Archive for the ‘life’ Category

Ireland, Blasphemy €25.000 and other rules

Thursday, October 15th, 2009

I was rather shocked as I read this article about a law passing the Dáil which fines blasphemy with 25.000 Euro. If I didn’t know better I’d say this couldn’t happen in an European country, but astonishingly such things happen within the EU. Now I’m a bit afraid being Ireland as an atheist.

Freshly draught Guinness (~5€)

Freshly draught Guinness (~5€)

So yes, I moved to Dublin, Ireland to study at the DCU :) If you want to visit me, have lunch or a pint, don’t hesitate to ring me :) I haven’t seen so much of Ireland myself so far, but I’ve been into bloody cold Irish Sea…

Also, The Pirate Bay is blocked by Eircom, the largest ISP in Ireland. They use an IP based filter, not only  a DNS based one. So they actually interfere with my communication which I assumed to be unconstitutional. But luckily, I have a tunnel set up which gives me free access to the world.

Cliff in Howth near Dublin

Cliff in Howth near Dublin

Besides the panic about the swine flu, another weird thing is Irish bureaucracy. My impression is that the people don’t really think beyond their utterly extensive and most of the times really stupid rules. For example, I tried to register at the University by paying 2000 Euros study fees. It failed because my credit card apparently has a limit of something less than that. The registry advised me to wire the money and print a screenshot of the online banking site. Of course I didn’t know a) how I could connect my laptop to the internet, b) how or where to print and c) log on to anything because I wasn’t even a student yet. Luckily, I have some friends at that university, that helped me out so I could finally register… It appears, that the rules are generally made to be ignored. They probably want to have them just in case they need to file a case against you. So as I applied at the university, I had been offered a conditional offer which was to be accepted by some specified date. I couldn’t, however, fulfill the condition and time to discuss that was running out. They told me that the date could generally be amended. I don’t think it’s good to have rules which are known to not be enforced and just needed to have something against you just in case…

The pubs in Dublin are great, although they have to close rather early, like around 02:00 o’clock. Also, you can’t get beer after 22:00 in a shop *sigh*. Yes, Irland might have a drinking problem, but treating everybody like a small child obviously doesn’t help it.

Beerprice dropped from ~20€ to 12€

Beerprice dropped from ~20€ to 12€

Engrish

Wednesday, September 30th, 2009

Alright, the following stuff is probably only funny, if you know German and Germans a bit. At least I had to laugh a couple of times, so you might enjoy that as well :)

I received a PDF with some weird English translations of German idioms and I tried to extract the text information from that, so I stumbled upon a page explaining how to do OCR with free software on Linux. I got the best results using Tesseract with the German language set, but I had to refine the result (leaving some typos intact).

  • that’s me sausage = ist mir wurst
  • go where the pepper grows = geh hin wo der pfeffer wächst
  • I think my pig whizzles = ich glaub mein schwein pfeift
  • sorry, my english is under all pig = entschuldige, mein englisch ist unter aller sau
  • now can come what want…i ready = letzt kann kommen was will, ich bin fertig
  • I think I spider = ich glaub ich spinne
  • the devil will i do = den teufel werd ich tun
  • what too much is, is too much = was zu viel ist, ist zu viel
  • my lovely mister singing club = mein lieber herr gesangsverein
  • don’t walk me on the nerves = geh mir nicht auf die nerven
  • come on…jump over your shadow = komm schon…spring ueber deinen schatten
  • you walk me animally on the cookie = du gehts mir tierisch auf den keks
  • there my hairs stand up to the mountain = da stehen mir die haare zu berge
  • tell me nothing from the horse = erzaehl mir keinen vom pferd
  • don’t ask after sunshine = trag nicht nach sonnenschein
  • free like the motto: you me too = frei nach dem Motto, du mich auch
  • I have the nose full = ich hab die nase voll
  • lt’s not good cherry-eating with you = es ist nicht gut kirschen essen mit dir
  • it’s going up like smiths cat = es geht ab wie Schmidts katze
  • to thunderweather once more = zum Donnerwetter noch mal
  • not from bad parents = nicht von schlechten eltern
  • now it goes around the sausage = jetzt geht’s um die wurst
  • there you on the woodway = da bist du auf dem holzweg
  • good thing needs while = gut ding braucht weile
  • holla the woodfairy = holla die waldfee
  • we are sitting all in the same boot = wir sitzen alle im selben boot
  • don’t make you a head = mach dlr keinen kopf
  • there run me the water in the mouth together = da läuft rnlr das wasser im mund zusammen
  • I understand just train-station = ich versteh nur bahnhof
  • I hold it in head not out = ich halt’s im kopf nicht aus
  • shame you what = scham dich was
  • there we have the salad = da haben wir den salat
  • end good, everything good = ende gut, alles gut
  • zip you together = reiß dich zusammen
  • now butter by the fishes = jetzt mal butter bei die flsche
  • he made himself me nothing you nothing out of the dust — er machte sich mir nichts, dir nichts aus dem Staub
  • I belive you have the ass open — ich glaub du hast den Arsch auf!
  • you make me nothing for = du machst mir nichts vor
  • that makes me so fast nobody after = das macht mir so schnell keiner nach
  • I see black for you = ich seh schwarz fur dich
  • so a pig-weather = so ein Sauwetter
  • you are really the latest = du bist wirklich das letzte
  • your are so a fear-rabbit = du bist so ein angsthase
  • everybody dance after your nose = alle tanzen nach deiner nase
  • known home luck alone = trautes Heim, Glueck allein
  • I think I hear not right = Ich denk Ich hör nicht richtig
  • that have you your so thought = das hast du dir so gedacht
  • give not so on = gib nicht so an
  • heaven, ass and thread! = Himmel, Arsch und Zwirn’
  • of again see = auf wiedersehen
  • Human Meier = Mensch Meier
  • now we sit quite beautiful in the ink = jetzt sitzen wir ganz schoen in der Tinte
  • you have not more all cups in the board = du hast nicht mehr alle Tassen im Schrank
  • around heavens will = um Himmels willen
  • you are heavy in order = du bist schwer in Ordnung
  • l wish you what = ich wünsch dir was
  • she had a circleroundbreakdown = sie hatte einen kreislaufzusammenbruch
  • you are a blackdriver = du bist ein schwarzfahrer
  • I know me here out = ich kenn mich hier aus
  • l fell from all clouds = Ich fiel aus allen Wolken
  • that I not laugh = das ich nicht lache
  • no one can reach me the water = niemand kann mir das wasser relchen
  • that’s absolut afterfullpullable = das ist absolut nachvollziehbar
  • give good eight = gib gut acht
  • not the yellow of the egg = nicht das gelbe vom Ei
  • come good home = komm gut heim
  • evererything in the green area = alles im gruenen bererch
  • I die for Blackforrestcherrycake = Ich sterbe fuer Schwarzwalderkirschtorte
  • how too always = wie auch immer
  • I make you ready! = Ich mach dlch fertig!
  • I laugh me death = ich lach mich tot
  • it walks me icecold the back down = es lauft mir eiskalt den rücken runter
  • always with the silence = Immer mit der Ruhe
  • that’s one-wall-free = das Ist einwandfrei
  • I’m foxdevilswild = lch bin fuchsteufelswild
  • here goes the mail off = hier geht die post ab
  • me goes a light on = mir geht ein licht auf
  • it‘s highest railway = es ist hoechste Eisenbahn

Universal Parcel Tracking with BoxOh.com

Friday, September 25th, 2009

Again, this is a quick reminder for myself and I want to share it with you.

There is an interesting webservice which tracks nearly all your (read: mine) parcels. It also offers an RSS feed and maps :)

The service is available under http://boxoh.com/

Bundestagswahl 2009 – Rette deine Freiheit!

Wednesday, September 16th, 2009

Bald sind Bundestagswahlen und Blumentopf moechten dich mit einem Video zur Wahl motivieren:

Und zur Entscheidungsfindung empfehle ich Rette deine Freiheit, ein wirklich sehr gelungenes Video:

Aber Obacht: Die offensichtliche Empfehlung, die FDP zu waehlen, ist nicht vor dem Hintergrund einer schwarz-gelben Koalition nicht schlau, denn die FDP hat angekuendigt, nur gegen das Zensurgesetz vorzugehen, wenn sie nicht an der Regierung beteiligt sind. Aber auch sonst gaebe es mit der FDP nicht so viel zu lachen.

Eine andere Entscheidungshilfe kann die Uebersicht der Free Software Foundation Europe (FSFE) sein: Auf einer Wikiseite werden Positionen der Abgeordneten zu Freier Software gesammelt. Ein sehr interessantes Projekt.

Noch ein schoenes Video vom selben Macher ist Du bist Terrorist:

Wenn du den Film gut findest, dann vote fuer ihn im Bitfilmfestival Voting!

Wir haben die Kraft! Unser Land kann mehr!

PS: Sorry fuer das einbinden von YouTube, wenn du eine freie Alternative kennst, sag bescheid!

Freiheit statt Angst – 2009-09-12 in Berlin

Friday, August 28th, 2009

Hier der Trailer zur geplanten Großdemonstration unter dem Motto “Freiheit statt Angst – Stoppt den Überwachungswahn!“, die am 12.09.2009 in Berlin stattfindet. Hinweise zur Anfahrt gibt es im FoeBud Blog.

Die Forderungen der Bürgerrechtler sind:

1. Überwachung abbauen

  • Abschaffung der flächendeckenden Protokollierung der Kommunikation und unserer Standorte (Vorratsdatenspeicherung)
  • Abschaffung der flächendeckenden Erhebung biometrischer Daten sowie von RFID-Ausweisdokumenten
  • Schutz vor Bespitzelung am Arbeitsplatz durch ein Arbeitnehmerdatenschutzgesetz
  • Berücksichtigung des Datenschutzes für Bürger- und Arbeitnehmer/innen bereits in der Konzeptionsphase aller öffentlicher eGovernment-Projekte
  • Keine einheitliche Schülernummer (Berliner SchülerID)
  • Keine Weitergabe von Informationen über Menschen ohne triftigen Grund
  • Keine europaweite Vereinheitlichung staatlicher Informationssammlungen (Stockholmer Programm)
  • Keine systematische Überwachung des Zahlungsverkehrs oder sonstige Massendatenanalyse in der EU (Stockholmer Programm)
  • Kein Informationsaustausch mit den USA und anderen Staaten ohne wirksamen Grundrechtsschutz
  • Abbau von Videoüberwachung und Verbot des Einsatzes von Verhaltenserkennungssystemen
  • Keine pauschale Registrierung aller Flug- und Schiffsreisenden (PNR-Daten)
  • Keine geheime Durchsuchung von Privatcomputern, weder online noch offline
  • Keine Einführung der Elektronischen Gesundheitskarte in der derzeit geplanten Form

2. Evaluierung der bestehenden Überwachungsbefugnisse

Wir fordern eine unabhängige Überprüfung aller bestehenden Überwachungsbefugnisse im Hinblick auf ihre Wirksamkeit, Kosten, schädliche Nebenwirkungen und Alternativen.

3. Moratorium für neue Überwachungsbefugnisse

Nach der inneren Aufrüstung der letzten Jahre fordern wir einen sofortigen Stopp neuer Gesetzesvorhaben auf dem Gebiet der inneren Sicherheit, wenn sie mit weiteren Grundrechtseingriffen verbunden sind.

4. Gewährleistung der Meinungsfreiheit und des freien Meinungs- und Informationsaustauschs über das Internet

  • Keine Beschränkung des Internetzugangs durch staatliche Stellen oder Internetanbieter (Sperrlisten)
  • Keine Sperrungen von Internetanschlüssen
  • Verbot der Installation von Filtern in die Infrastruktur des Internet.
  • Entfernung von Internet-Inhalten nur auf Anordnung unabhängiger und unparteiischer Richter.
  • Einführung eines uneingeschränkten Zitierrechts für Multimedia-Inhalte, das heute unverzichtbar für die öffentliche Debatte in Demokratien ist.
  • Schutz von Plattformen zur freien Meinungsäußerung im Internet (partizipatorische Websites, Foren, Kommentare in Blogs), die heute durch unzureichende Gesetze bedroht sind, welche Selbstzensur begünstigen (abschreckende Wirkung)

Wilhelm.Tel Speed

Saturday, August 8th, 2009

After ranting about the HanseNet Speed, I now have the opponents test result:Wilhelm.Tel Benchmark

I didn’t expect 100MBit/s down, because I still have my old router in place which most likely isn’t able to push 100MBit/s. I’ll definitely give it a new try once I am “directly” connected, i.e. without any unnecessary hardware in between.

I did it for the lulz

Friday, July 31st, 2009
Do it for the lulz!

Do it for the lulz!

16th DFN CERT Workshop 2009

Tuesday, June 30th, 2009

Again, I had the great pleasure to attend the annual DFN Workshop which takes place in the Conference Center Hamburg (ever thought about, why they haven’t called it “Konferenz Zentrum”?).

dfn-cert logo

It’s more “tieish” than a Chaos Communication Congress but it’s still comfortable being there. Most people have a strong academic background so they were used to jeans and pullovers as well ;-)

The first person to speak was a Dr. Neil Long from Team Camry and he spoke about the underground economy. They claim to research and investigate in that area and make deals with the criminals. He showed IRC logs most of the time and it was quite funny to see how the people interact with each other. They actually do speak 1337 and even I had a tough time reading their conversation ;-) He explained in great detail how the underground is organized. He claimed, that there are specialists for everything, everywhere. Programmers, Exploit-writers, Webhosts, Credit Card stealers, yadda yadda. Everything has it’s price and that is paid through various online money trasferring systems.

The next guy talked about Exploit Toolkits for the Web. He named various kits, like MPack, IcePack, NeoSploit, FirePack or UniquePack. They basically allow you to create a drive-by download site and deploy a given payload. The programs itself are split up into two parts. A server part which actually exploits a browser and makes it download and execute a loader program which in turn downloads the second stage – the real malware to be run on the victims machine. The other part is a binary to create that first-stage program. I spent some time in searching for those toolkits and downloaded some of them. That required me to learn some Russian ;-)
This first-stage part opens an interesting attack vector to the wannabe hackers: Many Web Exploit Toolkits were infected with malware themselves. Because you have to run a strange smelling binary to create your first-stage excutable, you might run foreign malware yourself. I actually don’t understand, why this loader thing is such a big issue. I assume you could deploy your malware in first place without having it loaded through a staging program.

The next interesting talk was given by the smart guys from Red Team Pentesting, which is a pretty interesting company actually. Former students founded that company and they do professional Pentesting. I have to admit, that I envy them a little. It must be a great job with a lot of interesting stuff to see. Anyay, they talked about jBoss insecurities. It seems that jBoss comes with development configuration and the people don’t change them to productive values but blindly bind their server to the network. It turns out that you can get shell access through nearly a handful ways, even if a smart administrator has locked some ways down. Also, many corporate or governmental site are driven by a jBoss server and -which is the interesting part- have a weak configuration. They have an interesting statistic that shows that only 8% of the JBoss servers out there are reasonably secure.

How secure is the JBoss Web?

How secure is the JBoss Web?

I was actually bored by just one talk. It was about GRID Firewalls. While the topic is interesting in general, the guy made me fall asleep :- That’s a pity, because I believe he knew what he was talking about and had valuable information to deliver, especially due to his strong emphasis on practical problems. Maybe he can get his talk accepted next year and improve his talking skills.

After the first day, we visited the Groeninger Braukeller which was a real blast! They have one of the finest beers I know of. Also the food in there is delicious. It’s a perfect atmosphere to get together and discuss the talks you’ve just listened to. I also took the chance to meet old friends which I haven’t seen for a while.

Probably due to the massive amount of food and beer, I couldn’t sleep well that night and I thus was very tired the second day. I’ve listened to the talks but I couldn’t make it to the ModSecurity workshop :( It’s really annoying, because I actually wanted to attend that session! I do use ModSecurity at some projects and I think it’s a good tool. A reallife-relevant workshop would have been great.

So, if you have nothing else to do on 2009-02-09, consider coming to Hamburg and enjoy the 17th DFN Workshop!

Private Censorship in Germany

Thursday, April 23rd, 2009

Last Friday, 5 major ISPs signed a contract to commit themselves to forge DNS answers for names given by the federal police.

According to this article (which probably has it’s information from heise) Deutsche Telekom, Vodafone/Arcor, Hansenet/Alice, Telefonica/O2 and Kabel Deutschland are voluntarily implementing the censorship through DNS. The signing parties share 75% of the german ISP market. According to Netzpolitik.org, Freenet, 1&1 and Versatel have denied to even talk about this censorship if there isn’t a legal foundation, i.e. a law which explicitly requires the ISPs to implement the censorship. While I don’t know the contract and according to the press conference, it remains secret. But it must be more or less like the leaked draft.

So the ISPs now have to implement DNS filter within six months and have to update the filter as soon as the federal police sends them a new list of to be blocked domains. The weird and absurd thing is, that *nobody* is allowed to access this list (because illicit content is explicitly referenced)! So you can’t control what exactly is banned and whether political enemies are censored as well. So it happened in Finland: A site, discussing the censorship, is on the list itself!

In the same period Wikileaks published the Finnish Internet censorship list. The Finnish National Bureau of Investigation has requested executive assistance from United States, but it is not known what precisely has been requested – whether the concern is only removing the list or whether they are trying to find out who leaked it. The list still includes the critical Finnish anti-censorship site lapisporno.info.

But, making it harder to access “child pornography” justifies the restriction of the constitutional rights, right? Well. Firstly, we mustn’t use “child pornography” when we want to discuss this issue seriously. We should use “documentation of child molesting” or something more technical. Secondly, we see, that it’s pretty simple to circumvent thus it’s only slightly harder to access the desired information. So it helps pretty much nothing in blocking the access, *but* offends 75% of the german internet population. I don’t consider this proportionate!

But the less a person watches children being molested, the less children she’ll molest, right? Because they get addicted and everything… Well. Besides the fact that we’re talking about a sexual disposition and not about drugs of any kind, this is just a claim with no justification whatsoever. An equally good argument is, that doing that virtually actually *prevents* people from doing that in real life. Also, the content available on the net is decades old, which might testify, that there is no need to produce more and thus newer content! By actually blocking access, you might risk people demanding newer stuff and a big market emerges.

Also, no child is molested through the internet. This is probably always done in the families! So blocking access doesn’t save a single child. Instead, fighting the roots would help. scusi analysed, where the blocked domains are actually hosted. It turns out, that pretty much every blocked domain is in a legislation that allows prosecution of child abuse. Including various servers in Germany! I propose, that it’s easier, more effective and less dangerous to actually ask the ISPs to shut the domains down and to prosecute the owners of these sites. Instead, the attitude of “once it’s blocked, we don’t have to care about anymore” is encouraged. Of course that doesn’t help anything, because the content is *still there* and people can circumvent cencorship to access it!

It is obvious, that other interest groups, like the music industry, will ask and fight for adding sites they don’t like to that blocking list. The technical implementation doesn’t and can’t know what’s “right” and what’s “wrong”. It blocks what it’s told to. So with that censorship being deployed, you introduce a general censor mechanism for pretty much everything you desire. Today it’s child pornography, but it is clear that this’ll change, like e.g. in Australia where a dentist has been blocked as well…

While I tried to argue against the official reasons for the “access blocking”, other people did it as well. There is a good article at Netzpolitik, which actually destroys nearly every exiting argument. Of course, heise has a pretty good article, too, which I really urge you to read.

What now? Well, first of all, you can quit your current contract with your ISP or sue them. Then you can use alternative dns server. As of writing, the list includes

  • 85.214.73.63 (anonymisierungsdienst.foebud.org)
  • 204.152.184.76 (f.6to4-servers.net, ISC, USA)
  • 2001:4f8:0:2::14 (f.6to4-servers.net, IPv6, ISC)
  • 194.150.168.168 (dns.as250.net; anycast DNS!)
  • 213.73.91.35 (dnscache.berlin.ccc.de)
  • 80.237.196.2
  • 194.95.202.198

Of course, the parliament has free access and universities shall have unlimited access, too, so you might want to use their DNS servers as well, e.g. 132.187.1.1 or 129.187.5.1.
But again: The point is not, that the technical measure is nearly useless to filter content. The point is that censorship infrastructure is rolled out *now* and that it can (and my prophecy is, that it will) be (ab)used for other content as well.

For further information, there is  herdict.org which maps the current cencorship situation worldwide. For Germany, you might want to have a look at de-zensiert.de or ak-zensur.de.

What about a consensus DNS resolver you install locally? It would ask, say, three different DNS servers and responds with the answer given the most. It could show a warning widget if it recognizes inconsistencies or if a DNS server fails to answer. The user then knows, that something’s fishy and can act appropriately, i.e. update the DNS server list or ask his provider whether it censors.

To summarize: The current  child pornography histeria is based on assumptions that are evidently wrong or can’t be proved. The methods to fight against child abuse have no meaningful effect besides deploying a general purpose censoring infrastructure (and help the people involved to improve their public image). Nobody is allowed to check whether the access block list includes any non illegal entry and political enemies can thus be eliminated. Circumventing is (still?) easy. We can further improve anti blocking mechanisms.

GemCraft 2 – Chapter 0

Saturday, April 18th, 2009

*Yay*! Armor Games released Gem Craft 2 – Chapter 0! I absolutely loved Gem Craft 1 and I couldn’t wait for the next round of that fabulous game. I don’t do much games on my computer in general as I have much better things to do, but I couldn’t stop playing Gem Craft.

It’s a fantastic Tower Defence with nice sounds, graphics and an amazingly entertaining gameplay. The major drawback is, that it’s flash based :( (I wonder whether one could make swfdec to save the state of a flash game, like a virtual machine in QEmu…) I haven’t tried the new game extensively yet, but I’m sure that this game will cost me the next weekends ;-)

If you like Tower Defence games, you’ve got to try CreepSmash as well. It’s an open and free multiplayer Tower Defence written in Java. It lacks nice graphics and sounds (and security ;-) ) but it’s definitely amusing to plan and play against other (real) player.

Happy playing!