All posts by kobaan

First internet router in space

NASA is launching its first internet
router to be placed in earth orbit.
Thus internet network routing is not anymore limited to undersea
fiber optic cables, direct copper links or low range wireless
communication.
On the other side, this way it is no longer possible for “friendly”
states to eavesdrop communication on ground based
wires/fibers.
Fibertapping is already as easy and unnoticeable as traditional
wiretapping. Ultra broadband uplink interception, is something
completely
different.
The next stage will probably be routing from satellite to
satellite, and once this is done, USA is the only party having
complete control over global internet communication.
spacerouterAh, I forgot to mention chinas newest ability to destroy satellites
within 30 minutes by ballistic missiles if needed.
Lets call that, stalematt.

First internet router in space

NASA is launching its first internet
router to be placed in earth orbit.
Thus internet network routing is not anymore limited to undersea
fiber optic cables, direct copper links or low range wireless
communication.
On the other side, this way it is no longer possible for “friendly”
states to eavesdrop communication on ground based
wires/fibers.
Fibertapping is already as easy and unnoticeable as traditional
wiretapping. Ultra broadband uplink interception, is something
completely
different.
The next stage will probably be routing from satellite to
satellite, and once this is done, USA is the only party having
complete control over global internet communication.
spacerouterAh, I forgot to mention chinas newest ability to destroy satellites
within 30 minutes by ballistic missiles if needed.
Lets call that, stalematt.

GPG Expired Keys Cleanup – Howto

A lot of people leave their “expired”
public keys on the public key servers forever.
They even keep expired secret keys in their keys, or worst, they
delete expired secret keys from their keyring before revoking
according public keys and publishing this revokation to th key
servers.So did I….

…so, the correct way to take care of your keys is:

List your secret keys:

kobaans-computer:~ kobaan$
gpg –list-secret-keys
/Users/kobaan/.gnupg/secring.gpg
———————————
sec 1024D/9DC0387E 2006-02-21 [expires: 2007-02-21]
uid Andreas Kobara (privat)
ssb 2048g/E5122423 2006-02-21

sec 1024D/F373037D 2006-02-21 [expires: 2007-02-21]
uid Andreas Kobara
ssb 2048g/712EA6D2 2006-02-21

sec 1024D/5BD5E033 2007-02-15 [expires: 2008-02-20]
uid Andreas Kobara
ssb 2048g/ACE9BC3A 2007-02-15

sec 1024D/06F5B3D4 2007-02-15 [expires: 2008-02-20]
uid Andreas Kobara
ssb 2048g/B5A90C83 2007-02-15

As one can see, I have to keys, taht are already expired, and that
I have already created a follow-up key for.
As long as I do not revoke the expired public key, others can still
encrypt mails to me ignoring the expired key,
and I (or someone who has stolen my old secret key) will be able to
still decrypt an expired key encrypted mail.

Usually you should create a revocation certificate for a newly
generated key, to be able to revoke it later, in case it was
stolen, or just expired.
In my case, I will create a revocation certificate now, to revoke
my key from the keyservers.
kobaans-computer:~ kobaan$
gpg –gen-revoke 9DC0387E

sec 1024D/9DC0387E 2006-02-21 Andreas Kobara (privat)

Create a revocation certificate for this key? (y/N) y
Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? 3
Enter an optional description; end it with an empty line:
>
Reason for revocation: Key is no longer used
(No description given)
Is this okay? (y/N) y

You need a passphrase to unlock the secret key for
user: “Andreas Kobara (privat) ”
1024-bit DSA key, ID 9DC0387E, created 2006-02-21

ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory
gets
access to this certificate he can use it to make your key
unusable.
It is smart to print this certificate and store it away, just in
case
your media become unreadable. But have some caution: The print
system of
your machine might store the data and make it available to
others!

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.6 (Darwin)
Comment: A revocation certificate should follow

iEkEIBECAAkFAkYZKk0CHQMACgkQSA/XCJ3AOH71eACeO+XLUL2pihKbaK2YkHUj

2kQshtgAn0GXcpByipSaJ6VRwbhch90YKwhk
=ijDs
—–END PGP PUBLIC KEY BLOCK—–

Nothing happened so far, you can store your revocation certificate
now, or use it, based on your needs.
Lets check the status of my key before and after revocation:
kobaans-computer:~ kobaan$
gpg –check-sig 9DC0387E
pub 1024D/9DC0387E 2006-02-21 [expired: 2007-02-21]
uid Andreas Kobara (privat)
sig!3 9DC0387E 2006-05-07 Andreas Kobara (privat)
sig!3 9DC0387E 2006-02-21 Andreas Kobara (privat)

Now import the certificate:
kobaans-computer:~ kobaan$
gpg –import

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.6 (Darwin)
Comment: A revocation certificate should follow

iEkEIBECAAkFAkYZKk0CHQMACgkQSA/XCJ3AOH71eACeO+XLUL2pihKbaK2YkHUj

2kQshtgAn0GXcpByipSaJ6VRwbhch90YKwhk
=ijDs
—–END PGP PUBLIC KEY BLOCK—–
gpg: Total number processed: 1

And check the keyring again:
kobaans-computer:~ kobaan$
gpg –check-sig 9DC0387E
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust
model
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f,
2u
gpg: next trustdb check due at 2008-02-20
pub 1024D/9DC0387E 2006-02-21 [revoked: 2007-04-08]
rev! 9DC0387E 2007-04-08 Andreas Kobara (privat)
uid Andreas Kobara (privat)
sig!3 9DC0387E 2006-05-07 Andreas Kobara (privat)
sig!3 9DC0387E 2006-02-21 Andreas Kobara (privat)

Now it shows “revoked”.

We can now publish this key back to the keyservers to tell everyone
that this key is not any longer valid for signing and
encryption.
kobaans-computer:~ kobaan$
gpg –send-key 9DC0387E
gpg: sending key 9DC0387E to hkp server
subkeys.pgp.net

Although, as long as I do not delete this key from my own secret
keyring, it will be always posible to open very old mail archives
which used that old key.

Useful for someone ? Winking

GPG Expired Keys Cleanup – Howto

A lot of people leave their “expired”
public keys on the public key servers forever.
They even keep expired secret keys in their keys, or worst, they
delete expired secret keys from their keyring before revoking
according public keys and publishing this revokation to th key
servers.So did I…….so, the correct way to take care of your keys is:

List your secret keys:

kobaans-computer:~ kobaan$
gpg –list-secret-keys
/Users/kobaan/.gnupg/secring.gpg
———————————
sec 1024D/9DC0387E 2006-02-21 [expires: 2007-02-21]
uid Andreas Kobara (privat)
ssb 2048g/E5122423 2006-02-21

sec 1024D/F373037D 2006-02-21 [expires: 2007-02-21]
uid Andreas Kobara
ssb 2048g/712EA6D2 2006-02-21

sec 1024D/5BD5E033 2007-02-15 [expires: 2008-02-20]
uid Andreas Kobara
ssb 2048g/ACE9BC3A 2007-02-15

sec 1024D/06F5B3D4 2007-02-15 [expires: 2008-02-20]
uid Andreas Kobara
ssb 2048g/B5A90C83 2007-02-15

As one can see, I have to keys, taht are already expired, and that
I have already created a follow-up key for.
As long as I do not revoke the expired public key, others can still
encrypt mails to me ignoring the expired key,
and I (or someone who has stolen my old secret key) will be able to
still decrypt an expired key encrypted mail.

Usually you should create a revocation certificate for a newly
generated key, to be able to revoke it later, in case it was
stolen, or just expired.
In my case, I will create a revocation certificate now, to revoke
my key from the keyservers.
kobaans-computer:~ kobaan$
gpg –gen-revoke 9DC0387E

sec 1024D/9DC0387E 2006-02-21 Andreas Kobara (privat)

Create a revocation certificate for this key? (y/N) y
Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? 3
Enter an optional description; end it with an empty line:
>
Reason for revocation: Key is no longer used
(No description given)
Is this okay? (y/N) y

You need a passphrase to unlock the secret key for
user: “Andreas Kobara (privat) ”
1024-bit DSA key, ID 9DC0387E, created 2006-02-21

ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory
gets
access to this certificate he can use it to make your key
unusable.
It is smart to print this certificate and store it away, just in
case
your media become unreadable. But have some caution: The print
system of
your machine might store the data and make it available to
others!

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.6 (Darwin)
Comment: A revocation certificate should follow

iEkEIBECAAkFAkYZKk0CHQMACgkQSA/XCJ3AOH71eACeO+XLUL2pihKbaK2YkHUj

2kQshtgAn0GXcpByipSaJ6VRwbhch90YKwhk
=ijDs
—–END PGP PUBLIC KEY BLOCK—–

Nothing happened so far, you can store your revocation certificate
now, or use it, based on your needs.
Lets check the status of my key before and after revocation:
kobaans-computer:~ kobaan$
gpg –check-sig 9DC0387E
pub 1024D/9DC0387E 2006-02-21 [expired: 2007-02-21]
uid Andreas Kobara (privat)
sig!3 9DC0387E 2006-05-07 Andreas Kobara (privat)
sig!3 9DC0387E 2006-02-21 Andreas Kobara (privat)

Now import the certificate:
kobaans-computer:~ kobaan$
gpg –import

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.6 (Darwin)
Comment: A revocation certificate should follow

iEkEIBECAAkFAkYZKk0CHQMACgkQSA/XCJ3AOH71eACeO+XLUL2pihKbaK2YkHUj

2kQshtgAn0GXcpByipSaJ6VRwbhch90YKwhk
=ijDs
—–END PGP PUBLIC KEY BLOCK—–
gpg: Total number processed: 1

And check the keyring again:
kobaans-computer:~ kobaan$
gpg –check-sig 9DC0387E
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust
model
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f,
2u
gpg: next trustdb check due at 2008-02-20
pub 1024D/9DC0387E 2006-02-21 [revoked: 2007-04-08]
rev! 9DC0387E 2007-04-08 Andreas Kobara (privat)
uid Andreas Kobara (privat)
sig!3 9DC0387E 2006-05-07 Andreas Kobara (privat)
sig!3 9DC0387E 2006-02-21 Andreas Kobara (privat)

Now it shows “revoked”.

We can now publish this key back to the keyservers to tell everyone
that this key is not any longer valid for signing and
encryption.
kobaans-computer:~ kobaan$
gpg –send-key 9DC0387E
gpg: sending key 9DC0387E to hkp server
subkeys.pgp.net

Although, as long as I do not delete this key from my own secret
keyring, it will be always posible to open very old mail archives
which used that old key.

Useful for someone ? Winking

Sam Triggy – A Real Triple GuitarHero

Just wanted to share one of my latest
discoveries on youtube.Sam Triggy from
Malaysia, doesn’t play guitar…
…he does not play two guitars…
…no, he plays three guitars, at the same time.

Man, he’s a real pro. Enjoy Take 5 and Autumn Leaves performed by
Sam Triggy alone,
with his 3 e-guitars.

And one more video to give you an impression of his ability to play
different style music too.

This one is inspired by Jimi Hendrix:

Feel free to search on youtube for more different styles,
instruments and concertvideos of Sam Triggy.

Cheap 3D controller device

Just ordered my 3D input controller
device brought to us money saving folks from 3dconnexion for 59.-
Euro.
sn_hand
If you can remember the first 3d mouse and its price, this offer is
really cheap.
No more clicking and pointing in Google Earth, just pure
entertainment.

Windows/Linux/MacOSX supported Winking