Put the doctor blade back on with the two silver screws and the blue plastic tab on the right. Clean the magnetic roller with compressed air or ma roller cleaner and carefully reinstall in the hopper with the drive gear to the left.

Step #19:

•Now reinstall both end caps with their screws. Note: the magnet inside the magnetic roller must be in the proper position to align with the “D” cut-out on each end cap.

Step #20a:

•Hang in there, you’re almost done. For the final assembly, position the waste hopper and the toner hopper against each other and install the locking pins and clips. Note: The long pin goes on the large drum gear end.

Step #20b:

•Test the cartridge.

Congratulations, you have successfully completed the process on how to remanufacture your own HP 8100 LaserJet toner cartridge.

In description of, Joseph Mercado is known as The Internet Marketing Tyrant. He specializes in the consumable market involving studies on toner cartridges.

http://www.inksecrets.com

Once in the air of a long flight, the attendant informs the passengers that the “use of electronic devices is no longer prohibited”. To pass the time, I decide to pull out my laptop to finish off some work. Normally, I like to use flights for catching up on some sleep, but today I wasn’t feeling very tired. Relying on my laptop battery, that was fully charged the night before, I proceed to catch up on some overdue business. In this midst of one of my many thoughts, something far more tragic than an oxygen mask falling down happens… or at least more tragic at that moment… my laptop battery dies.

My first reaction was to look around for the nearest outlet, only to remember that I am on an airplane and airplanes do not have outlets. I try to reboot, hoping that it was simply a glitch of some sort, but no such luck. Now what? I am left staring at a blank screen with a powerless laptop. As I browse about the cabin, I notice that there are many other businessmen continuing to work on their laptops. One man in particular is using a similar laptop — a model close to the powerless thing sitting in front of me. Why has his battery lasted longer than mine? Surely we have the same brand of battery, and I am pretty sure that mine is practically new. I sit there for a moment looking around with a baffled and confused look on my face. Now, I am left to endure the rest of this flight thinking of how I could have prevented this.

Of course I do realize that it was not the end of the world. My battery dying did not cause any serious damage. None the less, I was reminded of an important lesson. Always be prepared! One never knows what could happen next, so it is always good to have some types of back-up plan. When it comes to batteries, not all batteries are created equal. Some batteries will simply last longer than others. I have a few friends that like to store extra batteries in their refrigerator. I personally find this a bit extreme and silly, but they will swear that their batteries last longer. I don’t know if this type of storage truly aids in longer life for the batteries, but I do know this. Life is unexpected and so are electronics. Next time, whether is it having extra batteries or not, I am going to do my best to be better prepared.

As an avid user of my laptop, I heavily rely on my battery to work when needed. When shopping for laptop batteries, I find that http://www.ebatteriestogo.com is a good source for all my battery needs.

Backing up your data should be an essential part of your daily routine. Unfortunately for many businesses this simply isn’t the case. The only time data backup crosses their mind is when they have a hard disk crash or a serious spyware or virus infection. Unfortunately by this stage it’s already too late to do anything about it - the data is gone and you’re then looking at several hundred, if not several thousand, dollars to have the data rescued and restored.

The concept is simple - choose a data backup plan and stick to it.

The burning question on most IT managers minds is should the data be stored locally or remotely? To be fair this is the pivot point of all data backup plans. There are pros and cons to each method.

Local Data Backup

Most companies rely on either DVD, external hard disk or tape drive data backup solutions locally. These provide fast, cost effective storage for most small companies and are also very easy for even the IT novice to operate. In the case of any data being lost it’s simply a matter of restoring the data from a previous backup point and the user can then continue working.

The data, however, is only as safe as the building it’s in. What happens in the case of fire, burglary, flooding or storm damage? That’s right you just lost all your data backups in the blink of an eye.

Remote Data Backup

As an emerging industry remote data backup has really taken off. Most commonly remote file backup services allow you to log into a remote drive and via a web based interface upload all your critical files. 5GB of storage space is the entry point for most of the remote data backup services and this is provided at a low cost. Knowing that your data is being stored in a secure facility that’s deliberately protected against harm allows you much greater peace of mind.

The weak point here however is the data transfer speed. Unless you’re operating a high speed LAN in your company then remote backup can be a complete waste of time as you’re tied to the maximum upstream speed of your network - which can be surprisingly slow depending on your IT infrastructure. Add in the issue of firewalls blocking uploads on certain ports and it can quickly become a real IT headache.

So how do achieve a Win-Win scenario? Blended backup! Look at utilizing both of these forms of backup. In an ideal world you’d store a local copy of your data and then upload an exact copy of that data to the remote file backup server. If money is an issue then store your bulk data locally but copy your mission critical data to the remote backup service. That way in the worst of disasters you’ll still have the data you need to actually function as a business. That’s not to say that bulk data such as archived email is not important but that old data could be recovered in time by a data recovery specialist whereas you mission critical data needs to be available at a moments notice.

This article was written by Niall Roche and provided courtesy of BackupAdvice.com If you want to know more about computer backups this site is full of useful information.

Whether you realize it or not, there’s a quiet little battle
raging on your computer. In one corner you have your faithful
PC; in the other are malicious agents such as spyware, adware,
malware, viruses, worms, and Trojans. Since the victor of this
battle will decide who really controls your computer - use these
5 ‘Spyware Fighting’ tips to make sure you win the battle!

Spyware and adware are becoming major problems for online
surfers and PC owners. Some highly respected sources such as
AOL, Earthlink and Webroot place the rate of infection at 80-90%
of all computers. Granted, some of this percentage is taken up
by relatively benign tracking cookies, but other types like
keyword logging, system monitors, worms and Trojans present a
major threat to your privacy and may even do serious damage to
your computer.

With the occurrences of Spyware increasing daily, chances are
high that you will be going into battle against Spyware very
soon - so if you need a battle plan - Try these 5 Tips:

1. Go on the offensive. Fight spyware before it even
arrives on your computer. Make sure you have a good ‘anti-virus
software’ program running on your PC. Many ISPs (Internet
Service Providers) now offer anti-virus programs or even
purchasing a commercial product is to your advantage. Get a
program or product that is regularly updated to fend off the
latest viruses, adware, worms, trojans and spyware.

2. Put up a Firewall. A Firewall should be one of your
first lines of defense against spyware. A Firewall is simply a
system or gateway designed to prevent unauthorized access to
your computer or network. Check out www.zonealarm.com, they
provide a free Firewall for individual users. Download their
program and place it on your PC.

3. Don’t open Emails and Attachments from people you don’t
know. Use common sense, DON’T open any emails from people
you don’t know. Especially, do not open any Attachments until
they are scanned for spyware and viruses. Many mail servers will
do these scans for free.

4. Keep Your Operating System Up to Date. Be aware of
what’s on your system - do regular spyware and adware scans to
see exactly what’s on your computer. Know your machine! You may
be horrified to learn someone may be monitoring your every
‘keystroke’ and every ‘image’ you’ve viewed on your computer. So
scan regularly and also make sure you download the newest
updates from your Operating System; these often contain patches
or fixes for serious breaches of security of your PC.

5. Back-up Your System. If all the above steps fail,
nothing is foolproof, any computer that uses the Internet can be
hacked, so you need to back-up your important data. You can use
floppy disks, CDs or use a second computer that’s not connected
to the net just for storage or back-up of your sensitive
data/programs. An inexpensive notebook computer can be used to
make daily/weekly back-ups of your vital data and programs.

In conclusion, the best defense against any spyware is a strong
offense. Be prepared, be aware, but most of all, be
battle-ready: have a system in place that will nuke these
spyware agents before they even reach your computer. Choose your
weapons carefully, be merciless, be thorough and take no
prisoners! This is one battle you can’t afford to lose.

Implement and Use these 5 helpful ‘Spyware Fighting’ tips and
the Victory is yours!

Pakistan did the USA a favor recently …

All they got for it was a surprise rocket attack on their own soil.

The situation is well-explained by London’s Sunday Telegraph in its 29 Jan 06 edition:

Pakistan ‘delay let bin Laden escape US raid’
By Massoud Ansari in Karachi (Filed: 29/01/2006)

“Prevarication by the Pakistani government cost America the chance to kill Osama bin Laden in an airstrike near the Afghan border two years ago, the Sunday Telegraph has been told.

“A CIA lead that the al-Qaeda leader was hiding in a remote province was squandered because the Pakistani government delayed giving permission for the attack on its soil, according to a senior Western diplomat …

“By the time US officials got the go-ahead, bin Laden had left the suspected hideout in Zhob, in the Baluchistan province of south-west Pakistan.

“The near-miss was cited by the diplomat as the reason why America chose not to consult Islamabad before the US missile strike in Pakistan’s Bajaur region two weeks ago. The January 13 attack, prompted by a tip that bin Laden’s deputy, Ayman al-Zawahiri, was hiding in a local village, killed 13 civilians.

“According to his account, which was backed by sources within Pakistani intelligence, the CIA picked up electronic traffic suggesting that bin Laden and his bodyguards had sought temporary shelter in Zhob, which is dominated by Pathan and Baloch tribesmen sympathetic to al-Qaeda and the Taliban.

“Fearing that a commando raid would cause massive casualties to both sides, with no guarantee of success, the US decided to launch a strike by laser-guided missiles, fired from Predator drones.

“If he was in Zhob at the time it would have been the first known occasion that he had been firmly in America’s sights since his escape from Tora Bora in Afghanistan, where he slipped through a cordon of US troops in 2001 …”

Coincidentally, another article appeared in that same edition of the Sunday Telegraph which underscored the effect bin Laden’s words can have:

Author shoots from obscurity to infamy after plug from bin Laden
By Philip Sherwell (Filed: 29/01/2006)

“To William Blum’s surprise and apparent disappointment, he found that his name had not been added to the US ‘no-fly’ list when he travelled from his home in Washington DC to Ohio last week to deliver one of his frequent anti-American lectures on a campus.

“Mr Blum is revelling in what he calls his ‘15 minutes of fame.’ To many of his compatriots, that should read 15 minutes of infamy after Osama bin Laden declared that he was a fan of the previously obscure Left-wing author and virulent America-basher.

“The 72-year-old writer admits he was delighted by the plug for his book, Rogue State: A Guide to the World’s Only Superpower, in the Saudi terror mastermind’s latest taped audio message. After bin Laden’s recommendation, the book soared from 205,763rd to 26th place on Amazon.com’s list of most-ordered books. ‘I thought I might have ended up on the no-fly list after that. Anything is possible in this country today,’ Mr Blum told the Sunday Telegraph, perhaps over-estimating his importance in the eyes of the US authorities. But he is strikingly honest about his new-found notoriety.

“‘I am not at all sorry to have been mentioned by bin Laden,’ he said. ‘In fact, I’m pleased. I’m part of a movement whose goal it is to slow down if not stop the American empire from what it’s doing around the world …’

“In his taped message, bin Laden recommended that President George W Bush read Mr Blum’s Rogue State, a sharp critique of US foreign policy.

“The al-Qaeda mastermind then quoted an extract in which the author wrote that, if he was president, he could stop terror attacks against the US permanently by apologising ‘very publicly and very sincerely, to all the widows and orphans, the impoverished and the tortured, and all the many millions of other victims of American imperialism.’”

Mr Blum’s agenda notwithstanding, the best thing that happened to America’s war on bin Laden is that they didn’t kill him. Anyone cognizant who has ever been even remotely exposed to the culture of bin Laden’s target audience knows that his words would have a tenfold impact if he became ‘martyred.’

If he can raise a fringe author’s book almost 200,000 places in Amazon’s world with a simple utterance, think of what would happen if his words became ‘finite’ by his demise. The term ‘exalted’ comes to mind. Their inspirational impact would be hugely amplified by the fact that he, too, died for his cause, just like he’s urged his followers to do.

In their unilateral and so-called ‘war on terror,’ the USA has spent billions of dollars on revenge and the toppling of a dictatorial blowhard. The opposition has only spent thousands but seemingly has not lost much ground (Afghanistan and Iraq are still in relative states of anarchy, after all); they are fueled by the charisma of a man who, as I’ve said before, is nothing more than a common criminal who has wrapped himself in an extreme fundamentalist cause and then been elevated to celebrity status by his mighty adversary.

I don’t think the USA can afford to kill him. They need to capture him alive. He never was the terrorist mastermind of al-Qaeda, he was only the banker and the face to their cause. Having him at large until he’s captured is not going to significantly alter any of their activities. Only if bin Laden’s empty agenda is exposed by being formally brought to justice will there be any chance of effectively revealing his true colors as a charlatan. There needs to be the ultimate occasion where he can be reviled by the true keepers of Muslim faith for perverting their religion. Only in a court of law can this happen, and if it comes to pass, it will happen.

So, thank you, Pakistan, regardless of your operatives’ motives.

J Square Humboldt is the featured columnist at Longer Life’s website, which provides information designed to improve the quality of living. He’s at longerlifegroup.com/cyberiter.html

Introduction

In the 21st Century, information is being exchanged electronically at an ever-increasing rate. Financial markets, commerce, and communication between citizens of all nations are utilizing the Internet and proprietary networks to exchange sensitive information. In pace with this trend are those rogue persons increasingly intercepting this information or supplanting it with misleading or erroneous messages. To continue effectively in this space Java developers should be aware and capable of building components and architecting systems based on a reliable technology that can fit within a secure environment. An available technology for securing facets of systems is Cryptography.

Background

Sun recognized that their Java programming language was being used to develop e-commerce systems. To address the requirement for secrecy they offered the JCE to the Java community as a downloadable API from their website. When Sun acknowledged that systems were increasingly using this API, they bundled it with the SDK in 2002.

The JCE is a pluggable technology. Sun defined the JCE interface but the technology is quite flexible; it allows different entities to provide its implementation. This facility was largely motivated by the fact that cryptographic products are under US federal export controls. The US government maintained that cryptography products are “weapons” and mandated that they fall under federal export controls.

The strength of a JCE implementation is largely dependant on the key sizes that it supports. Sun’s standard JCE implementation currently shipped with the SDK is in compliance with the US’s export controls. This means any Java system utilizing Sun’s JCE implementation can be exported outside the US. However, the cost of using this implementation means a reduction of the Java system’s strength. The beauty of the JCE is that it is possible to develop a system honouring the JCE and plug in a stronger JCE implementation. One such JCE implementation is Cryptix[2], an open source solution being maintained and developed by developers from The Netherlands and around the world. The Cryptix solution is useful since the code is open, has an active community, and has deep experience writing cryptographic software.

Before a developer can take advantage of the JCE it is useful that he understand the technology on which it is based. To this end the document will establish a few definitions and continue with a disclosure of cipher systems and protocols. These will aid the reader with understanding the JCE as well as other documents related to cryptography.

Definitions

Secret Key: A secret piece of information which is shared by two parties and used when securely exchanging information. To be effective the secret key is smaller than the information to be shared. It is used in conjunction with a cryptographic algorithm to encrypt or decrypt sensitive data.

Encrypt: The method of scrambling information to secure it against onlookers. Encryption is used with a secret key that is known only by the sender and receiver of the sensitive information.

Decrypt: The method of descrambling information from a previous encryption. Decryption requires the knowledge of a secret key.

Cryptographic Algorithm: Method which describes how a secret key is utilized to encrypt or decrypt information. It is also known as cipher.

Plaintext: The information to be secured.

Ciphertext: The scrambled information after an encryption process using a cryptographic algorithm and a secret key.

The JCE includes an assortment of cryptographic algorithms to perform encryption and decryption. Assuming a correct implementation, the greater the size of a secret key supported by an algorithm, the more secure an algorithm can be made. Cryptographic algorithms are used in the context of two systems.

Cryptographic Systems

There are two systems used in cryptography: symmetric and asymmetric (or public-key). Symmetric cryptography deals with keeping information secure with a single key; whereas asymmetric cryptography can secure information utilizing two keys. In the case of public-key systems, information is secured with a publicly known key and decrypted only with the secret private key.

Symmetric cryptography has the advantage of being fast. The operations it performs are transposition and substitution; which can be effectively expressed in hardware or software. The problem with symmetric cryptography is that its secrecy relies on the privacy of the shared key. An example of a symmetric cryptosystem would be one utilizing the DES (Data Encryption Standard), Blowfish, AES (Rijndael)[3] algorithm.

Asymmetric cryptography requires two keys (one to be kept secret, and another which can be publicly known). This scheme is superior to symmetric systems because it can facilitate secure key exchange and authentication, but it does so at the cost of slower processing times. Public-key systems use hard mathematical problems for the basis of their security.[4]

With these two systems various cryptographic protocols can be expressed and utilized for sharing secrets.

Cryptographic Protocols

In line with other security texts the author will use the characters Alice, Bob, and Eve. The first two are representative of systems that want to engage in a secure information exchange. Eve represents an entity who wishes to intercept sensitive information or to pose as Alice or Bob.

Consider that Alice and Bob are both intelligence operatives. Alice wants to give Bob the coordinates of a valuable witness who is in a safe house. The witness must show up in 8 days to testify at a court in The Hague. Unfortunately both are on different continents: Alice lives in Toronto and Bob is located in Holland. Alice does not want anyone else, like Eve, to find out where the witness is located, because Eve would surely divulge the location to the Mafia – the organization against which the witness will testify. Eve is also interested in thwarting Bob’s attempts to find the witness and will do whatever it takes to push him off course. Alice and Bob each have the use of the Internet and access to a Java development system, including a full strength implementation of the JCE.

Alice and Bob are knowledgeable in cryptography and Java development. Over an insecure means Alice and Bob determine they will use the Rijndael algorithm to scramble their information[5]. The next step is for each to consider a protocol with which both will use to securely and effectively exchange information.

Simple Symmetric Protocol

Alice may choose to use the simple symmetric protocol. It requires that Alice and Bob establish a secret key with which the location can be encrypted. The two need to somehow agree upon the secret key in a secure manner- like in a private conversation, for example. The steps to accommodate a secure exchange using a simple symmetric system would be:

1. Alice would type the witness’ location into a simple text file using an editor.

2. Alice would use the Rijndael cipher from the JCE to scramble the text file using the secret key agreed upon with Bob.

3. Alice would send the output of step 2 to Bob using email.

4. Bob reads his email, expecting a scrambled bit of text from Alice, and uses his JCE decryption Java program to descramble the text using the secret key agreed upon with Alice. Bob would now have the location of the witness.

Simple Asymmetric Protocol

In the previous situation Alice and Bob needed to agree upon a secret key for their secure communication in person. However, in most circumstances it is not possible to establish the secret key. In fact, since Alice and Bob live in different countries it is unlikely that physically meeting up with one another is feasible. In these situations asymmetric or public key systems excel.

A public key system works in the following manner: Alice and Bob each have two keys, one of which is secret to themselves and the other which is publicly known. The publicly-known key is registered with a trusted entity. The property of a public key system is that the sender can encrypt a message using the intended recipient’s public key, and the only key which can decrypt the message is the recipient’s private key. Each person keeps their private key to themselves.

In our example Alice and Bob establish their public and private keys on the first day of their job at the intelligence agency, a trusted entity for both. The following describes the protocol undertaken for Alice to securely share the location of the witness to Bob.

1. Alice retrieves Bob’s public key from a trusted source, from Bob himself or their employer. (It is important that the public key be gotten from a trusted source – or else Alice may inadvertently encrypt the location with Eve’s public key).

2. Alice types in the location of the witness in a text file and scrambles it using Bob’s public key

3. Alice sends the scrambled text file to Bob using his email address.

4. Bob opens up Alice’s email and descrambles its content using his private key, which no one else knows. The location of the witness is revealed.

In this protocol an asymmetric cipher is required – such as RSA or ElGamal, two standard public key systems. Alice and Bob decide to use ElGamal.

The problem with this scenario is that the processing cost of securely exchanging information is high. Asymmetric systems are much slower than its symmetric counterpart. For high volume systems this is a real problem for CPU-restrained systems. For example, if Alice wanted to send a world map of the witness’ movements the process would be quite slow for both Alice and Bob. A truly beneficial system would be one where Alice and Bob can securely agree upon a secret key through an insecure informational channel, without fear of Eve. With the established secret key Alice could scramble the sensitive map and securely send it to Bob using a symmetric algorithm.

Hybrid Symmetric/Asymmetric System

Utilizing an asymmetric cipher it is possible for Alice to securely send a secret key to only Bob. Eve could not determine it while it is in transit to Bob because it is encrypted with his public key (and the only way of decrypting such a message is with Bob’s corresponding private key). Only Bob’s private key will descramble the secret key. With the secret key known only to Alice and Bob, both can utilize their favorite symmetric algorithm, Rijndael, to securely exchange information.[6]

Alice and Bob decide upon this protocol and find no success in its use. Alice and Bob know that each are operating within a secure channel – but Bob is receiving a large number of emails from Alice. As Bob opens each one the contents are directing him to locations where the witness cannot be found.

After some false leads on the whereabouts of the witness, Bob is becoming more reluctant to trust the supposed encrypted emails from Alice. He is receiving a large number of emails from Alice offering the location of the witness, but he can’t determine which one is correct. He suspects that Eve is using his public key and sending emails to him feigning to be Alice. There are only days left to find the witness before the important court appearance. To address this, Bob calls Alice up on the telephone and instructs Alice to sign her emails so he can authenticate the origin of the emails. Now, should Eve continue to try to send Bob off-track – Alice’s email can be picked out from the other junk emails.

Signing Protocol

In addition to facilitating secure key exchanges, public key systems also support the ability to sign a message, the electronic equivalent of a person’s written signature. Specifically, it is with one’s private key that a person may electronically sign a document. To reduce the amount of processing and overhead with signing large documents, hash functions can be used to reduce the effort.

Hash Functions

Hash functions are one-way operations that accept data and output it to a smaller set of data, called a message digest. Only secure hash functions can be used with electronic signatures. Hash functions are considered secure when it is computationally infeasible to find two different input data that result in identical message digests. The SHA1 is one example of a secure hash function[7].

Alice can utilize the following steps to sign her email messages to Bob

1. Alice types in the location of the witness into a text file using an editor of her choice.

2. Alice performs a SHA-1 of the text file’s contents and scrambles it with her private key. The hash function she uses is one that is highly secure and is known to Bob.

3. She includes the output of this scrambled data at the end of the text file

4. Alice encrypts the whole payload using Bob’s public key and emails it to Bob using his email address.

To read the payload and verify that Alice sent him the message, Bob must do the following:

1. Open his email from Alice and descramble the contents using his private key.

2. Perform a hash of the supposed location of the witness using the same hash function Alice used.

3. Using Alice’s public key Bob descrambles the latter end of Alice’s email.

4. If the output from #2 and #3 match, Bob can be sure Alice sent the email and the location of the witness is true. Otherwise, Eve surely has tried again to lead him astray.

After receiving an authenticated email from Alice, Bob correctly finds out the whereabouts of the important witness. Bob safely takes the witness to court in The Hague so that the valuable evidence can be heard.

The JCE

Core Classes

The following is a description of the core classes that comprise the JCE.

Cipher Class

A Cipher is the main class with which encryption and decryption is performed. Around this class the JCE framework is built. An instance of the Cipher class embodies how information is scrambled or descrambled, as well as with what secret key it should use when doing its work.

A static factory method on the Cipher class is the means with which Cipher objects are created. When factorizing a Cipher object, its transformation name is essential. Additionally, it is possible to also specify the name of a JCE provider, in case there are two or more implementations available in the Java runtime environment.

A Cipher’s transformation name follows the format: algorithm/mode/padding.

In our example above, Alice and Bob could create a Cipher class with the following,

Cipher cipher1 = Cipher.getInstance( “Rijndael” );

The mode describes how the cipher will scramble the information internally through its work. Standards dictate how a cipher ought to be used and in what context. Depending on the mode a Cipher instance may require an initialization vector (IV) which kick-starts the algorithm.

The padding describes how the information is padded when the plaintext is shorter than what is required by the cryptographic algorithm.

In each case, the provider of a JCE implementation will choose a default mode and padding if none are offered. In our example, Alice and Bob have agreed upon a specific implementation so they do not require the extra qualifiers for the Cipher object they wish to instantiate; the common code will choose the correct defaults.

Before working with a Cipher object, it must be initialized. The two oft-used modes are:

Cipher.ENCRYPT_MODE

Specifies that the Cipher object will be used for encryption.

Cipher.DECRYPT_MODE

Specifies that the Ciphert object will be used for decryption.

These modes are required because cryptographic algorithms behave differently in encryption and decryption mode. The other missing instantiation information is the Key. The Key can be any class that implements the java.security.Key interface, or from some certificate that contains the appropriate key.

There are other parameters that can be used with initializing a Cipher object. In all cases the parameters:

1. Specify how the algorithm will perform its work,

2. Embody a secret key with which the algorithm uses to perform its work, or

3. Reference a specific random number generator[8].

Cipher Stream Class

The Cipher Stream classes provide a Java developer the means with which to perform encryption or decryption on conventional streams.

KeyGenerator Class

Symmetric algorithms require the use of a key to scramble the plaintext into ciphertext. For systems that must create keys without user input, like SSL or PGP, some sort of key generator is required. Important to this process is the fact that symmetric algorithms each have their own definition of what constitutes a weak[9] or valid key. The KeyGenerator class solves the problem of automatically generating secure, acceptable keys.

Similar to the Cipher class, a KeyGenerator instance is created using:

KeyGenerator kg = KeyGenerator.getInstance(“DES”);

Using the factory method, getInstance, the above line of source code creates a KeyGenerator instance for the DES algorithm. Additionally, a JCE provider name could be added as a second parameter in case there are more than one provider offering KeyGenerator instances in its implementation. With an instance, the KeyGenerator instance must be initialized.

A KeyGenerator instance can be initialized by specifying the keysize, a random number generator, both, or some algorithm parameters. The keysize is an important parameter to consider when generating a key for an algorithm that supports many different key sizes. A developer should always be sure how strong the keys are when implementing cryptographic protocols.

With a KeyGenerator instance setup, a secret key can be made available by simply calling:

SecretKey sk = kg.generateKey();

With this SecretKey, sk, a Java developer can secure information.

In the adventures of Alice and Bob, the two could not reliably establish a secret key unless they were speaking to one another privately. Since both lived on separate continents it became harder to establish their secret key. To alleviate this they used an asymmetric cryptosystem to create a secure channel through which they would share their secret key. It is through the use of the KeyAgreement Class that Alice and Bob were able to securely share their secret key in an insecure environment.

KeyAgreement Class

Consistent with the JCE, the KeyAgreement class is available to a developer using its getInstance method. For example,

KeyAgreement ka = KeyAgreement.getInstance(“DH“);

creates a KeyAgreement instance utilizing the Diffie-Hellman algorithm[10]. The KeyAgreement instance requires initialization and this can be done using a user’s private information. Additionally a developer can provide reference to a secure random generator, or some algorithm parameters.

Once the KeyAgreement instance is initialized the doPhase method must be called in order to establish a secure channel. The method is defined as:

public Key doPhase(Key key, boolean lastPhase);

For Alice and Bob, a single call to this method the other person’s public key using in place of key and lastPhase=true, is sufficient. If there are more parties with whom the secret must be shared, then the generated Key must be shared with the participants and more doPhase invocations are required. Please refer to the JCE documentation for more details on the KeyAgreement.doPhase method.

After the single invocation, Alice and Bob will be able to extract the secret key,

byte[] establishedSecret = kg.generateSecret();

With establishedSecret Alice and Bob can securely exchange information utilizing it as their secretKey.

Mac Class

When exchanging information securely it is useful to determine if a rogue individual has intercepted the ciphertext and modified it. The JCE facilitates this through the Mac class.

Summary

Cryptography is a powerful technology that creates secure channels in an insecure environment. It allows intelligence agents, suppressed nationals, and businesses to exchange information securely with others. This technology is important in the development of systems that exchange sensitive information.

The JCE is an implementation of cryptography for Java systems. It empowers a Java developer to securely exchange keys, scramble information with a key and provide a means to descramble it. However, this provision operates within a larger context.

The technology on which the JCE is based can only claim with high confidence that the exchange will be secure: the JCE provides no guaranteed security.[11] For practical purposes I would not concern oneself with this comment. It is recommended to stay relatively current with cryptographic advances and re-address the security of a system at regular intervals. Pick secret keys that are appropriate for your application.[12]

It is also important to note that cryptography is not the silver bullet of system security. Well administered firewalls, a commitment to secure processes, and many other security measures are as important to securing a system as incorporating the latest cryptographic technologies and protocols.

Geoff leads Fireball Technology Group, Inc. - a Toronto-based software consulting firm specializing in Java and PHP web applications. Fireball uses its development abilities to maintain and enhance http://www.thelocalguru.com - Canada’s first skill database that supports freelance and self-employed experts to connect with their local communities.

Many women and even several men know the value of sending flowers for special occasions. More than any other flower, roses are seen as the ultimate symbol of love and affection. But what many people don’t seem to know is the symbolism behind the roses themselves – they just buy what looks pretty. The colors, types, and display of roses have their own significant meanings, which should be taken into account when purchasing roses for that special someone.

If your relationship is strictly friendly, stick with pale-colored roses, as in general, they signify friendship. Pale pink and peach colors signify admiration, sweetness, and gratitude, which make these roses the perfect choices for floral gifts of friendship. Yellow roses, though a symbol of friendship, also signifies jealousy, so be careful when choosing yellow roses in a bouquet. However, to signify your happy feelings for your friend, a bouquet of red and yellow roses together is the ideal choice.

Romantic relationships in their early stages should be signified with white roses which symbolize innocent love. They say “I’m worthy of you,” and are just simply beautiful. Light and dark pink roses symbolize joy and thankfulness, and would make a beautiful way to say how happy you are to have that special someone in your life. If yours was a “love at first sight” encounter, choose lavender roses or thornless roses. Orange roses signify fascination, which also work lovely for blooming relationships, but if you’re not sure where you want the relationship to go, steer clear of putting yellow and orange roses in the same bouquet, as together, they represent passionate intentions. If you’re planning to confess your love, the fascinating moss rose symbolizes that intention.

While the rose, in and of itself, represents love, it is only the red rose that actually proclaims “I love you.” It represents true love and desire. A dozen red roses is considered to be the ultimate declaration of love. If you’re planning to propose, consider winding two red roses together, as this is a symbol of engagement. A rosebud with leaves, but no thorns (preferably in a red shade) tells your loved one that you no longer fear, you hope for things to come. If you want your engagement to be secret for a while, consider an offer of full-blooming rose over two rosebuds, which signifies secrecy. According to tradition, touching the flower to the lips implies a “yes” answer, while a “no” is given by pinching off a petal and casting it away. If your beloved is very fond of roses and wants to include them in her wedding bouquet, a bouquet of white and red roses together makes the perfect choice, as the colors, when joined, signify unity.

Just as roses symbolize a blossoming love, they can also signify the end of a relationship. As stated before, yellow roses signify jealousy, but they also symbolize a decreasing affection and even infidelity! A rosebud without thorns or leaves means “there is nothing more to hope or fear,” which in some ways can be both a blessing and a curse. A withered white rose represents despair, a withered red rose means “our love is over,” and the York and Lancaster damask rose, though quite pretty, symbolizes conflict. As one might expect, a black rose, which typically represents death, is also the ultimate symbol of “goodbye.”

Whether you believe in the traditional meaning of rose colors or not, you should always keep them in mind when giving or receiving flowers. Your special someone might believe in them strongly, or someone you know just might be trying to tell you something that they can’t quite put into words! Color talks, and you might be speaking louder than you realize!

Read more about the meaning of roses and find out what it means if someone sends you a yellow rose

When you decide to start your own internet business, you have a lack of money on project development. You want to implement a lot of ideas but the prices of the services of web development companies are high. As the result only a small amount of planned tasks comes into life.

Offshore software development gives you an opportunity to create in short terms an e-commerce system of a high quality. Thanks to software outsourcing you can have a 80% economy on expenditures on web development. You will have an opportunity to make much more functional web site with different advanced features.

More than that, offshore software companies can organize high-quality project development because, as a rule, they have big experience in web development. More than that, a lot of companies are specialized in some specific spheres and technologies. So, you can chose a company which has experience in your sphere of occupation.

Another advantage of offshore software development is quick implementation because usually a team of professionals work on your project. With offshore software development the time between an idea and its implementation has been shortened. This will help you to become an innovator on your market. And you can afford it because now quality web development has become cheaper.

So, let’s sum up the advantages of software outsourcing for small business:

1. Reduced costs. You can save up to 80% on software development.

2. Concentration on the core of your business

3. Quick implementation of your ideas.

Thanks to all of these factors offshore software outsourcing can greatly boost your internet business and lead it to the higher level of development that will bring you higher profits.

And what are the disadvantages of offshore software development?

When you outsource, you usually loose the managerial control. Of course, it’s harder to manage the software development company, than your own employees.

Also there are some hidden costs of outsourcing that are usually skipped. They include legal costs of signing contracts and time to spend on contract coordinating.

How can you avoid failures in offshore software development?

First of all, you have to choose a right company. Don’t look for the cheapest solutions. Look for experienced companies. Examine their portfolio, talk with their clients. And only then you can decide whether to partner with them or not.

Another factor of successful project development is good project specification. In your specification you should write a full description of your project including all the details. It’s a main document in software development. A good specification will save a lot of time on different questions and you will get the project you want.

In spite of all disadvantages, offshore software development has become a new trend in modern economy. Many companies have gained a lot from software outsourcing. We strongly believe that you will also profit from it.

Qarea - offshore software development company, IT outsourcing services.