Category: technology

The Trojan malware arms race

Geekdinner with Dr. Richard Clayton

So after the London Geekdinner with Doctor Richard Clayton from Cambridge University, (you can watch the videos here 1, 2, 3, q&a or listen to the audio in total here.) I had a little wonder around the net to see what I've been missing out on since I moved to GNU/Linux.

And as expected the battle over adware, spyware and trojans has grown into something extremely serious. A friend at work keeps talking about the problems she has with her windows machine. The things she describes sounds like trojan activity but I can never be sure, so I'm not quite at the point of saying to her reinstall Windows fresh again. (We actually rebuilt her machine over the Christmas period already, because things were so bad she couldn't login). However after hearing about this banking trojan on Security Now recently. I'm reconsidering my advice.

Not only does it Trojan.Silentbanker steal your passwords, but it can perform a man in the middle attack on SSL connections, rendering the secure nature of SSL totally useless. It can also modify HTTP and HTML, meaning when you log into your bank and try and pay your bills it will replace your bill details with ones of the trojans chooses. Yes click that button to transfer funds looks legitmate but it will go to a off shorebank you've never heard of. It can steal cookies, certificates, cache passwords and change your DNS settings on the fly. So type in your banks url and the browser gets sent to a site which looks like the banks site but actually its not. To finish off it automaticlly updates its self and for some reason can install it a midi driver which screws around with your sound. Maybe to play the sound “kuchhing” when you finish that hijacked transation?

Technorati Tags: , , , , , , ,

Comments [Comments]
Trackbacks [0]

eMail problems Fixed

If you have emailed me in the last 2 days, I may not have got it because I'm experiencing email issues at the moment. It should get fixed soon, but right now its best to ping me on one of my gmail addresses. End of public broadcast.

This has been fixed, and it wasn't my host's fault. Actually it was me forgetting to set remove the proxy settings. I wish Thunderbird and Firefox would support global/operating system wide proxy settings as its painful to change it multiple times when connecting to the BBC network.

Comments [Comments]
Trackbacks [0]

Gnome Launchy

Pidgin in Gnome Do

So I've wanted something like quicksilver for a while and I found launchy when I was on Windows but I couldn't find anything for gnu/linux. Till today when I found a few. Gnome-Do, Gnome launch box and Katapult.

I stuck with Gnome-Do because its smooth, the plugin support is pretty good and I love the blog of the developer (see quote later). I do kind of wish for the smaller box style of Launchy instead of the boxes of quicksilver but you can't have it all. Oh it would also be great if the background dimmed a little. You know add a little compiz-fusion power to the whole thing.

On a personal note, I have used Mac OS X, FreeBSD, and Linux exclusively for the last seven years. I don’t use Windows because it lowers my quality of life. I haven’t tried Vista. I recently made the switch from OS X to Ubuntu after realizing that all Steve Jobs wants is for you to shut up and buy a new iPod; don’t you dare criticize his taste or the way he treats third-party developers like dirt. Also, I’m fairly confident that propriety software has no future. Yes, I am aware that proprietary software has a multi-trillion dollar past and present, but this implies nothing about the future.

Nice!

Technorati Tags: , , , , ,

Comments [Comments]
Trackbacks [0]

Point home – a new ui for windows mobile phones

Point Home in action

I installed Point Ui's Home tonight because it was one of those things I've been meaning to do. Anyway, after 2 seconds I was amazed. The user interface design is slick and smooth without being too in your face. They have taken interaction, icons and patterns from the tango project and put them to good use. Everything just works so well, that its hard to explain without a video, And I would shoot one if it wasn't so late. I only wish it was a little more stable and there were controls to change the colours. The blue is a little too blue for my personal tastes. More detail about point home below…

Home's intuitive controls and highly responsive user interface makes using your device a breeze. Here are a few of the key features Home has to offer:

  • Control your device via touch or your thumb with the directional control
  • Smart Lists Navigation ™ with bookmarks allows you to easily locate an item in even the largest lists
  • Choose the slide navigation that suits you
  • One touch access to calls, email, text messages and music
  • Easily see who and when calls were received, made and missed
  • Using the Applet Ribbon ™ you can easily access the time, tasks, appointments, calendar and up to date weather forecasts and current temperatures
  • Easily manage your sound, wireless, battery and device settings
  • Easy create new emails, text messages, multimedia messages, tasks, appointments, documents and spreadsheets
  • Load and switch between running applications effortlessly

Technorati Tags: , , , , , , , , ,

Comments [Comments]
Trackbacks [0]

Traveling in style, wifi and power what more do you need?

Free Wifi on National Express trains

Free Wireless and a plug per seat, National Express trains get a double thumbs up from myself. GNER use to have power in every seat but charged 9.99 for a days worth of Wireless access. National Express took over and dropped the price to zero, awesome. Only problem is that it would seem some ports are blocked and the speed shared across the whole train is close to 1meg at the wireless edge and about 256k of real usage.

Technorati Tags: , , , ,

Comments [Comments]
Trackbacks [0]

The Smartphone…

The Smartphone segment

So over the Christmas period I've been at my parents house and they read the Mirror. I was flicking through the Sunday Mirror's pull out magazine called life and came across six pages of anime about new technology from the Far East. Its a reasonable piece and the illustrations are done by Anime artist Kanako Damerum.

One of the pages talked about the smartphone and showed off the Sharp W-Zero3. Which can scan business cards, includes a 3inch VGA touchscreen and Qwerty keypad. Wifi, 256meg of on board storage and MicroSD expansion. I was a little puzzled, my current phone does all that (I discovered Worldcard Mobile only yesterday). Yes I'm not rocking with a VGA screen (I had planned to get the glofish x850 which does have a vga screen) and the HTC Kaiser is 19mm instead of 17mm but its not far off.

So what I never quite got around to before was the fact that Smartphones are still quite novel in a lot of circles. I pulled out my Kaiser in the pub with some friend during a night out and they were like “what the heck is that? is that a computer or something?” I wasn't do it for effect but I did have it with the keyboard and tilt on (i was answering a couple of texts). I guess add the bluetooth headset blinking in my shirt pocket and they thought I'd gone all futuristic or something. But whats fun about the Windows mobile phones is that HTC make them pretty cheap. So you can get a windows mobile phone for the same price as a LG, Nokia or Motorola. So its not about the phone prices.

Maybe people don't like the complexity of the phone? But I would say the Windows Smartphone platform is no more complex that any other phone. Maybe its the style? Could be on something there, but Ted Baker now have an edition of the HTC Touch, LG Prada anyone and what about the most loved gadget of 2007? The Apple iPhone?

2008 is going to be the year of the Smartphone for sure. There is very little reason not to get one and I'm sure the phone shops will be pushing them harder that ever.

Technorati Tags: , , , , , ,

Comments [Comments]
Trackbacks [0]

I bricked my windows mobile phone

Mobile data?

Mobile laptop data has always been a pain, in my mind it started when the phone companies started making those PCMCIA adapters where you could stick in a GSM/GPRS card. Before that you use to have to dialup via the infrared port or a serial cable. The GSM/GPRS cards would allow you to put in a sim card into the PC card and dialup on your laptop from anywhere. Then Vodafone came out with a 3G data card, others followed suit adding Wireless and even HSDPA (3.5g) to the mix.

But there was a few problems. Each card came with some propitery software, the card themselves were expensive and the data plans attached only suitable for business users. In America on the otherhand all you could get all you can eat data plans based on that weird standard called EVDO for a reasonable rate. Because of this Laptop makers started adding EVDO and other Mobile data options, which made the PC cards a little less important. But the huge break through (in the UK) came when Tmobile (to there credit) dropped there data plan to a all you can eat model. Vodafone and Orange followed soon afterwards. 3 the mobile operator in the UK started offering a cheap usb dongle to there users of mobile data. 10 pounds buys you the dongle and the data for a month. Well I thought this was a good idea and I know a few people are tempted with the offer but I think I found better.

Ok enough history – I bricked my new phone, no not actually killed it so it no long works but more like bricked it so it operates as a wireless modem. I was doing this over bluetooth at the start but for some reason while using the windows mobile internet sharing option the phone wants to be in bluetooth discovery mode too. This quickly kills the battery, so I started plugging it in over USB. Because the phone also charges over USB too, it might as well be like the USB dongle. My Data plan currently is 5 pounds for weekend and evening unlimited data (unlimited meaning 1gig fair use data a month). Orange offer for another 3 pounds a all day everyday option but limited to 30meg a month. This doesn't work for me, as I'm usually around a wireless or wired connection during the daytime. Anyway the point is that mobile laptop data is become cheap and easy. If I can get a windows mobile phone to talk to a linux laptop, then anyone running windows or mac must be able to get theres up and running in minutes. But like before the data rates are better that ever. HSDPA (3.5g) is also pretty impressive, I was getting 400k down and 200k up in a starbucks in central Bristol. I expect in London I might get even more. This makes it a serious contender to the rip off wireless hotspots you find in some hotels and cafes up and down the country. Now if only the mobile operators would sort out international roaming data charges!

Ah I forgot to mention one thing.The bricked nature also comes from WMstorage, which basiclly turns your phone into a mass storage device or usb memory stick. Because I can't use activesync on linux this has been perfect for dragging files back and forth. However its never been reliable till now. So my phone sits there as a mini flashdrive and bluetooth modem but can still receive calls and texts if needed. Next step really is to pass some of that functionality on to my laptop instead.

Technorati Tags: , , , , , , , , , , ,

Comments [Comments]
Trackbacks [0]

Which VPN questions?

So I've been using Hamachi for my VPN for a while now but since switching to Ubuntu, its felt a bit out of place. First of all installing Hamachi is painful – you must compile it, theres no debs or universe repository support. The basic version is command line only and some people have created a couple of gui's including YAHG, Ghamachi and quamachi. But to be honest even with the guis it sometimes doesn't work as expected. For example right now I'm at my parents house on a broadband connection but can only access one of my 3 machines I have acttached to my Hamachi network. Two of the machines before I left for Christmas failed to connect to the Hamachi Medation server for some reason. Another reason why I'm a little down on Hamachi is the propitery nature of it. I know its been looked at deeply but if there was something like Hamachi which was actually open, I would switch.

So I've looked around and come across quite a few technologies like PPTP, Open VPN, IPsec, FreeSwan and OpenSwan. After reading this very long entry, I started understanding some of the VPN technologies a lot better. So it seems to me that PPTP is Microsoft driven and there is a couple of server versions for Linux. PPTP seems to be old and insecure? IPSec seems to be better but not as good as L2TP with IPsec? FreeSwan has forked into OpenSwan and StrongSwan. I still don't understand the whole Open VPN thing, as it seems to be part of everything rather that a complete solution (do correct me if I'm wrong).

So I looked into OpenSwan and StrongSwan and choose OpenSwan because it gets more mentions online and hey it was clearly documentated on the site – apt-get install openswan. I know strongswan is the same but hey i needed to start somewhere and the windowsmobile tutorial seemed straight forward (if someone knows other reasons why I should use strong over open please do say). Anyway as Hamachi is, I restarted the server after installing openswan to find its not quite started up correctly and I can't remember my standard ip address to talk directly to my smoothwall server. So anyone with some good tips for small time VPN usage let me know.

Technorati Tags: , , , , , , ,

Comments [Comments]
Trackbacks [0]

Ubuntu switch: If you ever want to sleep at night…

…don't try and create samba shares on top of NTFS formatted partitions.

Honestly it's been a ongoing problem for the last few months. My first lot of shares just worked on NTFS so I tried to duplicate the setup over other machines including my laptop and my ubuntu home server. Did it ever work? No. So I've finally juggled the data around and formatted all the drives in my ubuntu home server Ext3 (i was tempted with reiser3 but couldn't see the point) and now finally setup the shares. As expected, with some tweaking of my /etc/fstab file its all working correctly.

So hows the rest of my switch going? Well actually pretty well. I've not switched back into Windows for ages now. I actually deleted the virtualised image I had of Windows XP and although Wine is still installed, I have never really used it beyond seeing if particls will launch. Of course it didnt…

I'm now blogging using QTM and found a couple useful applications including Specto and Timevault. Timevault is like Timemachine on Mac OS 10.5 but without all the fancy crap and it can sync to a network drive. Yes this is very important and I realised after talking to Miles that Timemachine doesn't have this feature. Plus realisticlly Timemachine is actually just a app which allows unlimited undos, not really backup. Timevault on the other hand can back up to a local HD, Firewire drive or Network drive making it useful for real backup and with a VPN coonection very powerful.

My standby problems on my laptop are under control. I have a script which I can active via Natuitus Scripts to shutdown Gnome's Power manager control. Once the Gnome power manager is shutdown, the lid will put the machine to standby no problem. Sometimes I have to watch out because gnome will start the power manager again after a update. I had a problem a while back with my wireless card waking up afterwards but its all sorted now. I've also noticed my battery times have gone up again. Now I'm getting about 3.5 hours out of my 1 year old battery, so I'm not doing too bad. Maybe I'll get another battery later next year as a spare.

Another thing which got fixed recently was my calendaring solution. Now I'm using Google Calendar as a syncing tool between Mozilla lightning and Plaxo. My phone now talks directly to Plaxo and my work outlook calendar.

I'm glad I switched over and my next project is to get rsyncing working well with a couple of cron jobs. So for example my laptop will have the latest podcasts when I pick it up in the mornings. I'll also use it for backups in liu of amanda or bacula. I'm also still using Hamachi for my VPN solution and I'm finding it a pain on Linux, the gui version does crash a bit and the command line gives very little feedback. So I'm thinking about switching to OpenVPN as its got real Linux support and its highly recommended. Lastly I want to switch to Evolution and I need to upgrade my smoothwall server to version 3.0. Who knows a couple more late nights before Christmas and it might happen.

Technorati Tags: , , , , , , , , , , ,

Comments [Comments]
Trackbacks [0]