http://test.izyba.com/equationeditor/equationeditor.php

International Mobile Equipment Identity (IMEI) is used to identify valid devices connected to GSM and UMTS network. This number can be accessed from a mobile phone by dialing *#06# on the keypad. IMEI is commonly use by software developers as part of software protection scheme to prevent it from being pirated.

JavaME developers however suffers from a drawback because MIDP/CLDC specification does not include an API to obtain IMEI from mobile devices. However there are few phone manufacturers included this functionality through System.getPropery() calls.

Here's how to get IMEI number from mobile devices of different manufacturers
Nokia
PLAIN TEXT
JAVA:

1.
System.getProperty("phone.imei"blogs.sun.com/images/smileys/wink.gif" class="smiley" alt=";)" title=";)" />;
2.
System.getProperty("com.nokia.IMEI"blogs.sun.com/images/smileys/wink.gif" class="smiley" alt=";)" title=";)" />;

Note ; Requires signed midlet. S60 3rd edition device does not requires signing for this to work.

Sony-Ericsson
PLAIN TEXT
JAVA:

1.
System.getProperty("com.sonyericsson.imei"blogs.sun.com/images/smileys/wink.gif" class="smiley" alt=";)" title=";)" />;

Note ; might not work on all model, YMMV

Motorola
PLAIN TEXT
JAVA:

1.
System.getProperty("IMEI"blogs.sun.com/images/smileys/wink.gif" class="smiley" alt=";)" title=";)" />;
2.
System.getProperty("com.motorola.IMEI"blogs.sun.com/images/smileys/wink.gif" class="smiley" alt=";)" title=";)" />;

Samsung
PLAIN TEXT
JAVA:

1.
System.getProperty("com.samsung.imei"blogs.sun.com/images/smileys/wink.gif" class="smiley" alt=";)" title=";)" />;

Siemens
PLAIN TEXT
JAVA:

1.
System.getProperty("com.siemens.imei"blogs.sun.com/images/smileys/wink.gif" class="smiley" alt=";)" title=";)" />;

Hopefully this information can aid you in your J2ME programming projects.

Quick Tip :
It's quite hard to determine the phone model/manufacturer well ahead beforehand. For a more robust solution, I suggest that you combine the above call with System.getProperty("microedition.platform"blogs.sun.com/images/smileys/wink.gif" class="smiley" alt=";)" title=";)" />.

http://hea-www.harvard.edu/~fine/Tech/vi.html

 /bin/bash  ------------------- Bash Shell

 /bin/csh   ------------------- C Shell

 /bin/ksh   ------------------- Kron Shell

 /sbin/sh   ------------------- Bourne Shell

 http://net.pku.edu.cn/~course/cs101/resource/g++.html

g++ for Windows

Warning: This page is being maintained mainly for my students. Use these instructions at your own risk. There is no warranty in any form or shape whatsoever!. There is no guaranty that these instructions are up-to-date. With that understanding, you may continue with the rest of this page if you choose to accept these terms.

This page was last updated on September 13, 2005.

Follow these steps to install g++ (the GNU C++ compiler) for Windows. There is no room for creativity here; you must follow the directions exactly.

1. Pick the drive and a folder in which you want to install g++. I'll assume that it is C:, but you can choose a different one. If you choose a different drive or a different folder, you'll need to adapt the directions below accordingly.

2. Download full.exe, an about 14 megabyte executable, to C:\full.exe by right-clicking on the link. Use Save Link As... or Save Target As... Be sure the browser saves the file as C:\full.exe.

3. Run the downloaded executable. This will install g++ (and a lot of other things that you don't really need) on your hard drive. Go to the C: drive using Windows Explorer and double-click on full.exe. Or, open a DOS window (Start > Programs > Command Prompt), connect to the C: drive using the cd command, and type full.

4. Locate where the bin folder was created for the g++ installation. On my Windows XP machine, it was created in the following path:

C:\cygnus\cygwin-b20\H-i586-cygwin32\bin

You now should add it to the PATH environment variable. You do that by following:

Start -> Control Panel -> System -> Advanced -> Environment Variables

At this point you can see the PATH variable either in the User Variables or in the System Variables. Add the g++ path into the PATH variable. You add it to the end of the existing value separated by a semicolon (';'). Make sure that you do not lose the original value. You are just appending more to the end separated by a semicolon.

5. Restart your computer. A Cygnus Solutions entry will appear in your Programs menu, and an icon may appear on your desktop. Don't use them! You will use it using the g++ command on a DOS prompt as explained below.

You should now be able to run g++ from a DOS (Command Prompt) window. For example, to compile a file called C:\mine\hello.cpp, connect to the C:\mine folder and enter

g++ -g hello.cpp -o hello -lm

You'll then be able to run the compiled program by entering hello in the DOS window.

If you've installed Emacs as described here, you will also be able to run g++ from Emacs. If, when you do this, Emacs tries to compile with the command make -k, you made a mistake during the Emacs installation. If you want to learn how to run g++ on emacs, see here.

If you'd like to learn more about where this free compiler came from, we downloaded it from an older site of http://sourceware.org/cygwin/.

If you wish to clean up a little, you may delete the file: full.exe at this point. Your g++ compiler is installed under C:\cygnus.

Let's talk about Attack Types in the security field today.

Attack types specify how much information which a crypto analyst has access to when cracking an encrypted message. We can sum up the common attach models as the following:

1) Ciphertext-only attack:  The attacker is assumed to have access only to a set of ciphertexts; e.g. In any case where a stream cipher like RC4 is used twice with the same key it is open to ciphertext-only attack.; Brute force attack can succeed if a cipher's key space is too small;

 2) Known-plain attack: The attacker has samples of both the plaintext and its ciphertext. Then the attacker makes use of them to reveal further secret information, typically secret key;

3) Chosen-plaintext attack: The attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. The goal of the attack is to gain some further information which reduces the security of the encryption scheme. In the worst case, a chosen-plaintext attack could reveal the scheme's secret key;

4) Chosen-ciphertext attack: The attacker gathers information, at least in part, by choosing a ciphertext and obtaining its decryption under an unknown key.

How fsck normally works

Unix, any Unix, will refuse to mount a filesystem that was not unmounted
cleanly. This is because it may be corrupt and mounting a corrupt filesystem
will likely cause the system to crash.

When the system boots all filesystems are checked to see whether they
are Clean. The term simply means whether the filesystem was unmounted
properly after it's last use. If the filesystem is Dirty then fsck
will be called in to check it out in more detail. Some Unix variants such
as Linux will also run fsck after the filesystem has been mounted N times
- N is the maximal mount count.

http://www.electronics.oulu.fi/latex/examples/example_3/index.html,  I think it's good enough.

Figures

To insert a figure in a LaTeX document, you write lines like this:

\begin{figure}

    \centering

    \includegraphics[width=3.0in]{imagefile1}

    \caption{Caption for figure}

    \label{fig:sample_figure}

\end{figure}

The whole block is enclosed between \begin{figure} and \end{figure}. The command \includegraphics does the actual insertion of the image. Here the file name of the inserted image is imagefile1.
If you are using LaTeX to process your document, .eps extension is
appended automatically to the file name. If you are using pdfLaTeX, it
appends .pdf, .png, or .jpg when searching for the image file.

You need to get familiar with some design patterns. Just get read of them.

Singleton pattern

In software engineering, the singleton pattern is a design pattern that is used to restrict instantiation of a class to one object. (This concept is also sometimes generalized to restrict the instance to a specific number of objects - for example, we can restrict the number of instances to five objects.) This is useful when exactly one object is needed to coordinate actions across the system. Sometimes it is generalized to systems that operate more efficiently when only one or a few objects exist. It is also considered an anti-pattern by some people, who feel that it is overused, introducing unnecessary limitations in situations where a sole instance of a class is not actually required, and introduces global state into an application.

Hehe, just wanna take a rest.

Try to use BC Crypto APIs to implement the crypto core function in my system. The point is how to implement ECDSA in mobile device. The speed is a more complicated issue. Generating Key for ECDSA should be solved in this week.

http://www.bouncycastle.org/  contribute somethings to you:

The Bouncy Castle Crypto APIs for Java consist of the following:

A lightweight cryptography API for Java and C#.
A provider for the Java Cryptography Extension and the Java Cryptography Architecture.
A clean room implementation of the JCE 1.2.1.
A library for reading and writing encoded ASN.1 objects.
A light weight client-side TLS API.
Generators for Version 1 and Version 3 X.509 certificates, Version 2 CRLs, and PKCS12 files.
Generators for Version 2 X.509 attribute certificates.
Generators/Processors for S/MIME and CMS (PKCS7/RFC 3852).
Generators/Processors for OCSP (RFC 2560).
Generators/Processors for TSP (RFC 3161).
Generators/Processors for OpenPGP (RFC 2440).
A signed jar version suitable for JDK 1.4-1.6 and the Sun JCE.

Here is what my thesis lay on. I am currently working towards building the demo system. The system is implemented by Java ME and Java web application. I use NetBeans to program.

If I stored a private key in a tamper-resistant hardware, which can be plug-in with my mobile device, how can I use J2ME to read and operate this private key? Comparing with RMS, which is better choice for security of mobile transaction?

What is tamper-resistant hardware?

One part of designing a secure computer system is ensuring that various cryptographic keys can be accessed only by their intended user(s) and only for their intended purposes. Keys stored inside a computer can be vulnerable to use, abuse, and/or modification by an unauthorized attacker. For a variety of situations, an appropriate way to protect keys is to store them in a tamper-resistant hardware device. These devices can be used for applications ranging from secure e-mail to electronic cash and credit cards. They offer physical protection to the keys residing inside them, thereby providing some assurance that these keys have not been maliciously read or modified. Typically, gaining access to the contents of a tamper-resistant device requires knowledge of a PIN or password; exactly what type of access can be gained with this knowledge is device-dependent. Some tamper-resistant devices do not permit certain keys to be exported outside the hardware. This can provide a very strong guarantee that these keys cannot be abused: the only way to use these keys is to physically possess the particular device. Of course, these devices must actually be able to perform cryptographic functions with their protected keys, since these keys would otherwise be useless. Tamper-proof devices come in a variety of forms and capabilities. One common type of device is a ‘smart card,’ which is approximately the size and shape of a credit card. To use a smart card, one inserts it into a smart card reader that is attached to a computer. Smart Cards are frequently used to hold a user’s private keys for financial applications; Mondex is a system that makes use of tamper-resistant hardware in this fashion. [1] Frequently Asked Questions about Today's Cryptography, RSA Laboratories. version 4.1