Archive for the ‘Tech’ Category

« Older Entries

Duplicity – Backup to the Cloud

Sunday, March 7th, 2010

Due to current events I started to think about options for a backup solution that would be able to cope with a complete disastrous loss of hardware. So, off-site storage was warranted.

What I came up with is a backup solution based on Duplicity and Amazon S3.

Storing personal data in the cloud may ring one or another alarm, but with Duplicity the data is safe from prying eyes as all backed up data is sent through GnuPG using public-key encryption before being transferred to Amazon’s data center. You should, however, make sure that one of the private keys used for encrypting the backup is locked away in a safe place, so you have it handy when it is time to perform a restore.

As far as storage costs are concerned, storing 50 GB of data in the AWS S3 cloud for a month costs around 6 EUR, which I personally consider quite competitive for redundant off-site data storage.

Naturally, one drawback remains: Bandwidth usage. It takes a while to load the first full backup into the cloud as the upstream of most DSL lines is rather limited. After that initial load has completed, however, Duplicity is capable of appending incremental backup sets to the existing backup data, so the incremental backups complete much faster.

P.S.: It may sound a little weird that I chose Amazon Web Services as a storage provider after my recent trouble with Amazon.de, but after some thorough market analysis AWS remained as the only feasible option.

Tags:
Posted in Hacking, OSS, Security, Tech by Thilo-Alexander Ginkel | 2 Comments »

Das funktioniert doch alles nur zufällig…

Tuesday, February 16th, 2010

…ist einer der Gedanken, die einem bei einem Blick hinter die Kulissen so mancher Software in den Sinn kommen, wenn verschiedene Komponenten scheinbar mit heißer Nadel miteinander verbunden wurden und sich Bugs gegenseitig ausnivellieren.

Während diese Feststellung bei den meisten Softwarepaketen eher zu einer Fluchtreaktion des Betrachters führt, ist es umso erstaunlicher, dass es klugen Köpfen gelungen ist, das leichtfüßige Nebeneinander verschiedener Komponenten ohne strenge Bindung zum Paradigma zu erheben und darauf eine agile Softwareentwicklungsplattform aufzubauen. Das war die Geburtsstunde von Ruby on Rails.

Hiermit ist es möglich, umfangreiche Applikationen ohne das sonst häufig übliche Abhängigkeitswirrwarr zwischen den verschiedenen Komponenten zu bauen, das die Wartung ebendieser Applikationen sonst häufig zur Geduldsprobe werden lässt. Vielmehr verbinden sich Komponenten über Konventionen – ohne dass in den meisten Fällen eine direkte Abhängigkeit definiert werden muss.

Das ist dann in etwa so, als würde man einen Sack voller Lego-Steine ausschütten und wie durch Magie entsteht daraus ohne weiteres Zutun der Todesstern. ;-)

Mir gefällt’s jedenfalls…

Posted in Hacking, Ruby on Rails, Tech by Thilo-Alexander Ginkel | No Comments »

ActionMailer and mod_fcgi

Tuesday, January 26th, 2010

Lately, I have been playing around a lot with Ruby on Rails and am currently finishing my first full-fledged application. While I am using WEBrick directly launched from my Eclipse development IDE in my development environment the production site is currently using Apache + mod_fcgi to run the application. This is where all the problems started. ;-)

The application sends out e-mail notifications (using ActionMailer) for various state transitions, which worked flawlessly on the development machine. In the production setting, however, sending mails failed complaining that it cannot find the associated mail template:

ActionView::MissingTemplate (Missing template event_mailer/approval_requested_notification.erb in view path app/views):
app/models/event_observer.rb:3:in `after_enter_awaiting_approval'
/usr/lib/ruby/1.8/observer.rb:185:in `notify_observers'
/usr/lib/ruby/1.8/observer.rb:184:in `each'
/usr/lib/ruby/1.8/observer.rb:184:in `notify_observers'
(eval):10:in `create_or_update_without_callbacks'
app/controllers/event_controller.rb:71:in `request_approval'
public/dispatch.fcgi:24

Well, after putting some thought into possible differences between development and production and ruling out any relevant configuration differences in config/* all that remained was the fact that dev uses WEBrick while production uses mod_fcgi. One thought lead to another and it turned out that WEBrick sets the application root as the current working directory during startup while mod_fcgi does not.

So, the workaround is simple: Set the current working directory to the application root in config/environment.rb, such as:

Dir.chdir(File.dirname(__FILE__) << '/../')

Tags:
Posted in Hacking, Ruby on Rails, Tech by Thilo-Alexander Ginkel | No Comments »

Wie ein bunter Sternenhimmel

Sunday, January 24th, 2010

Da stand ich und richtete meinen Blick nach oben. Lauter kleine funkelnde Sterne. Millionen von Lichtjahren entfernt. Doch irgendetwas stimmte nicht. Ich wusste nur noch nicht, was. Sonderbar grün waren sie alle. Das hatte ich so noch nicht gesehen. Langsam wurde mir klar: Das ist nicht der Sternenhimmel, den du da siehst. Das ist dein neuer Monitor! (more…)

Posted in Tech by Thilo-Alexander Ginkel | No Comments »

I see dead pixels

Friday, January 22nd, 2010

Für’s Protokoll: Mein neuer 24-Zöller, ein HP LP2475w, hat zwei tote rote Subpixel (einen am unteren Bildschirmrand, einen in der Mitte) und geht damit postwendend an den Händler zurück.

Und nun hoffe ich, dass ich ein Montagsgerät erwischt habe und das nächste Exemplar Pixelfehler-frei ist. Bis auf die Pixelfehlerproblematik konnte der Monitor auf den ersten Blick nämlich durchaus überzeugen.

Posted in Tech by Thilo-Alexander Ginkel | 3 Comments »

Hash It! – Stop overloading your brain with passwords

Tuesday, January 5th, 2010

As a happy long-term user of the Password Hasher extension for Mozilla Firefox I got used to being able to use different secure passwords per web site without having to take the burden of remembering them all.

When I recently bought an Android-based smartphone I was missing most of that convenience while surfing the Internet from my smartphone as Password Hasher was not available natively on that platform.

Hash It!, an application for the Android platform I developed, is there to bridge this gap: It eases using unique passwords per web site without overloading your brain by generating site-specific passwords derived from a secret master key. It maintains compatibility with the Password Hasher Firefox extension.

Hash It! is free (as in speech) open source software released under the GPLv3 with the source code being available on GitHub.

Further details on how to download it to your mobile phone are available at: http://android.ginkel.com/

Enjoy!

Tags:
Posted in Android, Java, OSS, Security, Tech by Thilo-Alexander Ginkel | No Comments »

26C3 – A Picture is Worth a Thousand Words

Thursday, December 31st, 2009

Illuminated CCC logo in front of the bcc @ 26C3

Illuminated CCC logo in front of the bcc @ 26C3

Tags:
Posted in Arts, Hacking, Security, Tech by Thilo-Alexander Ginkel | No Comments »

GSM Encryption (or the Lack Thereof)

Thursday, December 31st, 2009

At 26C3 there were a couple of pretty interesting talks dealing with GSM security and how it can be easily broken through active (IMSI catching) and passive (rainbow table attacks on the A5/1 cipher) attacks.

Now, researcher’s are pushing to phase out GSM’s A5/1 cipher replacing it with modern, non-proprietary cryptography as countermeasure to the weaknesses facilitating A5/1’s susceptibility to passive eavesdropping. While this is certainly not a bad idea, it will end up with all but secure GSM calls considering that for GSM calls only the wireless interface benefits from the encryption. It will prevent John Doe from listening to your GSM calls using a wiretapping device placed in front of your apartment, but by no means will it lead to end-to-end security for GSM calls.

So, instead of attacking the wireless interface a malicious hacker would have to turn to the (fixed) telephone network to get hold of your calls.

In the end, only end-to-end encryption of calls will be able to prevent such attacks, so this is IMHO what we should be striving for in the long run.

Tags:
Posted in Hacking, Security, Tech by Thilo-Alexander Ginkel | No Comments »

Running Asterisk on a FRITZ!Box 7270

Sunday, December 20th, 2009

Around a week ago I started experimenting with running Asterisk on my FRITZ!Box 7270 to replace my DECT phone, which has been getting a bit long in the tooth, with a SIP client running on my new Motorola Milestone cell phone so that when I am at home and my cell phone is signed in to my WLAN I can use it as a mobile handset for calls arriving on my landline.

As it turned out it is a little bit tricky to get Asterisk to compile for the FRITZ!Box, so this posting is supposed to summarize the steps I had to take and also comes with a neat helper script, which should automate most of the required preparation and compilation steps.
(more…)

Tags: ,
Posted in Hacking, OSS, Tech by Thilo-Alexander Ginkel | 5 Comments »

Ext4 Performance Improvements

Tuesday, November 24th, 2009

In order to speed up the general performance of my personal computer I put an Intel X25-M SSD into it some time ago and made sure that most binaries that are needed to start up Linux are loaded from the SSD. I could not go without a conventional hard disk, though, because the storage capacity of typical SSDs (or the budget that I am willing to spend) is still too limited. While boot times already improved dramatically after adding the SSD, mounting the file systems located on my conventional hard disk was still limiting the overall speed of the boot process.

That was when I read about the performance improvements introduced by the ext4 file system. (more…)

Tags:
Posted in OSS, Tech, Ubuntu by Thilo-Alexander Ginkel | No Comments »

« Older Entries