December 14th, 2011
October 27th, 2011

The Blackberry

For the last few years, I have been a very enthusiastic Blackberry user. Instant email and the strong end-to-end encryption of peer services, together with the rather brilliant keyboard, made it always my device of choice. RIM, had been falling behind horribly on the software quality of all other functions. The browser has been a piece of crap, the touch devices were so-so, and they seem to have trouble making choices. Yes they make a pad (yawn), but it only works in combination with a phone. Yes they have touch, but also a slide out keyboard. Still. I like my curve. The final straw that is breaking the camels back is NOT the frustrating 3 days outage this month, even if it didn’t help. What is is RIM now choosing Microsoft for it’s cloud services. So. I will “sit out” my contract, and then it will be goodbye and so long, my faithful little blackberry; you have served me well and thank you for that. I will switch to Android in a couple of months.

October 24th, 2011

The owl

OK, I do know an owl is NOT a ptarmigan. Still…. David send me this insane timelapsed owl landing video. How is that for a “dynamic aerofoil” GG? I couldn’t help hearing rubber screeching on asphalt. Not embeddable but here is a link to the mp4 and the poster.

 

October 20th, 2011

The World Grid

I reinstalled (now under Ubuntu) a program to donate my spare CPU cycles to the World Community Grid. Right now it is chewing away on a 9 hour workload for the Human Proteome Folding project, after which it will start working on HelpConquer Cancer and FightAids. Assuming I am not in reality decrypting encrypted traffic for the CIA, I think it is a great plan to donate more or less wasted computer cycles to computer hungry research projects in the “Humanity” category. Yes I also donated to SETI long ago. Anyone to join in a “Ptarmigan” team? I will set one up if there are 4 participants.

September 3rd, 2011

The certificate collapse

I know this is tech stuff, but it is tech stuff affecting us all, as it connectsthe largest internet company in the worls, my little country and axis-of-evil-Iran. And you all know I love connections :)

Short story, highly simplified and for arguments sake untruely only applied to “websites”: This week, the trusted third party “Diginotar”, which issues SSL certificates was proven to be hacked by Iranian hackers. They were able to issue themselves a valid *.google.com certificate, enabling (Iranian AND others of course) governmental men-in-the-middles to eavesdrop on i.e. gmail, without anyone being able to even detect it. Diginotar also issues certificates for next to all governmental services inclusing social security, tax office, drivers licence office, municipal services, etcetera. Furthermore certificates for tor, for the add-on site of Mozilla and god knows what else.

Long story, still not entirely correct to keep it reasonably readable. A certificate is a rather smart digital “seal” that is issued by a trusted third party (TTP) and installed in a website (again simplified, it can in essence be used for all sorts of electronic communications). The TTP issues these certificates from a sort of “mother” certificate. Browsers on the other hand, have a clever way to prove the certificate from the website the user visits is actually derived from the “mother”. Browsers issue a security warning to the user if a website uses a certfiicate that is NOT derived from a well known set of trusted mothers. Now, if a TTP runs a flawless operation, keeps the known mothers entirely safe and actually check if the requester of a certificate (say: me) is requesting a certificate for a valid host for me (say: this website [valid], google.com [most definately NOT valid]), we have an unbreakable trust triangle. TTP trusts the website owner, the user (read: the browser makers) trusts whatever the TTP’s of this world say they can trust. There are around 650 TTP’s in this world, and a few dozens of trusted “mother” certificates.

A well known trusted “mother” is “Staat der Nederlanden Root CA”, which is THE root of my country! A derived “daughter” is “DigiNotar PKIoverheid CA Overheid en Bedrijven”. This root is used by a lot of governmental websites AND commercial companies and has been compromised. The hackers have created various certificates, including one for *.google.com, and various others that are considered “high profile. Browsers, until now, have trusted this false certificate. Several browser makers have started banning this certificate, and last night, the equivalent of the home office secretary, decided to revoke said daughter certificate. By the time you read this, all website using Diginotar’s certificate will be deemed “unsafe”. Oopsie. And the worst part is of course people believing they were using a safe, encrypted, untappable gmail account being secretly spied upon (and you can bet this has been done).

Diginotar’s damage control has been horrendous. Basically they have kept things under the rug when discovered, and they didn’t even file a complaint at the Justice department. That could even been regarded as willful negligence.

Update: oh my, too much, too much (see this list)

Update: Here is the published list of compromised (read: Diginotar certified) certificates. Brace:

CN=*.10million.org
CN=*.JanamFadayeRahbar.com
CN=*.RamzShekaneBozorg.com
CN=*.SahebeDonyayeDigital.com
CN=*.android.com
CN=*.aol.com
CN=*.azadegi.com
CN=*.balatarin.com
CN=*.comodo.com
CN=*.digicert.com
CN=*.globalsign.com
CN=*.google.com
CN=*.microsoft.com
CN=*.mossad.gov.il
CN=*.mozilla.org
CN=*.skype.com
CN=*.startssl.com
CN=*.thawte.com
CN=*.torproject.org
CN=*.walla.co.il
CN=*.windowsupdate.com
CN=*.wordpress.com
CN=Comodo Root CA
CN=CyberTrust Root CA
CN=DigiCert Root CA
CN=Equifax Root CA
CN=GlobalSign Root CA
CN=Thawte Root CA
CN=VeriSign Root CA
CN=addons.mozilla.org
CN=azadegi.com
CN=friends.walla.co.il
CN=login.live.com
CN=login.yahoo.com
CN=my.screenname.aol.com
CN=secure.logmein.com
CN=twitter.com
CN=wordpress.com
CN=www.10million.org
CN=www.Equifax.com
CN=www.balatarin.com
CN=www.cia.gov
CN=www.cybertrust.com
CN=www.facebook.com
CN=www.globalsign.com
CN=www.google.com
CN=www.hamdami.com
CN=www.mossad.gov.il
CN=www.sis.gov.uk
CN=www.update.microsoft.com

July 22nd, 2011
May 18th, 2011

The crash of AF 447

You have all read this in the papers. About a month ago the debris of AF 477 was found on the bottom of the Atlantic, after almost two years of its rather mysterious crash. Last week the Flight Data Recorder and the Cockpit Voice Recorder were found, retrieved, brought to the BEA in Paris (read; French NTSB) and read out. Last Monday there was a short press statement saying all data on both recorders was successfully retrieved (50 hours of flight parameters, 2 hours of cockpit conversations). I can tell you a lot of people were holding their breath last week. Would the recorders be found? Would they be in one piece? Would they be salvageable? And then: would they still have and give up their data, after a violent crash and 2 years in 3 kilometers deep salt water. They did. We will know what happened. And we will learn from that and make air travel a bit safer again. A big BIG thumbs up to the French government, Air France, the BEA and Woods Hole Oceanographic Institute for their relentless efforts to find the recorders, and to Honeywell for making them so incredibly strong and reliable.

OK, so that was old news (will not go into the question of retrieving the bodies or not). Then, French newspaper Figaro stated “sources close to the investigation stated that the preliminary analysis of the recorders exonerated Airbus”, implying it was a sole act of the pilots or an act of the Gods thing. Speculation immediately went into fifth gear. They were asleep. There was only one pilot in the cockpit when all the bells went off and he panicked, not hearing the gong to open the cockpit door. They incidentally locked themselves out of the cockpit etcetera, etcetera. Oh and of course this information was probably leaked by Airbus, following an agenda to push away the blame they obviously have.

The BEA was the first to respond there was no thing and also marked the entire affair as highly disrespectful to the (228) victims and families.

So what did happen? It was in fact this statement, from indeed Airbus, to its customers:

FROM : AIRBUS PRODUCT SAFETY DEPARTMENT TOULOUSE

ACCIDENT INFORMATION TELEX – ACCIDENT INFORMATION TELEX
SUBJECT: AF447 ACCIDENT INTO THE ATLANTIC OCEAN
OUR REF: AF447 AIT 7 dated May 16th 2011
PREVIOUS REF:

- Ref 1: AF447 AIT 1 dated June 1st 2009
- Ref 2: AF447 AIT 2 dated June 4th 2009
- Ref 3: AF447 AIT 3 dated June 8th 2009
- Ref 4: AF447 AIT 4 dated July 2nd 2009
- Ref 5: AF447 AIT 5 dated July 30th 2009
- Ref 6: AF447 AIT 6 dated April 03rd 2011

This AIT is an update of the previous AIT 6 concerning the AF447 accident which occurred over the Atlantic Ocean on June 1st, 2009.

It has been approved for release by the French BEA who lead the investigation as per European Regulation and ICAO Annex 13 International Recommendations.

Following underwater search campaigns and subsequent operations, the Digital Flight Data Recorder (DFDR) and Cockpit Voice Recorder (CVR) were recovered. Data extraction of both recorders have been performed at the BEA facilities in the presence of two German investigators from BFU, an American investigator from NTSB, two British investigators from AAIB and two Brazilian investigators from CENIPA, as well as an officer from the French judicial police and a court expert.

Data from DFDR and CVR have been successfully downloaded.

At this stage of the preliminary analysis of DFDR Airbus has no immediate recommendation to raise to operators.
Further update will be provided as soon as new significant information becomes available or as soon as Airbus will be authorized to share more information in compliance with investigation rules.

Yannick Malinge
Senior Vice President
Chief Product Safety Officer
Airbus

Read: “We know you are all eager to know if there are issues with our product. We informed you 6 times earlier, including recommendations. The recorder readout did not raise any immediate issues that you should know about with the aircraft. But we will keep you, who after all are flying the plane, closely in the loop.” As would (and do) all OEM’s. And these statements are always approved by the investigation authorities.

Now that is slightly different eh? Going from “…Airbus has no immediate recommendation to raise to operators…” to “Airbus totally exonerated…”. The media. Gotta love em.

Disclaimer: While I love all airplanes and think all OEM’s make the most incredible and often also beautiful machines, I am a mild Airbus fan.

Update: a BEA note describing what they found it is neither an interim report, not an analysis. Scary shit.икони

May 18th, 2011

The spreadsheet

Holy crap. Google’s web based spreadsheet, while absolutely brilliant in terms of working together in the same document (I use it very, VERY often, just for that reason), has always lacked serious spreadsheet functionality. Still, new things crept in like programmed background color etc. But today, I opened it and low and behold: Pivot table reports!!!! Man this is getting serious.

May 11th, 2011

Ubuntu 11.04

I updated to Ubuntu 11.04 today (read, it said: “Shall I?” and I answered “Please do”).

While it took a few hours to download, the operation was relatively painless. However, here are a few words of caution.

1) the user interface has changed and I must say it does need some getting used to. The “start” and “running programs” bars have been integrated to one and it is on the LEFT side, floating in and out. And it is not entirely bug free. Nothing major, more in the realm of slightly annoying. Still, I am not convinced it is an improvement, but lets face it, no UI change ever feels like that the first few days.

2) my ATI video driver, while listed as 11.04 (“Nattty”) ready, refuses to install due to unsolved dependencies. That is sooo 2004. No functionality loss by the way, just slower (dual screen works fine).

3) OpenOffice has been replaced by LibreOffice (a fork created because of Oracle’s bad Open Source Community behavior, good decision). That was a no brainer for me personally, as I switched a week ago.

4) RythmBox (the music player) has been replaced by Banshee. I will hold my verdict on that one, but so far, I am not royally impressed, again on really small, but annoying issues.

So far so good! Will keep you posted.

Update april 30th: I decided against the new interface, even if making the icons smaller (did not want to go below 32×32). Easy to change at login. It is rumored the next version (by definition 11.10) will do away with the old interface, but probably the most serious annoyances, including some programs not behaving very well with it will be ironed out.

I think I can live with Banshee. It has a few pluses too. To an extend it replaces Miro, which is kinda cool. **

For me the most exciting news is, and it probably has nothing to do with this release is that Blackberry Desktop finally works in Virtual box. I don’t know when this happened, but this configuration works for me: Virtual Box 4.0.6 r71344, Windows XP running in it (fully updated), Blackberry Desktop 5.0 Bundle 1682. Note that it is required that in Virtual box the support for USB 2.0, called “EHCI” is disabled. This news does not allow me to ditch Windows completely, but it does allow me to ditch Windows 7 native. Yippee!!.

Update May 11th: re-switched to Unity, the new interface. With the video issues 99% ironed out, it is not too bad. No wild enthusiasm, but doable. Had a serious fight with the Wifi interface (basically it being stuck off). But again, here is the imho more interesting part that, again, is kinda unrelated to the upgrade. I used Simple Backup to backup to a USB hard disk, formatted NTSB. I started to get worried a lot as those backups started to fail because what seems to be a writing error on that disk. I made two rather important changes: I moved the disk to ext4 and I switched to Back In Time. Whoa! Now that is one great easy backup program. I am not into Apple, so I have never used the time machine thingy, but this is said to be the same, Ubuntu style. Me likey! (As usual, installing something in Ubuntu is easy as cake: Open software center, type Back In Time, select it, click Install. Done).

May 10th, 2011

The takeover

It was good while it lasted. Skype has been sold to Microsoft. I will start closing my account. Any good advice on the alternatives? My wish list is

  • chat
  • voice (multiparty nice, but not neccesary)
  • video calling (multiparty irrelevant)
  • multi-platform (Ubuntu and Windows needed, blackberry and Apple stuff nice to have)

Will keep you posted.

Update 1: So far: Google talk for chat, audio and video. Empathy chat client for Ubuntu to connect to it and a few other services (it can actually do Facebook, Yahoo and a small dozen other services). It SEEMS native google video (as opposed to through empathy) is a bit better.