Tag Archives: Technology

j d o t x t

jdotxt is an open source, cross-platform Desktop tool for managing your todo list. It’s geared towards Gina Trapani’s todo.txt file format and stores all of your stuff in two human readable text files. Having these files on your owncloud, dropbox or any other cloud storage makes it easy as pie to keep your todos in sync across multiple devices.

Download and Installation

  • Windows (Installer)

    Download installer. When you launch jdotxt, you may be asked to download and install Java, which you should do in that case.

  • Mac OS X

    1. Make sure you have Java JRE >= 7 installed. E.g., by downloading and installing it from http://www.java.com
    2. As always: download, mount, drag&drop this file
  • Ubuntu >= 12.10 (Repository)

    Open a terminal and execute the following three commands (line by line):

    sudo add-apt-repository ppa:chms/jdotxt
    sudo apt-get update
    sudo apt-get install jdotxt
  • Ubuntu 12.04 LTS

    First you must get JRE >= 7 by executing the following two commands (line by line):

    sudo apt-get install openjdk-7-jre
    sudo update-alternatives --config java

    After executing the second line you will be asked, which version of Java you would like to use by default. Select the one that has version number 7 or higher in its path name.

    Now continue with the instructions for Ubuntu >= 12.10 (see above)

  • Debian GNU/Linux

    Download and install the jdotxt Debian file. Of course this works on Ubuntu too, but it is highly recommended to use the repository, for automatic updates.

  • Generic (Works on Windows, GNU/Linux and Mac OS X)

    Download the jar file and execute it using Java JRE >= 7 (http://www.java.com)

Mastering jdotxt in 110 Seconds

Get Involved!

You are more than welcome to drop me a line via one of the online platforms I use, or to contribute by reporting bug reports or feature requests via github. The source code is also hosted on github.com so feel free to contribute!

Contributors

Christian M. Schmid
Mikhail Kalkov

License

jdotxt is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

Pebble ArcS+, a “Pebble, Hello World!”

I own a Pebble Steel for quite some time now, and I still love it. Good battery life and not too many, but useful features. It was a no-brainer that I joined their latest record-breaking kickstarter campaign for the new Pebble time as an early bird.

At the same time I had to do something that I do with almost any piece of hardware that I own and that lets me do it: Write some code for it! Sometimes it’s just the mandatory hello world, but this time it’s a watchface for the Pebble:

IMG_20150301_125316796_HDRI was amazed by how little time it took me to write (or should I say copy and paste) the code. I’ve uploaded the watchface to the Pebble app store so that it can be installed by everybody who owns a Pebble and the source code can be found on github. Please let me know what you think of it and keep the hacker spirit high by writing code for every piece of hardware that you own!

 

Spotlight: Public-Key Cryptography

Public-Key Cryptography is a truly magical thing and I often wonder why we don’t use it more often. We go on and complain about how it is too easy for government agencies to look into our digital lives, while we do have all the tools to prevent it. Only we don’t use them and we don’t seem to ask facebook, gmail and so on to use them – not that they would. The funny part is that it would not require a lot of effort, because computers could automatically do all of that stuff in the background. All that would be needed is that we were able to securely store one, long password (the private key).

In a nutshell public-key cryptography is a mathematical concept that allows us to encrypt a message that is intended to be read by just one person and to sign something to guarantee that it really came from you.

Let’s take a closer look: public-key cryptography is based on a pair of keys, lets call them #1 and #2. When one uses key #1 to encrypt a message one can only decrypt it again using key #2. The same is true for a message encrypted with key #2 – it can only be decrypted using key #1. In other words the two keys are kind of reversible operations that work in both directions. For instance

  • Plain text -> Apply Key #1 -> Cypher Text -> Apply Key #2 -> Original Plain Text
  • Plain text -> Apply Key #2 -> Cypher Text -> Apply Key #1 -> Original Plain Text

but

  • Plain text -> Apply Key #2 -> Cypher Text -> Apply Key #2 -> Nonsense
  • Plain text -> Apply Key #2 -> Cypher Text -> Try something -> Nonsense

In addition to that it is important to know that it is (almost) impossible to find the keys from the Plain text and/or the Cypher Text.

Usually a person or entity (lets call this entity Alice) creates a pair of keys, where one is made public (the public key) and where the other key is kept secret. There are two typical use cases:

  1. Anyone can encrypt a message using the public key and send it to Alice. Only Alice and nobody else (e.g., someone who intercepts the cypher text) will be able to read the plain text when only Alice knows her secret key. – This use case is also called “Public-key encryption”.
  2. Alice can encrypt a message using her private key and send it to anyone. If it can be decrypted using the Alice’s public key, one has a guarantee that the original message really came from Alice. – This use case is also called “Digital signing”.

The secret key is Alice’s crown jewel that she must not lose or share with anyone, because anyone in possession of the secret key can do what Alice can do. Well that is why it’s called the secret key.

Again, all of this can stay in the background and as it can be done for you by software on your computer/phone/…, that has access to your locally stored secret key. If you are interested in implementing some of this stuff in your life, you might want to take a look at

Just by reading this article and by understanding it, you should have a pretty good idea about what level of protection encryption can give you and where potential problems may lie. Again, never forget: your secret key is your crown jewel that you must never share and that your software must never leak. By the way, this is something that is especially hard to check with closed source software and also something that the heartbleed bug may have caused.

A Screenshot

Designing and building stuff that exploits physics to serve a specific function, that’s what I think it comes down when you ask me about what engineering is.

Today I took this screenshot that is almost like a stereotype for what we electrical engineers do. Actually this PCB (short for printed circuit board) was not even designed by me. It was designed by a gifted colleague who did it according to my specifications.

platine

It’s the power supply for my newest 77-GHz radar front-end, which would be the really interesting part. Sadly I can’t show you the radar, because if I would I’d not be able to publish it in any scientific journal or conference. Something like this http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6507334 or http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6697594. And publications is what the scientific engineering community also lives for.

Use Keepass or Get Screwed

Today I received an e-mail from a website admin, informing me that two of their admins had misconducted. They had stolen the database + all user e-mails and passwords and of course used that information to log into other web services.

Using keepass and different passwords for every website totally makes sense!!! What do you do to protect yourself against something like this?

keepass

The Making of me.chschmid.com, Part 4: The Operating System

With all components where they should be and the machine booting, installing an operating system (OS) was the next step. GNU/Linux was the obvious choice and all of my machines run on Ubuntu, so Ubuntu it is.

As the machine is intended to act as server, Ubuntu 12.04LTS would make sense, however as my Xeon Haswell CPU (E3-V1245V3) is relatively new, the Linux Kernel and drivers that come with 12.04 are not a perfect fit for the hardware. – So Ubuntu 13.10 it is.

It was as simple as this: Download the 13.10 server image from http://www.ubuntu.com/, put it on an USB drive using http://www.pendrivelinux.com/ (Windows) or the Startup Disk Creator (Linux). Restart the machine, enter the boot menu by pressing F12 and boot from the USB drive. The setup is quit intuitive. As I started with an empty SSD, all I had to do is select automatic installation using LVM on the empty hard drive. To start with I selected LAMP, OpenSSH and Samba as server roles.

The computer rebooted after the installation leaving me with a login prompt.

login

After login I installed all the stuff that I would need to also run the PC as desktop.

sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get install ubuntu-desktop vlc vainfo lm-sensors calibre texlive-full ipe audacity p7zip thunderbird eclipse wine git-core keepass2 gparted filezilla inkscape chromium-browser kile qjackctl virtualbox virtualbox-guest-additions-iso pavucontrol pulseaudio-module-jack joe rosegarden xdotool musescore dconf-tools openjdk-7-jdk libva-intel-vaapi-driver ufw gufw nautilus-open-terminal smartmontools gksu gimp build-essential devscripts debhelper javahelper

Finally reboot the machine and you should be greeted by a graphical user interface.

sudo shutdown -r now

The Making of me.chschmid.com, Part 2: The Hardware

I recently blogged about why it makes sense to run your own server. Although I have a machine running at me.chschmid.com already, I decided to do a serious hardware upgrade.

serverNot because the old AMD E-350 CPU can’t keep up anymore, but because I’d like to use the new machine as my desktop PC as well. So here’s what I ordered (some parts of it are actually not new, but carry over from my old setup)

For all I know this system will be hopelessly over-powered, yet power-efficient, so that it can run 24/7. The parts are probably going to arrive by the end of the week. I’ll keep you posted about the assembly and everything else that’s going to happen.

The Making of me.chschmid.com, Part 1: The Problem

Privacy is a hot topic these days and part of virtually every coffee break discussion I know of. How much do they know? The Googles, Facebooks, Dropboxes, Wunderlists and above all the NSA.
Actually a lot of people who have no idea about the technology side of things have started asking me these questions lately. I can see that their not knowing about the hidden magic in the background that enables the services they use on a daily basis makes them feel really uneasy. The truth is, its simple.

Privacy

Communication

First of all there is communication between computers, which, on a technical level, is the only thing the web itself allows us to do. When you ask google for search results, when you push your files to dropbox, when you have that Skype call with your mom – it’s all communication and exchange of information between two computers over the web.

Let’s take that Skype call for instance and lets picture the web as a city with you in your house (as a stand in for your computer) and the streets that connect all the houses as data highways. Lets also say there is one guy in every street who controls the street. What happens when you want to send a message to your mom is you tell the guy in your street (your provider) to dispatch the message – it’s wrapped in a nice envelope with your address and the destination on it so that he knows where it has to go. He will then walk to the next street, pass on your massage to the person controlling that street and this guy will do the same until the message arrives at your mom’s place.

There are two problems associated with this in terms of privacy

  1. Everyone who is part of the delivery chain might have opened the envelope and might have looked at message.
  2. Even if they have not read your message, they know that there was communication going on between you and your mom and they will also know how much data was exchanged.

Problem 1 can be solved by encrypting the message so that it does not make sense to anyone who might read it on its way. – There are still some issues here when it comes to technical implementations, but essentially, if you do it right, you can make your messages close to unreadable to the outsider. – This by the way is common practice in a lot of applications, which is good. E.g. always look for websites that come via “https” instead of “http”. The “s” really makes the difference!

Problem 2 is a little bit harder but still solvable. Say you transmit a secret message to your mom asking her to pass another message to someone else. If anyone wants to track your message to the final destination it will become really difficult as not knowing about the message to your mom asking her to dispatch something for you will make it unclear if any outgoing message from your moms was from you or from her or from anyone else. The more people you put between you and your final destination the harder it will be to track your messages. Essentially this is the idea that the Tor network is based on, however it is not widely used and not common practice.

Data

The second aspect apart from communication is data. You do not only exchange information when storing your files on Dropbox, but you ask them to hold on to that data for you as you ask Google to store your e-mails and Wunderlist to store your todos. They might even store data that you do not ask them to store, like your seach history. The problem here is that those companies sometimes leak data (e.g., PlayStation Network outage) and sometimes share your data with other organizations such as the NSA.

To use the analogy with the city and the streets: If there is someone at your mom’s place or at Dropbox’s place who watches over their shoulder while they decrypt your message, your data will be available to them, even when the data transmission through the streets of your city was safe due to encryption.

If all you want to do is storing your data at someone else’s place you can give it to them in an encrypted way. E.g. only store encrypted zip files on dropbox. Or you can opt out and don’t give any data to them in the first place.

Obviously this does not work for your search terms, that Google has to know about in order to give you results.

The Solution

There is not one size fits it all solution, but on central aspect is to be aware of what data you share online and how others may be able to use it. The analogy with the city and the streets will give you a pretty good idea of who can access what. I don’t think sharing stuff is bad per se, you just have to know about the implications. To give you some examples.

  • Stuff that you put on a website, e.g., your blog, can be seen by absolutely everyone.
  • Stuff that you post to social networks may not be seen by anyone who happens to stand between you and the computers of that social network, but by whoever you allow it to see, by the social network itself and by anyone who they share this information with – willingly or by accident.
  • Even when you are just looking at stuff online you let others know about what you are looking at. This means amazon will learn about what you like simply from you browsing their website. – But to be honest: the employees at your local grocery store also know what you buy on a daily basis.

To be better off in terms of communication

  • Look for encryption so that at least your communication is secure. E.g., look for https instead of http, configurate your e-mail client so that it uses encrypted instead of unencrypted mail transfer.
  • Don’t use things such as FTP to transfer files.
  • and  finally:

Use Your Own Cloud Storage

About 1.5 years ago I set up my own Ubuntu GNU/Linux server, that hosts all my git repositories, files (webdav), calendars (caldav) and contact data (carddav) via owncloud and many other services that I use. The Server is currently running on an AMD E-350 APU, which is soon to be replaced by something better. And that’s the reason why this is just part 1. I’ll post information about my new server setup in the next couple of days, so stay tuned!