Clever readers will notice the Seinfeld reference. Anyway, on to the topic.

Everyone is writing about the iPad, so as not to arouse suspicion, so will I. The iPad was released a while (a week? two?) back by Apple. Using the standard hypewords “awesome”, “fantastic”, “amazing”, “fabulous” etc. Jobs hailed the device as a whole new class of devices (which it is, more on this later), and quote: “The best web browsing experience you’ve ever had!”.

Let’s first look at the specs. The device has an Apple designed A4 processor (though rumors are, they bought the silicon from some other company), 9.7″ multi touch screen (with IPS panel), 16 -> 64 gigs SSD storage. What it does not have is:

• Exchangeable battery
• No expandable memory (no sd slot, no usb slot, no nothing)
• No usb ports (use apples propietary 30 pin cable, with adapters)
• No multitasking in the OS
• No phone functionality
• No 3g in the standard version (pay $130 extra for that in any size class)
• No camera
• No flash!

That seems like a long list. Which is probably because it is. There are a number of shortcomings in the iPad, and with a 499 pricetag, that’s pretty unacceptable. To my eyes, this is a total fucking rip-off product, with no real killer app or usage scenarios. I’m thinking this could be used by say, medical institutions or perhaps, as a device for visitors to a museum or something. But multitasking becomes an issue here as well.

Who is going to use an office suite, without multitasking? Enjoy writing your diary, without surfing or doing anything else at the same time. Enjoy not being able to surf the web while taking notes.

This is a deliberately defective product. According to sources, the parts in the iPad cost apple 300 dollars. Which means, for the cheapest shit-ass model, they are raking in a huge 200 dollar profit. Even if they just sell one for each apple fanatic, they’ll still make enough money to be happy.

Again, this isn’t that they couldn’t have included all of those things, they did so because they decided. This way, they can make the 2nd generation iPad, which has all of the clearly missing features, and everyone will go fucking apeshit about their genious device. But let’s get real here. A device with more features existed 7 years ago, in the form of an HP tablet computer. This is just highway robbery on Apple’s part, and i don’t like it.

Why did Jobs call this the best web browsing experience you’ve ever had? I wonder why their product pages had blatant lies on them at the time of the release? They showed video and images of iPads visiting Flash based websites, until some keen-eyed humans found the lie, and Apple had to quietly take it down. The fact of the matter is, it does not run flash, and probably never will. Jobs says it’s because “Adobe could be making an awesome product, but they choose not to.”

Why not stop lying and tell them the real reason, huh? The real reason is: through flash, people could be watching online video and skipping quicktime. Through flash, people could start creating and distributing games and applications that would circumvent the Apple store, which they want to keep strictly controlled. We all remember the dictionary app that wasn’t allowed because it allowed translation of naughty words. Sure, flash is not perfect, but devices since Symbian S60 have had flash. This is the year 2010 and Apple comes out with a product without Flash? Get with the program! Through process separation, flash could be made perfectly safe, so i’m not seeing the problem. Jobs keeps talking about HTML5 which brings video support (can be tried out on youtube, with certain browsers), but let’s get real. 70% of all online video and most modern sites and portals use Flash. Without it, you’ll get a lesser experience, or miss out on some content altogether.

What is the use for this thing, seriously? What could you possibly want to do with this iPhone XL? Give me some suggestions. Meanwhile, i’ll keep thinking, and i’d rather spend my money on the 58 tons of sand i could buy with the 499 i saved by not getting the maxiPad.

Don’t buy the iPad. It’s a complete fucking ripoff, and you’ll regret it in a year when they come out with a revolutionary product that has a camera *and* 3G built in!!!1one.

Today’s blogpost is inspired by the problem with our dear Finnish people. Or maybe it’s a global thing, humanity itself.

I’m talking about a) tolerance b) being a fucking sheep. Let me present to you a problem that i’ve been having lately.

VR is the state operated railway here in Finland. It operates all trains, and is responsible for collecting ticket fees, operating the stations, platforms etc. They have steadily been increasing prices of train tickets, due to uh.. inflation and rises in operating costs. However, trains don’t seem to go on time during the winter, which makes me a bit angry. My problem is, that i’m constantly paying my ticket, and yet, the trains i count on to get to work and back are never on time when there is a little snow on the ground.

Granted, this winter has been exceptionally bad, with more snow than in any previous year since the 1960’s, but none the less. Where is my money going? It sure as hell isn’t going to improving the reliability of trains in “extreme” weather

Winter is not a new concept in Finland, and many places operate trains far more north than Helsinki, in southern Finland. We get snow, which starts gathering in the machinery of the train, the wheels, the gears and whatnot, which is preventing trains from moving. At least this is according to VR. Also we are having problems with tracks freezing so badly, trains can’t switch tracks as they have to to reach the correct places.

This to me seems like an engineering problem. If you throw enough money at a problem it usually goes away. Increase the amount of plows on the tracks. Put heaters in places where icing is a problem. But this isn’t happening. Why?

Traditionally, when consumers (that’s you and me) have a problem with something, they start complaining. This is happening now with the trains. Inneccent complaining results in either a) the company shutting down because they can’t or can’t afford to fix the issues that the complaints are about, b) the company fixing the problem c) company lowering prices or offering compensation due to lost revenue/time or whatever or the consumers. This isn’t happening either.

VR could shut down their customer support, and stop notifying people of late trains, and what would we do? We’d keep complaining, and keep traveling, because that’s what we do. That’s all we do. We have no other option but to keep traveling. They could just lay off 90% of all their staff, send them to Bermuda or where ever, and there isn’t a damn thing we can do about it. We either accept the problems, or we stop using trains. Which isn’t happening. So we make like sheep.

Why i keep paying for tickets during winter, i don’t know. There should be no ticket fees at all. But they just keep raising the prices, and we keep paying. If a ticket inspector came on any of these late trains (i waited 45 minutes this morning), i would probably punch him the fuck out. But there’s a problem with those guys too. Inspectors get paid from the inspection fees (80 euro, or.. what, 120 dollars?) from everyone traveling without a valid ticket. When they increase the inspection cost, it doesn’t go toward anything else, except paying for more inspectors.

It’s like traffic cameras in Helsinki. The fines sent out by traffic camera pictures, are used to invest in new cameras, so more fines can be had, so more cameras can be bought…

So how is this organisation still operating? Because we are sheep and we don’t really care. We just accept what the news is telling us, what VR is telling us and accep that there is nothing anyone can do. This is 2010. We are a nothern country. We have had winter here since the planet was created, oh, 4.6 billion years ago. This is not a new thing. This is an engineering problem that isn’t being dealt with, because frankly, they don’t need to.

So here’s my uh.. long-awaited review of the Samsung N140 netbook. This is a fairly recent model that was released i think some time late last year (and early this year in Finland). It’s basically an upgraded model of the acclaimed N120 (won tests in both Mikrobitti and MikroPC magazines here in Finland).

Let’s get a few things straight right off the bat. This is a netbook. Don’t come crying to me that it’s low powered, because i know. That’s why i got it. Yes, your calculator may have more power than this, but i don’t give a shit. Anyway, on to the review.

What’s in the box

The laptop costs somewhere below 400 euro in Finland. I bought mine from Anttila for 399 + shipping. The box is a very minimalistic (ecological, i suppose) box, with very little graphics or glossy print. Inside the box you’ll find the netbook inside it’s protective bag and set in some foam. An accessory box is next to that, which contain the installation guide, warranty information, declaration of ROHS compliance, and other assorted papers. Also included is a black samsung “second skin”, with zipper for the laptop.

I wasn’t aware of this, so i went out and bought a Tucano Second Skin from Verkkokauppa for 12 euro, but in hindsight, this was a good idea. The included black case is very very thin, and because of this the quality feels a bit cheap. I guess it protects from scratches and such, but i’d prefer something thicker, like the Tucano.

Also included of course, is the power brick, which is very small. Like a small mobile phone, only a bit thicker. A 2 meter power cable is included. Note well that this laptop can also work as a usb charger for a device such as a mobile phone, ipod etc, even when the laptop is powered off!

Specifications

The specifications of the netbook are as follows:

Processor: Intel Atom N270 (1.6ghz, hyperthreading)
Memory: 1 GB 533 MHz DDR2 (upgradable to 2GB, trying this later)
Hard-drive: 250 GB (2.5″, 5400RPM)
Graphics: Chipset is an Intel 945, with Intel GMA950 graphics that uses shared memory from the RAM.
Screen: 10.1″ LED backlit, resolution 1024×600 pixels
Optical drive: NO
USB: 3xUSB 2.0
SD-memory card reader (supports SDHC)
VGA out, Audio in/out, Ethernet, Wireless and Bluetooth 2.1EDR

Physique

The laptop itself is a very solid build, which was a great surprise after having tried some other netbooks, such as early Eee-pc’s. (701 i believe?). It does not flex at all when holding it from a corner, and there are no uncomfortable squeaks or inconsistencies.

The top of the laptop is very shiny glossy plastic, that will retain any memory of any physical object (may apply also to ghosts and spectres) touching it. This means fingerprints, scratches and other scuffs will be visible for all eternity. It’s also easy to clean because it’s so slick, but bear in mind: any rough cloth or dirt on it will leave scratches if you wipe with it. This applies to most samsung products, TV’s etc.

Inside it’s matte, but with a shiny chrome border circling around the keyboard. I’m not sure what the function is of this, i think it just looks cheap.

The touchpad is a decent size for a netbook, and very comfortable to use. The button is a one-piece, two-button affair, which feels a bit fidgetty, but you learn to use it pretty quick. Just hit the left or the right side for the desired button.

I would call the keyboard Thinkpad-esque. It’s bloody awesome. The size takes up the whole width of the netbook, and has very nice feedback and a generally i give it high marks. Includes function and windows button. Functions behind the fn key are: sleep, battery, the euro sign, external/internal screen, brightness, mute, volume+ and -, “turbo mode”, wireless, touchpad on/off, home, end and num- and scroll lock.

Memory is easily accessible under a one-screw hatch in the bottom. This is also a feature that most netbooks don’t have. There is a single slot, that is occupied by a Samsung brand 1GB stick, 533mhz.

Battery is removable, and there are rumors of a new more powerful battery, but i haven’t seen it yet.

Software

Comes bundled with Windows 7 Starter (32-bit). The bundle is quite horrible, as it includes every damn thing under the sun, most of which are limited time trials, offer very limited benefits for the user. Some of the “highlights” are:

• Office 2007 (1 year trial)
• McAfee Anti Virus + Firewall + Doohickies
• Samsung Backup solution (only thing i’ve actually liked, more on this later)
• Various small farming-related games, such as Dairy Dash.. (wtf?)

The Office 2007 trial didn’t work, as it just offered a 60 day trial, or an option to buy it for a very affordable 600 euro (more than the machine).  Uninstalled that fucker right off the bat. McAfee, slow as molasses, and didn’t activate. Uninstalled. Games. Uninstalled.

The Samsung backup utility makes a full disk restore image when you first start the netbook, and it’s apparently stored on the 15 GB recovery partition that’s configured on the drive. This came in very handy, as i was able to bluescreen the bitch right away, after installing newer drivers for the touchpad. So uh, don’t do that. I booted the thing, and hit F4 to access the recovery image. Full restore (10GB) took about 20 minutes. After that i had to re-uninstall everything, but now i’m cool.After this, i created another backup image, this time of the customized operating system, so i wouldn’t have to do this all over again.

Updated the BIOS to the latest version, dated 10.1.2010. Nothing notable, no changelog on Samsung’s site. There’s a program called Samsung  Update which takes care of updating the drivers (however messing up with the touchpad driver). Drivers can ofcourse be downloaded manually too.

Performance

I did some simple tests to compare the performance of the Samsung N140, with my previous “netbook”, the IBM Thinkpad X41. Specs of the thinkpad are: 1.6GHz single core Centrino, 2GB DDR2, 1.8″ 40GB Hard Drive, Intel 845 chipset.

Here are the results, which i won’t analyze other than to say that the results were largely expected. The Atom is low powered, but the hard drive kicks ass.

• HyperPI (calculates decimals of PI):

1 million digits:

Thinkpad: 48 seconds
Samsung: 1 minute 57 seconds (running 2 threads), 1 minute 36 seconds (running 1 thread)

2 million digits:

Thinkpad: 1 minute 57 seconds
Samsung: 4 minutes 22 seconds (2 threads), 3 minutes 37 seconds (1 thread)

• HDTach 3 (measures hard drive performance)

Thinkpad: Burst 90,2 MB/s, Random Access 19.7ms, Average Read: 17.2 MB/s, Sequential reads: 20 -> 14 MB/s
Samsung: Burst 118.2 MB/s, Random Access 19.6ms, Average Read 71.4 MB/s, Sequential reads 89-43 MB/s

I was unable to run PCMark05 due to (maybe?) the resolution of the Samsung (below the required 1024×768).

Windows Experience Index scores are: 2.1 for the Samsung, and 1 for the Thinkpad. Biggest differences were CPU (thinkpad wins hands down), and HD (Samsung wipes the floor). I’m not sure what the net difference is, when you account for all the differences in performance, but the Samsung is a netbook.

Overall impressions

So far, i’ve had it for about 24 hours, and i’m very happy with it, despite the small hickup with Windows 7.

Pro’s

• Good bang for the buck
• Build quality
• Visually appealing (mostly)
• At least some upgradability

Con’s

• Bundled software doesn’t work or sucks
• Windows 7 starter…
• Glossy edge around the keyboard

I purposefully left out performance from the con’s section, because you can’t expect performance from a sub 400 e netbook. You get it for the battery life and the portability. If you’re looking to do more than surf the web, read your mails or sit on IRC, i recommend a computer.

Future projects

I have this idea of putting a Sandisk Extreme III SD card in to the SD slot, and installing some netbook linux, and seeing if that is any faster. The 8GB variant of this card comes at around 40 € here in Finland, which isn’t all that bad. The question remains, what bus is the SD card hooked to?

The memory will also be upgraded to 2GB, though i’m not expecting much difference in performance here.

So it’s been a long while since i last wrote anything. So what’s been happening lately. Well, a few things.

Dorsia has been replaced by a “slightly” less powerful machine, namely an old P3 rig. Dorsia is my shell machine that i’ve used to hand out shells to people i know. Nothing really special here, it does the same job as before, but with less overhead. The previous Dorsia machine was a G4p HP Proliant, with dual Xeon’s, so it’s best off doing something else. In this case, something else is installing VMware ESXi on it, and using it as a test bench for numerous virtual machines. It’s better suited for that task. This project is stil pending, but, the server hardware is compatible with ESXi, and i should get on that with P at some point. Our plan is to build a kind of virtual lab environment, where we can have different server operating systems, such as Windows 2003 and 2008, among others, and then run a hostile machine,perhaps with the recently released Backtrack 4 final. As soon as we have time..

I’ve ordered a netbook. So yeah, i became yet another sheep and got myself a netbook. Yes, i’m aware they are very slow etc. etc, but i’m just interested in surfing the web and writing stuff down, and for that, i think it’ll be just fine. The one i got was a Samsung N140, which is a 10″ netbook, with a 1.6GHz Atom 270 processor, 2 gigs of memory, a 320 gig hard drive (5400rpm), and various other parts of lesser interest. There are a few things that are of concern. 1) Is the machine powerful enough to run some flash content? I’m not talking about some multimedia extravaganza, but simply youtube and such? 2) The resolution is small, and i know this. But, it has a VGA out, and where i’ll be using it “proper”, i’ll have an external screen to hook up to it.

Basically, i’m not expecting much, but it’ll be interesting to see how it compares with my previous “netbook”, my Thinkpad X41, which has developed some problems with the battery and charging. This puppy has a 1.6 GHz Centrino,  with 2 gigs of memory. I’ll be running some benchmarks to see how the Atom fares against this 5 year old machine. Should be interesting, as there aren’t a lot of benchmarks that compare older hardware with netbooks, and as M pointed out, there are so many different architechtures; comparison becomes difficult on a larger scale. I’ll be reporting on this as soon as i get the machine, which should be next week.

I’m also trying to find out what the perfect linux distro would be to install on this. I’m taking suggestions, if you have them.

Adobe presented me with an interesting perdicamen this week at work. I was fiddling around with trying to get the Adobe PDF printer working under Windows 7. This proved to be a bitch. After countless hours of testing, i found out that Adobe Acrobat version 7, works just fine under windows 7. This is an old old version, from like 2003, which doesn’t even have support for Vista, let alone Windows 7. Adobe 8, which was used in this particular case, just didn’t work, not even with the latest patches. It installed the printer, but you were unable to use it, as Acrobat claimed the product was unactivated (it worked otherwise just fine, so i think that’s just a bogus error message). Again, version 9, the latest version (patch 9.3 released 14th of January) has official Windows 7 support as of 9.2, and that worked fine from the get go.

So Adobe, why doesn’t version 8 work, when the older technology of version 7 works just fine? You wouldn’t be out to get Windows 7 users to buy Acrobat 9 now would you? Tsk tsk.

Glamorama, the recent book by author Bret Easton Ellis (notably of American Psycho-fame), is what i’m reading next. Hopefully, even today. It was shipped out from Jersey, at play.com last week, so i should be getting it either today or tomorrow.I hope it’s as good as American Psycho! I think i’ll be reading his entire bibliography, since i very much like his topics (glamour,  yuppies, decadence and horror), and his writing style.

Ham radio. Me and B decided we were going to become ham radio operators during the year of 2010. We haven’t started yet, but i’m definately going through with this. I have a few ham friends who i’ll be talking to about where to take the exam and so on. The basic level exam isn’t too hard, plus i was in the signals battalion during my one-year army stint, so this shouldn’t really be a problem by any stretch of the imagination.

You might remember a while back, i posted some entries about using your ATI GPU to do some number-crunching for you. Specifically, Pyrit can be used to break the PMK or Pairwise Master Key of a WPA protected WLAN. Pyrit can use both ATI and NVIDIA cards (plus some others); this entry will deal only with ATI, since i have an ATI Radeon 4850.

Prerequisites

Let’s get started. The platform that i have for doing all this is as follows:

• ATI Radeon HD4850 graphics card (Asus brand, 512 MB memory)
• Gigabyte motherboard with AMD790 chipset
• AMD Phenom II X4 processor
• 4 GB DDR2 memory
• Ubuntu 9.10 64-bit clean installation
• Latest fglrx drivers from ATI, installed using the System -> Administration -> Hardware Drivers
• Kernel is 2.6.31-16

To start out, i installed the following packages (packages are in the ubuntu repositories):

• binutils, build-essential, libssl-dev, python-dev, zlib1g-dev, libzlcore-dev

There shouldn’t be other dependencies, but do download anything that apt suggests with the aforementioned packages. After this, you need to install the ATI-stream packages, which is split into two parts: Atical and Atibrook. The files can be downloaded from ATI’s site, but installation may be tricky. I used alien to convert the .rpm packages to .deb packages, which worked somewhat well. I’m not brave enough to distribute the .deb’s i made on this site, as i never heard anything from ATI when i asked about this. Sufficed to say it can be done and wasn’t too hard, since i managed.

After this you can go two ways. Either install the stable 0.2.4 packages of Pyrit, or go the SVN route, and get the very latest builds (revision 193 or 0.2.5-dev at the time of writing). In either case, the process is the same, but the SVN is always the “latest”, which doesn’t necessarily translate to “most stable” or even “working”. I tried SVN, because i had an issue (which later turned out not to be Pyrit’s fault, more on this later).

The SVN-way:

Install a svn client by doing:

sudo apt-get install subversion

Go to your home directory, or other location where you have write privileges. Run the following command:

svn checkout http://pyrit.googlecode.com/svn/trunk/ pyrit_svn

It will create a directory called pyrit_svn where you are, and download the latest source-code. To update this later, run:

svn update

You will end up with a directory-tree that contains everything in the pyrit project. The ones we are interested in now are the directories called pyrit and cpyrit_stream.

From here on the instructions continue the same way, whether you got the SVN or the stable code.

Compiling Pyrit

If you downloaded the packages, open them up and place them for instance in your home directory. First, enter the directory called pyrit and run the following command:

python setup.py build

If that succeeds, and you don’t see any errors (it should be pretty quick), type in the following command:

sudo python setup.py install

You should also get no errors from this before moving on.

Compiling cpyrit_stream

Now we’re compiling the ATI Stream component of Pyrit (as opposed to CUDA for Nvidia cards). Go back to the directory you unpacked the stream files (or the pyrit_svn directory if you downloaded that), and enter the cpyrit_stream directory. Run the same commands as you did with Pyrit main, i.e python setup.py build and then sudo python setup.py install.

Note! You will probably hit a glitch here, as i have done every single time i’ve compiled Pyrit. These are known issues, which are adressed in the following way:

You’ll get an error that says something about:

/usr/local/atibrook/sdk/include/brook/CPU/brtvector.hpp:190: explicit template specialization cannot have a storage class

There’s an error in two files (with the latest version of Linux Kernel/ATI drivers, i’m not a developer so i can’t say what changed, but these changes were necessary) that need to be corrected before you can compile cpyrit_stream.

You need to locate and open the following file: /usr/local/atibrook/sdk/include/brook/CPU/brtvector.hpp

Inside this file, find the following line: #define SPECIALGETAT(TYP) template <> static TYP GetAt (const TYP& in,int i) {return in;}

From this line, remove the word static. Save and close the file. Do this as sudo, because atistram is installed somewhere where you probably don’t have write permission.

From the same directory, open as sudo the file brtarray.hpp, and in the beginning of the file, find the line or lines that start with include, and add the following there:

#include cstdio (with cstdio inside < these > characters)

Save and close the file. cpyrit_stream should now compile perfectly. If you have doubts, replace the word build with clean, and then start the compilation again.

After this, add the following lines to your .bashrc .bash_profile .profile file (s). I frankly don’t know which of them is the effective one, but the idea is to load this when you load your profile. We want to add a few variables so that Pyrit can execute the ATI stream code successfully.

export LD_LIBRARY_PATH=/usr/local/atibrook/sdk/lib:/usr/local/atical/utilities/lib64:$LD_LIBRARY_PATH
export PATH=/usr/local/atibrook/sdk/bin:$PATH

Additional problems & Testing

You should now have a working Pyrit that can utilize ATI Stream. I ran in to some more problems at this point, but i was able to solve them with the help of the internets.

Next, try seeing of you can locate the GPU using the FindNumDevices which should tell you that you have one device ready, or the number equal to the amount of GPU’s you have. The bin is inside /usr/local/atical/bin/lnx64 in my case, and you can run it with ./FindNumDevices.

Note! At this point i ran in to a segfault, which is caused by the fglrx driver and the PAT option being enabled in the kernel. You can try the command, and see what you get, but if you get a segfault, see the next chapter.

Your output should be like this:

Supported CAL Runtime Version: 1.3.185
Found CAL Runtime Version: 1.4.427
Use -? for help
CAL initialized.
Finding out number of devices :-
Device Count = 1
CAL shutdown successful.

Press enter to exit…

Where the device count is .. what i said before.

If you get this, you are ready to try out Pyrit. Type in pyrit list_cores to see the devices available for calculation use in Pyrit. You should get your processor cores minus one, and your gpu(s).  My output looks like this:

Pyrit 0.2.5-dev (svn r193) (C) 2008, 2009 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3

Connecting to storage… connected

The following cores seem available…
#1:  ‘ATI-Stream device 1′
#2:  ‘CPU-Core (SSE2)’
#3:  ‘CPU-Core (SSE2)’
#4:  ‘CPU-Core (SSE2)’

You can now run pyrit benchmark to see what kind of processing power you are looking at. Refer to the pyrit site for a more complete howto of the program. The benchmark command will give you the amount of PMKs per second that the different cores can do. In my case, the output was something like, 8400 PMKs/s for my Radeon, and around 700 PMKs/s for each of my Phenom cores.

Troubleshooting the Segfault

Starting out according to the instructions on various sites (mainly the Pyrit site), i ran into a segfault with both pyrit list_cores and ./FindNumDevices. It wouldn’t execute at all. Running list_cores as sudo, i didn’t get the segfault, i got my four Phenom Cores  (and no Radeon cores anywhere).

I found exactly one (1) result with google, but that got me in the right direction. It has something to do with a problem between PAT and fglrx, PAT being Page Attribute Table (yeah, i googled that..). To get rid of the problem, pass the nopat option to the kernel at boot. If you haven’t done this before, boot your machine, and when you get to to grub, hit e to edit the commands being run.

Locate the line which has the boot command, and at the end of my line (my line ended with the options quiet nosplash) so i made it quiet nosplash nopat and hit ctrl-x to boot with those commands. You can edit your grub to always start with nopat, but i will not get in to that here.

After this, both ./FindNumDevices and pyrit list_cores ran like a charm and produced the end-result i was looking for, that is, using your GPU to chip away at some pesky PMK.

This is just an expansion and update on the great instruction in Pyrit’s wiki, but other sources were used as well!

What is it with the state of security that i’m seeing around me?

People are using weak passwords, or the same password for everything, and not only that. The people who are supposed to be responsible for security do not discourage or prohibit the use of such passwords. Hell, weak passwords are sometimes even encouraged. “Pick something that you’ll remember for sure, as long as it has at least one capital letter”. Then we end up with passwords like “Dog1234″ and then when the obligatory tri-monthly change comes a-knocking, we get “Cat1234″, because of poor user education and poor (or non-existant) complexity rules.

If we have something like full-disk encryption, chances are it’s synchronized with windows, using a single sign-on. Or then it’s a PIN code or something that’s way too easy to guess or deduce.

Security is just simply abhorent everywhere i look. And i’m not sure how to start changing it. Other people are making the policies, i can only offer suggestions, and complement users on good choices (and i’ve seen some of those too!). I’m more for positive feedback, but sometimes i just want to scream. It’s like nobody cares that a fucking VPN password only has single factor authentication, and the password is like December2009.

“But it has numbers and a capital letter in it!”

Forskningsavdelningen means “Research Department” in English.

A Swedish hackerspace, located in the south-western part of Sweden in Malmö, was raided recently. The reason for the raid was said to be an un-licenced party being held at the premise, and suspicion of alcohol being served to minors.

Nothing strange here, the laws on alcohol are usually in place for a good reason.

But why the police came in with Computer Forensics analysts is another issue entirely. Are they qualified to deal with minors on a drinking binge? Or maybe they were there to sieze interesting equipment housed there? Among the seized items are wireless routers and antennae.

So far they have received no clear documents as to what crimes they may or may not have commited. There is a suspicion of “preparations for unauthorized computer access”, based apparently on the nature of the equipment found in the premise. Also found were two old machines for copying keys, and other lock-picking paraphenelia. Which, as i understand, are not illegal, as long as it is a hobby and not used to break in to anywhere. But i am not a lawyer so. They do mention in one of their posts that owning machinery for the copying of your own keys is perfectly legal.

Also, there were two other parties going on in the same block, which were not raided (probably because there were no computers there….)

This is a disturbing thing, really, because this could lead the way to other such raids, where a minor supposed crime is used as the way to get a search warrant, and then “oh, look, computers. And we just happened to have our computer experts from the FBI with us, how lucky!”. I’m just hoping that they don’t bring that to Finland, or instate rules such as “sneak and peek”-warrants, which would allow law enforcement to enter my house without my permission or presence and “look around for evidence”.

Paranoia 101.

Link to the page of the hackerspace, in Swedish. http://forskningsavd.se

I’ve been giving megacorporations a whole lot of thought lately. In this article, i’ll be looking at three of them: Microsoft, Google and Apple.

First, let’s delve in to the big G, Google. Google is a verb. How many companies have ever become a verb? “Google that.”. There’s a whole lot of buzz around Google, namely that they are some kind of evil corporation, hellbent on world domination. There are a number of things that attest to this. Google is one of, if not the biggest owner of fiber optic cable in the world. This means, they control a large part of the backbone of the internet. They’ve been quietly buying it up along the years, and i believe they are now in the position of largest owner. The buying started in 2005, if not earlier.

Recently, theybid for a chunk of RF-bandwidth, namely the 700mhz area. This is an area that can be used to operate a mobile telephone network. In the 2007 bidding-competition, this was the C-block. The rules stated, that if bidding on the C block exceeded a certain figure, the winner would have to allow everyone to create applications and devices for that block, effectively opening it up.

“As a result of the auction, consumers whose devices use the C-block of spectrum soon will be able to use any wireless device they wish, and download to their devices any applications and content they wish,” say Richard Whitt and Joseph Faber, two of Google’s Washington-based counsel members, in a post Thursday afternoon.

Google threw in a bid of a cool 4.6 billion dollars right off the bat, thereby unlocking the deal as stated above. They didn’t actually have to pay that much (Verizon ended up actually buying the spectrum for a fair 9.4 billion, which also includes other frequencies), but the fact that they could make the bid, means they did.

Google makes money off advertisement. If you use Firefox, and the noscript plugin (very much recommended), you’ll notice that most sites use a bit of javascript called Google Analytics. This is the little bit of code that follows you around on the web, and generates valuable marketing data about your habits. This way, marketing companies can make very specific ads, or just change the layout and presentation of their ads, based on how millions upon millions of consumers surf. They also use text-ads in applications such as gmail, to look through your mail (scary, right?), and then produce ads based on the content of your mails. Say you’re mailing Tom about a new car, you’ll probably get ads regarding cars, auto accessories, cheaper service-plans..

So my question is, can google make it without the ad-revenues? If i suddenly went around like fucking Santa Claus, and installed Firefox on every last computer in the world, along with adblock and noscript, would google go bancrupt? Probably not. They’ve been adding to their portfolio with things like fiber optics and mobile devices (Android, anyone?). But would it be enough to sustain this behemoth? Who knows. The ultimate goals of Google may only be known to a select few. It’s just a proven fact that when any entity gains a lot of power, that results in trouble. Because what do people with power want? More power.

Chapter two in this post is Microsoft and Apple. Both big healthy companies, with a long-running history of weird products, bad products, and amazing success-stories. But one would probably not be without the other. I’m talking about Apple, receiving money from Microsoft to continue operating. This was in the 90’s. Now what did this result in, initially? Microsoft products were now available on Macs. Programs like Office and Internet Explorer became available on the Mac platform. But this hasn’t quelled the interest for Mac applications, such as iWork and Safari, both of which are living healthy lives of their own. IE isn’t available anymore, and the office version is growing a bit old as well. One can dual-boot a mac in to windows, using Boot Camp. No doubt, also a fruit of this unholy alliance.

CNET recently wrote that Apple “owes” Microsoft 30 billion dollars, and as a side effect, most of their success. Had Microsoft not sponsored Apple, they probably would not have gone on to get a significant market-share in mobile phones, computers and software. The iPod is a household standard, and who hasn’t heard of the iPhone, perhaps the most anticipated product launch of the 00’s. Apple has created a whole breed of geeks. People who follow the word of the Steven, use 100 bucks on their haircuts, drink 10 euro cups of coffee, while surfing wirelesly on their admittedly crippled Mac Air. Whatever they make, these people buy. They do the marketing for Apple. All that’s needed is a few select words, usually starting with “Oh and by the way..”, and the apple fanatics take care of the rest. Blogs, offices and dinner tables everywhere are filled with discussion on their new product, the price and features usually a mere subtopic.  Whatever the price, whatever the problems and obvious deficits, people will buy it. They’ll line up to get it.

Funny how one of the most powerful forces in marketing and design today, depended on one of the industry’s grandfathers. When has a Microsoft product last seen even a fraction of the hype of an Apple launch? Maybe Microsoft should have added a clause to get a share of the marketing genious that is Apple, in exchange for all those moneys? Maybe there were clauses in there that nobody knows about. But they sure have stayed quiet about the whole deal.

I, xxx xxxx hereby declare that if Timo Soini, of the right-wing populist “True Finn”-party gets elected as president of Finland, i will move out of the country within one month of his inauguration.

The stupidity must end.

This is just a bit of news i picked up elsewhere, it’s probably in all the major news outlets here, so i won’t bother with sources. Check any magazine.

There’s 87 million euros (that’s like a kazillion u.s. dollars) of money that’s been collected by different organisations to benefit the veterans of our wars. There are roughly 67 000 veterans left, and two-thirds of them will die within the next five years, according to studies. This means, that they’d have to start giving out cash at a speedy rate, so that everyone get’s their share. This also means that people who have donated to the cause over the past decades don’t get lied to, and that the money goes where it was collected for.

Let’s get a few things straight. I don’t disrespect veterans, on the contrary. My grandfather is a veteran of WW2, and he lost 6 brothers to russian bombs and bullets. Others in my family had to go in to exile, or spent weeks in bunkers waiting for the firebombings to stop. My family has seen war.

It’s the origanisations i have a problem with. They collect money, yet they are very stringy about where it goes. My grandfather hasn’t seen much in way of support, and for instance rehabilitation has been sporadic at best. Why are they sitting on 87 million euro?

Well, one explanation is that veterans need to be remembered after they have all passed, and i agree totally. But for 87 million you get a whole lot of remembrance for a whole lot of generations. With that kind of money, we could send videos and books  about veterans to every person in the country for a few years.

Most people, including my grandfather, still live in debt, in a small apartment, in conditions less than stellar. He still has his dignity and wisdom, but i still feel we could give more. He’s 87 now, and 5 years is about what i’d give him at most.  It’d be nice to spend those last years not having to worry about bills or payments.

So how about it, guys?

I vote we stop giving any more money to these organisations that say they are benefiting veterans, until they actually start doing so. This discussion has been ongoing for a long long time, and yet, it’s still one of the most popular places to donate money. Let’s just not cheat these people out of the money they’ve rightfully earned, in the last few years of their lives.