… if the US is spying on an ally 1 from their embassy in the respective host country, they are spying on and from US soil. Wouldn’t that affect how this should be looked at legally, if there is a need from the US perspective to distinguish between US and foreign citizens and US soil and foreign soil in mass surveillance?!
// Oliver
The United States has done so much through the NSA to save lives in Germany. We have done much more for Germany through the NSA than the German army has done for itself since WWII
said one Peter King, Republican representative from NY, on Fox News.
Leaving aside the obvious semantic glitch in the statement (“than the German army has done for itself since WWII”) that’s a bold statement for the representative of a country that has conducted government-sponsored industrial espionage against Germany for at least approx. 20 years through the NSA. It’d be fun if the irrefutable proof of that came out just now through Edward Snowdens leaked NSA documents:
According to a NSA employee detailed information concerning Enercon was passed on to Kenetech via ECHELON. The aim of the alleged espionage against Enercon was the forwarding of details of Wobben’s generator technology to a US firm.
(quoted from the English Wikipedia article on Enercon)
So either Mr. King is totally deluded, which wouldn’t exactly be unusual for someone blabbering on the slightly biased Republican party pet “news” channel Fox News, or he has adopted the kind of Doublethink and Doublespeak one has come to expect from a society that is moving fast towards a totalitarian state.
Needless to mention that throughout the majority of the time the NSA existed there existed two national states on the territory of Germany. Throughout that time the USA has mostly pursued its imperial interests in Western Germany as the USSR did in Eastern Germany. There were two armies, too.
How much the USA was concerned about the well-being of the majority of Germans at the time, i.e. the West Germans, can be seen by the fact that nukes were stationed in Western Germany and plans were to turn large parts of Germany into nuclear wasteland in case of an invasion from the Eastern block. Not to mention Gladio, an effort lead by the US agency called CIA, another innocent and well-meaning spy club, with the help of good old German Nazis. Hell yeah. German Nazis, if you want the real deal, work with the German Nazis, right? So fuck you very much, Mr. King!
The USA has always pursued its own imperial interests, which right after WWII happened to coincide with West German interests in the competition against the Eastern block. There is no way to sugar-coat it.
And no, I’m not trying to belittle what US soldiers have done for Germany and Europe as a whole in cooperation with soldiers from other countries, including Soviets, in driving out the Nazis. However, history moves on and in the recent past a lot of lies have been unveiled and cast a daunting shadow of doubt on “the land of the free”.
// Oliver
Bin mal wieder in D, also steht Computerwartung an. Ich installiere gerade System und Programme für meine Mutter und stelle fest wie viele der Programme sich nicht an Windows 7 Konventionen halten und bspw. direkt auf C:\ installiert werden wollen und wie viele andere Inkompatibilitäten aufweisen. Glücklicherweise ist Windows 7 x64 gut gerüstet um mit Kompatibilitäts-Shims nachzuhelfen.
Am schlimmsten finde ich Vi2000, welches ansonsten modern daherkommt, aber nicht ohne eine Standardinstallation unter C:\ auskommt.
Auch “toll” wieviele der Programme ohne Signatur daherkommen. Wird schon stimmen, gell? Dafür daß die meisten dieser Programme nicht gerade billig sind, kommen sie schon relativ billig daher.
// Oliver
Just recently I mentioned Clean MX in this blog post and sure enough today I received another automated abuse message from them and relayed to me via Hetzner, my hoster. This time, however, I plan not to be so lenient with Clean MX and instead will seek legal council to end the silly automated abuse messages which result in direct inconveniences with attached deadlines for me. Hopefully an injunction will be a viable option. A lengthy email exchange about thirty months ago 1 shows mostly their ignorance in the light of hard facts and their lack of expertise when it comes to malware.
// Oliver
In the past software I wrote ended up in detection of anti-malware programs, more traditionally known under the term antivirus (AV) programs 1. As you may or may not know I work for an AV vendor and as such I sit on both sides of the table when it comes to false positives. These wrong detections have been a problem for me and software I wrote before I joined my previous employer (vendor of an anti-spyware) and my current employer.
At the VB 2013 conference in Berlin this year, which my superiors allowed me to attend, Mark Kennedy of Symantec and Igor Muttik of McAfee presented a project called CMX or CMX-IEEE, for Clean file Meta-data eXchange. Although I see a few minor flaws and there are things they left to wish for 2, the overall idea sounds quite good. You can find their Blackhat papers from this year here.
Hey, hello! Yes, that was me. The guy who asked after your VB presentation how you are going to vet the vendors allowed to submit clean files. The answer was the precursor to another rather disappointing answer later. For starters only big vendors such as Microsoft, Google and so on would be allowed to submit files at all. Alright, not too bad if that’s just at the beginning and smaller vendors will be allowed in later.
However, when I asked Mark after the session outside he made clear that there was no intention to consider FLOSS projects or the likes. Which is very disappointing indeed. Not only are we in the anti-malware industry really bad at spreading the word about files that turned out to be false positives and are then taken out of detection by a single vendor. Unlike with detections themselves that spread like wildfire. If you have a program and it’s deemed malicious it takes a tremendous effort to get it unlisted. Most of the time I don’t even bother contacting the smaller vendors. So while it is easy to end up in the detection of lots and lots of vendors without any wrongdoing, it takes a lot of work and time to get unlisted. If you volunteer your time already to work on and maintain a project, this really drains all motivation and enthusiasm you have – and quickly. Having a mechanism that more or less ensures that you have done everything humanly possible that your FLOSS program doesn’t end up in detection would be just brilliant.
In the past I’ve had similar experiences with website reputation providers that put me on a blacklist based on some false positive detections on VirusTotal. The nastiest part is that the other side generally can automate most if not all of this procedure, but getting it fixed takes manual intervention and time and concentration on part of the “victim” of the false positive. If you have a technically incompetent bigmouth on the other end, this becomes a really tiring process.
Also, the recent kerfuffle with WinDirStat has taught me that AV vendors at large aren’t always swift in adding detections of real threats. I took the time to look up the contacts and then contact dozens of AV companies and only a few of them replied. Only two or three responded in a manual fashion.
So in conclusion: small vendors and freeware, shareware and FLOSS authors will have no mechanism for preventing their software from being taken into detection and the only ones that benefit are the big guys in the “business”. Sad …
// Oliver
PS: This is my personal opinion and not that of my employer. Just to make sure that people who can’t distinguish my private domain from the ones my employer has 😉
… für die entlarvende Wortwahl. “Merkels Machtoptionen” … lustitsch. Alle Macht geht also vom Volke aus in einer Demokratie.
Wenn dann gleich im Anschluß Herr Weidenfeld, pardon Professor Weidenfeld, darüber lamentiert, daß der Wähler die große Koalition bevorzuge, kommt mir schon das kalte Kotzen. Wie jetzt? Derjenige der beide Stimmen der CDU gab, hat also die große Koalition gewählt, ebenso jener der sie der SPD gab. Ach ja und die Wähler der anderen Parteien natürlich auch. Gell?
In Zeiten in denen 41,5% (lt. vorläufigem Endergebnis) fünf (Bundestags-)Stimmen von der absoluten Mehrheit entfernt ist, sprich: unter 50% der abgegebenen Gesamtstimmen für eine absolute Stimmenmehrheit im Parlament ausreichen, sollten sich solche Elfenbeinturmbewohner vielleicht dorthin zurückbegeben wo sie hingehören anstatt uns mit ihrer Glaskugel in einer Liveschalte in den Abendnachrichten den Wählerwillen wahrsagen zu wollen.
// Oliver
Da in letzter Zeit die Nichtwähler in einer geradezu als Glaubenskrieg geführten Debatte immer mehr angegriffen werden, kann ich nicht umhin ein paar meiner Gründe nicht zu wählen und ein paar Antworten auf die so schlaumeierisch gegebenen provokativen “Argumente” zu geben, warum man doch geradezu wählen müsse. In der Vergangenheit war ich zumeist wählen und habe auch ein paarmal ungültig gewählt.
Continue reading
Ja leckt mich doch am Bürzel, ihr Schänder der Muttersprache. Man muß ja wohl nicht jeden bescheuerten Anglizismus wortwörtlich übernehmen, gell Heise? Und heute verzückt das heute-Journal uns mit “der größten Schiffsbergung aller Zeiten”. Wenn dann in zwanzig Jahren eine noch größere folgt, wird sich sicher irgendjemand die Mühe machen und per Zeitmaschine zurückreisen um den Dummfug zu korrigieren?
*grrrrrr* 😕
// Oliver
Nach nur reichlich zwei Monaten hat mich gestern folgende abschlägige Antwort erreicht:
Sehr geehrter Herr Schneider,
vielen Dank für Ihre Geduld.
Wir entschuldigen uns für die lange Bearbeitungszeit.
Selbstverständliche ist es möglich den gesamten E-Mail Speicher Ihres GMX Postfachs vollständig auszunutzen.
Wir bitten allerdings für Ihr Verständnis, dass die Speicherung einer unbegrenzten Anzahl von E-Mails nicht möglich ist.
Mit freundlichen Grüßen
NAME
Technischer GMX Kundenservice
Satz drei und vier beinhalten freilich exakt die entgegengesetzte Aussage, aber ich vermute bei dem Supportmitarbeiter handelt es sich ohnehin nur um den Überbringer der Nachricht.
Werde mich dann wohl mal an die Verbraucherzentrale wenden, denn immerhin wirbt GMX mit dem Speicherplatz, der aber eindeutig aufgrund einer beliebigen Beschränkung nicht nutzbar ist.
Ausschnitt aus meiner Antwort:
Immerhin werben Sie mit dem verfügbaren Speicherplatz. Ich werde mich kommende Woche einmal an die Verbraucherzentrale wenden um zu fragen ob denn diese Werbung nicht unlauter ist. Das wäre ja so wie wenn ein Autohersteller mit der Anzahl Liter des Kofferraumvolumens wirbt und dann Beschränkungen einbaut damit nach zwei Koffern Schluß ist, obwohl noch genug Raum wäre.
// Oliver
Follow this link inconspicuously kck.st/15imYX1 
I loved the original. Admittedly I had gotten a copy from a friend who had downloaded it. But not only did I donate right after watching it, I also bought the DVD later. Lesson to filmmakers: make great mind-tickling movies and we’ll buy them (unless you harass us with some Digital Restrictions Monstrosity, aka DRM).
// Oliver
How to remain secure against NSA surveillance
Take it always with a grain of salt, but he is an established expert and he has been openly critical against surveillance in his newsletters.
// Oliver
PS: another comment from Schneier: The US government has betrayed the internet. We need to take it back
Dismantling the surveillance state won’t be easy. Has any country that engaged in mass surveillance of its own citizens voluntarily given up that capability? Has any mass surveillance country avoided becoming totalitarian? Whatever happens, we’re going to be breaking new ground.
It appears that there is no way to sign an RPM package unattended with the default tools. However, expect comes to the rescue. I found two descriptions on other blogs how to do it:
The first one worked flawlessly for me. Thanks to the respective authors for sharing.
// Oliver
… if the USA defines cyber-attacks as acts of war have they then declared war on the rest of the world or how should the actions of the US secret services in “cyberspace” be interpreted? Or is the US taking exception from its own rules? How do they say: “eating your own dog food”?
// Oliver
https://youtu.be/XCoFoKvfc6Y
So on July 15th I went to DHL here in Reykjavík to check what it would cost to send back a defective item received through DHL in the first place. After I was almost through the whole process, I saw what it would cost 17455 ISK 1 and said I would check with the guy who sent the parcel to me whether this amount was okay for him to reimburse me. I never went back to DHL, but I also never signed or paid anything.
Still, today I have a letter in my mailbox: Innheimtuviðvörun (approx. “debtor’s note”). It says they have an open claim against me, yadda yadda yadda.
Well, since I never sent anything nor ever signed anything concerning this parcel, I hardly see why they would have a claim. So I called them and told the nice lady that the claim had no substance and why. She promised to fix it and follow up if it couldn’t be fixed for some reason (i.e. she said: if “you have to pay”).
// Oliver
Update: they dropped the claim.
Ich habe eine handbetriebene Kaffeemühle und da es ein langwieriger und arbeitsaufwendiger Vorgang ist an seinen feingemahlenen Kaffee zu kommen, hatte ich eine Idee. Einfach mal den Akkubohrschrauber oben ans Mahlwerk angestöpselt und geguckt. Der erste Versuch ging etwas in die Hose, da Metallspäne von der Achse des Mahlwerks abgerieben wurden. Beim zweiten Ma(h)l klappte es besser, aber mein Bohrschrauber war zu schwach um auf Touren zu kommen und den anfänglichen Widerstand zu überwinden.
Fazit: es würde funktionieren, wenn …
// Oliver
I have a manual coffee grinder and since it’s a tedious and lengthy process, especially when you want very finely grained coffee, I decided to attach my screw drill to the top and try whether it works. Turns out during the first attempt I was scraping off metal bits from the axis of the grinder. Not cool. The second attempt was more promising, but didn’t work out because the drill wasn’t strong enough to start moving.
So in conclusion I can say: it would work, if … 😉
// Oliver
Where is this going? Will the second amendment of the US constitution help preventing the worst or is it too late? Unpatriotic? … hmm, wait … I have a nice quote by a not so nice person about that (emphasis mine):
Voice or no voice, the people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked, and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same in any country.
Hermann Göring (one of Hitler’s henchmen)
Replace pacifists with whistleblowers and suddenly it fits the current situation. How bizarre, eh?
Here are two interviews conducted by Democracy Now!:
// Oliver
Why did you have to make your browser crappy like the rest of the bunch? Just upgraded to 15.something and lo and behold tab stacking is no more and I am confronted with a sh*tload of tabs whose labels or favicons are invisible. Worse, yet, the pinning option seems to be gone as well.
I’ll probably have to look for a new browser … shame – after fifteen years.
// Oliver
Missing features so far:
A code-signed binary is included in the ZIP archive available here.
All contents are signed using PGP as well, so they can be verified using the following command line (replace gpg for gpg2 depending on your version):
gpg --verify signature.asc premake4.exe premake4.pdb *.patch README.txt
The SHA1 hash of the ZIP archive is c1d8b11f3fe8aa6b21db7d8cf311295973289497.
Hope it helps someone.
// Oliver