Search the Site

 

Top
Blog

My Social
Services
Meta
Powered by Squarespace

Entries in Annoying (146)

Thursday
Jan252007

FreeRADIUS

DateThursday, January 25, 2007 at 20:15

Most companies/institutions use Windows clients (Windows 2000, XP), but their backend might be different. There's the Microsoft Active Directory, [cough]Novell eDirectory (former NDS)[/cough], or a more Generic LDAP (like the SUN Directory ONE). The problem with network authentication with the use of Microsoft clients is that the authentication process uses MS-CHAPv2. This is a Microsoft mechanisme for authenticating. This means that the RADIUS server used for authenticating should also be able to authenticate using MS-CHAPv2. The Internet Authentication Service from Microsoft is pretty MS only, so not much of a help with other backends. So there's a need for a RADIUS server which talks to different backends. One option is the great RADIATOR RADIUS server. It's fully customizable, but not for free. Today, I stumbled on FreeRADIUS. This RADIUS server is free (duh), and is also fully customizable. Downside is that you need to compile the software yourself, and the documentation is not that great. Tried to compile/install it on my FreeBSD 'server', but make was missing. So I downloaded make, and installed it, but the install script kept saying that make wasn't installed.... Well I guess that's one of the reasons why Linux won't be adopted by the masses soon. Spent about an hour to fix it, but I just have to give up. Well, time to download a precompiles Win32 version from freeradius.net

Click to read more ...

AuthorWillem | CommentPost a Comment |
in ,
Thursday
Dec282006

Vista and DRM

DateThursday, December 28, 2006 at 13:34

The new and improved security in Microsoft Vista regarding DRM may have (and probably will) have great consequences for the end-user. Peter Gutman published his research on the DRM features in Windows Vista, and his findings are staggering. The biggest concerns are related to hardware certification revocation, and dynamically downscaling quality. Dynamically downscaling qualit means that if Vista plays some DRM enabled media on the PC (HD-DVD, or whatever), all other in and outputs are degraded. This means that your high quality pr0n has a lousy quality, while you're listening to DRM enabled music..... Well that suck, but implications can be huge, as Peter Gutman explained. Furthermore, the revocation of driver certificates. If, somehow, a driver signing certificate gets stolen from a manufacturer, Microsoft has the ability to revoke that particular certificate. This means that the complete install base for that drives becomes totally useless. It could mean that your PC won't be able to boot (and everyone else's) if you have that particular brand of motherboard. What if key public services become useless because of this driver revocation? No more fresh water, traffic lights gone haywire?? Peter also mentiones that the DRM scheme in general is very weak;

Note B: I'll make a prediction at this point that, given that it's trying to do the impossible, the Vista content protection will take less than a day to bypass if the bypass mechanism is something like a driver bug or a simple security hole that applies only to one piece of code (and can therefore be quickly patched), and less than a week to comprehensively bypass in a driver/hardware-independent manner. This doesn't mean it'll be broken the day or week that it appears, but simply that once a sufficiently skilled attacker is motivated to bypass the protection, it'll take them less than a day or a week to do so.
Funny thing is that engadget recently posted an article about a piece of software that claims to remove DRM from HD-DVD movies...... So Peter's thoughts on that weren't that far off :). Personally I think that the entire Music and Movie industry needs to come to their senses, and stop treating every customer as a criminal. But unfortunatelly, I don't think that that's gonna happen soon.

Click to read more ...

AuthorWillem | CommentPost a Comment |
in , ,
Friday
Dec222006

Near death iPod

DateFriday, December 22, 2006 at 11:57

My current iPod (Photo, 20GB) started to give funny noises. If I gently shake it, I hear weird crackling noises from, what I think is, the internal drive. I had the same thing when we were in Tibet last year. That time the entire iPod refused to work permanently. Brought it back to the shop, and it got repaired (or so I was told). No the same thing is happening all over again :( I just hope that the iPod will remain working for the next one or two months, because there might be a full screen video iPod early next year :P So, anyone wanna buy a 20GB Photo iPod (it's little over a year old)?

Click to read more ...

AuthorWillem | CommentPost a Comment |
in , ,
Saturday
Dec022006

Mailserver Crash

DateSaturday, December 2, 2006 at 0:31

Fiddling with my (Windows) mail server ended up in a 'serious' crash. The result was one week of mail down the drain :(. Even though I still had all my mail offline in my Mail.app, there was no way (at least not that I could find) to import it again in the IMAP folders. I still have those mails in a backup of my Mac book Pro, so I could find the info with SpotLight. If anyone has any ideas to import them back into the IMAP folders, please drop the ideas in the comments. That was a Fridays night well spent :(

Click to read more ...

AuthorWillem | CommentPost a Comment |
in , ,
Wednesday
Nov222006

New Security Requirements for DigiD

DateWednesday, November 22, 2006 at 15:39

Just spotted an article about the new security requirements for a DigiD. A DigiD is an online username password for (secure (??)) communication with the government. The ID is also used for filling in your taxforms and submitting them online. I was, and still am, not in favor of a username and password for communication with the government. Username and password is a very weak form of authenticating people. Especially when those usernames and passwords can be used for identity theft. Now there are additional security requirements for having a DigiD. It seems that they require a unique phone number (a cellphone) for non basic services. At this moment there are multiple entries in their database which share the same phone number..... What's wrong with that? I don't own a cell phone. The cell phone I have is owned by my boss. I'm not using this phone number for this ID, because this phone can be used by my colleagues. Same for my wife. That leaves us with the phone number from my good-old analog (non SMS enabled) phone. That's one phone number for two people.... I guess that means that I'll be doing my tax returns the old-fashioned way.. by paper.

Click to read more ...

AuthorWillem | CommentPost a Comment |
in ,
Wednesday
Nov222006

PeopleSoft and Browser Bugs

DateWednesday, November 22, 2006 at 14:48

A couple of days ago, I upgraded Internet Explorer on the laptop from my work. Initially, everything seemed fine... Until I wanted to access our web-based HR system (PeopleSoft). In the good-old-days, this website worked (not good, and not bad). Since IE7, the login page remains blank, while the sourcecode of the page is fully loaded. So no way of logging to my personal HR page. I have no idea what's causing this (PeopleSoft or IE7). I do know that the (simple) login page holds a gazillion lines of Javascript.... Why? It's just a login page. A temporary work-around is using FireFox 2.0. Version 2.0 seemed to have solved some of the bugs I got with FireFox 1.5.x in PeopleSoft. Problem is that I need to change proxy settings for FireFox. I use IE for intranet browsing, because the developpers are MS-fans, and FireFox for global Internet browsing. Mind you that you have to disable the NoScript extension for FireFox (when installed). Just allowing all scripts for the PeopleSoft website gives erratic behavior, and lot's of errors on the pages. Only disabling the extension seems to work (which requires a reboot :( ). Anyway, somebody has to do some work to improve things.

Click to read more ...

AuthorWillem | CommentPost a Comment |
in ,
Page 1 ... 11 12 13 14 15