Technology and other geekstuff2012-02-05T03:07:53ZEspen Holm NilsenCopyright 2012, Espen Holm NilsenSPHPBLOGblog.arpa.no banned from DagbladetDagbladet doesn't like my blog. ;) They have seemed to banned me from showing up in their Twingly trackback links.
I've only posted comments on a couple of their articles, and added to their lightning photos articles with my own lightning photos.
I also posted a comment on their internet security bug article.
Oh well, no big loss, I will continue to blog here.]]>http://blog.arpa.no/index.php?entry=entry080914-0235182008-09-14T00:00:00Z2008-09-14T00:00:00ZSecurity hole in Age Of Conan, remote exploitable - read gamers filesISE.
The bugs are also present in the game 'Anarchy Online' which also was very popular some years ago.
It can be exploited by giving the victim a "link", which causes the victim to speak the contents of a file to the chat.
This makes the file contents available for everyone surrounding this player in the game.
It is one of the more severe bugs found in Funcoms games, and was patched at the 28th of August.
]]>http://blog.arpa.no/index.php?entry=entry080901-1222362008-09-01T00:00:00Z2008-09-01T00:00:00ZGerman customs raids another trade showTheRegister, German customs agents have raided another trade fair due to complaints about patent infrigment.
200 armed customs agents raided 69 stands at the consumer electronics show IFA, in Berlin.
The last we heard about such actions were during the CeBIT fair in Hannover, Berlin.
The police then raided 51 booths due to the same kind of complaints.
]]>http://blog.arpa.no/index.php?entry=entry080901-0021462008-08-31T00:00:00Z2008-08-31T00:00:00ZYou can win the new iPhone 3G!(Like, if any of you work at a school or something ... you will win, for sure..)
The person that sets db.no as the homepage of the most computers wins the new iPhone 3G.
This is one of the more annoying/horrible competitions I have seen, there are a lot of people who have serious advantages here.
People who works at schools? People who work as managers at large organizations? The IT staff at your local work place?
Very nice done, db.no, you effectively lock a large percentage out of the population out of this competition! ;)
But at least, if you are in the position to do it... you can win the iPhone 3G here!
PS! There is only ONE! :)]]>http://blog.arpa.no/index.php?entry=entry080829-1013502008-08-29T00:00:00Z2008-08-29T00:00:00ZGigantic hole in the Internet? (not) Dagbladet writes about a 'security hole' in the Internet.
BGP works in this way:
o You use AS Numbers (ASN) which are globally unique. (simplified, but not completely true: Two Internet Providers can not share the same ASN) o These AS numbers are used for path decisions on the internet, the general idea is that less 'AS hops' (AS numbers between you and the destination) is better. o IP address ranges are linked to AS numbers. o Setting up a BGP session for exchange of IP traffic between AS numbers (ISPs) is called 'a peering'.
CIDR In routing, you will have to say that for example: 192.168.0.0/24 is at your router (this means 192.168.0.0 - 192.168.0.255) A /23 is double the size of a /24, and hence 192.168.0.0 - 192.168.1.255
Path decision Some attributes are used for deciding which ISP to use to reach another in (BGP) routing. The ones I am going to focus on here is AS_PATH and CIDR
The 'problem' about routing is that a more specific route will be prefered.
Let us say that the fictive company boogle owns 192.168.0.0/23 and keeps bmail in the rear end of that /23-network, from 192.168.1.128 - 192.168.1.256.
What will happen when someone announces 192.168.1.0/24 to other ISPs?
Yes, they will of course start using this route instead of the less specific /23-network that boogle announces.
BGP peering In BGP, one AS (autonomous system) will announce to the other ASNs which IP ranges they will accept traffic for.
Let us say you have AS1, AS2, AS3 and AS4 - which are owned by ISP1, ISP2, ISP3 and ISP4.
ISP1 uses ISP2 to reach the internet, because ISP2 has built a large network.
ISP3 and ISP4 are peering, and ISP4 also uses ISP2 to reach the internet (and then also to reach ISP1).
ISP3 usually uses a hidden ISP5 to reach ISP1.
Let us take the example from above then, with the preceding facts.
What will happen when ISP4 decides to announce the more specific network to ISP3? Yes, ISP3 which is used to having this path: ISP5 -> ISP1 will of course exchange this for ISP4 -> ISP2 -> ISP1
This is regardless of a longer AS_PATH (ISP4->ISP3->ISP1) because of the more specific network.
The other way this can be exploited is to force in a route with a shorter AS_PATH.
The real problem These are FEATURES of BGP and IP routing, and was never a security hole. The actual security hole is misconfigured routers that will accept announcements of networks from maliciously configured routers.]]>http://blog.arpa.no/index.php?entry=entry080827-1503462008-08-27T00:00:00Z2008-08-27T00:00:00ZNorwegian Real-Estate StatisticsDagbladet (Norwegian) writes that it now takes twice the time as last year to sell real-estate.
I developed a site with graphs to see if this is true.
Eiendomsgrafer shows the number of houses available in each region of the country at each time.
Take a look at it!
Maybe this can be an interesting tool for journalists? ]]>http://blog.arpa.no/index.php?entry=entry080825-2347552008-08-25T00:00:00Z2008-08-25T00:00:00ZMore lightning photos in the newsDagbladet are publishing more pictures from natures fireworks today.
There were some really good pictures and videos there, and I also found one over here.
It was said that more than 20.000 lightning strikes hit yesterday.
Sintef provides lightning statistics for Norway, it is so precise that they can pinpoint lightning that may have caused fires, and such.]]>http://blog.arpa.no/index.php?entry=entry080730-1506002008-07-30T00:00:00Z2008-07-30T00:00:00ZPhoto of lightning with EOS 450D kit I had another shot, but the camera ran out of power while transfering images - and that particular image is the broken one.
This is the image I got, without a tripod!
Dagbladet writes about it, and several more and better photos can be found here!]]>http://blog.arpa.no/index.php?entry=entry080730-0112062008-07-29T00:00:00Z2008-07-29T00:00:00ZUse the Nokia N95 as an external bluetooth GPS receiver for PC Just install this application: Symarctic ExtGPS
When I ran it on my Nokia N95, it created a new service on channel 5.
I found it by issuing "sdptool browse | grep SP" or something around those lines.
Then I did: rfcomm bind 0 BD:AD:DD:RP:HO:NE 5
You will then eventually see the computer station as connected, and the bluetooth indicator will turn green.
If both indicators (GPS and Bluetooth) are green, you can verify by doing: cat /dev/rfcomm0
You will then see navigation data and such. You can now use this port as a serial GPS receiver.
Here is a link for installing extgps to use the N95 as a serial receiver in windows.]]>http://blog.arpa.no/index.php?entry=entry080726-1633402008-07-26T00:00:00Z2008-07-26T00:00:00ZThe new iPhone 3G on board, and soon to be unlocked!
It has WiFi, GPS, 3G and of course GSM.
There already exists a tool to unjail the iPhone 3G. You can find it by googling for 'winpwn'.
It is sold locked to one of the NetCom i* subscriptions, you have to subscribe for a year, and it is pricey. The solution is to break the contract and buy yourself out for about 2-3kNOK, this gets the price down at least a little bit.
I bought this phone straight off netcom.no, it seems to have been pre-activated. At least I had a signal and was able to make calls straight out of the box.
Well, this is for now, I will come with more updates!]]>http://blog.arpa.no/index.php?entry=entry080726-0528152008-07-26T00:00:00Z2008-07-26T00:00:00Z
