Tag: german

Apple's hotspot security is easily broken

German security experts say that Apple’s much touted mobile security system is rubbish and can be broken in under a minute.

On the iPhone or iPad, iOS users have the option of using an automatically generated password for their personal hotspots, which Apple implemented to provide all users with a secure password option.

But researchers at Germany’s University of Erlangen say that the way that the keys are generated, which uses a combination of a short English word along with random numbers, is too predictable.

Apparently Apple, in its wisdom, used a word list that contained only 52,500 entries. This meant cracking the hotspot took almost 50 minutes. After finding a wi-fi connection, the researchers used a graphics card to run through word and number combinations using an open-source Scrabble crossword game.

They then used a “cheap and cheerful” AMD Radeon HD 6990 GPU to scan through the lists. To be fair to Apple, the AMD’s dual-GPU Radeon HD 6990 is the world’s fastest single graphics card and has a massive price tag.

The German boffins said that their methods were very precise. And using this unofficial Scrabble word list within offline dictionary attacks, they had a 100 percent success rate of cracking any arbitrary iOS hotspot default password.

To be fair to Apple it did take some processing power to crack the hotspot that quickly. They used a GPU cluster of four AMD Radeon HD 7970s, and they narrowed their iOS-generated hotspot password cracking time down to just 50 seconds.

In the paper, the team slams Apple’s password generation standards, suggesting that system generated passwords be composed of random letters and numbers.

It is not clear why Apple thought it was important to create easily memorised passwords. After all, once a device has been paired the entered credentials are cached.

The researchers said that it is common sense that system-generated passwords should be reasonably long, and should use a reasonably large character set.

Hotspot passwords should be composed of completely random sequences of letters, numbers, and special characters.

They think that Apple should be a little more like Microsoft and use default passwords that consist of eight digit numbers.

Apple users should choose to use passwords of their own creation, which should contain a sequence of random numbers and letters for enhanced security, the researchers wrote. 

Vodafone plans invasion of German cable

Sources within the blighty mobile phone maker Vodafone have leaked to Bloomberg that the outfit is planning to write a $13.27 billion cheque to buy Kabel Deutschland.

The move is part of British plans to find Lebensraum in Europe’s biggest economy.

Wall Street analysts said that they knew that Vodafone was in talks with Kabel Deutschland but expected that it would meet its Dunkirk after Vodafone struck a deal last month with Deutsche Telekom allowing it to offer pay-TV over high-speed broadband to its German customers.

It would appear that the deal has not gone away and that Vodafone is keen to blitzkrieg the German communications market.

A Vodafone spokesperson declined to comment and Kabel Deutschland would not get out of bed to comment on such rumours and speculation.

However it appears that the Germans are holed up in a bunker waiting for a better offer from the British. Takeover talks have not formally begun because Kabel Deutschland believes the price Vodafone suggested was too low, Bloomberg said. 

http://www.bloomberg.com/video/vodafone-said-to-approach-kabel-deutschland-lHbS_bRHRD6Hf2ZlpB5hSQ.html 

Germans upgrade using VDSL2

German telecom outfit Deutsche Telekom has been given permission to expand its copper network using vectoring, or VDSL2.

Vectoring uses noise cancellation technology to kill off electromagnetic interference between lines in so-called distribution boxes. It is designed to speed up broadband access over traditional copper wires.

While there is little problem with the technology, so far does not do very well when an area has watchdogs dedicated to local loop unbundling. To make it work the technology can only be installed by one operator. After that the new infrastructure can be used by all operators.

The German federal network agency gave its blessing to Deutsche Telekom to use vector but said the company would have to give its competitors access to the new technology unless alternative networks were available.

Germany is trying to work out how to roll out a fibre optic network and the $104 billion price tag is being shared between the competing companies.

Deutsche Telekom wants to upgrade its copper network via vectoring, or VDSL2 as it waits for the fibre to arrive. It will enable it to offer internet speeds of up to 100 megabits per second, up from current levels of 16 Mbit/s.

In Germany cable companies offer 50 Mbit/s Internet for the same price or less than Deutsche Telekom’s current speeds, and can already supply up to 150 Mbit/s.

According to Reuters, Deutsche Telekom owns about 330,000 such boxes in Germany, while its rivals have connected to about 8,200 of these boxes with their own lines. 

Older people are better at picking passwords than youngsters

A surprise result from a recent survey has shown that the older you get, the more likely you are to have a secure password.

Joseph Bonneau, a computer scientist at the University of Cambridge, analysed the passwords of nearly 70 million Yahoo users and found that people over the age of 55 pick passwords double the strength of those chosen by people under 25 years old.

According to New Scientist,  Bonneau was not given access to the individual accounts but he calculated the password strengths for different demographic groups and compared the results.

Apparently Germans and Koreans choose the strongest passwords, while Indonesians pick the weakest.

So trying to guess the password from a German who remembers the war would probably require an Enigma machine.

Unsurprisingly, people who change their password from time to time tend to select the strongest.

Bonneau has the notion that user-chosen passwords offer less than 10 bits of security against online attacks, meaning it would only take around 1,000 attempts to try every possible password, and around 20 bits of security against offline attacks.

A randomly chosen six-character password composed of digits and upper and lower case letters should offer 32 bits of security.

The difference is caused by people picking much easier passwords than those theoretically allowed.

If people use a randomly chosen nine-digit numbers instead they would get 30 bits of security against every type of attack. He did not think this was difficult because people do it for phone numbers.

US court uses "protection of the US" defence

While US technology companies are trying to force their patent system on the rest of the world, it seems that when it comes to losing on their home turf they really don’t like it up ’em.

According to Courthouse News, German company Qimonda, which is in the middle of bankruptcy proceedings, attempted to revoke its patent licences with Samsung, IBM, Intel, Micron Technology and others.

Qimonda is desperate to sell its patent portfolio but cannot while they are being used. If this were a US company there would probably be much muttering, a few court actions and then money would change hands.

However, the US technology companies have managed to get a court order which claims that Qimonda cannot change its mind because it would “negatively impact the US economy”.

So, in other words, patent law can be suspended if the technology companies can prove that the US economy would be harmed if a patent holder enforced their rights.

Qimonda designs and manufactures semiconductor products and holds “one of the largest semiconductor IP portfolios in the world” with over 10,000 patents, of which at least 4,000 are US Patents.

This is where it gets interesting. In Germany, a debtor is permitted revoke a licensee’s right to use one of its patents, but this rule does not apply to the United States where a company can continue using the patent for the duration of the licensing agreement.

In 2009, the bankruptcy court applied German law to the matter of Qimonda’s US patents, but the licensees appealed saying, effectively, sod German law – this will harm glorious US companies.

The court said that the application of German law would nevertheless slow the pace of innovation, to the detriment of the US economy.

But US District Judge Thomas Ellis III granted Qimonda’s request for certification of an appeal. The technology companies were horrified and objected. However, the Judge said that the case raised a question of law that was a matter of public importance.

He said it was important that there needed to be a little more clarity over important issues of cross-border insolvency. This would be resolved from the resolution of any appeal.

The US Congress directly enacted legislation in 1988 denying a debtor the ability to revoke patent licences.

But this flies against Chapter 15 bankruptcy proceedings which say that the law should be governed in accordance with the bankruptcy laws of the nation in which the main case is pending. In this case it is Germany. 

Germans suspend legal system for Big Content

The Germans, who are often stereotyped as rolling over when well organised forces order them about, have just suspended their legal system to allow movie studios to sue citizens for large sums of money whenever they like.

A Munich Court has  insisted that a woman must have downloaded a flick called Violent Hooligans simply because a film studio claimed she had.

The court chose to ignore evidence that it was technically impossible for the woman to have uploaded the film onto eDonkey in January 2010 because… she did not have a computer, wi-fi or a router.

The woman had subscribed to a 2-year internet and telephone package, but six months ago had flogged her computer and didn’t even have an email address.

How the alleged offense could have been carried out even by a third party remains one of life’s mysteries, but as far as the German court was concerned, the movie studio’s towel was there first and the woman would have to pay up.

There were all sorts of things which could have caused the court a reasonable doubt, but according to the woman’s lawyer Christian Solmecke, a lawyer with Wilde Beuger Solmecke, the court was not interested.

He told TorrentFreak that normally a copyright holder has to prove who did the copyright infringement. This is hard for copyright holders because it’s difficult to look into a thousand houses. Now it seems that the courts have decided they don’t have to.

Solmecke said that all a copyright holder has to do is show that a protected work has been traded via a specific IP-address, then the accused has to prove their innocence. The standard seems to be pretty high if it doesn’t think that lacking the equipment is an excuse.

The woman must now pay just over 650 euros in damages to the copyright holder.

Until the Germans are dragged kicking and screaming to the European Court to remind them how a legal system works, it seems that Big Content has the right to pick a name out of a phone book, accuse them of piracy and the court will allow them to take 650 euros from each.

Of course if you are Big Content, and your staff are caught pirating, you can come up with any half-arsed lame excuse you like and it will have to be accepted.

 

Apple's faith-based security fails again

A German government watchdog has just worked out that the iPhone, iPad and iPod Touch have ‘critical weaknesses’ that could be exploited by criminals.

 

Apple saves money by not having to provide virus checking software or worrying too much about security. It has marketed this clever plan  through its legions of fanboys who claim that they are safe from hackers because they have never been hacked before.

 

However, the Germans are particularly concerned about the iPhone, which is a little more popular and begging to be attacked.

 

The Bundesamt für Sicherheit in der Informationstechnik (federal office for information security) warned that Clicking on an infected PDF file “is sufficient to infect the mobile device with malware without the user’s knowledge” on several versions of Apple’s iOS operating system.

 

The problem may occur on iPhone 3GS, iPhone 4, iPad, iPad 2 and the iPod Touch with software versions including iOS 4.3.3, and it “cannot be excluded” that other iOS versions, including the iOS 5 due in September, the men from the Ministry said.

 

All it would take was a person opening a website that carries an infected PDF file. Cyber criminals could spy on passwords, planners, photos, text messages, emails, or listen to the fanboys’ Coldplay collection. It would be possible to hack phone conversations.

 

The weak points in the programming allow attackers to gain administrator rights and get access to the entire system.

 

Apple has not yet issued a fix for the problem and a spokesperson for Apple Germany told the Associated Press that it was aware of the warning. No indication if it was going to do anything about it.

Germans stick Linux on 10,000 PCs

While most of the world has been ignoring Linux on the desktop, it appears that the makers of Ubuntu have managed to score a lucrative deal with German insurance giant LVM Versicherungen.

Canonical, which makes Ubuntu, will convert 10,000 PCs to use Ubuntu Linux across the entire company.

Included in the project is the conversion of 3,000 desktop and laptop computers in LVM’s Muenster HQ with a further 7,000 in the company’s agencies around Germany.

At the moment the company’s core software is LAS, a Java-based claims-processing application which is backed by Lotus Notes, Adobe’s Reader and OpenOffice.

LVM has been using Ubuntu for some time, but converting the outfit’s install base to use the software is a coup. It appears that the company had been using Windows XP.

It is not a an easy environment for any desktop to work in either. The company uses a large pool of self-employed and mobile sales representatives that sell insurance and the LAS system is ‘always-on’.

Canonical’s VP of business development, Steve George said that many companies were waking up to the realisation that there is an alternative to an endless cycle of licence fees that can amount to millions of dollars.

"Tasteless video" turns out to be rather good

Every now and then the mainstream media gets its knickers in a twist about a computer game and 1378 shows just how silly it all is.

The game, 1378(km) is about the Berlin Wall and requires players to either shoot at fugitives fleeing the East or be the fugitives crossing the border. When the game was announced there was a perfect storm in a tea cup.

It was condemned as “utterly inappropriate” and “insensitive” by a victims’ group and there were demands for the game to be banned.

Rainer Wagner, head of the Association for Victims of Communist Tyranny (UOKG), said that the game trivialises the trauma and suffering of those who tried to escape East Germany.

However, demand for the game brought down servers following its release over the weekend, a spokesman for the Karlsruhe University of Arts and Design told Reuters .

But it seems that the game was not all that bad. It was written by Jens Stober, a 24-year-old who created the game as part of his university degree.

Stober said that there has been a misunderstanding between the game’s intentions and how it has been perceived. Border guards are transported forward to the year 2000 and put on trial for any crimes.

Michael Bielicky, a professor of digital media at Karlsruhe University of Arts and Design, said that the game was not a shoot-’em-up as it was first sensationalised in the press.

Instead, it enables a younger generation to access information on recent German history using a medium familiar to them.

Far from the game forcing ‘border soldiers’ to shoot the ‘refugees,’ they can only “win” if they don’t.

It looks like the press with its desire to make the perils of computer games the problem of the 21st century, is going to make itself look stupid as it blasts the good with the bad.

North American PV installations to double in 2011

North America will see 1GW of Photovoltaic (PV) installations in 2010, a figure that is expected to double to more than 2GW in 2011, though it will still trail world leader Germany.  

According to research by IDC Energy Insights, financing models including power purchase agreements and solar leasing to property owners in residential and commercial buildings are expected to continue to thrive as they increase participation in the solar PV market.

“While subsidies undeniably underpin much of this growth, the young solar PV industry has been rapidly innovating in ways that make solar PV systems more cost effective, easier to install, and easier to maintain,” said Jay Holman, lead analyst for IDC Energy Insights’ Renewable Energy Strategies program.

It is believed that further cost reductions for solar PV modules, inverters, and other balance of system components, and installation labour, will be driven by increasing volumes and continuing innovation.

Holman added that the strengths of solar installation warrant the subsidies that have been received, and that the subsidies have helped the industry achieve lower costs through increased economies of scale, improved reliability, and improved performance through technological innovation. 

He believes that the industry is still young enough that these innovations are continuing at a rapid pace, and these factors, combined with apparent commitment to solar subsidies from governments around the world, suggest a strong solar industry for the foreseeable future.

It is noted that, though the forecast shows continued improvement in North America, it is clear that countries on the other side of the Atlantic are still far ahead having seen considerably more take up of PV technology.

Indeed in Germany PV capacity is miles ahead of North America, with a record 8GW being added this year, widening its lead as a top solar power market in the world.

This increase means that Germany now accounts for a total solar capacity of somewhere between 17GW and 18 GW. 

Carsten Koernig, head of Germany’s BSW solar industry association, told Reuters that it is a “fantastic development to add 8GW this year,” before noting that much of the massive increase came ahead of cuts to the feed-in-tariffs (FITs) that solar panel users can receive from utilities.

It is not expected that Germany will continue to see such rapid growth of PV installations in the coming years however, with Koernig expecting to see in the region of 3 to 5GW per year instead – the equivalent of between three to five large coal plants.

“No one would have predicted that last year’s record of 3.9GW would be doubled again this year. I don’t think this level is sustainable. But we’re hoping for annual increases of three to five GW. That would bring Germany’s total to 52 to 70GW by 2020,” said Kroenig.

In fact, according to IBTimes, it is thought that most of Europe’s demand will remain flat next year following impressive growth in the past.

“We’ve seen a bit of a cooling down in the second half after the FIT was cut by an extra 16 percent on July 1,” Koernig said. “But we’re still confident the total added this year could be about 8 GW.”