Saving the world?

Posted on 2008-07-10 by Oliver

Programs of a new type have been created by different companies recently. The first I am aware of was developed in 2006 and violated the GPL back then. More of them seem to be offered all the time.

These programs claim to save you from malware, just like AVs, only better and also for unknown threats. And indeed the idea is intriguing and I have heard of the first implementation – although more complete than the half-hearted solutions offered now – in 2005. That particular solution would move the Windows kernel into ring 1 and could then supervise it. In fact every process would literally see its own copy of the system. Process separation to the max.
Continue reading

Posted in EN, IT Security, Software, Thoughts | Leave a comment

From the G8 summit we learn …

Posted on 2008-07-09 by Oliver

… that nuclear energy comes to the rescue of the world climate. Even better. If you think thoroughly enough, it comes to the rescue of nature as well. While humans have managed to drive several species to extinction over time, dumping waste that will persist for millenia to come will ensure that through increased mutation (thanks to the radioactivity) the diversity in nature will flourish once again. Whether humankind will still inhabit Earth by then is more than questionable though.

// Oliver

Posted in EN, Thoughts | 2 Comments

GMX “patchen”

Posted on 2008-07-09 by Oliver

Jupp, richtig gehört. GMX hat zwar seit Jahren einen Spamfilter, aber sie haben es nicht geschafft reguläre Ausdrücke zu dokumentieren (scheint aber PCRE zu sein) oder einen Filter vor dem Spamfilter zuzulassen. Filterregeln ja, aber erst nach dem hauseigenen Spamfilter von GMX. Da der leider nicht sonderlich lernfähig ist und das Verschieben in einen anderen Ordner vom “Spamverdacht” aus den GMX-Spamfilter nicht zum Lernen animiert sondern quasi umgeht, wird der GMX-Spamfilter es auch nie begreifen. Dumm nur, daß es keinen Sinn macht, Mails als “Kein Spam” zu markieren da dies automatisch die Mail in den Posteingang verschiebt und eben nicht nochmal durch die Filterregeln laufen läßt. So ist es denn so, daß ich seit Jahren meine Mails von den Mailinglisten NTDEV, NTFSD und WINDBG – über die ich übrigens noch nie Spam erhalten habe – brav aus dem “Spamverdacht” in den vorgesehenen Ordner verschiebe. Ähnliches gilt für Mailinglisten von CVSNT, ReactOS und Security Focus und so weiter und so weiter.
Continue reading

Posted in DE, Gedanken, Software | 4 Comments

Are they allowed to tell the truth like that?

Posted on 2008-07-08 by Oliver

Read and judge yourself: Intellectual Property Regime Stifles Science and Innovation, Nobel Laureates Say.

Posted in EN, Thoughts | Leave a comment

Two years …

Posted on 2008-07-07 by Oliver

The blog exists for two years now. Amazing it’s still active. :mrgreen:

Posted in /dev/null, EN | 2 Comments

DDKWizard demo video

Posted on 2008-07-05 by Oliver

I’ve created and uploaded a little demo clip about how easy it is to create a project with DDKWizard. (Hint: you need Flash enabled.)

If you want a higher quality and higher resolution, try this link! More instructional videos about DDKWizard and DDKBUILD will follow in future, if enough people are watching this one 😉

// Oliver

Posted in DDKWizard/DDKBUILD, EN, Programming | 1 Comment

“Sausage yourself” …

Posted on 2008-07-04 by Oliver

or “Pulsaðu þig” … can you read in places where you can buy the (in)famous Icelandic hotdogs. Creative use of the language.

While we’re at it. Pylsusinnep is called sinnep, i.e. mustard, but it just got some mustard flavour in it. Main ingredients: starch and water. 😯
I say: do not call this mustard!!! :mrgreen:

// Oliver

Posted in EN, Island/Iceland/Ísland | 1 Comment

Coming home late …

Posted on 2008-07-01 by Oliver

This is, what happens if you get home late in Reykajvík during summer. You look at the night sky and think, let’s go down to the sea and take a few pictures. The pictures were taken between about 00:50 to 01:00 local time (2008-07-01).

Note: All photographs are released into the public domain. An attribution would be nice, but is not required.
Anmerkung: Alle Fotos sind gemeinfrei. Nennung des Autors ist erwünscht, aber nicht erforderlich.

01.jpg 02.jpg 03.jpg 04.jpg 05.jpg 06.jpg 07.jpg 08.jpg 09.jpg 10.jpg 11.jpg 12.jpg 13.jpg 14.jpg 15.jpg

I hope you enjoyed the pictures just like I enjoyed the actual view. Feel free to share or spread them as you like. As mentioned above, they are released into the public domain. Of course I am not a professional photographer and my camera is not the best either, but I hope they are likable 😉

// Oliver

PS: If anyone needs the original resolution pictures, drop me a message (contact in the tabs at the top).
PPS: Since the pictures were taken against the backlight, they appear a bit darker than it actually was. But the colors still look vivid as in reality. The pictures of Höfði give you an impression how bright it still was – no flash was used.

Posted in DE, EN, Island/Iceland/Ísland | 8 Comments

Argh … mysqld giving me a hard time

Posted on 2008-06-30 by Oliver

First I killed one server (domU) by having log_bin turned on (and cluttering the disk drive with several GiB of logs), although I do not need replication. Then I ran out of memory with mysqld on the server on which this blog is, so the blog would complain about the lack of communication with the DB. And rightly so. Now I found the magic bullet. I uncommented the line:

skip-bdb

… and now mysqld behaves again. What the heck do I know, why this is enabled by default. Same for the log_bin one on Debian (Etch) as well. Once you comment out the line with log_bin, don’t forget to comment out expire_logs_days, max_binlog_size, binlog_do_db, binlog_ignore_db. Oh, and by no means forget to restart the MySQL daemon. On Debian:

/etc/init.d/mysql restart

// Oliver

Posted in EN, IT Security, Software | Leave a comment

Es hat sich ausgebloggt …

Posted on 2008-06-29 by Oliver

… für Gotts Blog 😉

Posted in DE | 2 Comments

Getting rid of SSH brute forcers

Posted on 2008-06-29 by Oliver

I am usually using different methods in a combination. In the sshd_config I declare AllowGroups with the group ssh-users. This group does never contain root. Furthermore I set PasswordAuthentication no and generally authenticate only by key. Root login is of course not allowed either, except in single-user mode (PermitRootLogin no). Of course root has a different key, which will only be used in emergency cases, i.e. in single-user mode. Martin F. Krafft, author of the Debian book, has a nice recipe for this (note, that there is an erratum on the book’s website). Set this in your /etc/inittab:

sh:S:respawn:/usr/sbin/sshd -Do 'AllowUsers=root'

That will already keep out most attackers since they will try passwords most of the time. However, we can make it a bit harder for them. In order to achieve this, you just need a recent version of iptables. You will need the ipt_recent module of iptables installed as well. There are two programs coming with iptables, which can be used to save and restore the iptables rules. They are aptly named iptables-save and iptables-restore. We’ll use the latter one for our purposes. It allows us to declare rules and have them stored conveniently in a file. I usually call the file something like /etc/firewall.conf, but that’s a matter of taste.
Continue reading

Posted in EN, IT Security, Linux | Leave a comment

Beware the msvcrt.dll

Posted on 2008-06-28 by Oliver

As noted previously, the msvcrt.dll got the state of a system library and is thus included in systems from XP up. On earlier systems you will have to have a particular service pack level or get the redistributable package with the suitable version of msvcrt.dll.

But be careful. I noticed that the build target system will define whether a newer functions in msvcrt.dll will be used. For example functions involved in exception handling. Several of these aren’t available in previous versions of Windows and thus the built binary will really only run on the target and later. Previously it was possible to target binaries for – say – Windows 2003 Server and yet be able to run it on earlier systems.

// Oliver

Posted in DDKWizard/DDKBUILD, EN, Programming | Leave a comment

Version numbers of DDKBUILD.CMD and DDKWizard

Posted on 2008-06-27 by Oliver

I have just finished moving all previous DDKBUILD.CMD and DDKWizard versions under version control – subversion, to be more precise. This means there will be a change of the way how the version number is represented. Currently we have the normal way of saying 7.1, 7.2, 7.3 … 7.10, 7.136 … and so on. Whenever a slight change was made, the changed version wouldn’t change the minor version number, but rather get appended an a, b, c and so on (1.1.2a …). This will change with the next version of these two products. The new version numbers are going to look like this:

7.2/r20 or 1.2.1/r42

The number behind the “r” is the revision number in my SVN repository. Eventually I will even open up the respective repositories – but there are some technicalities I need to resolve first.

// Oliver

PS: Yes, I am working on the new version(s), including considerable updates to the DDKWizard manual.

Posted in DDKWizard/DDKBUILD, EN, Programming | Leave a comment

Prick passing chain – unpleasant questions

Posted on 2008-06-26 by Oliver

… at work or elsewhere, how often have you met those guys who pretend they can do things they don’t even have a clue of?

  • How often did such a person not only lie but hold you ransom by initiating ideas without following up on them? Did you and others have to fix it? How much of your efforts were rewarded? Who got the fame in case of success? Who got the blame in case of failure?
  • How often has the person posed as an expert and how many personal fans does he have?
  • How often has this person changed jobs?
  • How much does that person exaggerate in every single aspect of life?
  • How does the person’s expertise compare to the actual knowledge when caught without prepared presentation and lit projector?
  • How many jet packs does the person own?
  • How many incognito visits from leaders of foreign countries has the person gotten recently? How many visitors came in private jets?
  • How well does that person speak English?
  • How many photo-realistic pictures has the person “rendered” without being able to explain technical details of the process or the result? How much of that was done on the two-graphics-chip machine he got for work?
  • How many books did the person claim to have written? How many of them does your book store have in the catalog? Has he used the name of actual experts to appear more knowledgable?
  • How many truck loads of bananas did the person order?
  • How many nights did the person spend in a hotel room for five thousand dollars a night (and off-topic: were there any hookers included in that price?)?
  • How often was the person CxO/VP of a company? How many of the CxO/VP positions can be found in the CV?
  • How often was the person a grunt worker? How many of those positions appear on the CV?
  • How much of the claims in the CV add up when checked with Google and other search engines?
  • How many companies has the person left out on the CV? How does the CV add up if you add the left out jobs?
  • Does the person like to show off with gadgets or company-financed goodies?
  • Does the person change internet nicknames whenever changing companies?
  • Did the person single-handedly improve the product of the company he worked for according to his and his fans’ accounts?
  • Was the person suspiciously productive when joining the company with all the acquired knowledge from the previous company but soon went out of … aah maybe you aren’t at this point just yet?!
  • Is the person the most important knowledgable expert in your company?
  • Is there something wrong in this previous item?

How much of all this could possibly be true? Does such a person exist?

Chances are, you are wondering whether we think about the same person. It’s a well-known game and it is your turn now. Good luck! You’ll need it …

PS: Never mind the spelling of the subject line, I am not a native speaker.

Posted in EN, Thoughts | 5 Comments

I am told that size doesn’t matter (anymore)!

Posted on 2008-06-25 by Oliver

Chris Wimmer, a fellow programmer, told me in a chat today, that the size of applications doesn’t matter. But I’ll let you decide. However, the program which he wrote is worthwhile regardless of its size. Even more so the library on which it is based.

// Oliver

Posted in IT Security, Programming, Software | 6 Comments

A quick reply

Posted on 2008-06-24 by Oliver

The assertion that I rushed to my decision as it was raised couldn’t be further from the truth. First of all it hasn’t been the first time for me to think about this step and secondly I had several sleepless nights because of struggling with the decision. Maybe you could just respect it and read through my arguments. Feel free to comment on them over there (not here).

// Oliver

Posted in EN, Programming, Thoughts | Comments Off on A quick reply

Giving up on the Delphi community

Posted on 2008-06-24 by Oliver

Hi,

after some sleepless nights and thinking a lot about the pros and cons, I decided to leave the Delphi community. It isn’t clear to me, whether it is the Delphi community that changed so much, or whether it is me, but we don’t match anymore. I want to move on.
Continue reading

Posted in EN, Programming, Thoughts | 12 Comments

Serious development over at ReactOS

Posted on 2008-06-24 by Oliver

Read this:

http://www.reactos.org/pipermail/ros-dev/2008-June/010461.html

and then this:

http://www.reactos.org/pipermail/ros-dev/2008-June/010462.html

Update: nope, you don’t get the impression that James is taken serious.
http://www.reactos.org/pipermail/ros-dev/2008-June/010463.html
… although he is serious about it. But it seems this time ReactOS has been hijacked for good. Take a backup, everyone, now …

// Oliver

Posted in /dev/null, EN | Leave a comment

Mal wieder Versuchskarnickel für GMX

Posted on 2008-06-24 by Oliver

Na schönen Dank auch. Da wird man als zahlender Kunde tatsächlich in einen Betatest für ein Produkt gezwungen, daß – wiedermal – den aktuellen Funktionsumfang von GMX einschränkt, indem es nur Uralt-Browser unterstützt. Statt dies per Opt-In zu machen, darf man sich also folgende Meldung gefallen lassen:

GMX Organizer 2008 Beta

Als Opera-Benutzer wird man halt frech und fröhlich ausgesperrt. Ja, auch das ist eine Methode Kundenzufriedenheit zu erzeugen. Es ist ja schließlich so – wie schon vor Jahren – daß alle Browser in ihrer Kompatibilität derart divergieren, daß man Opera aussperren muß. Klar! Safari mag ich nicht sonderlich; es ist aber auch nicht in der Fehlermeldung erwähnt, also ist es sinnlos überhaupt zu probieren. Dafür werden wenigestens Uraltversionen von Firefox und Internet Explorer unterstützt. Man soll bei GMX ja einen “modernen” Browser benutzen … 😕

Bitte beachten Sie:

  • Ihre Termine haben wir für Sie von Ihrem alten Organizer in den neuen GMX Organizer 2008 Beta übertragen.
  • Der GMX Organizer 2008 Beta setzt den Internet Explorer ab Version 6 bzw. den Firefox Browser ab Version 1.5 und aktiviertes JavaScript voraus.

Meine Termine wurden also schon übertragen. Find ich … scheiße! 👿

// Oliver

Posted in /dev/null, DE, Gedanken | Leave a comment

OpenBSD’s NTPD inside a Debian domU

Posted on 2008-06-23 by Oliver

To get the package openntpd installed was easy, but to get it to work, required some search. In order to have a domU use an independent clock, you have to set a kernel variable. In a running system you do this via the following line:

echo 1 > /proc/sys/xen/independent_wallclock

and to make this setting persistent, add the following line to your /etc/sysctl.conf:

xen.independent_wallclock = 1

Then restart the OpenBSD NTP daemon or install it just after those changes. This will ensure that NTP works properly. Before, I got no complaints from the daemon or in the log files, but the time was off by ~2:10 min … in each and every domU.

// Oliver

PS: all credit goes to Martin at this blog.

Posted in /dev/null, EN, Software | Leave a comment