In-Flight Internet in the EU

ean-onlineI’m on planes quite often and on many intercontinental flights, airlines are offering satellite Internet access these days. Unfortunately, quality over the years has significantly deteriorated, the satellites used for the service are probably quite busy these days or airlines artificially throttle throughput to save costs. Who knows… In the US, ground based Internet connectivity on short-haul flights has been available for many years but in the EU, there was nothing similar up to now. However, this is now changing, and when I recently flew from Dublin to Düsseldorf, I could try the new European Aviation Network (EAN) for the first time as a paying customer.

Continue reading In-Flight Internet in the EU

Certificate Pinning vs. Transparency

As you are probably aware I am one of those people who don’t like their private data to be absorbed, analyzed and sold, so I am hosting most of the services I use over the network myself. Over the years, my Nextcloud instance has become the central instance for this as I host files I exchange there as well as my calendars and my address books. Also, I use it as a  platform for private voice and video communication.

This is a great thing and the main threat vectors that remain are that my instance is hacked from the outside with a zero day exploit or someone gets to the data I have stored there with a https man-in-the-middle attack. Both require signification dedication, effort and resources. When I think about it, I feel most vulnerable on the https front as I do not control which certificates are accepted by the various applications on the PC and by apps on my mobile devices that interact with my Nextcloud instance.

In the past, I’ve been using HTTPS Public Key Pinning (HPKP) to add an extra layer of protection. As the scheme hasn’t really caught on over the years, I’ve been thinking a lot lately about the value Certificate Transparency (CT) provides to me. Time for a quick summary.

Continue reading Certificate Pinning vs. Transparency

5G – What’s The Difference Between Option 3, 3A And 3X?

As if there weren’t already enough deployment options for the upcoming 5G network standard, it turns out that for 5G Non-Standalone Option 3, there are actually 3 different variants: 3, 3A and 3X. So what exactly is the difference between them?

Continue reading 5G – What’s The Difference Between Option 3, 3A And 3X?

Image Rotation Chaos – My Ultimate Fix

I’m sure you’ve been at this point before: There’s an image shown in a wrong orientation on your screen because the camera’s orientation sensor got it wrong, or your computer got it wrong, or something in between got it wrong, and you had trouble rotating it into the right orientation. If it’s a single image you can try until you succeed with various programs just to find out that the next image viewer again shows it in the wrong orientation. It might be a nuisance for a few images but when you deal with hundreds of images at a time that should all be in portrait orientation with many of them marked as landscape, it becomes more than just a frustrating exercise to manually re-orient the images. At some point I became so frustrated that I spent some time to find the ultimate fix for this.

Continue reading Image Rotation Chaos – My Ultimate Fix

DNS Pogo Oscillations

A couple of days ago I suddenly had strange intermittent problems to connect to my services at home. It worked one minute and the servers were not found the next. At first I thought it must be a DSL problem but I quickly figured out that this was not the case at all when I checked the DNS resolution for my domains. Here’s the response of two DNS queries which were one minute apart.

$ ping www.some-domain.com
PING www.some-domain.com (217.253.68.195) 56(84) bytes of data.
[...]
$ ping www.some-domain.com
PING www.some-domain.com (79.216.56.147) 56(84) bytes of data.

What should have been the same IP address suddenly oscillated between two entirely different IP addresses. What’s more is that this happened for several of my domain names via the local DNS resolvers, over Google’s 8.8.8.8 DNS server and also over two VPN tunnels over which yet other DNS resolvers were used.

Continue reading DNS Pogo Oscillations

Nextcloud Talk – Voice and Video Calling – First Impressions

Nextcloud LogoOnce upon a time, Skype was THE voice and video calling platform for me. It was independent, decentralized and offered end-to-end encryption. But that was a long time ago, today it’s centralized, more closed source than ever, and encryption seems to be rather optional. But on PCs there was little else that was usable and universal, perhaps until now. A few days ago I started to test Nextcloud Talk, that, despite its name is a full blown Voice and Video Conferencing and Calling Solution.

Continue reading Nextcloud Talk – Voice and Video Calling – First Impressions

A TURN Server for Nextcloud Talk

Over the past few weeks, I’ve been using Nextcloud Talk quite a bit. While I’m very happy with it in general, I have actually found two scenarios in which the standard setup is not able to establish a connection between the two (or more) parties of a call: In roaming scenarios with my mobile network operator of choice and when I use Nextcloud Talk in the web browser on the PC at work behind the firewall. But there is a fix, at least for one of them.

Continue reading A TURN Server for Nextcloud Talk

CAT-M Evolution in 3GPP Rel. 14

It’s been a while since I talked about LTE based technologies for the Internet of Things (IoT) or Machine to Machine (M2M) communication. Slowly but steadily, we are now seeing NB-IoT and CAT-M1 technology deployed in practice even though I would have thought things would move faster. 3GPP has not slept in the meantime, however, and has continued to evolve both the standards for NB-IoT and also for CAT-M. In this post, I’d like to describe some interesting additions to the CAT-M system that has resulted in specifications for CAT-M2 devices.

Continue reading CAT-M Evolution in 3GPP Rel. 14