And The Weakest Link In Mobile Security Is…

… the PIN.

Today I read in the news that a smartphone manufacturer has received a “friendly” invitation letter from US law enforcement that asks them to help decrypting a phone of a terrorist that is encrypted. The encryption key itself is protected with the PIN that the user has to type in and software that keeps increasing the delay between two guessing attempts. I am sure the company sympathizes with the general idea of decrypting a device of a terrorist but sees itself unable to comply with the request as this would also significantly weaken security and privacy for the rest of us. If the let someone do it with that phone it can be done with others, too. Once in the wild…

While most of the media is discussing the pros and cons of the move there is a deeper issue here that nobody seems to think about: A simple 4 or 6 digit pin and a bit of software should not protect the ciphering key in the first place.

Continue reading And The Weakest Link In Mobile Security Is…

Blog Statistics – The First Weeks

x-blog-2016-02-browser-statisticsAfter moving from Typepad to my own WordPress installation, search engines haven’t yet caught up with the change. As a consequence most of the traffic is from regular readers who have updated their bookmarks and RSS feeds after reading about the move from the old site. So before traffic referred to my blog by search engines is increasing I made a snapshot of current statistics to see if regular readers use a different mix of browsers, operating systems and connectivity.

Continue reading Blog Statistics – The First Weeks

I Like Free Wifi on The Train – But Would I rather want to Pay for it?

When Thalys started to offer Wifi service in 2009 on their trains in Europe I was ecstatic as it was working great. Over the years however, their service deteriorated to something barely usable (see here, here and here) and has remained so ever since. In contrast to their service, Internet access on high speed trains in Germany has remained mostly usable over the years. Instead of satellites, Deutsche Bahn (DB) has been using a dedicated cellular network along the railway lines and has upgraded to UMTS and LTE over the years to increase capacity. So far, the service was not free so the number of users was limited and the network has remained usable. Now, however, driven by national politics who is looking for quick and simple answers, DB needs to upgrade the system and offer it for free to all passengers. A recipe for disaster?

Continue reading I Like Free Wifi on The Train – But Would I rather want to Pay for it?

The DIY Retro Game Console Revisited

retro-not-assembled-smBack in December I returned from 32C3 with a DIY retro game console kit created by Voja Antonic as it promised to be fun to assemble and to study the source code. To me it was “the” hardware discovery of the congress! Apart from the prospect of playing a retro-game and to feel transported back into the 1980’s I was intrigued by the fact that the VGA graphics is not generated by a dedicated graphics unit but is instead done in software on the PIC CPU with three digital outputs that are connected to the red/green/blue lines of the VGA connector and two additional digital outputs to drive the horizontal and vertical synchronization signals for the screen. In other words, a perfect platform to get a hands-on practical view of how bits in memory can be transformed to a colorful picture on the screen.

Continue reading The DIY Retro Game Console Revisited

320 MHz of Wifi In Univiersity of Vienna’s Main Reading Hall

vienna-wifi-smWhen I recently configured a computer for Eduroam access in Vienna I took the opportunity to have a quick look at what’s in the air in Vienna University’s main reading room. It turned out that it was much more than I thought. In short, they use pretty much ALL available spectrum in the 2.4 and 5 GHz bands:

Continue reading 320 MHz of Wifi In Univiersity of Vienna’s Main Reading Hall

Book Review – The Billion Dollar Heist

bdhGood techno-thrillers with realistic plots and technical details are hard to come by and it seems they are mainly coming from what I would call “alternative authors” these days. Case in point are Chronos by William Hern, The Martian by Andy Weir and books by Mark Russinovich like Rouge Code that I’ve reviewed and recommended in the past. Here’s another one “The One Billion Dollar Heist” by Ben Lovejoy!

Continue reading Book Review – The Billion Dollar Heist

Uninstalling Wine – Bye Bye Windows Emulation Layer

It’s been a while since I switched the final Windows based machine to Linux at my place. Admittedly there are a few things I still need Windows for but those can comfortably run in a Virtual machine on a Linux host or by using Wine, the Windows Emulation Layer for Linux. But time has come to go a step further once again.

Continue reading Uninstalling Wine – Bye Bye Windows Emulation Layer