The Install

Time for the install. Nothing spectacular here. I booted the thing off a USB-drive i created using unetbootin 3.93, with a Ubuntu 9.10 (32-bit) iso slapped on there.  There was some issues booting from the stick, because i couldn’t get to any kind of boot menu (F12 didn’t take me anywhere), so i had to take a look at the BIOS. The setup was a bit different from what i’m  used to, namely, the usb drive is detected as a hard drive, and not as a removable or separate device. So, to start off, i had to set the hard-disk to boot as the first device, and then set the order of the hard disks, so that the “primary” hard disk was the USB-drive, and the secondary drive was the internal 250 GB drive. After this, the boot worked just fine. After the installation was done, removing the USB drive bumped the 250GB to the primary drive.

Other things that need to be noted in the BIOS are: Setting your graphics memory to 512 (or whatever your max is). This will ensure flawless HD playback. Default is usually 64 or 128 or something, which isn’t enough. Also make sure you have all the necessary audio and video ports enabled.

The Ubuntu installation was quick and painless. I chose to use the entire 250GB drive, and let Ubuntu do it’s magic on it. Nothing special during the install.

After the installation, only a few packages are needed. The commands that i ran, in order:

apt-get upate && upgrade

apt-get install nvidia-glx-185

This updates the repositories, upgrades existing packages, and installs the nvidia hardware driver. You can also use the Administration -> Hardware Drivers, which at the time of this writing, installs the 185 driver.

Note! I had some problems with the latest 195 driver. After installing it, there were some dpkg errors that prevented the installation from finishing properly. After this, graphics were fucked, and i couldn’t start x. When i did get the driver installed, and everything seemed to work, i was completely unable to play any HD quality .mkv files. XBMC would crash to the desktop. Also, trying to play them in VLC for instanec, resulted in equally disasterous problems. So unless you are having problems with your ION and the default 185 drivers, don’t upgrade.

After this i pretty much followed the linux installation guide of XBMC in their wiki. Roughly the installation is:

• add the correct repositories
• run apt-get update
• run apt-get install xbmc
• configure sound
• configure xbmc
• done.

The setup i had was: Run video through VGA (i have only one HDMI in my current TV), and audio through spdif to my amplifier. This was a fairly easy thing to set up, though the audio was a bit problematic, as i will describe a bit later.

Connecting the VGA got me a good picture right away with native resolution (1366×768), whereas through the HDMI it got detected as 1280×720, which is incorrect. And the picture wasn’t scaling correctly either, so i figure i would have needed to add some modelines to my xorg.conf. More about this later when i get my new Tv and hook up using HDMI.

About the audio

Getting audio to work was a bit problematic. In XBMC go to System -> Settings -> System, and then to the audio output tab. There, you need to check that you have your amplifier or TV set to support DTS and AC3 audio (if it does), and that you are outputting digital audio. For me, i had to set the audio output device to custom, and the device to plug:dmixer, and the passthrough device to IEC958 to get everything working. Changes to your .asoundrc in your profile root was also necessary, to make it understand the plug:dmixer device.

If you don’t make the above changes, you will find that only surround movies (DTS and the likes) will work. The rest, say shittier mp3 audio movies will not play anything, or even display a “incorrect audio device” message. Which is odd, because you kind of expect it to be the other way around, that the complicated DTS and other encoded sound would not work.

First off, find out which device you want to be using, by running the command aplay -l in your terminal. Look at the card number, and the device number, and see which output you want. In my case, it was the spdif, which was card 0, device 1. In alsa speak, this equals hw0,1

The contents of my .asoundrc file, which is placed in the root of my profile is as follows:

pcm.dmixer {
    type dmix
    ipc_key 1024
    slave {
        pcm "hw:0,1"
        period_time 0
        period_size 1024
        buffer_size 8192
        #periods 128
        #rate 44100
        rate 48000
     }
     bindings {
        0 0
        1 1
     }
}

The bold line over there is the important one, and the only one you possibly need to change. Save the file, reboot the computer to be sure.

Now sound should work in any media files, regardless of the encoding.

Customizations i used in XBMC was the Rapier skin, basically. I stream media from my other machine through gbit lan, which works fine with any type of media.  I used a standard samba share for this, and no issues have cropped up so far.

I could write a bunch on scraping and other XBMC stuff, but they are so well documented in their wiki that i won’t bother. Just remember, the backspace key takes you back one level, and the c-key gives you the “right-click” context menu on any item (like a movie or folder). That is all.

References:

http://wiki.xbmc.org/?title=XBMC_for_Linux_specific_FAQ#S.2FPDIF_out_for_both_analog_and_digital_audio

http://wiki.xbmc.org/index.php?title=Installing_XBMC_for_Linux

http://wiki.xbmc.org/index.php?title=HOW-TO_install_and_switch_between_skins_in_XBMC

http://xbmc.org/skins/

The build

I got word from Jimm’s Pc-Store that half of my parts had arived. The rest i would buy from Verkkokauppa.com because they had it in stock. I ended up getting a 250 gig hard drive for 39 bucks, simply because the cf solution was not immediately available (not in stock), and it would have cost nearly three times as much. Otherwise the parts list in the first post holds true.

I started by skimming the manuals of the case and the motherboard, and then started taking the case apart to prepare for installation. I had to remove the top cover, obviously, and also add and remove some of the internal cables according to my needs.

All the parts in one pile!

This is what the case looks like on the inside. Note the power supply, or actually just the distribution-point. The powersupply is actually that transformer-brick next to the case there. There is a 24-pin atx, 4pin 12v extra power, cables for floppy, molex, and sata, which are fairly modular, i.e. you can chose not to connect the molex cables if you don’t need them, like me. The case has a rubber-padded spot for the hard drive, on the bottom left in the picture. This should (and did) eliminate most of the vibration caused by the movement. The case also has front panel audio, usb and firewire, as well as a memory card reader. Sadly, the motherboard i got only had one internal usb, so it was a choice between the two front panel usb ports, or the memory card reader. I chose the usb ports, because it’s a handy way to hook up external hard drives and media players. Ofcourse, one can just switch the cable, and use one of the external usb ports to hook up the memory-card reader.

Cables for power and hdd led, as well as the power-switch are also included. Cable management turned out to be a bit hard: the 24-pin atx power cable is very very thick and stiff and needs to be forced down quite a lot to get the top cover back on.

The case, opened

The "Power Supply"

After this, it was time to put in the Asus motherboard, the hard drive, and hook up all the necessary cables. I forgot to take a pic of the innards with all the parts connected, but i’ll do that today. Here’s a picture of the motherboard, pretty handy-looking huh?

The Asus Motherboard

So when everything was connected, it was time to put the case back together, and prepare for installation. The plan is to install Ubuntu 9.10, with XBMC 9.11.  A few more pics of the ready build. Note the fucking awesome blue led, without which, this build would be like, less cool.

Done!

A view from the top

So it’s been a long while since i last wrote anything. So what’s been happening lately. Well, a few things.

Dorsia has been replaced by a “slightly” less powerful machine, namely an old P3 rig. Dorsia is my shell machine that i’ve used to hand out shells to people i know. Nothing really special here, it does the same job as before, but with less overhead. The previous Dorsia machine was a G4p HP Proliant, with dual Xeon’s, so it’s best off doing something else. In this case, something else is installing VMware ESXi on it, and using it as a test bench for numerous virtual machines. It’s better suited for that task. This project is stil pending, but, the server hardware is compatible with ESXi, and i should get on that with P at some point. Our plan is to build a kind of virtual lab environment, where we can have different server operating systems, such as Windows 2003 and 2008, among others, and then run a hostile machine,perhaps with the recently released Backtrack 4 final. As soon as we have time..

I’ve ordered a netbook. So yeah, i became yet another sheep and got myself a netbook. Yes, i’m aware they are very slow etc. etc, but i’m just interested in surfing the web and writing stuff down, and for that, i think it’ll be just fine. The one i got was a Samsung N140, which is a 10″ netbook, with a 1.6GHz Atom 270 processor, 2 gigs of memory, a 320 gig hard drive (5400rpm), and various other parts of lesser interest. There are a few things that are of concern. 1) Is the machine powerful enough to run some flash content? I’m not talking about some multimedia extravaganza, but simply youtube and such? 2) The resolution is small, and i know this. But, it has a VGA out, and where i’ll be using it “proper”, i’ll have an external screen to hook up to it.

Basically, i’m not expecting much, but it’ll be interesting to see how it compares with my previous “netbook”, my Thinkpad X41, which has developed some problems with the battery and charging. This puppy has a 1.6 GHz Centrino,  with 2 gigs of memory. I’ll be running some benchmarks to see how the Atom fares against this 5 year old machine. Should be interesting, as there aren’t a lot of benchmarks that compare older hardware with netbooks, and as M pointed out, there are so many different architechtures; comparison becomes difficult on a larger scale. I’ll be reporting on this as soon as i get the machine, which should be next week.

I’m also trying to find out what the perfect linux distro would be to install on this. I’m taking suggestions, if you have them.

Adobe presented me with an interesting perdicamen this week at work. I was fiddling around with trying to get the Adobe PDF printer working under Windows 7. This proved to be a bitch. After countless hours of testing, i found out that Adobe Acrobat version 7, works just fine under windows 7. This is an old old version, from like 2003, which doesn’t even have support for Vista, let alone Windows 7. Adobe 8, which was used in this particular case, just didn’t work, not even with the latest patches. It installed the printer, but you were unable to use it, as Acrobat claimed the product was unactivated (it worked otherwise just fine, so i think that’s just a bogus error message). Again, version 9, the latest version (patch 9.3 released 14th of January) has official Windows 7 support as of 9.2, and that worked fine from the get go.

So Adobe, why doesn’t version 8 work, when the older technology of version 7 works just fine? You wouldn’t be out to get Windows 7 users to buy Acrobat 9 now would you? Tsk tsk.

Glamorama, the recent book by author Bret Easton Ellis (notably of American Psycho-fame), is what i’m reading next. Hopefully, even today. It was shipped out from Jersey, at play.com last week, so i should be getting it either today or tomorrow.I hope it’s as good as American Psycho! I think i’ll be reading his entire bibliography, since i very much like his topics (glamour,  yuppies, decadence and horror), and his writing style.

Ham radio. Me and B decided we were going to become ham radio operators during the year of 2010. We haven’t started yet, but i’m definately going through with this. I have a few ham friends who i’ll be talking to about where to take the exam and so on. The basic level exam isn’t too hard, plus i was in the signals battalion during my one-year army stint, so this shouldn’t really be a problem by any stretch of the imagination.

You might remember a while back, i posted some entries about using your ATI GPU to do some number-crunching for you. Specifically, Pyrit can be used to break the PMK or Pairwise Master Key of a WPA protected WLAN. Pyrit can use both ATI and NVIDIA cards (plus some others); this entry will deal only with ATI, since i have an ATI Radeon 4850.

Prerequisites

Let’s get started. The platform that i have for doing all this is as follows:

• ATI Radeon HD4850 graphics card (Asus brand, 512 MB memory)
• Gigabyte motherboard with AMD790 chipset
• AMD Phenom II X4 processor
• 4 GB DDR2 memory
• Ubuntu 9.10 64-bit clean installation
• Latest fglrx drivers from ATI, installed using the System -> Administration -> Hardware Drivers
• Kernel is 2.6.31-16

To start out, i installed the following packages (packages are in the ubuntu repositories):

• binutils, build-essential, libssl-dev, python-dev, zlib1g-dev, libzlcore-dev

There shouldn’t be other dependencies, but do download anything that apt suggests with the aforementioned packages. After this, you need to install the ATI-stream packages, which is split into two parts: Atical and Atibrook. The files can be downloaded from ATI’s site, but installation may be tricky. I used alien to convert the .rpm packages to .deb packages, which worked somewhat well. I’m not brave enough to distribute the .deb’s i made on this site, as i never heard anything from ATI when i asked about this. Sufficed to say it can be done and wasn’t too hard, since i managed.

After this you can go two ways. Either install the stable 0.2.4 packages of Pyrit, or go the SVN route, and get the very latest builds (revision 193 or 0.2.5-dev at the time of writing). In either case, the process is the same, but the SVN is always the “latest”, which doesn’t necessarily translate to “most stable” or even “working”. I tried SVN, because i had an issue (which later turned out not to be Pyrit’s fault, more on this later).

The SVN-way:

Install a svn client by doing:

sudo apt-get install subversion

Go to your home directory, or other location where you have write privileges. Run the following command:

svn checkout http://pyrit.googlecode.com/svn/trunk/ pyrit_svn

It will create a directory called pyrit_svn where you are, and download the latest source-code. To update this later, run:

svn update

You will end up with a directory-tree that contains everything in the pyrit project. The ones we are interested in now are the directories called pyrit and cpyrit_stream.

From here on the instructions continue the same way, whether you got the SVN or the stable code.

Compiling Pyrit

If you downloaded the packages, open them up and place them for instance in your home directory. First, enter the directory called pyrit and run the following command:

python setup.py build

If that succeeds, and you don’t see any errors (it should be pretty quick), type in the following command:

sudo python setup.py install

You should also get no errors from this before moving on.

Compiling cpyrit_stream

Now we’re compiling the ATI Stream component of Pyrit (as opposed to CUDA for Nvidia cards). Go back to the directory you unpacked the stream files (or the pyrit_svn directory if you downloaded that), and enter the cpyrit_stream directory. Run the same commands as you did with Pyrit main, i.e python setup.py build and then sudo python setup.py install.

Note! You will probably hit a glitch here, as i have done every single time i’ve compiled Pyrit. These are known issues, which are adressed in the following way:

You’ll get an error that says something about:

/usr/local/atibrook/sdk/include/brook/CPU/brtvector.hpp:190: explicit template specialization cannot have a storage class

There’s an error in two files (with the latest version of Linux Kernel/ATI drivers, i’m not a developer so i can’t say what changed, but these changes were necessary) that need to be corrected before you can compile cpyrit_stream.

You need to locate and open the following file: /usr/local/atibrook/sdk/include/brook/CPU/brtvector.hpp

Inside this file, find the following line: #define SPECIALGETAT(TYP) template <> static TYP GetAt (const TYP& in,int i) {return in;}

From this line, remove the word static. Save and close the file. Do this as sudo, because atistram is installed somewhere where you probably don’t have write permission.

From the same directory, open as sudo the file brtarray.hpp, and in the beginning of the file, find the line or lines that start with include, and add the following there:

#include cstdio (with cstdio inside < these > characters)

Save and close the file. cpyrit_stream should now compile perfectly. If you have doubts, replace the word build with clean, and then start the compilation again.

After this, add the following lines to your .bashrc .bash_profile .profile file (s). I frankly don’t know which of them is the effective one, but the idea is to load this when you load your profile. We want to add a few variables so that Pyrit can execute the ATI stream code successfully.

export LD_LIBRARY_PATH=/usr/local/atibrook/sdk/lib:/usr/local/atical/utilities/lib64:$LD_LIBRARY_PATH
export PATH=/usr/local/atibrook/sdk/bin:$PATH

Additional problems & Testing

You should now have a working Pyrit that can utilize ATI Stream. I ran in to some more problems at this point, but i was able to solve them with the help of the internets.

Next, try seeing of you can locate the GPU using the FindNumDevices which should tell you that you have one device ready, or the number equal to the amount of GPU’s you have. The bin is inside /usr/local/atical/bin/lnx64 in my case, and you can run it with ./FindNumDevices.

Note! At this point i ran in to a segfault, which is caused by the fglrx driver and the PAT option being enabled in the kernel. You can try the command, and see what you get, but if you get a segfault, see the next chapter.

Your output should be like this:

Supported CAL Runtime Version: 1.3.185
Found CAL Runtime Version: 1.4.427
Use -? for help
CAL initialized.
Finding out number of devices :-
Device Count = 1
CAL shutdown successful.

Press enter to exit…

Where the device count is .. what i said before.

If you get this, you are ready to try out Pyrit. Type in pyrit list_cores to see the devices available for calculation use in Pyrit. You should get your processor cores minus one, and your gpu(s).  My output looks like this:

Pyrit 0.2.5-dev (svn r193) (C) 2008, 2009 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3

Connecting to storage… connected

The following cores seem available…
#1:  ‘ATI-Stream device 1′
#2:  ‘CPU-Core (SSE2)’
#3:  ‘CPU-Core (SSE2)’
#4:  ‘CPU-Core (SSE2)’

You can now run pyrit benchmark to see what kind of processing power you are looking at. Refer to the pyrit site for a more complete howto of the program. The benchmark command will give you the amount of PMKs per second that the different cores can do. In my case, the output was something like, 8400 PMKs/s for my Radeon, and around 700 PMKs/s for each of my Phenom cores.

Troubleshooting the Segfault

Starting out according to the instructions on various sites (mainly the Pyrit site), i ran into a segfault with both pyrit list_cores and ./FindNumDevices. It wouldn’t execute at all. Running list_cores as sudo, i didn’t get the segfault, i got my four Phenom Cores  (and no Radeon cores anywhere).

I found exactly one (1) result with google, but that got me in the right direction. It has something to do with a problem between PAT and fglrx, PAT being Page Attribute Table (yeah, i googled that..). To get rid of the problem, pass the nopat option to the kernel at boot. If you haven’t done this before, boot your machine, and when you get to to grub, hit e to edit the commands being run.

Locate the line which has the boot command, and at the end of my line (my line ended with the options quiet nosplash) so i made it quiet nosplash nopat and hit ctrl-x to boot with those commands. You can edit your grub to always start with nopat, but i will not get in to that here.

After this, both ./FindNumDevices and pyrit list_cores ran like a charm and produced the end-result i was looking for, that is, using your GPU to chip away at some pesky PMK.

This is just an expansion and update on the great instruction in Pyrit’s wiki, but other sources were used as well!

What is it with the state of security that i’m seeing around me?

People are using weak passwords, or the same password for everything, and not only that. The people who are supposed to be responsible for security do not discourage or prohibit the use of such passwords. Hell, weak passwords are sometimes even encouraged. “Pick something that you’ll remember for sure, as long as it has at least one capital letter”. Then we end up with passwords like “Dog1234″ and then when the obligatory tri-monthly change comes a-knocking, we get “Cat1234″, because of poor user education and poor (or non-existant) complexity rules.

If we have something like full-disk encryption, chances are it’s synchronized with windows, using a single sign-on. Or then it’s a PIN code or something that’s way too easy to guess or deduce.

Security is just simply abhorent everywhere i look. And i’m not sure how to start changing it. Other people are making the policies, i can only offer suggestions, and complement users on good choices (and i’ve seen some of those too!). I’m more for positive feedback, but sometimes i just want to scream. It’s like nobody cares that a fucking VPN password only has single factor authentication, and the password is like December2009.

“But it has numbers and a capital letter in it!”

Forskningsavdelningen means “Research Department” in English.

A Swedish hackerspace, located in the south-western part of Sweden in Malmö, was raided recently. The reason for the raid was said to be an un-licenced party being held at the premise, and suspicion of alcohol being served to minors.

Nothing strange here, the laws on alcohol are usually in place for a good reason.

But why the police came in with Computer Forensics analysts is another issue entirely. Are they qualified to deal with minors on a drinking binge? Or maybe they were there to sieze interesting equipment housed there? Among the seized items are wireless routers and antennae.

So far they have received no clear documents as to what crimes they may or may not have commited. There is a suspicion of “preparations for unauthorized computer access”, based apparently on the nature of the equipment found in the premise. Also found were two old machines for copying keys, and other lock-picking paraphenelia. Which, as i understand, are not illegal, as long as it is a hobby and not used to break in to anywhere. But i am not a lawyer so. They do mention in one of their posts that owning machinery for the copying of your own keys is perfectly legal.

Also, there were two other parties going on in the same block, which were not raided (probably because there were no computers there….)

This is a disturbing thing, really, because this could lead the way to other such raids, where a minor supposed crime is used as the way to get a search warrant, and then “oh, look, computers. And we just happened to have our computer experts from the FBI with us, how lucky!”. I’m just hoping that they don’t bring that to Finland, or instate rules such as “sneak and peek”-warrants, which would allow law enforcement to enter my house without my permission or presence and “look around for evidence”.

Paranoia 101.

Link to the page of the hackerspace, in Swedish. http://forskningsavd.se

Many of you may have heard about the new Matkakortti, being rolled out as of last week (10.11.2009). Ads for the new card have appeared all over the place, and urge people to change the card during their next re-charge. The new card has a nice flashy green graphic printed on it, no doubt to reflect the new eco-features of the card.

So what changes? According to YTV, the previous blue cards have reached the end of their life-cycle. “As with credit- and debit-cards, the cards have to be changed out every few years”. Also, the new cards are now ISO 14443A compliant (specifications for RFID cards). I have a funny feeling the last cards were compliant as well, but there’s no data on this. They were made by Mifare as well (as the new cards), so i think they were compliant.

The color of the card changes, but also, the type chages. The old cards were MIFARE classic. This is a card that has a 48-bit encryption key, that is seeded based on the “start-date” of the card, i.e. when it was first turned on. This system has been broken multiple times. To give you an idea of how easy it is, it takes about 12 seconds on a standard laptop computer to break the built-in Crypto-1 encryption scheme.

The cards are ASIC based, and have a very limited storage space. There are 1K and 4K versions of the card, and accounting for read-only data put in by the manufacturer, the de-facto storage space of these cards was 752 bytes and 3440 bytes respectively. That’s a whole lot already!

The new cards are based on later revisions of MIFARE technology. There are two basic types that will be rolled out now (the specific models are not listed, but i’m going to find out one way or another):

• MIFARE DESfire. This is the regular “multiple use” card that most of us use every day. More on this later.
• MIFARE Ultralight. This is the “use once” tourist card, which can be charged once, and then thrown away after use.

DESfire is a new card type that MIFARE came out with in 2002. There is an EV1 (evolution 1) version of the card, which was released in 2006 and offers more options and better crypto. Which system is used here, i’m not sure as i said, but i’ll find out. This is an entirely new card compared to the old stupid cards. They sport a real NXP made microprocessor, and more memory. There are 2, 4 and 8KB versions of the card. They come with a propietary DESfire operating system, which uses a real directory/file structure in the storage space. The crypto is upgraded from “Crypto-1″, using a 48bit key, to a minimum triple-DES, i.e. 3×56bits keylength, and up to a 128-bit AES in the EV1 variant. The NXP microprocessor is 8051 based, and has separate hardware crypto-accelerators for both AES and 3DES, which makes the crypto transactions even faster than before.

Ultralight is the use-once version of the cards. Cheaper to manufacture, it’s apparently made out of some kind of thick paper. There are also two versions of this card, the  Ultralight, and the  Ultralight C, which are from 2001 and 2008 respectively. The plain-jane version offers no crypto at all, and 512 bits (64 bytes) of memory. The C variant offers crypto, more storage-space, and ISO 14443 compliance. It is highly likely, that the version being rolled out is the C version, because it has features that make it suitable for mass transportation (i.e. abrasion resistance and crypto).

So why are the cards being changed for real? I’ll offer a few guesses. One, is that the new cards are cheaper. That’s a big thing when it comes to public transport and anything government funded. The Apollo astronauts reminded each other that they are going to the moon in a craft built by the company that made the cheapest offer. I’m not saying cheap is bad in this case though.

The new cards are also more ecological. Also a big thing in government projects, and easier to sell to consumers. The cards are either made out of bio-degradable plastic, or paper.

All methods of public transport will be fitted with GPS. Some already have it (trains, trams and some busses), but i suppose they’ll be rolling this out to every damn thing. This makes tracking not only the vehicle easy, but also tracking you. They can stamp your card with exactly the stop you got on. Where you got off is another matter entirely, but in any case. The bus and the reader knows where you are, and when you get on, the card will retain this information, along with personally identifiable information. This information is said not to be readable by regular kiosks and other recharge outlets, but only by ticket inspectors or law enforcement “should the legal need arise”. In any case, the expanded memory and processing capability, plus the new crypto, make the cards very hard to hack, and capable of storing hoards of information, and not just a “one travel” buffer, which contains your last transit. This of course, is pure speculation on my part.

Why replace an already working system? Well, that’s anybody’s guess, and the site they put out doesn’t really give a specific reason. The fact that the new cards are cheaper, is a small issue, when we consider that there are already what.. a million cards in circulation that now all have to be replaced? Expanding the system to new areas? Okay, but why not just expand the current, tried and tested (and broken ) system? The cards are at the end of their lifespan? Why? My card is seven years old and it works just fine. I’ve had it in my pocket, my wallet and god knows where. There are no moving parts, and no exposed chips, as with regular smart cards. The exposed components tend to wear out and that is a good reason to change your card. But it doesn’t apply to the Matkakortti. Sure, if you bend the card, it’ll snap, but i bet the new cards are just the same.

I also have a hard time believing that standards compliance is a reason for the overhaul. The old cards are based on the same basic technology, i.e. RFID, which should in itself adhere to ISO 14443. If it didn’t, okay, but adhering to standards isn’t a benefit for the consumer in this case. Everyone is forced to either use the cards, or pay each trip with cash, which leaves little options. The standard defines how well the card should withstand physical abuse, but again, i stress that my card is still working after seven years. Abuse-resistance was not an issue with the old cards either.

So the Fox Mulder in me deduces that this is just a way to track us even more closely. The hacking of cards wasn’t an issue in Finland, at least not that i heard of, but with the new cards, this becomes practically impossible, unless there are vulnerabilities in the implementation of the crypto, or predictability in the key-generation (or exchange) as with the previous system. This removes any chance of an “open and fair” system, meaning that i can’t buy a MIFARE reader, and dig out the data that they have store on me personally, on the card. I’m not even looking for free travel or some such shit, i just want to know how the system stores and uses my data.

I’ll be following up on this as i get my hands on the new card. I’ll be retaining a few of the older cards, just to make comparisons, should such an opportunity arise. I’m still in the market for a MIFARE reader, but i haven’t gotten off my lazy ass and bought one yet.

Source to my rambles are:

http://en.wikipedia.org/wiki/MIFARE

http://www.matkakortti.net

A client was generous enough to donate me an old laptop to play with. It’s a Compaq EVO N610C. You may remember if from about 8 years ago, or so? It’s got that silver wlan antenna thingy behind the screen?

Yeah. That one.

Anyway, it’s a nice piece of work despite being old. It’s a very first generation pentium 4 mobile, which means it eats battery like a kid eats cookies. 512MB ram, 40 gig hard drive. Old, but works fine. Put Xubuntu 9.10 on it, XFCE works just fine, and plays DVDs too. 14″ screen.

I’m gonna be playing around with the wireless some more, since it has a good atheros chipset, and a proper antenna (with a ready plug for an even bigger external antenna). I’m thinking this might become my wardriving laptop, or something in that order.

So, i have been having some trouble with my Nebula line. About a month ago, something odd happened, and my line dropped, only to reconnect at about half the speed that it used to be. I called them, they fix something and the speed improves marginally, but i have had no explanation as to why this happened. If i change nothing, how can the speed drop?

According to their technicians, the line should handshake at 18/2.5 mbit/s, but i’m getting about 10/2 mbit/s. So anyway, i said, okay, the upstream improved to about what they said it should be, and the downstream isn’t that important to me anyway. That ticket was closed.. only to be re-opened a few weeks later, when i started having unexpected packet loss. It’s a copper connection so there’s really no reason to have packet loss, especially in this day and age. Not unheard of though, with bad lines etc, so i called Nebula again.

They’ve made a number of suggestions, such as “faulty wiring” (changed), “faulty modem” (also changed, more on this later), to “a bad copper pair to my apartment from the building phone board”.

So far i’ve ruled out cables. Nothing has changed there, but none the less, i swithced all cables that i could. No change. I changed the modem now, from a 2 year-old Linksys WAG200G, to a Telewell TW-EA501 (provided by B, thanks). So the Telehell connects at about 9/2mbit so the speed is worse still. I’ve now had it in for about a day, and i’m gonna keep testing it, to see if the problem returns.

If it does, then it’s something with the damn line, and they are going to have to do something about it. The speed.. well, i know the modem affects the speed a bit, but how can i get such varying results? All modems have had their firmware updated, and i have no long extension cords for the phone line, nothing like that. If the copper pair is crap, then i guess i’m fucked (and have to wait for the “mandatory” fiber connection no later than 2015).

This has caused unnecessary downtime for my server, Agamemnon. The gods don’t look favorably on this.

So, i got the recently (1.10.09) released Beta of Ubuntu 9.10, and i’m happy to report that the propietary drivers for ATI work fine now, so you can get 3D acceleration. Screenshot below.

If i read this correctly, it works.