...stuff I do and things I like...

Tuesday, August 30 2005

Crypto USB disk with dm_crypt and FreeOTFE

I all ways wanted to go crypto for my data storage but until now I never owned any big storage device. Now I have an external 250 gig USB disk which I want to secure.

The thing with crypted disk all ways comes down to where can I read the disk? Only on my computer, only with one specific OS, etc. For me it's basically Linux and from time to time Windows. The two solutions I found where BestCrypt which is commercial (at least for Windows) and dm_crypt/FreeOTFE which is free and has much more features.

I ended up using dm_crypt/FreeOTFE.

dm_crypt is the Linux part of the crypto solution and is in part of Linux Kernel since 2.6.4. With cryptsetup its super simple to setup. You can setup a partition or a file based crypto device. The device then can be formated with whatever filesystem you want. Of course you need one which is readable by Windows (e.g. vfat/fat32).

FreeOTFE is the Windows counterpart of dm_crypt and can mount whatever you created with dm_crypt. I guess multi-disk volumes don't work but I haven't tryed it. When mounting a filesystem use mount Linux... otherwise it doesn't work :)

For the external USB disk I have two partitions, one small partition which is not encrypted - this holds the Windows drivers (FreeOTFE), the second partition is the crypto filesystem. With this you can also take your disk to a friend without downloading drivers and stuff from the net. All in all a nice solution.

Wednesday, August 24 2005

Google Talk - it's Jabber

I just read heise for breakfast and saw that Google Talk is just Jabber. This is so great! Finally Jabber is used by a big player and should therefore get more widespread soon. It's really time to get rid of stuff like ICQ,MSN,YAHOO chat and move to a open protocol. Nothing is more painful then having something like 5 IM accounts so you can talk to everybody.

Anyway I just setup my Google Talk aka. GMail account in GAIM. Google actually has some documentation on their site on how to use other clients then their own client to use their service *WOHU* The only bad thing now is that Google Talk doesn't accept server-to-server connections right now, this prevents someone with a jabber.org account to talk to someone with a gmail account. When the remove this feature Google Talk will really help Jabber.

USB of my T42p (2373-KXU) broken

yesterday my ThinkPad silently rebooted as I unplugged my (external) USB disk, when it came backup USB was gone! The OS (Linux/Windows) still sees the USB host controller but non of the many devices I attached get recognized (dmesg shows nothing). Also some of the devices get power from the bus and others don't (I guess some of them only turn on the lights if the are ready). The internal Bluetooth is also gone (it's USB too) - so I guess the complete bus is gone or actually I think only a fuse got shot.

Anyway I spoke to the IBM support today and they told me it will be fixed within 7 days (wow!). To the question if this is a common problem I got told that it happens from time to time. WTF? USB is hotplug - it should be able to handle stuff like this.

Let's see how fast I get back my beloved black beauty :-]

Tuesday, August 23 2005

BlueZ for the PMA400

so I just uploaded my BlueZ package for the PMA400. The package just contains the BlueZ libs and utils that work with the 2.4 kernel running on the PMA.

Now I need to port some useful applications to the PMA :)

Monday, August 22 2005

tv-out with fglrx on a T42p

I just can't get it to work in an acceptable way. The only mode that seems to work somehow is setting STV as the primary display - this leaves your LCD blank. Anything else doesn't work - you just see some flicker on the TV. I just want to run the LCD with 1600x1200 and use the TV-out in 1024x768 or 800x600 - this can't be too hard to do?! Stuff like this really makes me angry - but since nobody gets it to work I'm almost sure it's not *PEBCAK*.

*argl* 4 hours!

Tuesday, August 16 2005

tinystats - stats for tinydns

since I am updating all the services on our server to handle IPv6 I also wanted to see how much IPv6 is used. Therefore I installed a new DNS stats tool called tinystats, which is a simple but nice tool for tinydns stats. Unfortunately it doesn't support IPv6 (the log format generated by tinydns with Fefe's IPv6 patch). Fixing it took a few hours (with testing). The patch is available for download. Also Luca Morettoni (the author of tinystats) will integrate it into tinystats.

Friday, August 12 2005

Aaron Ardiri has a blog now!

Aaron a long time Palm-Coder-Friend of me and very well known person in the mobile gaming scene just started a blog today aka yesterday. Since he always gets the newest and coolest PDA and phone toys his blog should be quite interesting.

Check it out at: www.mobilewizardry.com/blog

Thursday, August 11 2005

IPv6 on my laptop

so today I setup IPv6 for my laptop. I basically use OpenVPN to play IPv6 tunnel broker on my server. The configuration sucked a little bit because IPv6 tunneling is not supported by OpenVPNs server mode so now I have to run one OpenVPN session for each IPv6 client on my server. Anyway it works and I'm satisfied. Now I need to check if all my favorite network applications support IPv6.

A good howto on OpenVPN as IPv6 tunnel broker can be found here and some nice IPv6 tools (webtools) can be found here

By the way the ip route tools set rocks!

Wednesday, August 10 2005

Starting with IPv6

I have played with IPv6 in the past and recently at WhatTheHack! so that I now have decided to get IPv6 on our server running. 1und1 (where our server is hosted) offers IPv6 tunnels for free, you just need to write them a nice email. Also the responds was very fast (1 day). So I could setup everything in one day. Since we already have IPv6 in the Kernel I just needed to patch a few applications (ucspi-tcp and tinydns) and add the IPv6 addresses to our nameservers. I did a few quick tests using ping6 and dig aaaa and everything seems to work fine. The only thing we need to do is patch Apache or upgrade to Apache 2 to serve our web pages to all the IPv6 users.

Now I need to find a decent IPv6 tunnel provider with support for dynamic IPs so I can have IPv6 on my laptop.

Tuesday, August 02 2005

RFID: Applications, Security, and Privacy

is a new book by Simson Garfinkel and Beth Rosenberg. Like you can guess from the name if covers RFID technology but it also covers some of the security and privacy problems of Bluetooth. The Bluetooth chapter mentions some of my tools and things I did with Bluetooth and the stuff done by the rest (sorry guys!) of the trifinite group.

Checkout the book at Amazon.








Monday, August 01 2005

WTH - Pictures

actually I wanted to put some of my own pictures online but since there is such a huge amount of pictures already online I don't see the need for posting any more. Also most of my pictures show either Frank, Simon, Sebastian or myself and therefore I will just give you one link to a best of site made by someone else.