Firefox search extensions

Today I stumbled across the site of the Mycroft project, which provides search plugins for Mozilla, Firefox and Netscape 6+.

In Firefox, there is a search box adjacent to the address bar. By default it searches Google, but if you click on the arrow next to the Google logo, you can select from a number of different search engines. In Mozilla and Netscape, there is a search sidebar with similar functionality.

The great thing about the search box/sidebar is that not only can you search Google and other sites quickly and easily, you can also add your favourite search engines to be available directly from your browser’s search function.

Mycroft hosts an impressive selection of search plugins covering many popular sites, and the site explains how to “roll your own” if your favourite site is not catered for; a fairly simple process if you have some knowledge of HTML.

If you haven’t tried Firefox yet and want to know what all the fuss is about, click here to find out more. It’s basically a free alternative to Internet Explorer, and it provides extra security and features such as tab browsing.

ATI Radeon fan replacement

I’ve just replaced my noisy fan in my “powered by ATI” Radeon graphics card with this one from Kustom PCs. A little pricey at £4.42 including first class postage, but nevertheless cheaper than buying a new card.

For anyone else with a similar card who wants to do the same, here’s what I did. Be careful now, and remember it’s not my fault if it goes wrong…

First of all, power off your PC.
OK, so I skipped this step, but it’s sometimes fun to take risks ;)

Once inside the case, gently unplug the fan from the card and carefully unscrew and remove it from the heatsink (which could be sharp!)

At this point you might decide to blow the fan from both sides with canned air to remove the buildup of dust, and add a few drops of oil underneath the sticker on the reverse of the fan body. If you’re lucky, it might solve the problem.

Assuming your fan is still noisy, you could just leave it unplugged, but it’s generally not a good idea – fans are usually there for a reason. If you’re feeling adventurous, try it by all means. I found it didn’t damage my card but it did raise my case temperature enough for the system fan to increase speed – not what I wanted as I was trying to reduce noise. Alternatively you could replace the heatsink with a larger one, giving you passive cooling for your card, although this isn’t something I looked into in any depth. Kustom PCs and QuietPC have some interesting offerings though.

If you’ve decided to go ahead and mount a replacement fan, the rest should be easy. Unfortunately, I found that it wasn’t… read on!

The height of the replacement fan was approximately twice that of the original, so the original screws were not long enough. I didn’t receive any screws with the new fan, so decided to drill the holes in the fan body down until the old screws did indeed fit. Alternatively, you could hunt down some longer screws or botch the installation with Superglue, tape or adhesive thermal compound.

The other major hurdle is that the fan’s 3 pin connector does not fit the 2 pin header on the card. There are a couple of sensible options here: you could plug the fan into a spare header on your motherboard or remove the connector and splice in the one from the old fan. I went for another option – I pulled the white plastic shield around the fan header pins on the card, and plugged the two “power” (black and red) holes into the bare pins. In my case (no pun intended) it just about stays in place.

So that I can give you an easy step to finish off with, you should be able to carefully peel the ATI sticker from the old fan and stick it on the new one.

I tested the card with ATITool and found the card worked perfectly with the new fan, and I was even able to overclock it a little.

If you’re looking for a budget graphics card, the ATI Radeon 9000 series is looking good. This Sapphire 9200SE model from eBuyer boasts 128MB RAM and TV out for £30.93 inclusive of VAT.

Royal Mail’s Smart Stamp

I recently heard about Royal Mail’s Smart Stamp Service, which negates the need for physical stamps by allowing users to print their own postage paid envelopes and labels.

Subscription costs £49.99 for a year or £4.99 per month, with a 3 month free trial period currently available. Postage at standard rate is payable on top of this fee.

The service looks well suited to small to medium businesses as an alternative to franking machines, and private users who make heavy use of the postal service; regular Ebayers, for example.

As a very light user of “snail mail”, I can’t justify the cost, but nevertheless had a play with the trial version, which Royal Mail lets you have for free after registering for an account on their site and providing some demographic information. I would post a direct link, but Royal Mail use a custom download wrapper to prevent this.

System requirements are fairly modest – 200MHz CPU, 64MB RAM, 20MB HDD space, 800×600 resolution – but unfortunately Smart Stamp only supports Windows (from 98SE up to XP). It supports laser and inkjet printers of 300dpi or higher resolution (which covers pretty much all modern models) and requires IE 5.01 SP1 or later, as it’s an HTML application (urgh).

Note that while the site specifically lists Windows XP SP1 as supported, the software works fine with SP2. I’d imagine Windows Server 2003 will work too. I’ve not tried running Smart Stamp under Wine in Linux but I suspect that its IE dependencies might complicate the process.

The trial version has the same features as the full version, but partially obscures the “stamp” (a kind of barcode) with a “Specimen” box. UK and overseas postage is supported, and it is possible to customise your envelopes with a slogan or logo, several examples of which are included.

There’s also a diagnostic tool, which requires a ticket number supplied by the Smart Stamp support team (although I just made one up). It spits out a passworded ZIP file – no prizes for spotting the privacy implications!

Further digging around in the software’s installation directory uncovers all the images and HTML code used by the application, and curiously some German-language text files suggesting that Smart Stamp is based on Deutsche Post’s StampIt service.

Extra-geeky observation: I noted that Smart Stamp prints its URL – SmartStamp.co.uk – on all envelopes and labels, but the server in fact requires a leading “www”. Doh!

All in all, it’s an interesting offering, and means that we in the UK now have access to what the US has offered for a long time, with one major difference: we are being charged for the privilege, while the US has traditionally offered discounts to electronic stamp users. I hope to see Smart Stamp re-emerge as a free service once Royal Mail have recouped their costs, and maybe even pass the associated savings on to users. At that point, I suspect that I will not be alone in wanting to give it a go.

However, only time will tell whether Royal Mail have got it right. The software has some good features and looks pretty, but the way it has been implemented with its reliance on IE worries me slightly in terms of security. I fully expect hackers to have a field day with this, and would not be in the least bit surprised if someone manages the defeat the system and get free postage. Just think – spam will be the least of your worries when Smart Stamp is cracked and you have 100 ads for Viagra, penis enlargement, cheap loans and solicitations for Nigerian investments on your doorstep every day ;)

OK, so maybe I’m being a little paranoid, but I can see a number of potential vulnerabilities:

  • Illicitly inflating a Smart Stamp account balance on Royal Mail’s servers, tricking the software into accepting a fake balance or spoofing the link between the local machine and the server to prevent an account being debited
  • Using refunded, used or randomly-generated “e-stamps” in the hope that they will somehow slip through the system unnoticed (are Royal Mail actually scanning every piece of Smart Stamped mail and checking it against their database?)
  • Hacking the software to prevent the trial print function from hiding the stamp, or regenerating the stamp from its human-readable code (this relies on the assumption that trial prints include valid stamps, which could indeed be true as each new document has a new code)
  • Reverse-engineering the stamp generation mechanism to produce arbitrary valid stamps (if Royal Mail don’t check stamps against their records)

Royal Mail will be in trouble if they don’t have effective mechanisms for the prevention and detection of these and another attacks, and prosecuting offenders will prove difficult as the postal system is effectively anonymous.

And of course there are the traditional problems associated with e-commerce: account hijacking and credit card fraud to name but two.

Good luck, Royal Mail…

Welcome

This is my new blog, intended to be a constructive use of my domain name. I had toyed with the idea of building a full website, but this just seemed easier.

Most of the content will be geeky stuff cos… well, that’s what I’m interested in.

If you have comments, leave them here or mail me at chris<at>chrisbarnes.co.uk.

Cheers!