ra`s fnord » English http://ra.fnord.at blog Thu, 20 Sep 2012 12:06:12 +0000 http://wordpress.org/?v=abc en hourly 1 Easy and secure anonymous internet usage http://ra.fnord.at/2011/05/easy-and-secure-anonymous-internet-usage/ http://ra.fnord.at/2011/05/easy-and-secure-anonymous-internet-usage/#comments Sun, 29 May 2011 15:42:31 +0000 ra http://ra.fnord.at/?p=247 As of June 2012 all updates regarding the (fast) gateway will be posted on github.



Short version:

An easy and secure way for anonymous internet usage:

  1. Install and start Virtualbox (at least version 4).
  2. Download two VM images: Tor gateway and Tor workstation
  3. Import the images (in Virtualbox File->Import Appliance)

To start using the internet anonymously you just have to start both VMs Tor gateway VM and Tor workstation VM. As soon as they they finished booting, you can use the anonymous internet access through the Tor workstation. If you want to stop using the internet anonymously, just power down both VMs.

Long version:

The goal of this article is to provide a solution to use the internet anonymously in an easy and secure way. Anonymous as in no one but you must be able to tell that you are communication with a certain receiver (like browsing a website: No one must know that you are surfing that certain website). A way to use the internet anonymously is to use an internet connection that can not be tracked down to your person and a computer that has no information stored about you. Which means quite an effort every single time you want to use the internet anonymously. For an internet connection that can not be tracked down to your person, software like Tor has been developed to accomplish this also over a non-anonymous internet connection. Checking if the computer has no information stored about you, can not be handled by the Tor software and must be handled by the user! Currently there is one major problem if you want to use the internet anonymously: You really do have to understand the functioning of computer networks and the Tor software to a degree that is far away from being trivial – otherwise you might probably use the software in an insecure way. Let me give you some examples:

  1. Install the Tor client to your Operating System and configure your browser to use the local TOR client through SOCKS-proxy functionality of Tor (or use extensions like Torbutton for Firefox to do that for you). While this is quite easy to accomplish, it has a major security drawback: If you use your everyday browser it has a lot of information stored about you and your browsing history and behavior which it might leak. Even if you use some other browser, you must turn of all plugins like Java or Flash and disable Javascript (or use a proxy like Privoxy to do that for you) so they can not leak information like which sites you visited or in which network or city you are, … But this breaks lots of websites nowadays. While this approach might be easy it is usable for browsers only and far from being “secure”.
  2. If you use the tsocks/torify approach which allows non SOCKS aware applications (e.g telnet, ssh, ftp etc) to use SOCKS without any modification, you can use most applications. But they might still leak information about the local system themselves. Besides there is the risk of just forgetting to type the “torify” in front of the command that should be executed. Which is definitely not what one wants to happen. So this approach is neither “easy” nor “secure”.
  3. The VM approach I already wrote about in an article earlier, puts the software you are using on the internet into an virtual machine (VM) which reduces the risk to leak information about you and the information within the VM. The drawback is that you have to configure a redirection with a packet filter or firewall on your host system and that you have to set up and configure a VM to use as an anonymous workstation. So this approach is still far from being “easy”.

Which is why I want to discuss a new approach that is at least as secure as the last one above (#3) but additionally should be quite easy to use:

  1. Install and start Virtualbox (at least version 4).
  2. Download two VM images: Tor gateway and Tor workstation
  3. Import the images (in Virtualbox File->Import Appliance)

To start using the internet anonymously you just have to start both VMs Tor gateway VM and Tor workstation VM. As soon as they finished booting, you can use the anonymous internet access through the Tor workstation. If you want to stop using the internet anonymously, just power down both VMs. The task of routing traffic through the Tor network has been moved to the Tor gateway VM. So you do not have to modify your local system any more then installing Virtualbox and importing both VMs. You do have a preconfigured Tor workstation ready to use that boots within a minute and you can be sure to anonymously use the internet. The Tor gateway runs OpenWRT Linux using just about 8Mb of disk space and 32Mb of RAM. It boots in less then 3 seconds and transparently routes all traffic generated within the Tor gateway itself and every traffic coming on the virtual internal interface “tor” through the Tor network. You do not need to do anything but start when you want to use Tor and stop the VM when you finished. The Tor workstation runs Micro Core Linux using about 120Mb of disk space and 192Mb of RAM. It boots in less then a minute and has some browsers (Firefox, Chromium and Opera) and a terminal installed. It only stores information within a session. So if you shut it down and boot it again it does not have any information about the previous session. Of course you are not forced to use the Tor workstation. You can use any other VM (Linux, Windows, AmigaOS, just any TCP/IP capable Operating System). Just configure the network settings of the VM (in Virtualbox Settings->Network->Adapter attached to internal network “tor”). Please report, if you encounter any unwanted behavior or find any problems! Also do so if you have got any suggestions to improve the VMs or this approach as a whole. Side note: The content of the communication between you (Tor workstation VM) and any receiver (e.g. a website) is necessarily only encrypted within the Tor network. So if you open an unencrypted connection to any receiver the Tor exit node which in fact opens the connection to the receiver is able to see the content of the connection. So do not send any sensible information like passwords over unencrypted connections!

Information for developers

There is a git repository available for building the Tor gateway image from scratch. Feedback and patches are welcome.

Changelog

To use the fast gateway you need to change the internal network of workstation VM to “torfast”.

]]>
http://ra.fnord.at/2011/05/easy-and-secure-anonymous-internet-usage/feed/ 134
IBM/Lenovo X60s BIOS upgrade http://ra.fnord.at/2010/08/ibmlenovo-x60s-bios-upgrade-2/ http://ra.fnord.at/2010/08/ibmlenovo-x60s-bios-upgrade-2/#comments Wed, 25 Aug 2010 15:37:41 +0000 ra http://ra.fnord.at/?p=237 The IBM/Lenovo X60s has two Mini-PCI-Express slots: One for a WLAN and the other for WWAN-device.
IBM/Lenovo whitelists some device according to their PCI IDs in the BIOS. So if you want to use a WLAN or WWAN card that has not been “blessed” by IBM/Lenovo you will see the error “1802″ or “1804″, the BIOS will disable the device and it can not be used by the operating system.

Zender” did a lot of work and published information on how to bypass that errors. If you want the direct URL to the BIOS modifications contact me as Zender does not want the URL to be publicly available.

Using his BIOS modification and the instructions on thinkwiki I put together a BIOS update CDROM-ISO to upgrade the BIOS from an external USB-CDROM which I tested on my X60s but it should also work on X60. Two notes: If you already have the latest BIOS version, you have to downgrade the BIOS first and if you have a custom logo you have to remove that (and than apply it again).

]]>
http://ra.fnord.at/2010/08/ibmlenovo-x60s-bios-upgrade-2/feed/ 9
Building an auditory and visual stimulation device with EEG feedback loop http://ra.fnord.at/2010/06/building-an-auditory-and-visual-stimulation-device-with-eeg-feedback-loop/ http://ra.fnord.at/2010/06/building-an-auditory-and-visual-stimulation-device-with-eeg-feedback-loop/#comments Sat, 26 Jun 2010 14:18:46 +0000 ra http://ra.fnord.at/?p=216 Building an auditory and visual stimulation device with EEG feedback loop. An open source software and hardware approach for controllable brainwave entrainment.” is the title of my bachelor thesis.

More populistic I could say this is about finding out if it is possible to build a device which lets a human sleep and wake up again purposely.

Sounds interesting? Do not hesitate to read the thesis and/or leave a comment!

]]>
http://ra.fnord.at/2010/06/building-an-auditory-and-visual-stimulation-device-with-eeg-feedback-loop/feed/ 0
Instant messaging file transfers just do not work http://ra.fnord.at/2009/05/instant-messaging-file-transfers-just-do-not-work/ http://ra.fnord.at/2009/05/instant-messaging-file-transfers-just-do-not-work/#comments Sat, 30 May 2009 12:34:49 +0000 ra http://ra.fnord.at/?p=181 A few days ago I wanted to quickly send a file through my instant messaging client which neither worked through xmpp nor icq. It came to my mind that I keep having this problem for years now and having to send files through email sucks.

So I decided to write a small script which is executed from the context menu of konqueror or dolphin (kde file browsers). It compresses a file or directory, sets a password and uploads it to filefactory.com .

project site on kde-apps.org

]]>
http://ra.fnord.at/2009/05/instant-messaging-file-transfers-just-do-not-work/feed/ 2
Flash cookies http://ra.fnord.at/2009/04/flash-cookies/ http://ra.fnord.at/2009/04/flash-cookies/#comments Fri, 10 Apr 2009 23:08:50 +0000 ra http://ra.fnord.at/?p=168 If you are concered about your privacy while browsing you probably know about cookies and handle them properly (delete them automatically when closing a browser session, block all cookies except whitelisted ones, ..).

Macromedia/Adobe introduced something similar to cookies called “Local Shared Object” in Flash6. Unfortunately browsers (at least Firefox) currently do not handle Flash cookies easily. If you tell your browser to clear its cookies they simply persist.

I was very surprised by the vast amount of flash cookies located on my system. Take a look yourself “~/.macromedia/Flash_Player/#SharedObjects/” for Linux, “~/Library/Preferences/Macromedia/Flash Player/#SharedObjects/” for Mac OS X or “%APPDATA%\Macromedia\Flash Player\#SharedObjects\” for Windows XP/Vista.

Two Flash cookies on my system are related to a browser game all others were not needed and I deleted them. You can configure your flash preferences at Adobe. If you want to deny all Flash cookies you need to set the amount of disk space that can be used to “None” at the “Global Storage Settings”. You will then be asked everytime a Flash object wants to set a cookies unless you also enable “Never ask again”.

Some more information about Flash cookies.

]]>
http://ra.fnord.at/2009/04/flash-cookies/feed/ 0
Firefox extensions http://ra.fnord.at/2008/11/firefox-extensions/ http://ra.fnord.at/2008/11/firefox-extensions/#comments Wed, 26 Nov 2008 10:23:50 +0000 ra http://ra.fnord.at/?p=128 These are the firefox extensions I use today. I hope some of them are as useful for you as they are for me. If you know any extensions I should not have left out or think that one of the below is outdated just leave a comment..

  • adblock plus: ad blocker
  • cookiesafe: control cookie persmissions from within the statusbar.
  • customizegoogle: enhance google search results by adding extra information and remove ads and spam.
  • download statusbar: nice download manager
  • tagsifter: tag your bookmarks. finally bookmarks become useable..
  • update scanner: monitors webpages for updates which still don’t provide rss feeds
  • mitm me: bypass the very annoying ssl errors introduced in firefox3 with a single click.
  • gtranslate: translates the selected text via google translate
  • keyconfig: nice key configuration. Personally I use it to configure the forward and back keys.
  • noscript: allows JavaScript, Java, Flash and other plugins to be executed only by web sites of your choice.
  • fasterfox: performance and network tweaks for firefox
  • unplug: download flash movies easily (for firefox3 there is no “official” but a “modded” version which just alters the version check).
  • add n edit cookies: cookie editor that allows you add and edit session and saved cookies
  • bugmenot: bypass annoying web registrations with the context menu (input from ).
  • refcontrol: control what gets sent as http referer on per-site basis.
  • tab mix plus: has a very rich (not to say bloated) feature set. Currently I use the multi row tab feature and the closed tabs icon (which is way better than the default one).
  • firebug: edit, debug, and monitor CSS, HTML, and JavaScript live
  • safecache: defends against cache-based tracking techniques but is currently only available for firefox2.
  • safehistory: defends against visited-link-based tracking techniques but is also only available for firefox2.
]]>
http://ra.fnord.at/2008/11/firefox-extensions/feed/ 0
Kmail auto add address to addressbook http://ra.fnord.at/2008/11/kmail-auto-add-address-to-addressbook/ http://ra.fnord.at/2008/11/kmail-auto-add-address-to-addressbook/#comments Fri, 21 Nov 2008 13:45:22 +0000 ra http://ra.fnord.at/?p=124 I just figured out how to automatically add addresses I wrote an email to to my addressbook in kmail. Christian Schaarschmidt wrote a small patch which adds a filter you can define for your outgoing mails. Unfortunately it’s not available in vanilla kmail (yet?). I added an updated ebuild+patch to my gentoo repository so one can easily use it.

I think got used to that feature with the previous mail client I used: thunderbird and I am wondering if the mail client I used before thunderbird (mutt) has a similar feature.

]]>
http://ra.fnord.at/2008/11/kmail-auto-add-address-to-addressbook/feed/ 0
Mindmachine http://ra.fnord.at/2008/11/mindmachine/ http://ra.fnord.at/2008/11/mindmachine/#comments Sat, 01 Nov 2008 16:39:45 +0000 ra http://ra.fnord.at/?p=120 I just created a new tumblelog/soup in which I will document the progress of creating a Sound&Light-Machine with EEG feedback loop (aka Mindmachine). The soup is currently empty but I will feed it within the next weeks with the current status of the project.

]]>
http://ra.fnord.at/2008/11/mindmachine/feed/ 0
Google proxy http://ra.fnord.at/2008/10/google-proxy/ http://ra.fnord.at/2008/10/google-proxy/#comments Mon, 20 Oct 2008 13:44:20 +0000 ra http://ra.fnord.at/?p=115 Some time ago I had the idea to write a google proxy which implements the features of the customizegoogle extension for firefox but should be browser and operating system independent. Today I stumbled across scroogle which apparently does implement some of the features (and uses ssl).
If you want to use it as default search engine in firefox, enter “about:config” in the location bar, search for “keyword.url” and change the value to “https://ssl.scroogle.org/cgi-bin/nbbwssl.cgi?Gw=”.
There are also search engine plugins available.

]]>
http://ra.fnord.at/2008/10/google-proxy/feed/ 0
Gentoo overlay http://ra.fnord.at/2008/10/gentoo-overlay/ http://ra.fnord.at/2008/10/gentoo-overlay/#comments Sun, 05 Oct 2008 19:55:31 +0000 ra http://ra.fnord.at/?p=110 I finally put my local ebuilds online. Browse my Gentoo overlay.

Update:
New URL: git://github.com/ra–/ra-gentoo-overlay.git
Browse online: http://github.com/ra–/ra-gentoo-overlay/tree/master

]]>
http://ra.fnord.at/2008/10/gentoo-overlay/feed/ 0
Automatic renewing at libraries using the aleph software (tested with Vienna University of Technology and University of Vienna) http://ra.fnord.at/2008/09/automatic-renewing-at-libraries-using-the-aleph-software-tested-with-vienna-university-of-technology-and-university-of-vienna/ http://ra.fnord.at/2008/09/automatic-renewing-at-libraries-using-the-aleph-software-tested-with-vienna-university-of-technology-and-university-of-vienna/#comments Sat, 06 Sep 2008 10:12:33 +0000 ra http://ra.fnord.at/?p=108 Since I use the libraries of universities quite heavily I wrote a small perl script “alephrenew.pl” about two years ago which does the renewing of books for me.

The reason for writing it was that I gain an advantage (to other people using the library) when I renew every day (if there are reservations on the book one with the oldest renewing date has to bring it back – at least as far as I understand the behaviour of the Aleph software).

The help should be self explaining:

Usage: ./alephrenew.pl [-h] [-q] -b <baseurl> -u <username> -p <password> [-r <seconds>]

-h    : this help message
-q    : quiet (suppress success message)
-b    : baseurl without trailing slash (eg. http://aleph.ub.tuwien.ac.at)
-u    : username (eg. $E123456) – you will probably need to escape the “$”
-p    : password – your date of birth in the form of YYYYMMDD (eg. 19730425)
if you did not change it
-r    : wait random time between 1 and “seconds” seconds (before starting and
1 to 30 seconds between the requests – so it does not look like a script)

Examples:
./alephrenew.pl -q -b http://aleph.ub.tuwien.ac.at -u \$E123456 -p 19730425 -r 3600
./alephrenew.pl -b http://aleph.univie.ac.at -u \$E098765 -p 19851224

A crontab entry may look like this:
0 0 * * 2-6 /path/to/alephrenew.pl -q -b http://aleph.ub.tuwien.ac.at -u \$E3862419 -p 0wN4g3 -r 7200

It’s tested with the libraries of the Vienna University of Technology and the University of Vienna but should work with any other library using the Aleph software.

It is released under the terms of the GPLv2.

I do appreciate your feedback!

]]>
http://ra.fnord.at/2008/09/automatic-renewing-at-libraries-using-the-aleph-software-tested-with-vienna-university-of-technology-and-university-of-vienna/feed/ 2
Google Earth http://ra.fnord.at/2008/09/google-earth/ http://ra.fnord.at/2008/09/google-earth/#comments Wed, 03 Sep 2008 19:09:48 +0000 ra http://ra.fnord.at/?p=107 I experienced Google Earth being really slow after updating it to version 4.3. Disabling atmosphere in the view menu made it work again.

]]>
http://ra.fnord.at/2008/09/google-earth/feed/ 0
NetworkManager applet for KDE http://ra.fnord.at/2008/04/networkmanager-applet-for-kde/ http://ra.fnord.at/2008/04/networkmanager-applet-for-kde/#comments Sat, 26 Apr 2008 09:59:52 +0000 ra http://ra.fnord.at/2008/04/networkmanager-applet-for-kde/ A few days ago I figured out that the NetworkManager applet for Gnome is also working in KDE. I use it because it has less bugs, compiles against the current svn of NetworkManager and works more reliable in general then the KNetworkManager. Someone should have told me before that this works. (:

]]>
http://ra.fnord.at/2008/04/networkmanager-applet-for-kde/feed/ 1
Soup http://ra.fnord.at/2008/04/soup/ http://ra.fnord.at/2008/04/soup/#comments Sat, 26 Apr 2008 09:44:27 +0000 ra http://ra.fnord.at/2008/04/soup/ The last months I more and more used a tumble blogging platform with social features called “soup“. It’s easy to create content very fast, but one disadvantage compared to a wordpress blog is the lack of good editor. I use it quite heavily anyway.

Here is my soup ra.soup.io and its RSS feed.

]]>
http://ra.fnord.at/2008/04/soup/feed/ 0
New driver in linux kernel for intel 3945 wlan chip http://ra.fnord.at/2008/04/new-driver-in-linux-kernel-for-intel-3945-wlan-chip/ http://ra.fnord.at/2008/04/new-driver-in-linux-kernel-for-intel-3945-wlan-chip/#comments Sat, 26 Apr 2008 09:29:26 +0000 ra http://ra.fnord.at/2008/04/new-driver-in-linux-kernel-for-intel-3945-wlan-chip/ I already tried the new driver for the intel 3945 wlan chip (iwl3945) a couple of times, but it always ran more unsatisfying than the old driver (ipw3945) – even though the old driver has many problems (needs a daemon running, sometimes problems when resuming from suspend/hibernate, ..).

The new version in the 2.6.25 linux kernel works quite well for me (the one in 2.6.24 did not), but the wlan led is not working. This patch makes it work (I removed the support for the 4965 chip since I don’t need it. If you need it: this is the source to the patch).

]]>
http://ra.fnord.at/2008/04/new-driver-in-linux-kernel-for-intel-3945-wlan-chip/feed/ 0
Corrupt Banking System http://ra.fnord.at/2007/12/corrupt-banking-system/ http://ra.fnord.at/2007/12/corrupt-banking-system/#comments Wed, 26 Dec 2007 22:49:00 +0000 ra http://ra.fnord.at/2007/12/corrupt-banking-system/ Videos explaining monetary theory for layman/non-economists.

]]>
http://ra.fnord.at/2007/12/corrupt-banking-system/feed/ 0
suspend/hibernate buttons in kde shutdown dialog http://ra.fnord.at/2007/10/suspendhibernate-buttons-in-kde-shutdown-dialog/ http://ra.fnord.at/2007/10/suspendhibernate-buttons-in-kde-shutdown-dialog/#comments Sat, 06 Oct 2007 15:05:59 +0000 ra http://ra.fnord.at/2007/10/suspendhibernate-buttons-in-kde-shutdown-dialog/ I took a patch which implements the suspend/hibernate buttons within the shutdown dialog in kde from the kubuntu guys and made it work on gentoo.

If you have no clue what this is all about here are two screenshots [1] [2] (actually these do not represent the patch exactly, but you should get the idea).

The kde split ebuild for ksmserver: ebuild (I will do the update to the kde-all-in-one ebuild on request).

To make use of the feature emerge with USE=”dbus hal”. If you don’t see any icons next to the suspend/hibernate buttons, make sure you use an icon set that provides the files “suspend.png” and “hibernate.png”.

]]>
http://ra.fnord.at/2007/10/suspendhibernate-buttons-in-kde-shutdown-dialog/feed/ 0
Kernel patches http://ra.fnord.at/2007/09/kernel-patches/ http://ra.fnord.at/2007/09/kernel-patches/#comments Sat, 29 Sep 2007 15:07:36 +0000 ra http://ra.fnord.at/2007/09/kernel-patches/ I updated some kernel patches:

]]>
http://ra.fnord.at/2007/09/kernel-patches/feed/ 0
konq-pdf (various PDF service menus for KDE) http://ra.fnord.at/2007/09/konq-pdf-various-pdf-service-menus-for-kde/ http://ra.fnord.at/2007/09/konq-pdf-various-pdf-service-menus-for-kde/#comments Fri, 28 Sep 2007 18:20:47 +0000 ra http://ra.fnord.at/2007/09/konq-pdf-various-pdf-service-menus-for-kde/ A few weeks ago I stumbled accross konq-pdf which offers various PDF related service (“right click”) menus for konqueror. These menus contain joining/adding files, changing pages per sheet, rotating, converting to other formats, extracting images, .. in a few words: it’s very handy if you don’t want to remember all the command line parameters for pdftk/pdfjam you just need once in a while. (:

There are just two things I found in the software:
The kde submenu text in pdfnup.desktop “X-KDE-Submenu=Paginate” is not
very clear. “X-KDE-Submenu=Pages per sheet” would be better imho.

A small bug in pdfjoin.desktop makes it always display the italian kde
submenu: “X-KDE-Submenu=Unisci o aggiungi” should be replaced by
“X-KDE-Submenu[it]=Unisci o aggiungi”.

I just wrote the author Giuseppe Benigno an email, so these “bugs” probably get fixed soon.

]]>
http://ra.fnord.at/2007/09/konq-pdf-various-pdf-service-menus-for-kde/feed/ 0
New location http://ra.fnord.at/2007/09/new-location/ http://ra.fnord.at/2007/09/new-location/#comments Fri, 28 Sep 2007 17:48:47 +0000 ra http://ra.fnord.at/2007/09/new-location/ As you are reading this you probably already know: this blog moved away from twoday to wordpress and is now reachable under a new url http://ra.fnord.at/ on my own server. Update the feed url. Everything will be much better.. (:

]]>
http://ra.fnord.at/2007/09/new-location/feed/ 0
bugmenot firefox extension http://ra.fnord.at/2007/09/bugmenot-firefox-extension/ http://ra.fnord.at/2007/09/bugmenot-firefox-extension/#comments Fri, 21 Sep 2007 14:02:43 +0000 ra https://sunkist.annessi.at/wordpress/2007/09/21/bugmenot-firefox-extension/ The firefox extension for bugmenot is still working (at least for firefox 2.0.0.6)

Source: http://roachfiend.com/archives/2005/02/07/bugmenot/
Direct installation link: http://extensions.roachfiend.com/bugmenot.xpi

]]>
http://ra.fnord.at/2007/09/bugmenot-firefox-extension/feed/ 0
Linux Power Saving Projects http://ra.fnord.at/2007/09/linux-power-saving-projects/ http://ra.fnord.at/2007/09/linux-power-saving-projects/#comments Fri, 21 Sep 2007 11:46:51 +0000 ra https://sunkist.annessi.at/wordpress/2007/09/21/linux-power-saving-projects/ Even more linux power saving information from intel on LessWatts.org.

Source: http://kerneltrap.org/Linux/Power_Saving_Projects

]]>
http://ra.fnord.at/2007/09/linux-power-saving-projects/feed/ 0
Kernel “Trusted Path Execution” patch (tpe) http://ra.fnord.at/2007/09/kernel-trusted-path-execution-patch-tpe/ http://ra.fnord.at/2007/09/kernel-trusted-path-execution-patch-tpe/#comments Mon, 10 Sep 2007 17:33:29 +0000 ra https://sunkist.annessi.at/wordpress/2007/09/10/kernel-trusted-path-execution-patch-tpe/ I just finished a patch to the Linux kernel which implements “trusted path execution”.

You can specifiy a trusted directory and a group as “trusted” or “untrusted”.
If the group is untrusted all users belonging to this group will only be able to execute files from the trusted directory. If the group is trusted all users will only be able to execute files from the trusted directory but users belonging to the group (and root of course).

Get it here: linux-2.6.18-tpe_restriction (patch, 5 KB)

The patch is based on grsecurity – so credits go to Brad Spengler.

]]>
http://ra.fnord.at/2007/09/kernel-trusted-path-execution-patch-tpe/feed/ 0
Firefox “restore dialog”-patch http://ra.fnord.at/2007/08/firefox-restore-dialog-patch/ http://ra.fnord.at/2007/08/firefox-restore-dialog-patch/#comments Thu, 30 Aug 2007 16:41:08 +0000 ra https://sunkist.annessi.at/wordpress/2007/08/30/firefox-restore-dialog-patch/ If browser.startup.page is set to 3 (“When firefox starts” -> “Show my windows and tabs from last time”) firefox should always restore automatically the browsing session (but after a crash).
Each time after logging out (at least from kde) the restore dialog appears (“Restore session” / “Start new session”).
This is quite annoying for me since I never pressed “Start new session”, but by mistake.

The ideal solution is that logging out will not result in an improper shutdown of firefox, but I wrote a small patch that introduces the browser.sessionstore.resume_session_always setting which works for me.

I also updated Gentoo’s ebuild for firefox 2.0.0.6 to use this patch (just extract it to your /usr/local/portage directory).

Update: The above bug is fixed in firefox3. As a work around, you can create a new string preference “browser.sessionstore.restore_prompt_uri” and set it to “javascript:window.close();” (without the quotes).
Unfortunately I could not find a way to make this work with NoScript (yet).

Update #2:
Good news (:
Giorgio Maone kindly updated the NoScript plugin to allow the trick above. You currently have to use the development version (1.1.6.18).

]]>
http://ra.fnord.at/2007/08/firefox-restore-dialog-patch/feed/ 2
Robert Anton Wilson Meme-orial Videos http://ra.fnord.at/2007/08/robert-anton-wilson-meme-orial-videos/ http://ra.fnord.at/2007/08/robert-anton-wilson-meme-orial-videos/#comments Wed, 01 Aug 2007 12:31:53 +0000 ra https://sunkist.annessi.at/wordpress/2007/08/01/robert-anton-wilson-meme-orial-videos/ The Robert Anton Wilson Meme-orial Videos
Recorded Sunday, February 18, 2007 in Santa Cruz, CA
http://www.smi2le.com/

RAW@Wikipedia: http://en.wikipedia.org/wiki/Robert_Anton_Wilson

]]>
http://ra.fnord.at/2007/08/robert-anton-wilson-meme-orial-videos/feed/ 1
Kernel Patches (proc & dmesg restriction) http://ra.fnord.at/2007/07/kernel-patches-proc-dmesg-restriction/ http://ra.fnord.at/2007/07/kernel-patches-proc-dmesg-restriction/#comments Tue, 31 Jul 2007 16:38:11 +0000 ra https://sunkist.annessi.at/wordpress/2007/07/31/kernel-patches-proc-dmesg-restriction/ I updated two kernel patches to the Linux kernel.

  • linux-2.6.18-proc_restrictions.patch (patch, 12 KB) which basically restricts non-root users from viewing all processes (plus an option for some additional /proc restrictions). It is possible to define a GID which is not affected by the restrictions.
  • linux-2.6.18-dmesg_restriction.patch (patch, 1 KB) which restricts non-root users from viewing kernel log buffer messages.

Both patches are based on grsecurity – so credits go to Brad Spengler.

]]>
http://ra.fnord.at/2007/07/kernel-patches-proc-dmesg-restriction/feed/ 0
How to fold a t-shirt? http://ra.fnord.at/2007/07/how-to-fold-a-t-shirt/ http://ra.fnord.at/2007/07/how-to-fold-a-t-shirt/#comments Tue, 17 Jul 2007 18:08:42 +0000 ra https://sunkist.annessi.at/wordpress/2007/07/17/how-to-fold-a-t-shirt/ Did you ever get angry about folding t-shirts?
Try this! (:

]]>
http://ra.fnord.at/2007/07/how-to-fold-a-t-shirt/feed/ 1
Chaos Communication Camp 2007 http://ra.fnord.at/2007/07/chaos-communication-camp-2007/ http://ra.fnord.at/2007/07/chaos-communication-camp-2007/#comments Sun, 15 Jul 2007 12:30:29 +0000 ra https://sunkist.annessi.at/wordpress/2007/07/15/chaos-communication-camp-2007/ The Chaos Communication Camp is an international, five-day open-air event for hackers and associated life-forms.
The Camp features two conference tracks with interesting lectures, workshops and other stuff.
It will take place from August 8th to 12th 2007 in Finowfurt near Berlin.

The Metalab crew organizes flight & shuttle from vienna to the camp and back: http://campflug.at/

Chaos Communication Camp Poster

]]>
http://ra.fnord.at/2007/07/chaos-communication-camp-2007/feed/ 0
Suspend2 Becomes TuxOnIce http://ra.fnord.at/2007/07/suspend2-becomes-tuxonice/ http://ra.fnord.at/2007/07/suspend2-becomes-tuxonice/#comments Wed, 04 Jul 2007 05:22:15 +0000 ra https://sunkist.annessi.at/wordpress/2007/07/04/suspend2-becomes-tuxonice/ The Suspend2 project has been renamed to TuxOnIce Nigel Cunningham announced on the lkml.

Source: http://kerneltrap.org/node/8476

]]>
http://ra.fnord.at/2007/07/suspend2-becomes-tuxonice/feed/ 0
Think before you post http://ra.fnord.at/2007/06/think-before-you-post/ http://ra.fnord.at/2007/06/think-before-you-post/#comments Thu, 07 Jun 2007 15:18:30 +0000 ra https://sunkist.annessi.at/wordpress/2007/06/07/think-before-you-post/

Source: http://www.jasonblogs.com/2007/06/05/think-before-you-post/

]]>
http://ra.fnord.at/2007/06/think-before-you-post/feed/ 0
Understanding Power Consumption http://ra.fnord.at/2007/05/understanding-power-consumption/ http://ra.fnord.at/2007/05/understanding-power-consumption/#comments Wed, 16 May 2007 07:50:06 +0000 ra https://sunkist.annessi.at/wordpress/2007/05/16/understanding-power-consumption/ Intel released a utility “powertop” for detecting what Linux programs and kernel tunables are resulting in the most power consumption.

Source: http://kerneltrap.org/node/8207

]]>
http://ra.fnord.at/2007/05/understanding-power-consumption/feed/ 0
GNU/Linux on Dell notebooks/workstations http://ra.fnord.at/2007/04/gnulinux-on-dell-notebooksworkstations/ http://ra.fnord.at/2007/04/gnulinux-on-dell-notebooksworkstations/#comments Sun, 01 Apr 2007 22:29:00 +0000 ra https://sunkist.annessi.at/wordpress/2007/04/02/gnulinux-on-dell-notebooksworkstations/ Dell announced to support GNU/Linux on notebook and (consumer)workstations.
http://direct2dell.com/one2one/archive/2007/03/28/9655.aspx
http://www1.euro.dell.com/content/topics/global.aspx/ideastorm/ideasinaction

]]>
http://ra.fnord.at/2007/04/gnulinux-on-dell-notebooksworkstations/feed/ 0
Web 2.0 … The Machine is Us/ing Us http://ra.fnord.at/2007/02/web-20-the-machine-is-using-us/ http://ra.fnord.at/2007/02/web-20-the-machine-is-using-us/#comments Tue, 06 Feb 2007 22:55:00 +0000 ra https://sunkist.annessi.at/wordpress/2007/02/07/web-20-the-machine-is-using-us/

]]>
http://ra.fnord.at/2007/02/web-20-the-machine-is-using-us/feed/ 0
23C3 videos http://ra.fnord.at/2007/01/23c3-videos/ http://ra.fnord.at/2007/01/23c3-videos/#comments Sat, 13 Jan 2007 16:38:38 +0000 ra https://sunkist.annessi.at/wordpress/2007/01/13/23c3-videos/ The first 23C3 videos are already online.
Get them @ ftp://dewy.fem.tu-ilmenau.de/CCC/23C3/video/

Update:
They are officially online @ ftp://ftp.ccc.de/congress/23c3/video

]]>
http://ra.fnord.at/2007/01/23c3-videos/feed/ 0
Robert Anton Wilson died ): http://ra.fnord.at/2007/01/robert-anton-wilson-died/ http://ra.fnord.at/2007/01/robert-anton-wilson-died/#comments Thu, 11 Jan 2007 19:04:36 +0000 ra https://sunkist.annessi.at/wordpress/2007/01/11/robert-anton-wilson-died/ Blog entry regarding Robert Anton Wilson`s death: http://robertantonwilson.blogspot.com/2007/01/raw-essence.html

Robert Anton Wilson´s blog: http://robertantonwilson.blogspot.com/index.html

All Hail Eris!

]]>
http://ra.fnord.at/2007/01/robert-anton-wilson-died/feed/ 0
It’s fun to hack the RFID! http://ra.fnord.at/2007/01/its-fun-to-hack-the-rfid/ http://ra.fnord.at/2007/01/its-fun-to-hack-the-rfid/#comments Fri, 05 Jan 2007 12:24:52 +0000 ra https://sunkist.annessi.at/wordpress/2007/01/05/its-fun-to-hack-the-rfid/ Live-Performance by monochrom at the 23C3.

Get the video!
The text is released under a Creative Commons License.

]]>
http://ra.fnord.at/2007/01/its-fun-to-hack-the-rfid/feed/ 0
Who can you trust? http://ra.fnord.at/2006/12/who-can-you-trust/ http://ra.fnord.at/2006/12/who-can-you-trust/#comments Fri, 22 Dec 2006 18:28:23 +0000 ra https://sunkist.annessi.at/wordpress/2006/12/22/who-can-you-trust/ is the title of the 23rd Chaos Communication Congress which will take place from 27th to 30th december in Berlin.

23C3

See you there! (:

]]>
http://ra.fnord.at/2006/12/who-can-you-trust/feed/ 0
Java is free and open source now! http://ra.fnord.at/2006/11/java-is-free-and-open-source-now/ http://ra.fnord.at/2006/11/java-is-free-and-open-source-now/#comments Mon, 13 Nov 2006 17:51:31 +0000 ra https://sunkist.annessi.at/wordpress/2006/11/13/java-is-free-and-open-source-now/ Finally.. it´s released under the GPLv2.

Source: http://www.sun.com/software/opensource/java/

]]>
http://ra.fnord.at/2006/11/java-is-free-and-open-source-now/feed/ 0
Talvin Singh in Vienna http://ra.fnord.at/2006/10/talvin-singh-in-vienna/ http://ra.fnord.at/2006/10/talvin-singh-in-vienna/#comments Sat, 07 Oct 2006 12:41:15 +0000 ra https://sunkist.annessi.at/wordpress/2006/10/07/talvin-singh-in-vienna/ Talvin Singh has not been to Vienna many many years…
He will be playing live at Szene Wien on October 4th!

For the guys not knowing Talvin Singh (shame on you =P ):
Talvin Singh’s Homepage
Talvin Singh @ Wikipedia
Talvin Singh @ myspace

Enjoy his great sound! (:

Update:
See a crappy snapshot:

]]>
http://ra.fnord.at/2006/10/talvin-singh-in-vienna/feed/ 0
Google code search http://ra.fnord.at/2006/10/google-code-search/ http://ra.fnord.at/2006/10/google-code-search/#comments Thu, 05 Oct 2006 10:59:00 +0000 ra https://sunkist.annessi.at/wordpress/1970/01/01/google-code-search/ Now google offers the possibility to search in public source code with regular expressions and limit the results depending on the license used.

http://www.google.com/codesearch

]]>
http://ra.fnord.at/2006/10/google-code-search/feed/ 0
OpenSSL security advisory http://ra.fnord.at/2006/09/openssl-security-advisory/ http://ra.fnord.at/2006/09/openssl-security-advisory/#comments Mon, 25 Sep 2006 20:40:25 +0000 ra https://sunkist.annessi.at/wordpress/2006/09/25/openssl-security-advisory/ Ouch..

See: http://www.openssl.org/news/secadv_20060905.txt

Update: Now there is even an public exploit available http://www.cdc.informatik.tu-darmstadt.de/securebrowser/

]]>
http://ra.fnord.at/2006/09/openssl-security-advisory/feed/ 0
Linux kernel patches http://ra.fnord.at/2006/09/linux-kernel-patches/ http://ra.fnord.at/2006/09/linux-kernel-patches/#comments Mon, 25 Sep 2006 20:14:02 +0000 ra https://sunkist.annessi.at/wordpress/2006/09/25/linux-kernel-patches/ I put two patches online i put together some weeks ago:
A patch to build the driver for the rt2500 wireless chipset within the linux kernel (statically or as a module): linux-2.6.17-rt2500-1.diff (diff, 1,155 KB)
A patch to build the kqemu module within the linux kernel (statically or as a module): kqemu-2.6.17.diff (diff, 19 KB)

As you can see, I do prefer a kernel without modules. (:

]]>
http://ra.fnord.at/2006/09/linux-kernel-patches/feed/ 0
E-Voting http://ra.fnord.at/2006/09/e-voting/ http://ra.fnord.at/2006/09/e-voting/#comments Mon, 25 Sep 2006 19:01:22 +0000 ra https://sunkist.annessi.at/wordpress/2006/09/25/e-voting/ Interview with Avi Rubin on CNN
Source (german): http://tim.geekheim.de/2006/08/24/wahlcomputer-langsam-auch-in-den-usa-ein-thema/

]]>
http://ra.fnord.at/2006/09/e-voting/feed/ 0
Six Tips to Protect Your Online Search Privacy http://ra.fnord.at/2006/09/six-tips-to-protect-your-online-search-privacy/ http://ra.fnord.at/2006/09/six-tips-to-protect-your-online-search-privacy/#comments Sun, 24 Sep 2006 21:13:20 +0000 ra https://sunkist.annessi.at/wordpress/2006/09/24/six-tips-to-protect-your-online-search-privacy/ Summary:
1. Don’t put personally identifying information in your search terms (easy)
2. Don’t use your ISP’s search engine (easy)
3. Don’t login to your search engine or related tools (intermediate)
4. Block “cookies” from your search engine (intermediate)
5. Vary your IP address (intermediate)
6. Use web proxies and anonymizing software like Tor (advanced)

More in depth original version

]]>
http://ra.fnord.at/2006/09/six-tips-to-protect-your-online-search-privacy/feed/ 0
0 Db ion cooled computer http://ra.fnord.at/2006/09/0-db-ion-cooled-computer/ http://ra.fnord.at/2006/09/0-db-ion-cooled-computer/#comments Tue, 19 Sep 2006 18:44:54 +0000 ra https://sunkist.annessi.at/wordpress/2006/09/19/0-db-ion-cooled-computer/ A completly silent machine (no moving parts at all!).
Using ion cooling, ram drive, .. see for yourself:
cooled computer

]]>
http://ra.fnord.at/2006/09/0-db-ion-cooled-computer/feed/ 0
Watercooled Xbox laptop http://ra.fnord.at/2006/09/watercooled-xbox-laptop/ http://ra.fnord.at/2006/09/watercooled-xbox-laptop/#comments Mon, 11 Sep 2006 17:05:50 +0000 ra https://sunkist.annessi.at/wordpress/2006/09/11/watercooled-xbox-laptop/ Ever wanted a watercooled xbox laptop?
Ben Heckendorn did.
See his documentation including nice photos.

Xbox laptop

]]>
http://ra.fnord.at/2006/09/watercooled-xbox-laptop/feed/ 0
WTH & 22C3 Videos http://ra.fnord.at/2006/09/wth-22c3-videos/ http://ra.fnord.at/2006/09/wth-22c3-videos/#comments Thu, 07 Sep 2006 14:38:00 +0000 ra https://sunkist.annessi.at/wordpress/1970/01/01/wth-22c3-videos/ Beside from the lock bumping video I enjoyed this WTH & 22C3 videos most (every video is several 100Mb in size):
http://rehash.xs4all.nl/wth/rawtapes/wth-quantum-cryptography-an-introduction/wth-quantum-cryptography-an-introduction-50.mp4
http://rehash.whatthehack.org/wth/rawtapes/wth_do_we_run_out_of_oil/wth_do_we_run_out_of_oil_27.mp4
http://rehash.whatthehack.org/wth/rawtapes/wth_politics_of_psychedelic_research/wth_politics_of_psychedelic_research_35.mp4
http://rehash.whatthehack.org/wth/rawtapes/wth-digital-identities-and-the-power-of-hacking/wth-digital-identities-and-the-power-of-hacking-62.mp4

ftp://ftp.ccc.de/congress/22c3/lectures/video/mp4/720×576/22C3-408-en-private_investigations_in_searching.mp4 (this one’s really great!)
ftp://ftp.ccc.de/congress/22c3/lectures/video/mp4/720×576/22C3-426-de-entschwoerungstheorie.mp4

]]>
http://ra.fnord.at/2006/09/wth-22c3-videos/feed/ 0
Lock bumping http://ra.fnord.at/2006/09/lock-bumping/ http://ra.fnord.at/2006/09/lock-bumping/#comments Thu, 07 Sep 2006 12:55:42 +0000 ra https://sunkist.annessi.at/wordpress/2006/09/07/lock-bumping/ It’s very impressing how easy it is to open locks..

Lockpickers site:
http://www.toool.nl/index-eng.php

Lock tests:
http://www.toool.nl/consumer-reports-nl.pdf

Bump proof locks:
http://wiki.whatthehack.org/images/0/00/BumpkeyPresentatie.pdf

Video from the whatthehack (~667Mb):
http://rehash.whatthehack.org/wth/rawtapes/wth-bumping-revisted-lockpicking/wth-bumping-revisted-lockpicking-74.mp4

]]>
http://ra.fnord.at/2006/09/lock-bumping/feed/ 0
First entry http://ra.fnord.at/2006/09/first-entry/ http://ra.fnord.at/2006/09/first-entry/#comments Thu, 07 Sep 2006 12:51:28 +0000 ra https://sunkist.annessi.at/wordpress/2006/09/07/first-entry/ No information here yet, but stay tuned. (:

]]>
http://ra.fnord.at/2006/09/first-entry/feed/ 0