Saturday 20 February 2016

Breaking the iPhone's encryption

For the last few days the internetz has been in an uproar. If you haven't heard then have a look at this:
Apple ordered to help the US government. For the TL;DR folks out there:

  • some terrorist killers in the USA used an iPhone 5C
  • the FBI want to know what was on the phone
  • the phone has that lock where 10 incorrect pins wipes it
  • a judge has ordered our old mates at Apple to disable the wipe function so the FBI can break in
  • Apple have told them to go away and refused to do it
So, gentle reader, why do we care about this? A bit of backstory might be useful...

The iPhone has quite solid built in encryption. Check out the Apple Privacy policy here for all the goods (PDF download) https://www.apple.com/business/docs/iOS_Security_Guide.pdf - lots of goodies in there. From iOS 8 onwards, the basic iPhone data was heavily encrypted, and Apple have always claimed they don't access passcodes or data. Here is their privacy policy if you'd like to have a read: Apple's Privacy Policy

Bottom line: Apple have long claimed that without the passcode an iPhone is basically inaccessible and now the FBI have a judge ordered Apple to disable this protection. This is a pretty full on hack. In his open letter, Tim Cook, the Apple CEO basically said we'll have to rewrite the code, install it on this iPhone and then let the FBI in. Oh and now that's out in the open, welcome thieves, pirates and governments who want access to iPhones! Prior to iOS 8, Apple had assisted law enforcement with access to iPhones in the past, but now they're saying we can't do this anymore. Tim Cook's letter is here: Apple Letter to our Customers and all the details are here. 

My analysis of what this means for us, the consumer, is that once again law enforcement and government have requested the capabilities to break through our privacy. At the moment, Apple users are reasonably confident of the privacy of their devices. If you lose it then best of luck to anyone try to break into it. Different to an Android device with an SD card in it - where you could pinch the SD card and get whatever you want, unless it's encrypted. The iPhone does this already. I was looking the other day at the security of Apple Notes. It's encrypted on the device, in iCloud (if you use it) and in transit between the two. I'm not sure it's encrypted on your Mac though - something to check. My point is that the security is pretty good out of the box. Not being a chap involved in dodgy behaviour I've never had a real need to have heavy protection on my iPhone but I was certainly pleased to see that I had decent encryption on the device. 

I think there's a parallel here between Pandora's Box and introducing a back door into iOS. When Pandora opened the box and let evil into the world the big corporations were born (yes I have a hate for them and yes I'm aware of the inherent irony of using Blogger to write this - a part of the biggest corporation Google!), in this instance, once the iPhone's security is broken to allow law enforcement  a backdoor in, that's a genie that doesn't go back into the bottle. From there, it's relatively easy to see how the police or feds get compromised and that backdoor gets into the wild. Voila! No security any more for people's devices and anything you put on them might as well be in the public domain. Apple have said they won't comply with the order and that it's technically very difficult. I believe them. Encryption is tricky at the best of times and getting it right is hard. Breaking back into it, once you've worked so hard to establish it isn't easy. 

This story has garnered a lot of press in the last few days and there are plenty of people talking about it which is important. The right to privacy, which I think is closely linked to the core desire for security of oneself is critical. I hope that Apple fight this one hard and/or make it incredibly difficult for the hack to be repeated. I understand law enforcement need access to stuff to prosecute etc. I do understand that. But with so much warrantless invasion of privacy I'm not inclined to be a huge supporter. In a small scale this probably seems callous - those poor people murdered by the crazies and I don't want to know the truth about it all! Shame on you ryv! But in the broader scope, this affects all iPhone user's security and I'm concerned about that too. 

I'll be keeping an eye on this issue as it develops - if you're an iPhone user, you should too.

Thursday 18 February 2016

Lenovo E540 won't start or boot - solved

Recently a client called saying their fairly new E540 wouldn't turn on or respond at all. The red light that makes up the "i" in ThinkPad would light up but that was the extent of the functionality.

I tried removing the battery and booting off but no dice. The computer was totally unresponsive. It turns out there is an issue with Lenovo for Small Business software that causes this.

To fix it, remove the BIOS battery - this is located under the compartment to the left in this photo:

Stick the battery back in and give it the berries. The laptop should boot and complain about the time and date. Set those and start the laptop. Log in, go to Uninstall Programs and ditch the Lenovo for Small Business. Once that's done, it's probably a good idea to update the BIOS. Try not to screw that up by killing power or anything mid upgrade. The recovery process is incredibly annoying and not guaranteed to work.

A reboot and you should be right to go. Enjoy.

Tuesday 16 February 2016

How ethical is it to download movies and TV using torrents?

I have just completed a Cyberethics course and I was forced to consider this question in depth as part of an assignment. Given that I had to answer a specific question, I couldn't really put forward what I truly feel, so that's what this post is all about.

I have long considered that paying a fair and reasonable price for content delivered in a timely and reasonable manner to be of no issue whatsoever. Let me put that out there for y'all. If I have access to a wide catalogue of TV shows or movies, they're priced reasonably and the available in a timely fashion I see no reason to have take other measures to get the product I want. In researching the essay for this course, I had to read a whole bunch of journal articles and I won't bore you to death with those, nor will I bore you with proper citations.... From this research, the core matters that affect a person's decision to download or pirate digital content appear to be:

  • price
  • availability
  • time to market
  • quality
  • perceived unreasonable behaviour by content producers
and in some cases a simple unwillingness to have to pay for everything (for whatever reason). I'm sure that if you are an Australian, gentle reader, that you will know all too well the Australia Tax. If you aren't an Aussie, then this is a new thing to you. The Australia Tax affects us all down here, particularly back in the day when it was expensive to transport things to our island continent. Nowadays though, it costs very little to transport digital media under the sea and into the country. The tax is applied to Apple and Microsoft software, to hardware, cars, digital content. APC Mag has a list here: http://apcmag.com/overcharge.htm/ It's a bit old, but you can see the overcharge. 

This article started it all: Downloading movies and TV is not a crime from the Sydney Morning Herald. The writer makes some great points and I will echo them here. According to Australian law it's not a crime to download movies or TV per se. It is instead a breach of copyright. The crime of theft can only occur if the owner of a piece of property is permanently deprived of it - and that doesn't work when applied to digital media. The owner still has it, and can still market and sell it. Applying copyright law to try to enforce the preservation of copyright as been spectacularly unsuccessful. I remember as a young chap watching while Napster was sued and the MPAA, RIAA and ARIA started going after downloaders. Universities protected their students, and now even ISPs are protecting their clients, refusing to give data up about the end users. I remember while still at Uni hearing about the people that were being chased and the recording and movie industry wailing at their loss in profits - think of the poor actors! Only getting $10 million a movie when they could get $20 million! Think of our profit margins - oh woe is us! And then seeing them record the largest profits ever. Those poor souls. I really felt for them as I contemplated getting that latest new release from the internets. 

Down under we get a limited catalogue of content available. Netflix, iTunes, etc all only release a subset of their products to us. Why? Some licensing bullshit. Clearly to do with maximising profit margins. What these idiots are failing to recognise is the market in Australia is hungry for content. So hungry we were allegedly the largest downloaders of Game of Thrones last year. While the media morons all shook their heads and bemoaned those evil downloading Australians, they failed to recognised why we were engaged in this behaviour. The reasons above a directly responsible for this. Game of Thrones, as an example, is available only on Pay TV. I personally do not have Pay TV. Why pay $70 a month for something when I hardly have a chance to use it? I would literally only be getting it for GoT. Also, in this attention economy, I resent paying for a service and then having to pay my attention to ads. That's double dipping. More thieving bastardy on the parts of the media moguls. This year, GoT will air completely on Pay TV before it is available on Free to Air. I understand how Free to Air works - I pay with my attention to the ads. That's OK. I'm cool with that. I'm not cool with having to wait those extra months to see my shows though. Can I buy them off iTunes in a timely manner? Can I see it on Netflix? I'm not sure. What I do know, from a mate, is that I could download in high definition a copy of each GoT episode an hour after it airs from torrents. That's how you meet audience demand. Supply the content that's wanted and do it in a timely manner. No geographical restrictions on what you can get to watch or listen to! It's supposed to be a free market and yet it clearly is not. 

I should also note, that the stuff we can occasionally get is up to 400% more expensive than what might be paid for it in USD. Now, not only do we have an increase in price because the Australian Dollar isn't worth a pinch of goat shit, but the bastards gouge the arse out of us anyway. Are we honestly supposed to be happy with that? Do they expect us to toe the line and simply get on with bending over and allowing the media content producers to have their way with us? I don't think so. And the evidence is clear that Australians aren't doing it vis a vis the top downloaders of Game of Thrones. Imagine for one stunning moment there is an executive in these content houses with a semi-functional brain, beyond just wanting enormous profits. This relative genius could see a massive market that is being undersupplied and misunderstood. If GoT was available in a timely manner, reasonably priced - maybe a couple of dollars per episode or something, then imagine the profit difference! I'll just do some maths for you now.

So currently, for arguments sake, 3 million Australians are downloading GoT. That's 3,000,000 times $0 in profit.... which is... just using my calculator here... $0 dollars of profit. Bravo content producers. But here's an amazing thing! If that product was available via iTunes or Netflix or <insert other gouging content provider> for even just $1, then the profit would be... more calculations.... $3,000,000! Holy shitballs Batman! And that's per episode! What an amazing thing! I just fell off my chair! (much of this is sarcasm - I have not literally fallen off my chair, nor do I own a calculator). I would think for a quality TV show like Game of Thrones, I would happily pay up to $5 an episode. But it has to be delivered at the same time as it airs, it has to be in high def and the catalogue I'm choosing from has to be broad. On iTunes, Game of Thrones is $3.49 / episode (10 episodes) or $32.99 for the season. But according to this article http://exstreamist.com/game-of-thrones-season-5-will-be-on-itunes-after-it-airs/ Game of Thrones won't be available on Australian iTunes until after the season finishes. Guess what thieving bastards - you're not getting my money then and I'm not waiting that fucking long to see a TV I really like. I'll get it by other means. I'd pay $3.49 an episode if it came day of each episode airing but if think I'm going to wait and then still pay then I suggest you see a neurosurgeon because half your brain is non-functional. It's shit like this that makes an average, happy to pay person like myself say: "Right, time to learn how to use this torrent thing!" and then set up a VPN to another country, wrap it all in encrypted tunnels and show the big middle finger to the establishment. Screw you thieving bastards!

You can probably tell I get a bit cranky about this. Equality for all I say. The only people "suffering" and I use that term in it's most loosely possible way are the execs watching their profits only reach stratospheric heights instead of astronomical heights. 




So is it ethical? Well that's up to you isn't it? 

Sunday 14 February 2016

Lenovo L540 Review


The Lenovo L540 is a workhorse laptop for around the $1000 mark. These are i5 4GB of RAM, 500GB HDD, 15.6" machines. I purchased 4 for a client (as you can see) and in the back right of the picture you can see one is experiencing sadness. These are quite nice notebooks for a no-nonsense work machine. The screen is clear and readable, and I especially like the keyboard - the keys have a wonderful return and solid feel to them - far better than my Dell notebook. I find the touchpad to be clunky though - the movement of the click isn't refined and the travel seems quite large.

Interestingly, these machines all came with Windows 7 Pro pre-installed - a preferred option for our business clients unwilling to make the jump to Windows 10. We are certainly not foisting Windows 8 off onto people we like - ti's an awful operating system that needs to die as quickly and quietly as Vista did. These run Windows 7 quite happily and once Symantec and a lot of the other Lenovo bloatware is removed the operating system is quite happy - except for the machine there at the back. Something went wrong when installing patches and I ended up having to restore it from scratch. It was a bit of a head scratcher, but the recovery process was surprisingly quick and painless. The tendency for Windows 7 to take ages to first do patches was fixed with a Microsoft Hot Fix - and I think this is what splattered it last time. It only takes something small and the day goes south quickly.

I also purchased docking stations for these laptops, proper drop in docking stations. The mechanisms are easy to use and lock in quite happily. The end users seem to really like them, and they are not technical at all, so I call them a winner. 

All other activities - installing of Office etc were handled quite promptly and it all worked well. These are a solid, unassuming notebook and I recommend them for end users who are looking for a machine with a simple basic function required. That being said, I'd happily use one of these in my day to day work. Lots of capabilities there indeed. It should be noted that while I sell Lenovo stuff, they (sadly) don't pay me to advertise their gear. I've been a fan for a while - the solid construction, great keyboards and relatively functional software (apart from that little issue with spyware a while ago) is really worth considering.

This is ripped from the Lenovo website: Lenovo L540 Tech Specs

ThinkPad L540 LaptopTech Specs

DESCRIPTIONTHINKPAD L540 LAPTOP
Processor
  • Intel® Core™ i3-4000M Processor (3M Cache, 2.40 GHz)1
  • Intel Core i5-4210M Processor (3M Cache, up to 3.20 GHz)
  • Intel Core i5-4300M Processor (3M Cache, up to 3.30 GHz)
  • Intel Core i7-4600M Processor (4M Cache, up to 3.60 GHz)
Operating System
  • Windows 10 Home 64-bit
  • Windows 10 Pro 64-bit
  • Windows 7 Professional 64-bit preinstalled through downgrade rights in Windows 10 Pro 64-bit
Display
  • 15.6" HD (1366x768), anti-glare, 220 nits, 500:1 contrast ratio
  • 15.6" FHD (1920x1080), anti-glare, 300 nits, 500:1 contrast ratio
Graphics
Intel HD Graphics 4600 in processor, supports external analogue monitor via VGA and digital monitor via Mini DisplayPort; supports dual independent displays; max. resolution: 1920x1200@60Hz (VGA); 3840x2160@30Hz (DisplayPort via Mini DP cable)
Memory
16GB max (2 SO-DIMM slots), PC3-12800 1600MHz DDR3, non-parity, dual-channel capable
Webcam
Integrated 720p HD Camera
Storage
  • 500GB 7200 RPM
  • 1TB 5400 RPM
  • 128GB SSD SATA3
Optical Drive
DVD +/-RW MultiBurner
Dimensions (W X D X H)
  • HD: 377 x 247 x 28.8-34.05 mm 
  • FHD: 377 x 247 x 31.0-36.25 mm 
Weight
  • 6-cell, HD: 2.54kg
  • 6-cell, FHD: 2.60kg
  • 9-cell, HD: 2.70kg
  • 9-cell, FHD: 2.76kg
Battery
  • 6-cell Li-Ion battery - 57+ (56Wh)
  • 9-cell Li-Ion battery - 57++ (99.9Wh)
Battery life2
  • 6-cell, Win7: up to 11 hours
  • 6-cell, Win8: up to 7 hours
  • 9-cell, Win7: up to 19 hours
  • 9-cell, Win8: up to 12 hours
AC adaptor
65W
Keyboard
ThinkPad® Precision Keyboard with NumberPad
UltraNav™
TrackPoint® pointing device and 5-button Mylar surface touchpad
Fingerprint reader
Optional
Audio support
HD Audio, Realtek® ALC3232 codec, Dolby® Advanced Audio™ v2 / stereo speakers, 2W x 2 / dual array microphone, combo audio/mic jack
Wireless LAN
Intel Dual Band Wireless-AC 7260 (2x2, 802.11ac/a/b/g/n) with Bluetooth® 4.0
Wireless WAN (optional)
  • Wireless WAN upgradable
  • Ericsson N5321 Mobile Broadband HSPA+1
  • Sierra Wireless EM7355 (4G LTE/HSPA+/EVDO/GSM/GPRS/EDGE, GPS)
Ports
  • 1 x USB 3.0 (AlwaysOn)
  • 3 x USB 2.0
  • ExpressCard
  • Smart Card reader (optional)
  • Combo audio/microphone jack
  • Ethernet (RJ45)
  • 4-in-1 card reader (MMC, SD, SDHC, SDXC)
  • Dock Connector
  • VGA
  • Mini DisplayPort
  • Security keyhole

Adventures with Immich

With the implementation of my Proxmox server it's now time to play with some new applications - and we'll start with Immich, a repla...