## Entering next level: Wordpress 3.0.1

The yellow bar on the top of the administration panel was very annoying, so I just decided to update the Software.

Nothing special happened, please tell me if anything seems to be wrong!

Btw. I installed another plugin that tweets news from this blog. Let’s see if it works.

## Expiration dates of hash functions!?

In this PDF file I found the following table (see original screen-shot):

 Creation of qualified certs*: suitable til end of 2009 Creation of qualified certs**: suitable til end of 2010 suitable til end of 2010 suitable til end of 2015 suitable til end of 2016 SHA-1 SHA-1 RIPEMD-160 SHA-224 (SHA-1, RIPEMD-160)*** SHA-256, SHA-384, SHA-512

So I hope there is anybody out there that has started to crack SHA-1 to get finished this year :P

(maybe it’s the recounter’s turn!?^^)

## Smart game

Yesterday, while waiting in a traffic jam, I implemented a small game. I read about this game in a book and to not get too annoyed about the waiting time I opened the lid of my laptop and wrote this game. This morning I completed it with some usual stuff to increase the usability..

It’s written in C++ and you can play against the CPU. There is a strategy that makes you win in almost every case! This game is a classic in game theory, but if I provide you with it’s original name it’ll too easy for you to solve the problem with help from Wikipedia or something like that. So just try it on you own ;)

The aim of the game is to clear all the stacks that are filled with o ‘s. The stacks may look like this:

Now it is your turn to choose one of these stacks and remove some or all o’s of it. Notice that you have to remove at least one of them and you can only remove o’s from one single stack! After your turn, the artificial intelligence will do the same. Afterwards it’s again your turn, until all stacks are cleared. Winner is the one who cleared the last stack, so try to get the last o ;) Here is the download.

You can choose the number of stacks and the maximum number of o’s a stack can carry:

If anybody knows the strategy, feel free to tell me!

Download: C++: NIM - the game (Please take a look at the man-page. Browse bugs and feature requests.)

## MTP and some workarounds

Actually I revived my Creative Zen and had some trouble with that crazy media stuff..

Ok, every body who knows me knows that I hate that media fuss, to many functions that nobody needs, and to many failures on important stuff. How to mount an MTP-fs I explained in a previous posting, here it is in a nutshell:

With mtpfs version 0.9 and libmtp8 from sid I just experienced segfaults reported by dmesg, but the versions from squeeze just work fine. Of course it is interesting that I’m not able to overwrite existing files:

Curious, but the workaround should be clear ;)

Last but not least I can show you how to play a YouTube video on this device. The easiest way is to install the Firefox extension downloadhelper, so you can download the song as a .flv file. The usual player don’t know what to do with .flv , and of course mine doesn’t, so convert it with mencoder. Here is an example:

The audio file doesn’t have meta data yet, so my Zen can’t find a name for it (don’t know why they didn’t implement a fallback to name it by it’s filename). To edit the meta tags you can use common tools like amarok or XMMS, I used easytag.

So you see, with a little work everything will be fine!

Just found it on F.A.T., a Firefox plugin called google-alarm! Look at this tool and recognize how much information you expose by simple surfing.

To make it work on my Iceweasel 3.5.11 I had to change the em:minVersion in the install.rdf of the .xpi archive. It’s just for noticing, I don’t provide this changed version because you should not download such things from sites like mine ;)

You should also take a look at F.A.T., they often have smart projects!

When I signed in this morning Micha greets me with his status of eliminating the first pot of coffee. Very interesting… So we decided to start twittering ;)

This version is deprecated since twitter disabled Basic Authentication. For a new version see Twitter disabled Basic Authentication

I already registered an account about ten months ago, just to see how it works, but now I’ll try to show some activity and tweet a lot of boring things..

First of all I developed a little script that tweets my messaged via curl:

Just call it with your message, it will ask for a passphrase to your account.. Just download it and use it like ./tweet.sh yeah it works .

And of course I’ve written a script that dumps all news to my console. To parse the XML I’m using Perl:

A little bit more code, but easy to use! Just download and run it with ./twitstat.pl [MAX_NUMBER_OF_TWEETS] . (You may need some additional Perl libs)

So let’s see how long I keep going on.. You can follow me at http://twitter.com/binfalse

Downloads: Bash: tweet.sh (tweet from command line) Perl: twitstat.pl (get latest news) (Please take a look at the man-page. Browse bugs and feature requests.)

## Mensa plan

I often check what our canteen offer for lunch before we leave our building. The website that presents this portfolio is one of the worst I’ve ever seen and meanwhile I noticed that my private walking Mensa planer has still some bugs, so I had to think about an alternative solution and developed a little Perl script…

My initial idea was to read the website, parse the XML code and print the meals. Not a bit of it! The code of this site is nothing like valid! They invent new tags I’ve never heard about, they close nowhere opened paragraphs or table cells, I do not find the html-closing tag (the document ends with closing it’s body) and so on… It’s to much to mention all it’s unique features, but let me blame the producer: Peinhardt IT Systeme. Seems to be professionals… (A notice has left my mailbox, looking forward to their answer)

How ever, XML parsing fails, solving the bugs also fails, to much of it… So I’m now just grabbing the HTML-code, to extract the interesting content, with a more or less ugly regex, and print them to console… Here is the code:

So if somebody is also joining the Mensa Weinberg, you can copy this code or download it. The other canteens are also available, just change the value of the variable \$mensa to your preferred one. The numbers can be found in the source code of this stupid website. Ok, to save you from trouble here are the numbers:

Cafeteria Brandbergweg
11
Cafeteria Burg
12
Mensa Bernburg
8
Mensa Dessau
13
Mensa Franckesche Stiftungen
14
Mensa Harz
3
Mensa Köthen
7
Mensa Neuwerk
9
Mensa Tulpe
10
Mensa Weinberg
5

Well, that’s it! Now you can decide within seconds whether it’s worthy to go to lunch or better stay hungry ;)

## Microscope puzzle

On Tuesday I went to Penny to buy some usual stuff. This week they also offered digital microscopes. One was left, so I had to purchase!

I did not expect any great hardware, but I’m astonished! First because it works on my sidux without any driver or manual work, just had to connect it to my USB port! And secondly I did not thought that 200 times magnification is such a high zoom rate..

How ever, I already had a lot of fun with it and prepared a puzzle. Here are some zoomed images and you can try to guess where it came from. Suggestions can be posted via comment, those of you who found a right solutions are invited to drink a beer with me ;)

## Zoom A

An easy one to start…

Solution: Wood guessed by Martin S.

## Zoom B

You use it nearly every day, don’t you!?

Solution: Backside of a German Euro coin guessed by Martin S.

## Zoom C

Girls have to know it :P

Solution: Paper Towels guessed by Michael Rennecke

## Zoom D

Maybe you’ll find it in your office…

Solution: Ball pen guessed by Martin S.

## Zoom E

Not mine, but nevertheless very nice ;)

Solution: Watch guessed by Martin S.

(Unfortunately it’s Maria’s, I don’t have a real image of it yet… Comming soon)

## Zoom F

If you can directly tell me where it comes from I’m impressed!

Solution: Novell animal guessed by Maria

## Zoom G

Nice and old one! We use it to decrease the noise.

Solution: Mousepad guessed by Martin S.

## Zoom H

Teachers may know it.

Solution: Whiteboard marker guessed by Michael Rennecke and Christoph R.

## Zoom I

It’s a small zoom rate and very easy, but it looks nice.

Solution: DVI-Connector guessed by Michael Rennecke

## Zoom J

Done with a tool from previous image.

Solution: Painted Whiteboard guessed by Michael Rennecke

(Unfortunately with a hint…)

## Zoom K

It’s a mini computer.

Solution: Chipcard chip guessed by Martin S.

## Zoom L

I don’t really like it, maybe I’m the only one who doesn’t…

Solution: Sugar guessed by Christoph R.

## Zoom M

Also easy I think..

Solution: Screw guessed by Norman

## Zoom N

Office stuff.

Solution: Ammo for stapler gun guessed by Martin S.

## Zoom O

From the refrigerator.

Solution: Sausage guessed by Steffi

## Zoom P

You are using it at the moment! Thanks to Rumpel!

Solution: (Mona Lisa) Harddrive guessed by Michael Rennecke

## Zoom Q

At least one of it is actually running in every bigger machine.

Solution: Fan guessed by Michael Rennecke

## Zoom R

Ok, thats difficult, I’m wondering if anyone can find the right answer. I’ve already blogged about it…

Solution: Look through a SUN-Ray guessed by Michael Rennecke

## Zoom S

Small zoom and simple to guess.

Solution: Crinkled cardboard guessed by Martin S.

## Zoom T

Also for teachers.

Solution: Chalk guessed by Martin S.

## Zoom U

Sportsmen know such things.

Solution: Rumpel’s scab ;) guessed by Martin S.

## Zoom V

You’ll find one in nearly every office.

Solution: Pencil guessed by Christoph R.

## Zoom W

Also not mine ;)

Solution: Shaved beard guessed by Michael Rennecke

## Zoom X

Mmmh, disgusting, isn’t it?

Solution: Kiwi guessed by Maria and Norman

## Zoom Y

Also disgusting I think.

Solution: Dried Strawberry guessed by Maria

## Zoom Z

Germans should know it!

Solution: Print media guessed by Martin S.

(Wow, c’t identified! It’s written on the CD)

## Zoom 1

Oh nice colors.

Solution: Display guessed by Martin S.

## Zoom 2

Something like a kaleidoscope?

Solution: Condensed water guessed by Michael Rennecke

## Zoom 3

Solution: Apple stem guessed by Maria

## Zoom 4

Yes, that is mine!

Solution: Unshaved beard guessed by Michael Rennecke

Tomorrow I’ll provide some more images, but not for puzzling because to some of the images I don’t have a right solution or I don’t know an exact name. So be patient ;)

Update: As promised the album.

 Microscoping

## uuurrgh... Ubuntu

Ubuntu, you all should know, isn’t my preferred operating system. It’s very nice for linux beginners and may decrease some manual work at private machines, but when I’ve heard about the actual bug I’m very confused why we still have to use Ubuntu in our PC pools and why some work groups are emphatic about this system and why we have to administrate their server and local machines with Ubuntu.

I’m still wondering why simple users in Ubuntu systems can out of the box read all log files or the shadow.. That is not that kind of security I’m dreaming about ;)

The actual bug is very simple (via):

Now you’ve owned the shadow file and you are able to modify roots pass phrase! It’s just too easy…

By the way I tried it by myself and got a funny message:

And my friend Rumpel also tried this exploit and after lunch I just heard him saying

fuck, bolted out, by my self...

not able to disable his screensaver. Maybe he changed a little bit to much in his shadow file!? ;)

Fortunately the patch is released, so have a lot of fun while updating your systems. You should reboot after the update, otherwise the bug is still enabled…

## Google does not like self-signed SSL certs

The last few days my feeds were out of date. I manage them with Google’s solution called feedburner, you may have recognized it.

It seems that the developer of this project changed some stuff, anyway, they did not actualize my feeds. The last days (or weeks) I did not had the time to care about, but today I found some minutes.

When I tried to resync my feeds manually I got this nice red error (see also the picture):

There is an issue that must be addressed with your source feed for the feed "binfalse" sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

This is caused by my Apache redirect directive that redirects all visitors looking for an insecure URL at port 80 to my SSL encrypted content at port 443:

So you see I’m caring about security ;)

This method works for a long time, but now feedburner tries to verify the certs and because of a lack of money I signed my certs by myself. So feedburner denies the access and doesn’t reread my own feeds to update its database. To repair this problem I’m just redirecting my real content and not the feeds, so feedburner is happy and why should I care about the secure connection of feedburner to my site..

Nevertheless it is not my preferred solution.