Some Thoughts on 3 GHz Bands n78 and n77 – Europe and the U.S.

It’s been a while since I’ve been in North America, actually it must be close to 4 years. How time flies. Anyway, I might have the opportunity to go there again soon, so I started thinking a bit about the current spectrum situation there, particularly the 3 GHz range for 5G. Back in 2019, quite a number of countries in Europe had auctioned spectrum for 5G in 3GPP band n78 (3300 – 3800 MHz). Most network operators got additional spectrum between 80 and 100 MHz, with some network operators being even luckier and grabbing up to 150 MHz. This was massive compared to previous spectrum auctions for LTE, where channels of typically 10 or 20 MHz in lower frequency bands went on sale. In Europe, band n78 significantly pushed available capacity and network speeds, particularly in cities to previously unknown levels. So lets have a look what happened in the U.S. back then and in the meantime.

Continue reading Some Thoughts on 3 GHz Bands n78 and n77 – Europe and the U.S.

Open Wi-Fi OWE Encryption – Part 2

In the previous post, I’ve taken a first look at how the Opportunistic Wi-Fi Encryption looks like for the user and how one can find out high level details on the shell. In short: OWE enables per device encryption in open Wi-Fi networks without the need to type in a password. In this follow up post, I’ll have a closer look at how OWE is advertised by the Access Point and then picked up by devices.

Continue reading Open Wi-Fi OWE Encryption – Part 2

Open Wi-Fi and Opportunistic Encryption in the Wild!

When I’m out and about I’m usually ‘bringing my own Internet’, i.e. I use my smartphone to tether my notebook and other devices. But every now and then I can’t avoid to use a hotel or other public Wi-Fi. And boy was I recently surprised when I used a hotel Wi-Fi that supported Opportunistic Wireless Encryption (OWE). I blogged about this in 2016 (!) but this is the first time I’ve actually seen it in the wild. Truth be told, I have no idea if OWE is something recent in practice or new, as I rarely use public Wi-Fi. But anyway here’s the story how I found it and how it works.

When I was recently at a hotel, I wanted to use their public Wi-Fi but found that little ‘lock’ sign next to their network name in my network list on Ubuntu 22.04. I clicked on the network anyway and started to look around in the room for a note with the password. I couldn’t find one, though, and when I looked on my notebook screen again, I noticed that I was connected to the Internet. Hm, I wondered, how could that be, there was a lock icon, so I should have been asked for a password!? A quick iwconfig revealed the following:

Continue reading Open Wi-Fi and Opportunistic Encryption in the Wild!

Container Games – Private Networks for Private Containers

As I hinted in my 37c3 post, I was using a bit of time at ‘Congress’ to improve the structure of my containers in the cloud. While I have quite a number of projects running in dedicated virtual machines, I have containerized others such as this blog, my MediaWiki, an OnlyOffice instance, Etherpads and a number of internal projects. Each app typically requires two or three containers, usually one for the app itself, and another one for a MariaDB or other kind of database. And, in addition, there’s a reverse web proxy on each host, so I can share a public IP address and have a central place that automatically gets and updates TLS certificates.

This is all nice and well but one thing that has been bugging me a bit is that each container can communicate with all other containers. Surely, there must be a way to isolate them!?

Continue reading Container Games – Private Networks for Private Containers

Get a TLS Cert for a Domain Name and the World Visits You

A while back I read an article about new WordPress blogs getting attacked as soon as a TLS certificate is requested from a certificate authority. Here is an example. This is possible because there is a public certificate transparency log that shows for which domains a new TLS certificate was registered. This public log is vitally important to detect malicious actors getting certificates for web sites they don’t own. On the other hand, bad actors also get aware in almost real time of potentially new websites which are not yet properly secured. So is this actually misused? When I recently got a certificate for a new domain name, I had a close look at the http log to see what would happen.

Continue reading Get a TLS Cert for a Domain Name and the World Visits You

Running Ubuntu 22.04 on X

Yes, I’m late to the game. A couple of months ago, I upgraded from Ubuntu 20.04 to Ubuntu 22.04. I’m late because by 2022, Canonical decided that the Wayland graphical display system was the way to go and X should be on the way out. At the time, I tried out Wayland to see how well it would work for a number of everyday scenarios I have, particularly with remote screen sharing and support. It turned out that Wayland had come a long way, but I found remote support with tools that only worked on X still had the advantage. So when I finally migrated my own notebook to 22.04, well ahead of the devices I support, I switched from Wayland to X to see how well Ubuntu 22.04 would ‘still’ run on X. Now a couple of months later, I can say that I didn’t detect any major problems, the system runs on X just fine.

In about 3 months, Ubuntu 24.04 will be out, and as far as I understand, it will still be possible to switch to X for the Graphical User Interface. Once the final version of 24.04 is out, I will revisit the Wayland vs. remote screen sharing topic again to see if it has improved in the meantime. If not, then I will repeat the X-exercise with 24.04 again and, if things still work smoothly, migrate the devices I support from 20.04 to 24.04 in one go.

6 GHz Wi-Fi Pitfalls in 2023/24

Yes, I’m on the 6 GHz trail at the moment, because I want to find out how useful that band currently is and where the limits are. So here’s another post on the topic. In previous articles I have already mentioned that one 6 GHz capable notebook of mine simply refuses to use the band at all, no matter whether Window or Linux is running, and the second one gets easily fooled into switching off the 6 GHz band for a while when it sees ‘rouge’ access points. But unfortunately, there is more.

Continue reading 6 GHz Wi-Fi Pitfalls in 2023/24

Ubuntu 22.04 – Bluetooth Mouse and Bluetooth Headset

Quick success story: About a year ago, a combination of wireless USB mouse and USB port problem made me try something new. This was when I found out that unlike its predecessor, Ubuntu 20.04 supported Bluetooth HID devices such as mice and keyboards. So I switched over and no longer needed that small but still visible and slightly clunky USB wireless receiver.

A Bluetooth device that didn’t work well with Ubuntu 20.04 on my hardware, however, was my Bose Bluetooth headset. It would connect and work just fine, but one of my CPU cores would go into overload while the headset was connected. Since then I migrated to Ubuntu 22.04 and gave it a try on the same notebook again. This time around, everything worked well! No problems at all anymore when listening to music and using it for video calls also works like a charm. Even my Bluetooth Mouse and the Bluetooth headset work together at the same time. Very nice!

Container Games: When LATEST is not the greatest, and how it broke my MediaWiki

Infrastructure as code they say, so I built myself a wonderful Ansible script to update my virtual machines and container installations on a regular basis without manual intervention. This has worked superbly in the past two years or so, but this week I was bitten. When I searched something in my (containerized) MediaWiki instance today, nothing could be found, and when clicking on any page in the ‘recent changes’ section, I only got a red ‘no text for this page’ error. I have to admit that this gave me goose bumps for a moment because a lot of effort went into this Wiki. So I soldiered on to investigate…

Continue reading Container Games: When LATEST is not the greatest, and how it broke my MediaWiki

Lenovo Thinkpad BIOS Update Games – Reloaded!

Early in 2023, I wrote a blog post about the different levels of BIOS upgrade support for Linux by Lenovo for their different notebook lines. T and X series get excellent support, and now, in late 2023, I have received the first BIOS upgrade for my Lenovo T14 Gen 4 (Intel), which was just recently launched. I was positively surprised the OS offered me to install the upgrade, because I’m running Ubuntu 22.04, which was released last year and well ahead of this notebook.

Continue reading Lenovo Thinkpad BIOS Update Games – Reloaded!