Archive for the ‘en’ Category

Summer is over !! [en]

mardi, octobre 18th, 2011

Three months of silence, but not of inactivity.

The CCC Camp was the big event in august, there are no words strong enough to describe the level of awesomeness i experienced during the camp. I needed a lot of time to prepare before and a lot of time after to bring things back to normal. It was really worth the energy i spent for that. Co-driving the truck was an interesting experience in itself. I have some video footage that still need editing.

Once i was back home, whenever there was sun shining, i wanted to be out: enjoying what’s left of it or cycling around.

With the summer now gone, i can work on the low season/winter projects:

  • Bicycle suitcase: The suitcase i carried on my bicycle got damaged after my fall in may, now i have no remorse gutting it. 🙂
  • RottenWRT router: A special VPN box for bad networks run by nazi sysadmins. It already received an internal sound card extension
  • I also have a couple of things to do at home, like finishing the network wiring, pulling a 12V central power supply, install the electricity and plumbing for a dishwasher, doing the schematics of my electric installation, a bit of cleanup and getting rid of old things.
  • Do something of the video rushes i have sitting on my disk
  • Clean up the photo gallery: it’s getting messy
  • Parallel port universal interface: I stopped working on it when BIFFF started.
  • Some hackerspace projects, like the door lock and a relay board.
  • ??? 🙂
Will the winter be long enough ?? 🙂

Today in the physical mail box [en]

jeudi, juillet 14th, 2011
Package content

Package content

Today i received the GSM shield for Arduino from Open Electronics. I rushed to get a pre-paid SIM card to start playing with the new toy.

I just realised that i don’t have an arduino board yet in my personal toolbox, but i can borrow one from the hackerspace to start experimenting.

I have two projects in mind:

  • mailbox watcher: Since the mailbox is far from my apartment and not within my regular walking path, (and i am a lazy person ;-)), i want the board to send me an SMS when a letter is landing in the mailbox. This is also a nice opportunity to experiment aggressive power saving and see how long can a set of fresh batteries last.
  • Hackerspace door opener: I am also building a motorized lock for the local hackerspace. I don’t know yet what kind of remote control we can use, but it has to be democratic enough. This is not the most original project: the Ghent hackerspace already did it.

Assembly

GSM shield assembled

GSM shield assembled

The shield come as a kit, some soldering is required, but nothing too serious (only through hole components, 2,54 mm pin spacing). In my case, only the switch SW1 was tricky to install.

That’s all for the moment, time to write code.

Possible backscatter spam coming from my server [en]

lundi, mai 30th, 2011

Between 20:00 and 23:00 CET, some backscatter spam slipped through my server due to a misconfiguration on my side.

I was trying to set up a secondary MX for the non-profit association BxLUG,an association promoting Free Software in Brussels.

The configuration files have been reverted to their original versions. It might take some time for the DNS entries to propagate.

I am sorry for any inconvenience it might have caused. In the meantime, i have some reading to do…

EPIC FAIL [en]

jeudi, mai 12th, 2011

Ce matin, à vélo, sur le chemin du travail (et pas loin de l’arrivée en plus).

This morning, on the bicycle, on the way to work (and very close to my destination).

Opening the Vasco Digipass 810 [en]

jeudi, février 24th, 2011
Vasco Digipass 810

Vasco Digipass 810

Many belgian and european banks are providing their customers with a device that look like a small calculator. This device, coupled with your bank card,  is used to secure and authenticate the transactions when using internet banking.

Since that device is fairly standard, there is nothing stopping you from using the reader from bank A with your card from bank Z and vice versa, because the crypto processing is happening on the chip of your card.

Knowing that the heavy crypto work is delegated to the bank card, it is safe to assume that the device is quite dumb: a keypad to feed data to the card, a screen to display the results and a micro-controller to do some simple housekeeping tasks, like update the screen, poll the keypad, clock the card and send/receive data.

I have no proof of what’s described above, but since mine had dead batteries after five years of use, it has become a prime candidate for exploration, so let’s open the case !! 🙂

Ugh !!

Digipass cracked open

Opened !!

It was a tough nut to crack !!

There are no screws and no clips holding it closed: the two halves of the case are welded together !! This is another prime example of planned obsolescence and wasteful engineering. There is no way to open it cleanly, you need to break it apart as careful as possible to get access to the main PCB and the batteries. Your ability to close the box afterward will fully depend on how you open it in the first place.

The batteries are nothing exotic: just two CR-2032 button cells. They are wired in series on the PCB, because many smartcards require a 5V power supply to work properly.

Circuit board detail

All test pads are clearly labelled !

When you observe the PCB, there are a lot of interesting test points, all properly labeled. A hacker’s dream. 🙂

Fried !!

Unfortunately, while groping at it with a multimeter set to continuity tester, i fried the microcontroller. Apparently, that kind of invasive measurement was enough to kill it.

I wanted to check the continuity between the SDATA test pad and the DATA line on the card connector, the SCLK and the CLOCK line of the card connector. There was no continuity between those points and the J2 pad is still a mystery of what the purpose could be. An optional eeprom maybe ?

I received a new reader to continue with my day to day banking operations, but i still want to see the data flowing between the card and the reader. My mistake is just a setback: i will change strategy and try to (ab)use the reader as-is, without opening the case. 🙂

More to come later. In the meantime, here are the Manufacturer’s information

 

IPv6 mining exploitation (digging tunnels) [en]

mardi, novembre 23rd, 2010

IPv6 in IPv4

This is the most common situation: you want your IPv6 connectivity on your road warrior through your VPN:

Debian/Ubuntu:

router: /etc/network/interfaces

auto tunv6
iface tunv6 inet6 v4tunnel
address 2001:cafe:babe:1::1
netmask 64
endpoint 192.168.255.10
local 192.168.255.1
ttl 64

road warrior: /etc/network/interfaces

auto tunv6
iface tunv6 inet6 v4tunnel
address 2001:cafe:babe:1::2
netmask 64
gateway 2001:cafe:babe:1::1
endpoint 192.168.255.1
local 192.168.255.10
ttl 64

Shell commands:

Machine A:

ip tunnel add v6tun mode sit remote 192.168.255.10 local 192.168.255.1 ttl 63
ip link set v6tun up mtu 1280
ip addr add 2001:cafe:babe:1::1/96 dev v6tun

Machine B:

ip tunnel add v6tun mode sit remote 192.168.255.1 local 192.168.255.10 ttl 63
ip link set v6tun up mtu 1280
ip addr add 2001:cafe:babe:1::2/96 dev v6tun

IPv4 in IPv6

The weirdest and most interesting one: suppose you have equipment that is not IPv6 compatible, yet you want to connect them through a v6-only link between the two endpoints

Machine A:

ip -6 tunnel add v4tun mode ipip6 local 2a00:ffde:4567:edde::4987 remote 2001:473:fece:cafe::5179
ip addr add 192.168.99.1/24 dev v4tun
ip link set dev v4tun up

Machine B:

ip -6 tunnel add v4tun mode ipip6 remote 2a00:ffde:4567:edde::4987 local 2001:473:fece:cafe::5179
ip addr add 192.168.99.2/24 dev v4tun
ip link set dev v4tun up

Sources:

http://linux-hacks.blogspot.com/2008/02/howto-ipv6-ipv6-tunnel-and-ip4-ipv6.html

(Work in progress: this page will be syncronized with this one)

Acer Aspire One review: two years later [en]

dimanche, juin 27th, 2010

Two years ago i bought my first netbook: here are my impressions

Acer Aspire One

The good

  • The laptop is very light and pleasant to carry around
  • It came with Linpus Linux pre-installed. This mean i didn’t have to pay the Microsoft tax. Since i’m running Debian on it, that install was quickly ditched.
  • There is a gap between the screen and the main chassis, allowing me to hold it open and straight with one hand. There was a note in the user manual that this is NOT the way to hold it (risk of crushed fingers) This is really a killer feature for a road warrior that should be more developped.

The bad

  • small screen, low resolution. This cause a problem with many applications where some dialog boxes « sink » under the bottom of the screen.
  • battery life: i have about two hours of usable battery life: this can be tight sometimes
  • Lack of 3G modem: That was not an issue during the first five months because i didn’t have a subscription at the time. Now i have one and i’m stuck with that huge USB modem hanging from the USB port. A small extension cord and some velcro adhesive partially solved the bulky adapter problem. I’m now trying to find 90° angled male USB A connector to keep the size under control.
  • No bluetooth. Not really an issue because there are USB adapters on the market that stick out by less than 5 mm. Less opportunities to cause damage.
  • Limited CPU ressources: The machine has a hard time to keep up with heavy applications like playing a flash video or running the compiler. You just need to be very patient on that.

The ugly

  • After eight months of use, the right touchpad button was not working anymore.
  • It failed totally ten months after purchase: when turned on, the fan and harddisk were spinning, but the screen stayed black (no backlight) and there was no activity. This was fixed under warranty. However, i had to fight to get it fixed: the first time i got it back, the problem was still there. And the reseller told me that they changed the motherboard. It then went back for repair and it was fixed one month later. In total, i have been without for two months
  • To access the harddisk, you have to COMPLETELY DISMANTLE the laptop. That was a real PITA.

Conclusion

Despite it’s flaws, this machine has become my main workhorse when i’m away from home and saved my butt a few times already. After two years of daily carrying and nearly daily use, there are no cracks in the shell. My previous laptops failed by the case, with cracks at very nasty places after about two years of moderate use and carrying. I don’t plan to retire it at the moment: i tend to keep my machines until they are horribly obsolete or simply fall apart. Let’s see in about two years then. 🙂

Documenting projects [en]

dimanche, février 21st, 2010

Documenting projects is not an easy task and can be quickly boring if you don’t have discipline.
It will go to the point that you slack with that important part and you end up with a project that is long done and not documented at all.

This is a pattern I noticed when and after building my first car computer. I took pictures of the assembly, put them online, then I waited until i would find some spare time to write a nice article about it.

Time was never found for that.

During the build of the version 2.0 of my car computer, I also took pictures, but this time i used twitter to detail the timeline of my progress. The computer hardware was completed about six months ago. Someday, i will re-read my early tweets and try to build a nice article about it.

Six months and still nothing… I doubt something will change. But there can be surprises.

At the moment i’m working on a project named The Wandering Star: this is an easy to carry suitcase-shaped server destined to be used into hacking conferences and provide massive storage and a VPN link from the conference site back to its home base. I’m not alone on this project and we try to make a decent documentation of the progress on a wiki page. I have a bunch of pictures here.

Could that be the start of a new way for me to deal with that kind of stuff ? I hope so !!

A kind of antitheft software [fr]

lundi, janvier 18th, 2010

Okay, i never ever got my laptop stolen, but reading this will just make you smile.

Many laptops and netbooks comes with a built-in low to mid-resolution webcam on top of the screen, normally to be used for video chatting. If you’re running Linux and you’re slightly paranoid, you maybe would like to see that piece of hardware put to some other use. 🙂

This script is monitoring the lid/screen switch of your laptop. Once someone open the screen, the script activate the camera, take a few pictures and send them back to you to an external e-mail address. Unlike the software used in the article linked above, this one is completely invisible, independent and works even when not logged in or without X running.

Notes:

  • You must have a local SMTP server on the laptop: this server will handle the e-mail queue and retry sending to the external SMTP server if the network is unreliable. The script will consider his job done once the mail is gone to the local server. Setting up the mail servers will be part of another article someday.
  • There is a config file to set up in /etc/antitheftd.conf. There is only one variable that MUST be set: DEST_EMAIL with your destination e-mail address. You can set other variables, but the default settings are nice enough.

« It doesn’t get much better than their bringing us a picture of the guy actually using the stolen property, It certainly made our job easier. » Daniel Jackson, deputy commissioner of public safety, city of White Plains.

The code is here. Have fun !!

2010: Happy new year !! [fr]

dimanche, janvier 10th, 2010

Here are my good resolutions for 2010:

  • This year i will try to make a minimum of two posts per month. I still have some rough texts that need to be reworked and documented with pictures.
  • I have a lot of projects more or less completed that need a real article.
  • I need to document here some of my linux setup.
  • Develop here some early tweets about the CarPC 2.0.
  • Finish the migration to the new server: i still have important stuff on my old server that will disappear next year.
  • Go to more concerts: 2009 was quite poor.
  • Spend more time at the hackerspace
  • Make a small trip to Finland

Overall, i think this year will be fun !! 🙂