Office Energy Use

February 12th, 2010

How much power does my computer need? Should I think about switching of my lamp when I am not in my office? How much energy does a typical Laserjet use for one page? For those who are interested in these numbers, here is a nice image compiling these informations. Thanks to Stefan Meinel, Katy Richardson, Rosie Robison, Amanda Stagg and Mick Young.

[These numbers are not to be taken as high-precision measurements. Especially the numbers about boiling water and printing can have a +/- 50% measurement error in them. But that is also not the point: This is to give you a rough idea of how much energy you consume in your office using everyday appliances. The specific devices you are using might be very different from these anyways.]

Posted in Sustainability | No Comments »

Airnergy? Really?

January 20th, 2010

Found recently: A device that supposedly charges USB devices from ambient WiFi-fields. Interesting, there should be enough energy in Wifi fields for that? Let’s do the math: In Europe, Wifi devices are limited to 100 mW transmission power (EIRP). Looking at that device, I would suggest a surface of about 10 cm x 10 cm is not a bad estimate. Given a distance from the access point of about 1 m, it can harvest about \frac{(10 cm)^2}{4 \pi (1 m)^2} \approx \frac{1}{100} of that, so about 1 mW. That’s not much… and even given several sources, I think it would be very optimistic to assume that they are all as close a 1 m. And then, the power received drops quadratically.

At this rate, to charge a normal mobile phone battery (typically several Wh) takes thousands of hours, assuming 100% efficiency and continuous transmission. The only way to really get down to a number where you could seriously consider it would be putting that device just flat on top of your access point, which can giv you 50% of its transmission power at best and would make it 20 hours.

Let’s just say that is incredibly stupid. The only comfort you’ve won is not having to plug it in (remember you still have to plug in your mobile phone into the Airnergy, AND you would have to put that device directly on top of the access point for a day). But it kind of defeats the point of the access point if you put something directly on top that will block all radiation. So it is basically mostly running to charge this battery, which is incredibly inefficient. Something must be wrong, right?

Now, in the article, they claim:

At CES, the device’s battery, which I believe was precharged with Wi-Fi power, was able to charge a BlackBerry from 30% power to full power in about 90 minutes.

Well, that was basically a nice PR stunt. The 90 minute number is obviously completely meaningless, as that was from the Airnergy’s battery. I would think it is quite improbable that it was actually charged using Wifi. And even if it was, then certainly in a way quite different from what the author expects …

A further comment: Even in inside, closed rooms, solar cells would give you a much better yield than that. And still, most people don’t use this to charge their phones (devices exist, though …). Guess why …

Well, if you ever come across these, don’t buy.

Posted in Computers | No Comments »

Please include at least one character from the Voynich manuscript.

January 14th, 2010

How often do you see these? You want to choose a new password on a website, and it tells you

The password you have chosen is not secure enough. Please choose a password that is at least 6 characters long and includes

  • lower and upper case characters
  • numbers
  • punctuation marks
  • and at least one character from the Voynich manuscript.

(from XKCD)

OK, I just made up that last point, but except for that, this is exactly what one of these systems wanted from me today. Now, what I hate about these is really the parts which want you to include characters different from just lower case latin alphabet ones. Because I can easily make up and remember an arbitrarily long password as long as it only includes lower case characters, for example just make up a sentence and use the initials. I can make that as long as 10 or 20 characters if you want me to, and I will never have to write it down if I at least use it every now and then. There are many other easy systems to remember this kind of password.

However, each of the additional requirements makes it a lot harder to remember the password. Remembering which characters were upper case (or whether there were any upper case characters at all) requires much more sophisticated systems (which, honestly, I haven’t yet thought about), or you will forget it after a short time. Remembering numbers requires either a high level of creativity so that the mnemonic phrase actually includes the number in a nontrivial way (“a tiger eats 16 oven mitts” doesn’t help you to remember the number 16) or a special system for remembering numbers, which most people, I suppose, don’t have at hands. Similar arguments go for the punctuation marks. So what does it lead to? Well, if people cannot remember their passwords, this will lead to one breach of security or another, which may include

  • just using a trivial way to include the extra characters, e.g. replacing an “o” (oh) by a “0″ (zero), capitalising the first letter and putting a period in the end. Well, at least this does not make the password worse than just the lower-case alphabetic one. But most probably
  • people will write passwords down. Now, I consider it a lot more probable that someone finds and exploits a password that I have written down than that someone actually brute-force cracks my password.
  • Also typically, people take one password and use it everywhere. The danger of this is obvious: If it is broken in one place, access to all accounts is established. Well, whether this is actually dangerous depends mostly on the websites you register to… if one of them is broken or run by someone who actually just wanted to get your password, you are in trouble …
  • Or, they might just invent a cool system to remember their passwords or find one on the net.

Guess which one I think is the least probable.

OK, but maybe we need passwords to include all these different kinds of characters for passwords to be secure. So let us examine this. Let’s start with a simple 8 character alphabetic lower-case password. There are 26^{8} \approx 2\cdot 10^{11} possibilities. Suppose we have a 10 MB/s connection to the website and to try one password requires 1 kb of data exchange (this is including all overhead, you will rarely get it that easily, but just for this consideration, suppose it’s true). Then you will need about 20 million seconds or just more than 240 days to get through all possible passwords, which means that on average, an attacker would need 120 days to get your password under these circumstances. Well, it is quite unlikely that this will go unnoticed for such a long time. Still, we certainly do not want to settle for this kind of security, but also, we do not have to. It would be enough to temporarily deactivate the login after three failed attempts for a short amount of time, say 300 seconds in order to make the calculation easy — then, this time would go up by a factor of one million and push the average time to above 300,000 years. That’s okay for most purposes I guess. Also, it does not rely on the assumption that general internet bandwidth does not increase dramatically, which it likely will. And for concerns about Denial of Service attacks, we could limit the ban to an IP range.

OK, we have established that 8 lower-case characters should be enough for most people. Not let’s take the requirements from the introduction, which except for the Voynich part were from a real website. The length should be 6 characters, which include upper- and lowercase characters (=52), numbers (+10) and punctuation marks (+10) [I have no idea exactly what they consider a punctuation mark, but I guess most people would restrict themselves to .!?-, which would only make 5, so I think I rather overestimate the number of possibilities here]. That makes us choose from 72 characters which gives 72^{6} \approx 1.4 \cdot 10^{11} possibilities. That’s less than we had for the previous case! Although not much, so given the right security measures, I would still consider it to be secure enough. But still! They would not let me choose an 8 character, lower case password, and someone else can slip through by with just six characters, a password which is actually less secure! So they are forcing all this extra crap on their users, which probably makes them do something stupid with their passwords anyways, and gain nothing in security at all.

So what is my suggestion? I don’t worry about the kind of restrictions you impose on short passwords. Just give me the possibility to use an all-lowercase, simple, but longer password. There is no reason not to allow me using an 8 character lower case password, if someone else can get away with 6! Imposing 8 characters mixed case and everything will make it more secure, but again, we could just as well use 10 or 11 lower chase characters. Why not allow that?

So, in case you are surprised why enlarging the character set so much, by even including mixed case, numbers and punctuations marks, is overcome by just adding two characters to the simple non-fancy password, stay here for the maths. If you make your password from a set of k characters of length n, then there are k^n possibilities. If you consider this as a function of k, the size of the character set, it is a simple polynomial function. Whereas as a function of n, it is an exponential function. As we all learn in school, exponentials grow much faster than polynomials. That is why, if you go for security, length matters! The number of characters included not so much.

So, can we now finally go back to plain passwords?

Posted in Computers, Maths, Personal | No Comments »

Odyssey in the Snow

December 22nd, 2009

When the first facebook statuses showed “SNOW!!” on Thursday, I was not yet aware what drastic consequences this would have for me. When I came out of my office around 10 pm, and was confronted with about 10cm of snow, I knew England would sink into Chaos for a couple of days. But for me, it was even worse than that.

On Friday, Eurostar trains got stuck in the tunnel, allegedly due to a condensation problem. First passenger reports made clear that they had experienced no less than hell and that the Eurotunnel is a “death trap” (well, by the way, in 15 years of Eurotunnel operation, I am not aware of a fatal accident happening in there). But they even had to walk 500m through the tunnel!

Some people therefore called for Mr Brown to step down. I couldn’t believe it. I am certainly not a fan of Gordon Brown, but what did he have to do with Eurostar? Has this hypocrisy got us so far that we now call for  the Prime Minister to step down because some company messes some trains up? Well, it turns out the Eurostar Chief Executive’s name is Richard Brown.

The bad news is, I did not have to walk through the tunnel, swim over the channel or fight wolves on the way. But together with Georg and Maruta, who I joined and who wanted to travel already on Saturday, I was impressed how creative Eurostar would get in order to not let us go home. They are really evil.

So yesterday (Monday) we were planning to go to Dover as early as possible in order to get the ferry, since Eurostar made clear the night before that there would not be any passenger trains through the tunnel. Our odyssey started at 5.45 (UTC) in Cambridge. In London, Eurostar personnel told passenger Eurostar tickets would be accepted on the train to Dover. Haha, maybe in theory, but they would just not let people with just Eurostar tickets in claiming the train was too full. Luckily, I already had a ticket to Dover (apparantly, letting people with “real” tickets in did not pose a security problem because the train was too full) and my friends just quickly bought one. Hundreds of Eurostar ticket holders did not and were left in London St. Pancras Station.

Needless to say, there were plenty of free seats in the train. One could nearly have the feeling Eurostar was trying everything to stop passengers from getting on the other side of the channel… this should not have been the last time we would think about this possibility.

The train for Dover (which uses the same tracks as the Eurostar trains) never made it there. It would go no further than Ashford, claiming “adverse weather conditions”, of which we could see nothing. It was not very cold, not snowing, not raining, not particularly windy. Suspicions rose. Maybe one of the Eurostar “test trains” was blocking the track? They had become serious about holding us back!

But we would not surrender! After only half an hour and about 10 calls, we found a taxi in Ashford and went to Dover. With us were Elina and Janis, Latvian siblings heading for Brussels who would stay with us for the next couple of hours. Without major problems, we could reach and board the 11h ferry for Calais, finally leaving the island.

Of course, in Calais, we expected the worst. Hadn’t Eurostar said they could not run trains due to “extremely adverse weather conditions” in northern France? Certainly, it must be very cold, maybe -20 or -30 degrees centigrade. Any less than that cannot hold back trains, can it? Come on, -5 to -10 are common in any winter, that can’t be it. So we were prepared to step into the French taiga, expecting nothing less than the coldest weather we had ever seen. Maybe we should rather expect -50 degrees?

But it was not that holding us back. Eurostar got creative. We thought they might just tell the ship to go back, but that would have been too blunt. Instead, when we wanted to unboard the ferry over the gangway, we were told the Calais chamber of commerce had forbidden its use: It was icy and therefore dangerous. Oh, and they forgot the salt do de-ice it. Yes, they forgot the salt!! We were just about prepared they would now tell us we had to go back to Dover because of this!

But after some time, they figured out how to get also foot passengers off the ferry: They drove some busses on the car decks and let us enter. Once again, we managed to escape Eurostar’s mighty claws and finally reached the soil of the French taiga.

But wait, it was not cold there at all! Maybe -1 or -3 degrees, but no colder than that for sure! There was some snow, but only a mere 5cm or so. Also, the French and Belgian part of our odyssey were boringly uneventful. Not even the trains were late! These railway organisations should certainly think more about how to entertain their passengers, after all, who wants to travel just to get from A to B? No one, you want travelling to be as difficult as possible. After all, it should be a challenge. At every station, you should have to figure out what means of transport could be used now to get a bit closer to your destination. SNCF and NMBS/SNCB should try to understand this, otherwise they will quickly be driven out of business by much more successful English and German companies.

What French and Belgian were unable to provide, the German Bahn was happy to replace. Obviously, the ICE from Brussels to Frankfurt we wanted to take was cancelled. We were lucky to hear it in time when there was still a Thalys to Cologne in the station, which was just one hour late at the time. But this train would, in fact, take us to Cologne without further incidents! We could barely believe we were so close to home now.

Being in the territory of the Bahn, everything could not just go well now. Or maybe it was also Eurostar still doing everything to interfere with our journey. After they were so creative with that salt thing, I would not be suprised at all! So the ICE from Cologne to Frankfurt was obviously cancelled. That would have been too easy now, come on! Instead, we had to go to the Cologne Messe-Deutz station, where a train would go for Frankfurt Airport! Unexpectedly, we all made our way home that evening, kind of unexpected after all they had done to stop us.

I conclude, in my opinion, Mr Brown stepping down for this is not enough. This calls at least for Obama to step down.

So is the Eurostar unreliable, dangerous, a death trap?

Many stranded passengers were outraged that they could not make it home and had to wait for so long. Services were only restored today. Even worse for those being trapped in the tunnel for more than half a day. I can clearly understand they are upset.

So what is my opinion on this? While the circumstances do not, in my opinion, seem so extreme as to be an “excuse” for trains breaking down, technical malfunctions can of course happen. Also, Eurostar did get all the people out, nothing serious happened, and people should just understand that an accident is an accident and not complain about climatisation not working (oh well…) or not having enough water on board (come on, you won’t die after a couple of hours with no water). This can happen. And judge whether the Eurotunnel is a death trap by considering it transports tens of thousands of people each day without any fatal accident since 1994.

What has been apparently very bad was Eurostar communications. Well I was for example not really happy that they only told me at 8pm on Sunday that my train on Monday would not go! That is a very short notice and for example too late to book regular ferry tickets. But much worse than that, people in the tunnel did, for a long time, not know what was going on. That is really bad and I would hate to be in that situation. This seems in part also to be due to bad communication between Eurotunnel (running the tunnel) and Eurostar (running the passenger trains). I found this blog post helpful in analysing this. Generally, Eurostar Client seems to be an intersting source for this event.

Posted in Personal | 2 Comments »

New

December 19th, 2009

My new homepage.

Posted in Uncategorized | No Comments »

Newer Entries »