New Year, Same Problems

  • Posted on January 2, 2015 at 10:49 pm

Welcome to 2015! I am pretty sure you are amazed what the year has in stock for you. Go ahead, figure it out. Meanwhile I know some things haven’t changed. Hands-free kits.

I like headphones. It saves yourself from listening to the verbal diarrhoea of people talking in public. Noise-cancelling gear is especially helpful. Or headphones that have a tight grip on your ears, so no acoustic bullshit can get to you. Usually headphones work fairly well.

Then there are hands-free kits. Basically these kits are headphones you can talk to, because they listen. They come in all forms and flavours. Wired, wireless, colourful, with/without battery, with/without blue LEDs, etc.; amazing. Sometimes they even work. Most of the time they don’t. The battery is low. Cables break. You lose your earplugs. It’s windy outside. It rains. The wireless kits disconnect and re-connect, turning your conversation into a bad rap song. Environmental noise drowns anything you say. Perfect.

So, yes, 2015 is great.

Postfix outbound SMTP via TOR Hidden Service

  • Posted on June 13, 2014 at 2:34 pm

I have been looking to link my portable Postfix on my laptop with another Postfix reachable by a TOR Hidden Service. I did some tinkering with TCP proxies, stunnel and other setups. Yesterday I found the article SMTP over Hidden Services which will do the trick. The description uses Postfix’ transport map to send  individual domain via the SMTP Hidden Service uplink. If you want all e-mails for all domains to go through the SMTP link, use the line

*   smtptor:[78uhrgdnsawillgetyoughe746.onion]

in your transport map after the .onion line. Works like a charm. The only downside is that I had to give up server certificate verification, but this can be done in a separate setup on the server side.

  • Comments are off for Postfix outbound SMTP via TOR Hidden Service
  • Tags:

CryptoParty Observations

  • Posted on October 11, 2013 at 10:23 pm

The CryptoParty phenomenon is past its first anniversary. The interest in cryptography and secure communication has always been there. The existence of CryptoParty before Edward Snowden leaked the criminal practices of secret services around the world is a good indicator for that. The questions is if crypto flash mobs of tutors and students can make a difference. Cryptography has deep roots in mathematics (which can and have to be reduced to a minimum when explaining, remember that every formula in an article for a wide audience halves your readership). In addition most tools used for encryption are not point-and-click capable (which is partly due to the user interface, but the real reason is the fact that secure communication doesn’t feature an on/off switch). Too bad. Despite these difficulties CryptoParty events work somehow. At almost all local events here participants learned something, tutors did too.

A couple of days ago someone asked me for a „mini crypto handbook with just the essentials“. I have given this idea some thoughts, but I doubt that you can improve your data’s and communication’s security by a short laundry list of things to do or not to do. You might get to the point of encryption quite fast, but managing the keys and verifying the identity of your communication partner(s) is the most important aspect. Then there is the problem that once data is decrypted it tends to leave residue in clear text. Unless you use encrypted storage all of the time and everywhere there is a chance that traces of data will leak and stay without cryptographic protection. It’s a bit like dealing with radioactive material – always use secure containers and equipment.

Give the extra effort of security all of our lives will still have an „unencrypted component“. You cannot securely communicate with partners who do not support secure communication. Calling a taxi, ordering pizza, phone calls with friends & family, even communication with companies or public authorities are probably easy to intercept. Observing the communication of an individual or an organisation as a whole can therefore be very informative if the pattern of encrypted and unencrypted information is analysed. If you only use cryptography when important, then you betray the fact that something interesting is going on. Using cryptography indiscriminately would be better – if it were possible with every communication end-point. Intelligence services know this, so does everyone else.

There are not short-cuts, it seems.

Growing up in a Hacker Space without knowing about it

  • Posted on April 11, 2012 at 2:26 am

This blog posting is a bit different from all the others. Usually it”s more about sarcasm or bashing things or people. Today it is the complete opposite. If you look at the tag cloud and have read some postings (or tweets for that matter) you probably have realised that I am doing some hacking behind the scenes. Let’s call it tinkering with technology. Basically I learnt a lot because my family allowed me to learn and to develop skills. Let me tell you how this was like.

I’ve always been the curious type. I constantly tried to figure out how things work, even as a child. Most children do that, but I liked to take apart gadgets very early. The curiosity grew intense. My parents and grandparents forbade me to open any household gadget that was new or still in use. Back in the days appliances were repaired, not replace. So one of my chances to get a peek inside was to wait until something broke and a repairman (be it an electrician, a plumber or heating contractor) came to our house. I was happy whenever our TV set was broken, because I got a look inside and could observe what the electrician did. I always kept the circuit diagrams of our device although I couldn’t read them properly yet. Those were part of the manual (I grew up in the age before „intellectual property“ was invented out of thin air, people were still allowed to repair their own possessions back then).

My family recognised my curiosity. I got lots of books. I read them. My grandfather gave his support also by buying science kits for me. One chemistry set, two physics sets and countless of electronic kits found their way to our home. I had lots of electronic components ranging from transistors, coils, transformers, capacitors, LEDs (yes, only the red ones), LED displays, a cathode ray tube, a 10 MHz oscilloscope, soldering iron, cable and countless of other items. First I build the experiments according to the manual (building test circuits up to sound generators, radios and even a simple black/white TV set), then I started to try my own ideas. I could even use my grandfathers work shop in the basement. He was a mechanic, and his work shop had anything – screwdrivers of any size, power drills, files, soldering lamps, paint, solvent, piece of metal, pipes, really anything. And I could use all of these tools whenever I wanted to.

Some Christmas day (guess it was 1984) the electronic kit collection turned digital. My grandfather gave me a BUSCH Elektronik’s Microtronic Computer-System 2090 with a 4-bit TMS 1600 CPU at its core. 4096 Byte ROM, 64Byte + 512 Byte RAM, 40 assembler instructions and 12 commands at the console consisting of 26 keys and a 6-digit LED display greatly enhanced the capabilities of my little lab. I started coding. The series of presents from my grandfather continued with a Commodore C64, a C128 and Amiga 500/2000/4000, not to forget the HP48 calculator I used at university.

I am not writing this down to brag about it, I am well aware that not everyone has been lucky to have a family like this. The point is this: Even when my grandfather gave me the electronic kits he did not understand what I was doing with it. He had a basic understanding of electricity, he could fix electrical wiring in the house, but he never did more complex things. He was a master mechanic, he could build anything out of wood or metal. Despite having no interest in and knowledge of electronics and computing he tried to help me with my education. Growing up with books, hardware, software and a work shop – and with an environment that actively supports curiosity – is one of the best things that can happen to you. That’s what a hacker space is – the best that can happen to you. Cherish it! Support it! Improve it! Create it if it doesn’t exist! And always put the tools back to where they belong! My grandfather told me this over and over.

Sadly I cannot thank my grandfather any more. He did a couple of years ago. He would have turned 90 today.

If you want to do him a favour, then please create something or understand the workings of Nature. He would have liked it.

OS X 10.8 removes Support for critical News Sites

  • Posted on February 21, 2012 at 12:15 pm

The long awaited update of Mapple‘s OS X to the 10.8. Mountain Lion edition brings solace to distressed web surfers. The new operating system will block any news site on the web that criticises Mapple or any of its products. For example if you want to open the web site of the New York Times in Mapple’s Safari browser (of course the word safari being a synonym for hunting expedition), then you will be redirected to the iTunes store. „We get a lot of complaints by our users that fake news and independent journalists freak them out.“, a spokesperson was quoted.

While fake news, rumours and outright lies can lead to a very emotional experience on the Internet, they are basic ingredients of everyday life and politics. It’s hard to tell what the impact will be. The new features could lead to a massive decline of memes. Paired with Mapple’s power to stop alternative web browsers (unofficially also known as „these aren’t the browsers you are looking for“) computing will become a lot more conservative in the future.

TomTon to include Ambush Warning in latest Updates

  • Posted on December 19, 2011 at 12:47 am

Amsterdam. – TomTon, producer of sat-nav systems, has been hit by decreasing sales and is restructuring its workforce. The company announced to have some new products in the pipeline which will be put on the market in 2012. Journalists have been supplied by prototypes enabling a sneak preview of features to come.

Following the footsteps of many other companies the new map updates target the military market. Users of the new maps will now have the option of subscribing to ambush warnings. The information will be presented just like the traffic warnings customers are already used to. Currently TomTon’s R&D department works on live updates. The ambush data is provided by terrorist groups who sell their schedule of ambushes. The payment is in turn provided by the customers using the subscriptions. The innovative technology is hailed to make both supply lines and terrorism safer. ISAF has expressed great interest in the sat-nav devices and the new subscriptions. This could be good news for tourists travelling through remote and dangerous areas, too.

The new product would give sat-navs an edge over mobile phones equipped with map software and route planners. Mobile phones have been subjected to network failures in some countries recently.

  • Comments are off for TomTon to include Ambush Warning in latest Updates
  • Tags:

Apple patents Big Bang in order to squash Competitors

  • Posted on September 14, 2011 at 5:53 pm

CUPERTINO. – Apple has filed a patent on the Big Bang in order to strengthen its patent portfolio on Virtually Anything™. The patent was announced in a brief e-mail consisting of only two sentences.

Apple was first and will always be the first company to invent stuff. We build the Universe. Steve.

Insider experts believe this message to be genuine since it fits the style of Steve Jobs’ random e-mail and short message conversations. In addition parts of the message were found scribbled on a piece of paper in a bar, thus documenting the integrity of the e-mail. Apple is known only to leave verified company secrets in local bars.

The patent application hasn’t been published yet, but Apple’s lawyers are currently fighting every company on the planet that is manufacturing „square metal-reinforced rectangle with a centered screen and rounded corners“. They told journalists that once the Big Bang is patented, everything else is just a copy of Apple’s invention of our existence. „We were first, and the patent documents this fact.“, an unnamed source from the legal team was quoted by a journalist who just yesterday had a fatal car accident. Provided the patent is granted to Apple it would certainly turn the tables for all ongoing court cases regarding its products. Apple could then even sue the scientific community, all religions, all governments, the Internet and every cute kitten on the planet.

The USPTO wasn’t available for comment. We believe that they ponder the Supreme Court’s comment on the patentability of a genetically modified bacterium quoting the Congressional report leading up to the 1952 Act that “anything made by man under the sun” should be patentable. Once the patent is granted, Apple could sue the USPTO for its existence, so it might take some time and consideration.

Cloud Printing

  • Posted on June 24, 2011 at 7:17 pm

Cloud Computing is a small step for some companies, but it is a big step for us all. The digital dispossession advances another step as major printer manufacturers announce Cloud Printing. Say goodbye to piles of paper! Cloud Printing enables you to print anywhere and anything! You don’t even need to own a printer or paper any more.

Cloud Printing happens in co-locations servers around the world. Your printing app automatically selects the nearest Cloud Printing facility, so that your printouts are geographically close to you. Printouts are stored in rack space, so you can access them over the network. Toner, paper and ink will be changed without interference by Cloud staff. All your supply needs are taken care of.

If you are interested in obtaining a digital copy of your documents printed in the Cloud, you might be interested in Cloud Scanning, too.

Acer Lumiread E-Book-Reader

  • Posted on December 30, 2010 at 2:04 pm

Die letzte Weihnachtspost ist gestern endlich aus dem vereisten Deutschland angekommen. Ich habe mir den Acer Lumiread E-Book-Reader bestellt, den mir der hiesige österreichische Buchhandel übrigens nicht verkaufen wollte (ja, wieso sollte man auch Kunden etwas verkaufen wollen, bringt ja doch nur Geld ein). Bisher bin ich sehr begeistert von dem Gerät. Das Display hat elektronische Tinte, an deren Darstellungsschärfe man sich schneiden kann. Ja, man benötigt daher Licht zum Lesen, aber das war schon immer so. Von Haus aus kommt der Reader mit 1 GB Speicher mit, was für meine Zwecke im Moment völlig ausreicht. Man kann eine Micro-SD Karte nachrüsten, wenn es nicht mehr genug ist. Im Gegensatz zu Apples NaziPad läßt sich der Lumiread als USB-Speicher ansprechen und per beliebigem Dateimanager laden und entladen. Man darf das Gerät daher auch mit GNU/Linux betreiben (der Lumiread wird übrigens auch mit GNU/Linux betrieben).

Das Gerät ist WLAN-fähig. WEP, WPA und WPA2 funktionieren tadellos. WPA Enterprise wird auf den ersten Blick nicht unterstützt. Man kann damit im Internet e-Books einkaufen oder auch nur selbst nach Inhalten schauen. Mit an Bord ist ein Opera Browser, der alles darstellt, was man so üblicherweise im Web findet. Es gibt sogar eine intelligent download Funktion, mit der man Webseiten und Dokumente für späteres Lesen abspeichern kann. Das halte ich für sehr sinnvoll. Unterstützt werden übrigens die Dateiformate (nach Endung) ePub, PDF, MOBI, CHM, HTML, TXT, DOC, DOCX, RTF, JPG, PNG, BMP, GIF, TIFF, MP3, AAC und WMA. Man kann also auch Audiodateien anhören (dafür gibt es einen Kopfhörerstecker).

Die typischen DIN A4 formatierten PDF Dateien lassen sich nicht gut lesen, weil die Zoomstufen nicht immer die ganze Seite erfassen. Das ist übrigens genau der Grund, warum ich gerne einen A4 Reader hätte, den aber niemand baut. Wäre ja auch zu praktisch. Formate mit Fließtext sind besser geeignet. Ansonsten bin ich sehr zufrieden mit dem Reader.

  • Comments are off for Acer Lumiread E-Book-Reader
  • Tags:

We Come in Peace – streaming now!

  • Posted on December 27, 2010 at 11:45 am

Für die nächsten 4 Tage werden wir im Büro neben der Arbeit mit den Videos vom 27C3 verbringen. Wir haben das Gast-WLAN aktiviert, und ein Beamer läuft (hoffentlich mit den Live Streams vom Congress). Das Programm sieht sehr vielversprechend aus. Wir sind schon gespannt wie gut das Streaming diesmal funktioniert. Letztes Jahr war es stabil genug für die meisten Vorträge.

Stream on!

Google Cr-48 Laptop comes without Delete key!

  • Posted on December 10, 2010 at 5:28 pm

Googleplex – The new Google Cr-48 laptop ditches the most unnecessary keys of modern keyboards. It comes without caps-lock, function keys and delete key. Apparently the caps-lock key is of no use to the typical netizen anymore, because spelling is no longer taught in school. Most instant messages, e-mails and CVs can do fine without correct spelling. The function keys are too complicated for most Internet users who only need the „click here” and „fill out your credit card details” functions. The most surprising feature is the lack of the delete keys, however.

„You do not need to delete anything anymore. We just follow the spirit of GMail.”, a namelessdeveloper was quoted. Just like the suggestions provided on the Google search pages, the Cr-48 will quickly parse the data you enter, compare it with your Google’s online profile and automatically select the words you meant to type. This is less error-prone and quicker for the average user. Google will add support for sponsored typos at a later stage. New users can optionally upload their personal psychogram, CV and private data to initialise this feature.

Storing data locally won’t be possible, too. This feature was added by a couple of governments participating in the Google Spy Program. The main idea is to search through user’s files more easily and watch out for potential terrorists, critics, journalists or anyone acting suspiciously. A side effect is that local authorities don’t need to search your home anymore. Of course, you have no access to your data in case you cannot access the Internet, but modern citizens aren’t supposed to log off ever, so that they be tracked efficiently. Make sure you carry you Google account login with you, just as your passport.

The Google Cr-48 is definitely a device that will change your way of life – and enable others to record it.


  • Posted on September 7, 2010 at 3:20 pm

Zombies sind allen Cineasten und Survivalanbetern ein Begriff. Sie werden dicht gefolgt von Amiga Computern, die immer noch im Betrieb sind. Nichts schlägt aber Nostalgie und Wiedergängertum so sehr wie ein Fernkopierer!

Manche sagen Fax dazu, abstammend von Telefaksimile, was gerne als Telefax und schließlich Fax abgekürzt wurde. Faxsysteme verwenden das gute, alte POTS. Unser Faxserver braust mit einem ELSA MicroLink 33.6TQV ins Netz. Ohne Rückendwind schafft man damit locker 14400 Baud (das sind Bit/s für alle Breitbandgeschädigten). Gerade heute habe ich sogar noch ein G3 Faxgerät verwendet, welches 33,4 kBaud schafft, auch ohne Rückenwind. Im August haben wir sogar einen Faxserver einem Upgrade unterzogen und eine B1 PCI-Karte für Faxen über ISDN eingebaut (das ist echtes Faxbreitband!).

Upgrades? Pah! Der Faxserver sagt zur Firmware des Modems: Ver. 1.24 vom 17.12.96

Upgrade kommt erst, wenn ich den Versionsstring auf Bugtraq lesen.

Neues RSS Radar – Newsbeuter

  • Posted on July 28, 2010 at 6:19 pm

Ich muß berufsbedingt bestimmte Nachrichten im Auge behalten. Üblicherweise würde man nun im Webbrowser diverse Bookmarks anlegen und sich anschließend totklicken. Wenn man 20, 30 verschiedene Quellen hat, dann ist der Browser eigentich am Ende. Kluge Köpfe haben deswegen Really Slick Syndication (RSS) erfunden. RSS Feeds enthalten das Wesentliche und meistens weder Werbung noch Code, der in den Browser injiziert wird. Also habe ich mich aufgemacht und den Newsbeuter installiert. Ich lese nie wieder anders Zeitung.

Der Newsbeuter ist genau das, was der Name aussagt – in RSS-Leser für die Konsole. Man kann bequem 50 Feeds auf einmal im Blick halten, neue Einträge schnell sehen, Updatefrequenz beliebig anpassen und ihn leicht bedienen. Es gibt eine Command History. Eine Datenbank merkt sich welche Einträge schon gelesen wurden. Mit wenigen Tastaturkommandos springt man zwischen den Nachrichten hin und her, schneller als mit jedem Touchpad. Multitouch my ass, sage ich da nur.