...stuff I do and things I like...

Sunday, January 28 2007

A few Words about the N800

No this is not another review if you have been looking for one go here. A few words...

Things I like: The overall look of the device, the faster CPU (ARMv6 320Mhz), more memory (128MB), more storage (250MB) and 2 SD card slots, bluetooth 2.0 EDR, the kick stand and last but not least the new pen/stylus.

Things I don't like: the missing display cover (this was really cool on the 770), the kick stand covers the USB port (which makes it hard to attach external USB hardware), the quality of camera seems to be pretty low (but who really cares?).

The software seems to be in something like a very late beta state (e.g. windows don't redraw nicely), but I guess the next update will fix a lot.

All in all I like the new device and I will give my best to come up with a nice hack specifically for the new hardware.

More N800 Software

while riding the train home after the weekend I rebuild my bluetooth software (btaudit, sobexsrv and xkbd-bthid) to turn on the N800. The packages are now available in my maemo repository. Also I found that the N800 now comes with it's very own obexserver so maybe sobexsrv is no longer needed.

Saturday, January 27 2007

Bora/Maemo 3.0 Repository

now that I know that many of my applications work on Bora aka. the distribution on the N800 I setup a bora repository. Over time I will fix the other applications to make them work on bora and put them in this repository.

maemo 3.0/bora repository settings
    web address: http://www.mulliner.org/nokia770/repository/
    distribution: bora
    components: free
maemo 2.0/mistral repository settings
    web address: http://www.mulliner.org/nokia770/repository/
    distribution: maemo2
    components: free

Thursday, January 25 2007

ttdnsd : The TOR TCP DNS Daemon

ttdnsd is a small dns resolver for TOR which I wrote during the last two weeks. It basically bridges DNS from UDP to TCP to allow DNS requests using the TOR network. I know that there are other solutions for doing DNS over TOR but non of the solutions I know about are usable on small hardware like a router that runs OpenWRT. ttdnsd is made to run on this kind of hardware (about 600 lines of C).

Feel invited to comment and report bugs.


So now that I kicked out ttdnsd I can dedicate my weekend to my new toy (the N800) ;-)

Got my N800

I just got my Developer Program Device, thanks Team@Maemo!

I tried my IpHome applet and it installs and works on my N800 just fine. In the coming days I will of course try my other applications and ports, and fix them accordingly.

For now everything looks cool and it seems to be a real nice second generation device!

More to come...


PS: Feel free to video call me on my N800: collin@jabber.org

Saturday, January 20 2007

Neo1973 to be released...

From the developer mailing list:
    2007-02-11 Phase 0: Developer Preview
    2007-03-11 Phase 1: Official Developer Launch (for $350)

Read the full post here: Free Your Phone

Now I'm really excited!

Sunday, January 14 2007

Eine Woche Kabel von iesy

kurzes Update zum Thema Internet via Kabel von iesy (in Darmstadt). Nach einer Woche kann ich sagen:
  • Schnelle Anbindung (800 KB/s down / 80 KB/s up) [6Mbit Vertrag]
  • Latenzzeit (ping) zu heise.de ca. 19ms, ca. 101ms zu google.com
  • Kein Zwangs-Trennung alle 24 Stunden
  • IP bleibt gleich (habe seit einer Woche die selbe)
Im grossen und ganzen doch alles sehr gut.

Wednesday, January 10 2007

F-Secure has a Signature for my MMS PocketPC Exploit

see the story in the F-Secure Labs blog here.

Very cool to have your own VirusScanner signature (without writing a virus) ;-)

Monday, January 08 2007

iesy Internet ueber Kabel

...ich hab jetzt endlich mein Kabel Internet von iesy, hat ja auch lange genug gedauert (bestellt am 2. Okt. 2006, geliefert am 8. Jan. 2007). Eigentlich echt bloed so was mit sich machen zulassen.

Jetzt der Hammer, die haben wohl ihre Bandbreitenbeschraenkung nicht im Griff ich bekomme Teilweise um die 1.5 MB/s (ja das sind Megabyte). Upstream ist eher normal und liegt bei guten 80 KB/s. Ich bin mal gespannt wie lange das so bleibt.

Zum Thema Verfuegbarkeit schreibe ich in ein paar Wochen nochmal was.

Saturday, January 06 2007

Anti NotiFlood

here is a quick and easy way to protect yourself against NotiFlood (my MMS notification attack against PocketPC-based mobile phones, see my PocketPC Security Research).

As I explained, the PushRouter is the application that listens on port 2948 it basically gets all WAP push messages and routes them the destination application. If the PushRouter doesn't know which destination application to use it discards the WAP push message. So in order to protect us against a NotiFlood attack we simply need to remove the MMS mime type from the PushRouter configuration, after this the PushRouter will not be able to forward any WAP push messages to tmail.exe (the MMS application).

The PushRouter configuration for MMS is stored in the WinCE registry at:
    \HKEY_LOCAL_MACHINE\Security\PushRouter\Registrations\ ByCTAndAppId\application/vnd.wap.mms-message;
The only value in this registry key is DEFAULT for me it is set to 80FBE375B731C701.

Now we have a couple of options: delete the complete key, delete the value, and modify the value. I for my part just modified the value (so I can easily switch MMS back on). I basically just added a underline (_) to the key value. Now since the value of the key is wrong the PushRouter can no longer forward the MMS message to tmail.exe.

Note, also these settings are from my IPAQ PocketPC 4.2 they should be the same on all 4.2x devices.

WARNING:
    This modification disables receiving MMS all together! Don't do it if you still want to receive MMS messages.

Since there is no regedit on PocketPC you need to get a third party application. I used PHM RegEdit.

That is it! You're secure now ;-)

The Nokia N800 Tablet is out!

See the pictures from unboxing the N800. The N800 looks like the device that was named the 870 by various sites.

Can't wait to hold it in my hands!

Update:
    I did some googeling and found this: nokiausa.com/support/contact_us select Phone Product and Feature Information, press GO, and you will get a list of devices ... the list allready includes the N800.

Thursday, January 04 2007

Video of NotiFlood crashing a WinCE 5 Device

Lutz made a small video where he uses NotiFlood to crash his WinCE 5.x smart phone. It is quite fun to watch.

notiflood_wm5_dos.avi (80MB)

Tuesday, January 02 2007

23c3 Summary

Four days of fun and little sleep, great event like every year. But the network (internal and external) sucked most of the time, also wireless (especially because of 802.11a) seemed to work better then in the years before.

I didn't see too many talks because of multiple reasons. On the first day I tried to watch the talks via DVB-T but the reception in the basement was too bad. On the second to last day I tried to watch using the streams which worked quite well but not well enough to really enjoy it (network stopped working from time to time). Maybe someone sets up a multicast solution next year (if bandwidth was the problem)? I only saw like two or three talks life mostly because the rooms were way too crowded (there was a new attendee record this year).

One other thing that sucked was the conference bracelet WTF?!? This was the 23rd congress and defcon had this really awesome badges this year, why didn't you guys tried harder?

Anyway I had a great time (even if I complain a lot) and I thank the organizers for running the congress.