Sunday, March 29, 2009

Arrest them all! RT @davidgerard: NotN: Police scheme identifies 180 children as potential terrorists
Just out of interest - anybody got experience with Win7 and Fritz!Box IPSEC connections?
Bitte weiterleiten:

Wednesday, March 25, 2009

Engagdet caught being stupid, but don't want to admit it:
Still pondering what daypack to go for, and how large it should be... 30l sounds almost too much, but would cover short trips, too.

Monday, March 23, 2009

Got my Battlefield:Heroes beta key, finally :-)

Sunday, March 22, 2009

Day packs...

Based on Mr. Bills post I've started looking into getting a decent daypack again.

OK, during the winter I can get away with putting everything into my various jacket pockets (and I always choose jackets with LOTS of pockets), but that's getting old (and I'm running out of space).

I already got my eyes on a nice US Army style assault backpack with lots of MOLLE loops, to customize later on. Plus I've got my Grabit for the summer to carry bare essentials.

But that just raises another question: WHAT to put in?

I know I want to put in all the stuff I got in my jacket right now... tin of mints, business cards, PDA, phone, GPS, maybe associated chargers and cables for them, iPod, the odd bit of food that travels well, antacid pills if it doesn't, flashlight (Fenix P2D - doesn't take up much space, and if that isn't bright enough you should wait until noon), pocket knive, pocket tool of choice...

So, anybody who follows this blog: got a suggestion what else I should put in a daypack that has much more space? Just comment...

Tuesday, March 17, 2009

A thought on eavesdropping VoIP

Given the current fad of governments trying to eavesdrop on people (only criminals, of course, and politicians are excluded by law), and the criminals catching up and using encrypted VoIP (Skype for example), governments have expressed that they want to install trojans to catch the voice stream before it gets encrypted.

Which of course can only mean hooking into the soundcard drivers, as that's where the physical signal from the headphone jack gets through before it is passed on to the VoIP software. An even easier way would be to place a small bug into the PC that gets hooked to the loudspeaker and microphone plugs (but of course that wouldn't allow software companies to earn millions for developing a trojan that never works anyway unless you have a really dumb terrorist...).

But let's assume the government either pulls of writing the trojan or placing a physical device into the case - now they can get everything that goes out to the loudspeaker/headphone, and everything that comes in via microphone or line in. Really?

USB soundcard solutions already exist, mostly for laptops, but of course they'll work just as good on desktops. USB headsets basically are the same - a small soundcard connected via USB. That would eliminate the physical option, but would still allow access via the sound driver on kernel level.

Now here's an idea: How about an ENCRYPTED datastream? The VoIP software could talk directly on API level to the soundcard instead of using the normal OS ways, and make sure that the data never is in clear form before it reaches the soundcard. That way, the only decrypted signal would be on the 2m or so of cable between the soundcard/USB-plug and the actual headphones.

Of course, additional security could be achived by encrypting even that and only decrypt inside the headphone ;-)

Funnily, while it would be tempting to do so, encrypting the microphone signal would be completely pointless - what you say will be audible inside your room anyway, so a plain old normal bug will give the LEOs access to that part of the conversation anyway.