<pusling> we should have okular released with debian lenny. lenny the bin-okular-s
Yesterday my new NAS arrived, to replace my aging and failing hacked
Linkstation. As part of the bundle I also received a Roku
SoundBridge, which was a nice surprise. Basically, it's a
consumer-orientated device which plays music from iTunes or Internet
radio, which you would plug into a hifi or powered speakers. I'd heard of
these before but I've been using my old ThinkPad X22 for this duty for a
while now, and MPD has served me well. I thought I'd give it a go, and
I'm actually really impressed with it.
Physically the SoundBridge is pretty good looking: a sliver and black
ten inch cylinder about two inches in diameter, with a large LCD panel
on the front. When turned on it found my wireless network, asked for the
WEP key, and promptly upgraded its firmware. Once all that was done, it
let me select from two libraries: Vicky's Music or Internet Radio. Vicky
was running iTunes on her laptop which exports the library over DAAP, so I
listened to Tori Amos whilst I explored the Internet Radio options. Then
I listened to the most excellent Groove Salad on SomaFM (apparently the #4
station on the Roku Radio charts). At this point I discovered that there
was a SoundBridge link in Epiphany, the SoundBridge uses mDNS to publish
the web control panel: a useful application of clue from Roku. Then it
just got better. The SoundBridge will stream from DAAP and UPnP servers
(they pimp mt-daapd and SlimServer), and announces the web interface over
mDNS and UPnP. There is a web site
which indexes Internet radio streams, currently it has over 5000 entries.
This site uses a Java applet (currently only tested in Windows though, I
haven't installed Java yet) to talk to your SoundBridge so it can show the
currently playing station and tell it to play another station.
Then I discovered this in the manual.
Geeks - read this. The M-bridge has a command line interface that you can telnet to for piddling abut. You will need to telnet to port 4444. Type "?" at the command prompt to see a list of commands. ... M-bridge has a built-in UPnP AV "media renderer". This protocol can be used to control the M-bridge from your own software.The SoundBridge supports both a custom protocol (documented in a 200-page PDF) and the standard UPnP protocol for controlling it. They even documented the signals the remote control uses. This is probably one of the most hackable "consumer" devices I've seen for a long time, short of the N800. Well done Roku, you've created a damn neat product which actually does just work out of the box. NP: theJazz, Internet radio
What does cryptic shortcut for different cables for different Nokia
phones mean? This was always a bit confusing to me. Now I finally found
some document which writes quite clearly, what all they do.
Unfortunately for most readers of this blog, it is only in Czech
language -
Ovl d n mobiln ho telefonu jedno ipov m mikroprocesorem. However
here is quick summary if somebody is interested:
MBUS
Single wire (+ ground) connection, usually used for servicing phone,
but sometimes also exposes some functionality. Fixed baud rate at 9600.
DTR and RTS usually used as power source, DTR should be low and RTS
high.
FBUS
Two wire (+ ground) connection, used for user data. Variable baud rate
(but usually 115200). DTR and RTS usually used as power source, DTR
should be low and RTS high.
DAU-9 / DLR-3
Cables for both FBUS and MBUS, switching is usually done by toggling RTS
or DTR signals (for DAU-9) or special AT command (for DLR-3). DLR-3 also
additionally supports AT commands over FBUS lines.
DKU-5
This is basically DLR-3 cable with USB/RS232 converter, so it is first
step of getting USB into phones.
DKU-2
This is for recent phones which directly support USB, it contains no
logic, just wires for USB.
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves.Tor also allows you to set up and/or use a so-called Tor hidden service, i.e., a server which offers some service (a website, ssh access, or similar) without revealing its IP to its users. Why? Why would you want to use Tor? Well, because you probably don't want anybody (neither state agencies, nor companies, nor "hackers", nor any other individuals or groups) to be able to record, analyze, and (ab)use information about your web browsing habits, or any other communication habits. For instance, you don't want Google to have a complete search-profile of you, which — even worse — might some day get in the hands of other parties. In the days of massive data retention you don't want all your electronic traces to be recorded, stored for ages, analyzed, and data-mined for dubious reasons and with even more dubious results and false conclusions drawn which might negatively affect you. If you're a human rights activist in China, you want anonymous communication. If you're a whistleblower, you want anonymous communication. The list is endless. For securing your communications, so that nobody is able to sniff your emails, your chat messages, your passwords, your private documents and conversations, you use encryption. For communicating anonymously you can use Tor. Combine both, and you have secure and anonymous communication. In case you're wondering whether criminals might abuse Tor, read the Tor Abuse FAQ. Short answer: yes, but if you're willing to break the law, you already have anonymity (open access points, stolen/prepaid mobile phones, etc.). You don't need Tor to do bad things if you're a criminal. If you're one of those horrible "oh, but I don't have anything to hide" guys, consider this: Say you have a drug/alcohol problem and want to visit an anti-drugs/anti-alcohol website or forum for help. Would you want the whole world, your neighbors, your co-workers, your boss, to know that, or would you rather want to keep that a secret? Say you have AIDS and want to get information on the web? Or, to make the example even more dramatic: Would you want some random guys to be able to watch you while you fuck your wife? No? So you have something to hide after all, right? My point is: Everyone has something to hide, even more, it is a basic human right to have the ability to hide something. It's called privacy. How? Tor implements a form of onion routing to, basically, push encrypted data through multiple Tor nodes (servers), before it reaches the final destination (e.g. a website). The result is that neither the website owner, nor a local eavesdropper, nor any single Tor server knows who requested that specific website, hence you are communicating anonymously. For more technical details, read the Tor overview and the Tor documentation pages. In order to use Tor, you have to install and run a local Tor client/daemon (this is not necessarily a Tor server!). On Debian, type
apt-get install tor, on other systems you can get the respective binary packages or download the sources and compile Tor yourself.
Usually Tor is used together with Privoxy, a configurable HTTP proxy which sanitizes your web-browsing experience by removing nasty banner ads, pop-ups, JavaScript, webbugs, cookies etc. etc. So: apt-get install privoxy.
After installing and starting Tor and Privoxy, you can now configure your webbrowser to use Privoxy as an HTTP proxy (see below), and Privoxy will in turn use Tor to anonymize your communication if you add "forward-socks4a / localhost:9050 ." to your /etc/privoxy/config.
Anonymizing various applications
Most (but not all) of the following information is also covered in the very useful Torify HOWTO in the Tor wiki (I will add the missing information there, ASAP). As I'm pretty paranoid, I have checked every single of these configurations with Ethereal to ensure that the traffic is really anonymized. However, if you are paranoid, you shouldn't trust me, but rather test this stuff for yourself!
Warning: DNS Leaks:torify (e.g. by typing torify fetchmail), but often this approach has DNS leaking problems, see below.
127.0.0.1 as proxy host and 8118 as proxy port.HTTP Proxy: 127.0.0.1 port 8118
SSL Proxy: 127.0.0.1 port 8118
FTP Proxy: 127.0.0.1 port 8118
SOCKS v5
HTTP Proxy: 127.0.0.1 port 8118
HTTPS Proxy: 127.0.0.1 port 8118
FTP Proxy: 127.0.0.1 port 8118
ftp:// URLs, but at least you don't send untorified traffic without noticing.http_proxy and HTTP_PROXY environment variables. Applications which don't honor http_proxy probably have a configuration option to set the HTTP proxy.~/.bashrc or similar config-file:http_proxy=http://127.0.0.1:8118/
HTTP_PROXY=$http_proxy
export http_proxy HTTP_PROXY
http_proxy environment variable! However, you can add http_proxy 127.0.0.1:8118 to your /etc/links.cfg and/or to your ~/.links/links.cfg. Or go to Setup -> Network Options and do the same there. Or use the -http-proxy 127.0.0.1:8118 command line option.
Proxy type: Socks 5
Host: 127.0.0.1
Port: 9050
http_proxy is enough, as apt-get honors the http_proxy environment variable. But you can also add this line to your /etc/apt/apt-conf:Acquire::http::Proxy "http://127.0.0.1:8118/";
Use a proxy server: enable
Address: http://127.0.0.1
Port: 8118
Host *
ProxyCommand socat STDIO SOCKS4A:127.0.0.1:%h:%p,socksport=9050
apt-get install socat.torify ssh does not suffice, it leaks DNS requests!
torify fetchmail should be enough (one would think), but that leaks DNS requests! All tips offered in the Torify HOWTO suffer from this problem. The ideal solution would be to use tor-resolve (a small utility which resolves DNS requests via the Tor network, and hence anonymously) before fetching the emails, but I haven't found a good and simple solution for that. What I do right now is to hardcode IP addresses in my ~/.fetchmailrc config-file and then use torify fetchmail, which doesn't leak DNS requests. However, it leads to some ugly "fetchmail: Server CommonName mismatch: foo.bar.com != xxx.xxx.xxx.xxx" warnings.prog Fetchmail fetchmail xterm -e torify fetchmail
alias fetchmail='torify fetchmail'
Warning: Just for the record: torify fetchmail alone (i.e. used with hostnames in ~/.fetchmailrc) does not suffice, it leaks DNS requests!
Hostname: 127.0.0.1
Port: 9050
Type: Socks5
~/.bashrc file. It defines some functions and aliases which transparently direct the traffic of some (but not all!) programs through Tor.
Applications which cannot easily be torified
Anything not using TCP usually cannot be torified, as Tor only works for TCP.
torify whois google.com leaks the DNS request for the whois-server (in this case whois.crsnic.net), it doesn't seem to leak the host you wanted to lookup. Can somebody confirm this? The safer method is to use a web-frontend, though.torify ncftp works, it leaks DNS requests! I haven't yet found a way to fix this (help is appreciated!). I also tried a few other FTP clients, without luck.http_proxy environment variable and by using a hidden Tor server as keyserver.keyserver x-hkp://yod73zr3y6wnm2sw.onion
keyserver-options honor-http-proxy broken-http-proxy
gpg --recv-keys seems to work fine, gpg --refresh-keys leaks DNS requests! It seems GnuPG hard-codes the keyserver to keyserver.pgp.com in that case and leaks the DNS request for this domain name.
Next.