repats blog Thoughts of a digital native

29Dez/120

Apple USB Ethernet Adapter for Android Tablets

I just tried this for fun and didn't expect it to work... I used a $3 USB adapter I usually use for USB sticks and just plugged in the Apple USB Ethernet adapter for the Macbook Air. Then I turned off WiFi. There was no notification or anything, it just worked out of the box :) The tablet is a 32GB Nexus7 with Android 4.2.

image

flattr this!

Tags: , , , , , , , , , , , , keine Kommentare
10Jul/121

prosody 0.8.2. still waiting

I tried to start prosody with user-privileges (with user/group prosody) but I kept getting this message from prosodyctl start:

Still waiting...
Proody is still not running. Please give it some time or check your log files for errors.

But there were no errors in the log-file. If I deleted the log-file nothing was created again. I tried giving all the prosody folders 777 rights and chown'd them to the prosody-user, still...same error. I then went to the Prosody MUC. Once again, Zash helped me to isolate the error: the pid-file could not be written by the user. So I just changed the line

pidfile="/var/run/prosody.pid"

to:

pidfile="/home/prosody/prosody.pid"

flattr this!

Tags: , , , , , , , , , , , , 1 Kommentar
4Jul/110

Carnivorous Plants – Natures’ Flyswatter

At summertime my kitchen is full of flies and little mosquitos, even though I live in a rainy part of Germany, which is not even that warm. Last time I went to the hardware store, I found the Venus Flytrap and thought I might give it a try. And it worked! The plant grew quite a bit. I gave it some time to see if it survives because usually not even a cactus will grow in my room :/ Probably because I see it everyday while eating I remembered to water it regularly. Best thing is: you can't water it too much, it's a Helophyte ("swamp plant"), so it's used to a lot of water;) One thing to be careful about: you can only use distilled water(1€/5 liter) or rain water. If you've got a pond in your garden that should be alright too. After a while I bought a little plastic terrarium and added a Sarracenia Purpurea and a Pinguicula caudata. It's 5€ each and about 7€ for the little terrarium.

This is the perfect self-sustaining flyswatter brought to you by Nature™.
carnivorous plants
(click to enlarge)

carnivorous plants

flattr this!

Tags: , , , , , , , , , , , , keine Kommentare
13Apr/112

Making Skype secure via VPN or SSH Tunnel

Since you just can not convince people not to use Skype because it really is insecure, I decided to make Skype more secure by adding extra encryption, which is, as I found out, pretty simple. Just for written conversations you might want to try cryptochat, an extension just for skype(128-bit RSA), but no guarantees, I just googled it myself. Also consider using another service besides Skype(de) for as many connections as possible.

VPN (Virtual Private Network) (easiest)

A VPN creates a tunnel to a service provider you trust, preferably in a country where providers are not allowed to store traffic data(unlike the US I think). This means every bit of traffic is as good secured as the encryption to the end of the tunnel is. Between you and your computer, there is nothing(not your ISP or eavesdropper) that could intercept the data. On the other hand, you have to trust the VPN Provider.

For a few bucks a month(~5€) you can rent a VPN Service from several providers, see list below. Be sure not to use PPTP, because this (theoretically) is fairly insecure as well, a good choice might be OpenVPN or IPSec/L2TP. Most of the providers also have an idiot-proof introduction and how-to on their homepage.

SSH(Secure Shell)(advanced)

With both putty under Windows and OpenSSH under Linux it is possible to create a tunnel and use it on your computer like a socks5 proxy server. For creating a really secure SSH connection, don't use passwords but public-keys. Without any programming you can set up the encryption up to 4096bit which is quite strong. Some of the latest OpenSSH Versions even support ECC (e.g. for mobile..(?)). Use this tutorial to create a tunnel with windows, for Linux use this command:

ssh -D 42 user@host

Where 42 is the port, user is the linux username and host is the hostname of your provider. Then configure your Skype with the following settings(not for VPN!):

Important

All the tweaks shown here don't make skype secure(!), just a little more secure as it was before, adding extra encryption (see RC4). It doesn't prevent Skype or Intelligence Services from intercepting what you're skyping. If your computer is insecure e.g. because of keyloggers, trojan horses etc, VPN/SSH is just useless.

Providers

  • https://www.shellfire.de/
  • https://www.vpntunnel.se/de (only e-mail adress, nickname and a payment method(see below))
  • http://strongvpn.com/
  • https://www.relakks.com/
  • http://unblockvpn.com
  • http://www.google.com/search?hl=en&q=rent%20vpn

Payment

//edit: make sure you check out jitsi !

flattr this!

Tags: , , , , , , , , , , , , , , , , , , , , , , , , 2 Kommentare
12Apr/110

Establish secure instant messaging connections via jabber and OTR

//update: even easier: My installer for both messenger and encryption

So first of all, this site doesn't offer SSL, so if you're somewhat paranoid, consider using encrypted anonymous networks like TOR or i2p. Otherwise everybody could potentially listen what you're up to and the kind of software you're going to use.

Instant Messaging is what most of you might know as ICQ, AIM, YIM, Windows Live Messenger(or "MSN"), Skype, Google Talk, etc.

What I'm going to show you is how to install the instant-messenger Pidgin, the encryption extension OTR and create a jabber-account with a provider of your choice. But don't worry, this is not getting very technical, in fact, it probably takes you less than 5 minutes(!). At the end of the article you'll find some more explanations and backgrounds, if you're interessted.

Step by step

1. Download Pidgin at http://www.pidgin.im/download (Link for Windows)

2. Download the OTR Pidgin plugin at http://www.cypherpunks.ca/otr/ (Link for Windows)

3. Install Pidgin, just doubleclick on the icon and press next every time you're asked something. Then install the OTR plugin, same procedure.

4. Create a jabber account, for the beginning https://register.jabber.org/ will do (ignore the SSL warning, if you get one). Just choose a nickname, that might be your real name, a nickname or some letter-number-chaos, just remember it and the password too.

5. Open Pidgin, you're gonna be asked to create an profile/account. Choose XMPP as protocol. Username is the part in front of @jabber.org at your new jabber-address, so the nickname you chose before. Domain is jabber.org. Leave recource free and enter your password. Click Save.

7. Your buddy-list opens, as you might know it from ICQ or Skype. You can now add buddys via the main menu.

8. Enable OTR by clicking Tools/Plugins in the main menu, then scroll down, until you find Off-the-Records Messaging, make sure it's checked.

9. As soon as you chat with someome who also has OTR installed, Pidgin creates a pair of keys(only for the first time). As from now on the connection is encrypted. Just make sure, the person you're talking to, is really the person you think it is.

10. That's what the verifying function is about. On the right side of a chat window, there is a button with encrypted but not authorized butto, click on it and authorize your chat buddy via passphrase, question and answer or by compairing digital fingerprints over a secure connection, e.g. mobile phone or by standing next to each other.

 

Extra Information

Pidgin is a multi platform chat client. This means you can use whatever chat provider you want to, such as ICQ, Windows Live(MSN) or Skype and use just one programm for all of them. Also, OTR works with all of them, but to be completly independent on commercial providers, I chose jabber.

Now, jabber works a bit like e-mail (decentralized, that is). You have to choose a provider, just like you would choose hotmail.com, googlemail.com, yahoo.com etc for e-mail. There a quite a few providers, for example the Chaos Computer Club in Germany or even German Universities. Since jabber is free software you might even want set up your very own jabber server in your basement like me.

OTR has a pretty good encryption(AES, which is considered good enough for classified data by the US Intelligence Service National Security Agency(NSA), for more information, visit http://en.wikipedia.org/wiki/Advanced_Encryption_Standard). The big advantage is the encryption from end to end, so unless the attacker is in control over your computer, no ones gonna see what you're writing. Plus, it's plausible deniable, which means no one, not even your chat buddy, has any digital evidence you have ever said a word, see Plausible Deniability at wikipedia

Jabber, or rather the protocol XMPP is used by various big companies such as Google(google talk) or facebook(facebook chat). You just hardly ever get to know what's behind a system.

flattr this!

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , keine Kommentare
15Jan/111

IPv6 Privacy extensions Ubuntu 10.04

If not already happened, add the following to /etc/udev/rules.d/70-persistent-net.rules:

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*",
ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*",
RUN+="sysctl net.ipv6.conf.%k.use_tempaddr=2"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*",
ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="wlan*",
RUN+="sysctl net.ipv6.conf.%k.use_tempaddr=2"

Usually this happens when installing miredo or similar IPv6 tunneling software, but you might want to double-check it. Also, check if the eth* and wlan* fit your ethernet/wifi devices.

btw, unfortunately Android and I-Phone Devices don't have this, which causes quite a bit privacy concerns, see heise.de on IPv6 on Smartphones for more information (German)

flattr this!

Tags: , , , , 1 Kommentar
29Dez/103

27c3 signs

strange, funny, weird sings signs..mail to repat[at]repat[dot]de

flattr this!

Tags: 3 Kommentare
26Dez/100

Speicherkarte gefunden – Besitzer gesucht – Sydney NYE 2008

German Version below.

As I was doing some backups I found some pictures of a girl I have never met on my SD Card. Well, actually, it probably isn't mine;) Inspired by this blog post by steffen (and since it worked for him) I decided to try finding this girl over the internet.

So, dear Internet, do you know this Jane Doe?

On the pictures you see Sydney, NSW on 31/12/2008, mostly the harbour and Bondi Beach the next morning(01/01/2009). I've been to Sydney so I most likely took the SD Card accidentally while living in a hostel in Newtown. The photos were taken with a Nikon E4600. Sorry that I had a look at your photos but I guess that's the only way to get them back. Write me an email to repat[at]repat[dot]de or drop a comment here.

---

Als ich heute Backups gemacht habe habe ich Bilder auf einer SD Karte gefunden, von einem Mädel, das ich nie in meinem Leben gesehen habe. Inspiriert von diesem blog post von Stefan werde auch ich versuchen den rechtmässigen Besitzer über das Internet zu finden, immerhin hat es bei ihm geklappt.

Also, liebes Internet, kennt ihr diese Jane Doe?

Auf den Bildern sieht man überwiegend den Hafen von Sydney am 31.12.2008 und Bondi Beach am nächsten Morgen(1.1.2009). Ich bin selbst in Sydney gewesen und habe die Karte wahrscheinlich ausversehen in einem Hostel in Newtown eingesteckt. Die Fotos wurden mit einer Nikon E4600 gemacht. Tut mir leid, dass ich mir die Bilder angeschaut habe, aber das ist wohl die einzige Möglickeit sie wieder zu bekommen. Schreib mir eine mail an repat[at]repat[punkt]de oder hinterlasse hier einen Kommentar.

flattr this!

Tags: , , , keine Kommentare
15Dez/101

Diaspora and status.net/identi.ca

Today I read the following on twitter:

" and now !Diaspora is mirroring into !statusnet. Excellent! #microblogging #socialnetworks #onefeedtorulethemall "

originally from http://encyclomundi.status.net/notice/11978

After I scrolled through diaspora it turns out that's what he ment:

"I was imprecise in my grammar. My Diaspora is feeding into my statusnet, because i put the RSS feed from Diaspora into mirroring option on statusnet. Statusnet is pulling, Diaspora is not pushing :) "

That's of course not a bad idea, although identi.ca doesn't support this. Luckily twitterfeed.com also supports status.net, so identi.ca:) Just create an account, enter your RSS Adress(https://joindiaspora.com/public/username) and there you go:)

flattr this!

Tags: , , , , 1 Kommentar
5Dez/102

iodine – free wifi hotspots mit IPv4 ueber DNS und Dockstar

Vorweg: Diese Anleitung dient nur zur Lehrzwecken, ich bin nicht dafür verantwortlich, wenn damit, sei es legal oder illegal Sicherheitssperren umgangen werden!

Jeder kennt das Problem, das man am Gate am Flughafen sitzt oder im ICE und es gibt einen W-LAN Hotspot, nur leider muss man dafür zahlen...In Australien gab es an jeder Ecke Paid HotSpots(häufig Global Gossip), zu horrenden Preisen und mit einer unverschämt langsamen Verbindung.

Nun hab ich grade über einen Bekannten eine theoretische Lösung für solche bzw. die meisten solcher unangenehmen Anbieter gefunden: iodine

Dieses kleine Programm sendet alle Pakete über Port 53, also DNS, welches die meisten Firewalls durchlassen, testen kann man das mit folgendem Befehl:

$ ping repat.de
PING repat.de (212.12.54.159) 56(84) bytes of data.

Wenn sich also der Name in eine IP-Adresse auflöst, dann sollte das hier prinzipiell möglich sein.

Eine kleine Anleitung, da ich hier nicht alles aufschreiben kann, was gemacht wurde: Als allererstes muss DNS richtig konfiguriert werden für die Domain, dazu brauch man vollen Zugriff. Es ist mit einer dyndns Adresse unseres Wissens nicht möglich, s. dazu das README .

Dann kann man auf der Dockstar, einem kleinen Homeserver, oder auch auf jedem beliegen Server, auf den man Root-Zugriff hat, den iodine-server starten :

iodined -P password 192.168.3.123 meine.dyndns.tld

Auf dem Client jetzt die /etc/default/iodine anpassen:

# Default settings for iodine. This file is sourced from
# /etc/init.d/iodined
START_IODINED="false"
IODINED_ARGS="192.168.3 tunnel.domain.tld"
IODINED_PASSWORD="Passwd"

Falls man die Dockstar benutzt, muss man nur noch Port 53 auf die Dockstar IP im Router forwarden und den Client starten:

sudo iodine -f tunnel.domain.tld

tunnel.domain.tld ist die subdomain, die der Bekannte für mich eingerichtet habt für meine dyndns Adresse.

Voila, free Internet überall:)

//update

Geschwindigkeitsoptimierer:

  • Bilder ausstellen
  • Einen User-Agent von mobilen Geräten/Smartphones benutzen(z.B. mit User Agent Switcher als Firefox-Plugin)
  • Opera Turbo aktivieren beim Opera Browser(Website wird von Opera Servern angefragt, komprimiert, dir zugesendet und dort wieder entpackt, also quasi ein Proxy)
  • lynx als textbasierten Browser

flattr this!

Tags: , , , , , , , , , , , , , 2 Kommentare
   ältere Artikel »

Suchen

Seiten

Wikipedia muss Kulturerbe werden Piratenpartei Deutschland Python Firefox Follow me on twitter Follow me on identi.ca Debian User Ubuntu User This blog is under CC-BY-SA Hacker Logo Club Mate Android User Chaos Computer Club Germany Australia Wikipedia OpenStreetMap Cryptocurrency Bitcoin Have a look at my social bookmarks Freedom of Speech Jabber Instant Messaging friendica - a very nice open source social network telecomix Hosted by uberspace Valid XHTML 1.0 Transitional

If this article helped you it'd be nice of you to drop a comment or flattr me:)

Follow me on identi.ca

RSS scuttle

Blogroll

Podcasts

Kategorien