Thursday, November 21, 2013

what I learned today

Well today was quite fun...I learned:
  1. if you change aliases in postfix you need to run "newaliases" command...postfix restart ain't helping
  2. if you install sslh multiplexer change the config to "run=yes" and not "run=YES"
  3. your webserver needs to be configed that it only listens locally on 443 otherwise you get a port bind fuckup
  4. how to enforce ssl to prevent some nasty MITM (see sslstrip)
  5. enabling HTTP Strict Transport Security
  6. don't drink and config :D <-- I did not, but that's a general tip

Monday, November 18, 2013

Server Security: Crack user passwords to prevent intrusion via a user account

This surely is controversial and should only be done by hash comparison on a business system (if at all)! But I use that for my shell host server where I need the security.

A user account on your server, especially if you have 100+, can be a problem and the first step to a pwnage. To prevent this we just use John the Ripper + password lists with common passwords and bruteforce our way through.

  • Install John the Ripper
  • get this password list (it's 10times bigger than the default one)
  • unshadow /etc/passwd /etc/shadow > ~/pass.txt
  • john -wordlist:passwords.txt ~/pass.txt
This will take some time since it is quite a big list. 
If you find something tell the user to change his password.
That's it.

Monday, November 4, 2013

Friday, September 13, 2013

Compra solamente lo necesario...

“Compra solamente lo necesario, no lo conveniente. Lo innecesario, aunque cueste un solo céntimo, es caro”.
“Buy only what is necessary, not what is convenient. What is unnecessary, even if it only costs one cent, is expensive.”


Wednesday, August 21, 2013

Epictetus - How We Should Behave to Tyrants

If a man possesses any superiority, or thinks he does, if he is uninstructed in philosophy, he will, of necessity, be puffed up. For instance, the tyrant says, "I am master of all." And what can you do for yourself? Can you fulfill all your desires? How can you? Have you the absolute power of avoiding everything that would pain you? Can you achieve all your objects without error? How do you possess this power? You cannot do everything. When you are in a ship you trust to the helmsman. When you are in a chariot you trust the driver. It is the same in all other arts. So, where is your power? You say, "All men pay respect to me." Well, I also pay respect to my platter. I wash it and wipe it. For the sake of my oil flask I drive a peg into the wall. Are these things superior to me? No, but they supply some of my wants, and for this reason I take care of them. Well, I attend to my donkey. I wash his feet. I clean him. Do you not know that every man must look to himself? Some men regard you no more highly than their mules. For who has high regard for you? Show this person to me. Who wishes to become like you? Who imitates you as he imitates Socrates? "But I can cut off your head," you say. I had forgotten that I must regard you as I would a fever, and raise an altar to you as there is at Rome an altar to fever.

Epiktet - Was in unserer Macht steht und was nicht

...Da wir so an viele Dinge gekettet sind, werden wir von ihnen beschwert und niedergezogen. Daher sitzen wir, wenn einmal Windstille ist, voll Ungeduld da und schauen in einem fort heimlich aus: was für Wind weht? "Nord" - Was geht der uns an? - "Wann wird Westwind aufkommen?" - Wann es ihm beliebt, bester Freund, oder dem Aeolus.

Thursday, August 15, 2013

Das symbiotische Verhältnis von Natur und Geist

"Man mag nun die Natur dem Bereich des Geistigen entgegensetzen, als wäre das Geistige nicht auch im Naturganzen enthalten, oder man mag die Natur der Kunst entgegenstellen, letztere in einem höheren Sinn als den Inbegriff aller geistigen Produktionskraft der Menschheit betrachtet, so müssen die Gegensätze doch nicht auf eine solche Trennung des Physischen vom Intellektuellen führen, daß die Physik der Welt zu einer bloßen Anhäufung empirisch gesammelter Einzelheiten herabsinke. Wissenschaft fängt erst an, wo der Geist sich des Stoffes bemächtigt, wo versucht wird, die Masse der Erfahrungen einer Vernunfterkenntnis zu unterwerfen; sie ist der Geist, zugewandt zu der Natur." -- Alexander von Humboldt, Kosmos (STA), a.a.O., Bd. I, S.59

Wednesday, July 17, 2013

Venus Pattern

Venus orbits the Sun 13 times for every 8 Earth orbits. If you track the relative positions of Earth and Venus over an 8 year period, this is the resulting pattern.

Wednesday, July 10, 2013

How to repair a Sony WM-D6C

I found a Sony WM-D6C First Revision in the garbage can. For those not knowing it, it is worth about 150EUR or even more (depends on condition). But mine was broken, the speed was screwed, it was playing way too fast, so something was wrong. So I read up on that walkman and found that one of the ICs, which regulates the speed, is broken.
Its the Sony CX20084 SOP 16. So I went to ebay, ordered 2 (1 backup) from Hongkong (in total 5eur with shipping)

So you remove 4 screws from the bottom and then you see this. Problem is that there are many cables blocking the way so I just temporarily desoldered some (the ones I marked pink) and then taped the rest to have space to work with the IC. Tip: use some pin to push up the legs a bit while desoldering. If you done then just install the new IC (have fun :D )

After I had the new IC in place it worked flawless.

Tuesday, June 18, 2013

How to mix an isotonic drink

 WHO Drink
1 litre boiled off water, 2,6g sodium chloride (1/4 teaspoon table salt), 13.5g glucose (dextrose or 2 tablespoons of honey), 2.9g Trisodium citrate (1/4 teaspoon baking powder) and 1.5g potassium chloride (100ml orange juice)

Monday, June 3, 2013

How to install Tixati on Arch Linux

tar -xvf tixati.tar.gz

cd tixati

sudo pacman -S base-devel (choose default all, maybe you need binutils too)
makepkg -s
3. sudo pacman -U  tixati....pkg.tar.xz


or you use yaourt

pacman -S yaourt

yaourt tixati

Friday, May 17, 2013

"If there is a God, he will have to beg for forgiveness" 
- A phrase carved into a concentration camp cell by a Jewish Prisoner

Tuesday, May 14, 2013

How to find a Rogue DHCP Server in your network

1. Install Wireshark and start capturing
2. Filter for "bootp" , may take bit before you see something
3. Look for OFFER and ACKs
4. If you find one, check source MAC and find out which device it is

c'est tout

Saturday, April 13, 2013

Nexus 7 Battery Fix

Two days ago I was on a business trip, traveling by train.While waiting for the train at the station my Nexus was working fine, 30min after I went on the train and wanted to watch a movie my Nexus was suddenly DEAD. Like DEAD DEAD. Only thing that worked was the background light. So I googled a bit and found that many Nexus suffer from a loose battery connection.

Fixing it is easy, just open the case (use a small knife etc, the rest is like opening a smartphone) and fix the connection (see pic)

And c'est tout!

Friday, April 5, 2013

How to play Pocket Legends in Chrome on Debian/Ubuntu

I am working with Chrome v25 and fgrlx for my ATI HD5250.
  1. open chrome, enter chrome://flags
  2. enable "Override software rendering list "
  3. enjoy Pocket Legends :)

Wednesday, January 16, 2013

The ability to reduce everything to simple fundamental laws...

"The ability to reduce everything to simple fundamental laws does not imply the ability to start from those laws and reconstruct the universe"
P.W. Anderson 
Science,   4.August 1972, Vol 177,  Number 4047

Saturday, January 12, 2013

Hamlet’s Transhumanist Dilemma

To be, or not to be: that was the question back when
Machines did not challenge the reign of men.
Will technology replace biology: that is the question now
When computers get exponentially smarter: why shouldn’t we bow?
Thus the dilemma facing the human race
Is about hardware and coding: What type to embrace?
Whether ’tis nobler to run DNA
On an ancient biological hardware – Evolution’s play!
Or ‘tis better to get up-to-date
And run binary code on the supercomputers of late.
But who is to say?
Is it nobler to suffer in the flesh
The slings and arrows of biology as destiny?
Or to hack ‘tis cursed body; and by technology
To live. Forever!
No more sickness, no more aging, no more death
Our mortal flesh is heir to.
The choice is yours and mine to make
But what a bind we find ourselves into:
To pick between humanity and immortality.
But what is human anyway?
A temporary grouping of the bits
En route to fall apart…
Or is there more to it?
A soul? A genome code? A conscience? Or, a pattern?
Some kind of essence, anyway?
I still don’t know for sure what it is
So, why am I afraid to lose what I don’t know?

Saturday, January 5, 2013

Quantum Uncertainty As The End Of Classical Probability Theory

Conventional Probability Theory has no basis in reality. That is what the cosmologists Albrecht and Philipps say in their research paper "Origin of probabilities and their application to the multiverse" ( 
We argue using simple models that all successful practical uses of probabilities originate in quantum fluctuations in the microscopic physical world around us, often propagated to macroscopic scales.
Actually all problems in probability are about quantum mechanics. So even the outcome of a coin toss is the result of QM since the Uncertainty Principle can be scaled to everyday objects. In the case of a coin toss, the quantum uncertainty in the position of neurotransmitter molecules in the nervous system of a coin flipper might translate into an uncertainty in the number of times a coin turns in the air before being caught, ultimately determining whether it is a head or a tail. They showed that the calculations come up with the same numbers as conventional probability theory does.