Saturday, October 25 2008
since a few days I get fantom calls on my cell phone. It rings and as soon as I pickup the
call is gone. Some times I manage to pickup after only one ring but still the caller is gone.
No number is displayed so I guess it is not a call-me-back-scam. I'm on EPlus/BASE here in Germany.
Any ideas?
Thursday, October 23 2008
two weeks ago I got the 6 cell battery that I ordered way over a month before. Now my
netbook runs for about 4 hours while using WiFi, this is not great but good enough.
Also with the two batteries I get a total of 6 hours. Note, this is Linux not Windows.
The battery is one of several upgrades I put into this device: the first thing I added/replaced
was the really bad passive cooling, I replaced it with a 20Euros thingy (that works really great
and lowered the temperature by 5-10C).
Second was the WiFi card. I replaced the RealTek crap with a Atheros a/b/g from eBay, again 20Euros.
The battery was 80Euros. All in all I paid 580Euros for this netbook. This is not really
cheap but the thing I really like is the form factor and a decent notebook/laptop that has the
same size and weight costs about 1000-1200Euros, so I'm happy :-)
The only thing that still bugs me is the touchpad. The sentelic thing used by my Wind is no
competition for the synapics touchpad in my 4 year old Thinkpad. Also I kind of got used to
it by now.
Looking at the other netbooks that are currently available the MSI Wind still is one of the
best. At least for my needs.
Tuesday, October 21 2008
This post
in the XDA-Developers forum shows that Windows Mobile 6 on HTC devices is
vulnerable to malicious WAP Push SI (Service Indication) and SL (Service Load)
messages. An attacker can send a message containing a URL to an executable, the
executable will be automatically downloaded and executed WITHOUT any user
interaction. The problem is that HTC disabled the security settings for
these kinds of WAPPush messages, normally a device should only accept
these kinds of messages from trusted originators (e.g. your service
provider - don't know if I want this either).
The fix to this problem is very easy as it just requires modification of
a few keys in the mobile phones registry (yes Windows Mobile has a registry).
(The steps to do this modification is described in the original advisory.)
The bug is kind of similar to one of the MMS-based bugs
I discovered 2 years ago where the Windows Mobile devices would accept
WAPPush messages over UDP (WiFi).
This WAPPush auto execute configuration bug
is really bad since it would allow anybody to write a very simple worm
that only needs to send WAPPush messages (SMSs) to spread. The victim
device than downloads and executes the worm binary from the Internet.
They even made a demo video, also you don't see too much.
Some open questions from my side:
- Is it really only HTC devices?
- Is it only Windows Mobile 6?
- Does this work via WiFi (like my notiflood tool)?
Slientservices.de Author's website
The Advisory
Tuesday, October 14 2008
QR Codes are slowly being used here in Germany but on
my recent trip to Japan (Tokyo actually) I found QR codes to be used everywhere, from Mc Donald's to
beer brewers. I've took a few pictures of QR codes and put them into a small gallery over here. I really think QR codes are a funny piece of technology - so I'll keep collecting
pictures of QR codes.
Monday, October 13 2008
BlackHat Japan was a lot of fun, I met many
new people who do really cool security stuff. I had the chance to hangout with
Jeroen van Beek and he got to clone my German ePassport. He made a copy (on to a
smart card - he didn't make me a new passport) for myself that doesn't contain the fingerprint record. Really awesome.
I also had the chance to talk to Charlie Miller about
iPhone security. All in all I had a really good time.
Monday, October 06 2008
later today I'll board a plane to Tokyo for BlackHat. This time
I'm really traveling light. I only take my MSI Wind netbook, my Nokia
N810, my Nokia 6131 NFC, and my iPhone. It may sound a lot to you but
all the stuff combined is just slightly over 2KG. In comparison my
old T42p alone is heavier (not including the power supply).
For those of you who use Twitter
can follow me there.