Posted on

Nedap voting computers abandoned in Netherlands

Looks like the effort of Rop Gonggrijps project group Wij vertrouwen stemcomputers niet (we dont trust voting machines) has finally paid off.

Nedap voting computers will no longer be used for voting in the Netherlands.

In 2006, Rop Gongrijp appeared on a documentary hosted by a dutch tv station to demonstrate the flaws of the Nedap voting computers used in elections in which he proved that manipulating a voting machine isnt that hard at all.

The Chaos Computer Club manged to replace the firmware memory of a voting machine in less than one Minute as seen here

Posted on

Spiegel.de – Ubuntu Diary (german)

Free, functional and secure – 3 options that have the potential to blow MS Vista and Mac OS X out of the way and pave out the road to success for a mainstream Linux.

Easy for beginners to install and use, it consists of the Debian base prefered by the veterans in the Linux sector. The german news magazine Spiegel is taking a look at Ubuntu in a practical context…

Day 1: Intro

Day 2: Live Boot

Day 3: Choose a Desktop 

Comment: Ok this guy seems to be a good test subject since he is a real noob. In the article he writes that he obtained a usb wlan device in addition to his integrated one in order to surf faster on the net…

Upgrading a 802.11b (11 Mbit/s) to a 802.11g (54 Mbit/s) device will do squat if you only have a 4MBit Internet connection unless you are actually using technology that is about 10 Years old (regarding original 802.11 hardware used from 1997-1999 with 2 Mbit/s) 😉

Posted on

First look at Gutsy on a Thinkpad R60

Since i will be replacing my laptop pretty soon i am currently looking for a worthy successor for my old Acer Aspire. Critical Factors this time are CPU Power and Hardware Virtual Machine Support (such as Intel VT in the current Core 2 Duo models) and mobile battery life.

I dont really care about the host system since that will not drain the resources from the hardware ( but be sure, the virtual machine lab will 🙂 )

Currently still in the battle are a Lenovo Thinkpad R60 and a Macbook 2,2 ghz (black) which are about the same price (where the Thinpad has a 3D card and the MacBook a bigger Hard Drive)

On the other hand, i might consider getting an Inspiron 6400 from Dell with Ubuntu preinstalled.

I have had quite some experience now with Thinkpads from the field, solidness, data security and well… several small issues that can drive me crazy.

As a testing platform i performed a Ubuntu Gutsy Gibbon 7.10 Horde 5 install which will be going final a few weeks.

Setting up the system was as always quite easy and the first boot revealed that practically all hardware components were working (didn’t try out the fingerprint scanner yet).

Sound was no problem although the default System Beep is very annoying. Lan and WLAN connection worked instantly and will connecting you out of the box if you are connecting to a dhcp device.

The proprietary drivers for the wireless Intel 3945 network card were installed as for the other restricted driver devices (gpio and ATI radeon card) were waiting to be enabled.

restricteddrivers.jpg

The system correctly installed an smp kernel and load balancing seems to be working fine.

Some of the hardware keys were running (try playing with the thinpad-keys packet) such as the volume control and the screen brightness. So after just 30 minutes, i hade a fully operable system with essentials like an office suite (OpenOffice) email applications (Evolution) and a Webbrowser (Firefox 2.0.0.6) running.

So far no drivers required to be installed yet 🙂

The performance test was done overall with beryl and compiz and running pretty smooth with the onboard 3d card.

Posted on

Fail2Ban – Slackening brute force attacks

Fail2Ban is a phyton script that analyzes failed login attempts in logfiles and implements firewall rules to ban brute force attackers. Classic brute force targets on the web are:

  • ssh
  • ftp
  • Apache
  • mySQL

Here is a basic example for Apache in /etc/fail2ban/jail.conf:

[apache]

enabled = true
port = http,https
filter = apache-auth
logpath = /var/log/apache*/*access.log
maxretry = 5

By default, the global ban time is 600 seconds.

Installation for Debian and Ubuntu is quite simple, as always:

apt-get install fail2ban

Checkt out http://www.fail2ban.org/wiki/index.php/Main_Page for other installation packets and further info. If you are running servers on the web, i highly reccomend using somesort of method to disable brute force attacks…and of course, using strong passwords 🙂

Posted on

Meta Rheinmain Chaos Days coming up…

and that will probably be my final event for this year regarding IT related conferences…

Having been to Berlin twice this year already (LinuxTag and Chaos Communication Camp) i prefer locations that are not on the complete opposite side of germany, so the Chaos Days will be pretty close and i probably wont attend the Chaos communication Congress this year.

From the event page:

The “metarheinmain chaosdays” is a conference for those who are interested in the it sector and especially the it security aspect of it. Our goal is to facilitate the sharing of knowledge and the meeting of like minded individuals. The mrmcd110b – the sixth metarheinmain chaosdays – written in binary 110b – is an event sponsored by the university student group “chaos darmstadt”, a part of the ccc germany.

Check out the fahrplan (shedule) for the weekend as well…