[Security Spotlight] Upgrade OpenSSL to 1.0.1g – Heartbleed Bug – Urgent!

So, thats no joke: OpenSSL broke badly!
Here is the background: http://heartbleed.com/

And as there is no zero-hour-fix for Ubuntu (including 12.04 LTS…), I decided to take chances and overwrite my existing OpenSSL 1.0.1 with the new code. It worked out flawlessly – but your system could *REALLY* break. Thats as dirty as it possibly could get!

wget http://www.openssl.org/source/openssl-1.0.1g.tar.gz
tar -xvzf openssl-1.0.1g.tar.gz
cd openssl-1.0.1g/
./config --prefix=/usr
sudo make
sudo make test
sudo make install

[RaspPi] Really poor mans DS18B20 Temperature Sensor

As I had to quickly come up with two DS18B20 Sensors for the Raspberry Pi, I decided to built them “quick and dirty” without any breadboard. It is not the most beautiful nor the best way, but it works out quite well. With one exception: It seems like the sensor is too near to the Pi and picks up heat from it :/. Anyway, here are some photos:

2014-03-24 15.22.32
That is how it would look like later.

2014-03-24 15.26.00
Adding some female header to the base. We need 5 Pins for that. The first pin is going to be connected to 3,3V, the fourth to the GPIO Pin 4 and the fifth to ground. So just cut the pins 2 and 3 from that header.

2014-03-24 15.26.21
Add an resistor to pull the Data Pin high to 3,3V. You should use an 4,7k Ohm, but anything between 4,7k – 10k Ohm should work out. I used an 10k Ohm here.

2014-03-24 15.27.08
Solder the two pins of the resistor to Pin 1 and Pin 4. Do NOT short with Pin 5!

2014-03-24 15.27.48
Add some silver wire to the fifth Pin.

2014-03-24 15.31.24
Solder the DS18B20 to the Pins. Watch out for the curved side of the Sensor, it has to face upwards!

2014-03-25 07.49.59
I choose to secure the whole sensor against short circuits and stuff with hot glue. Looks ugly, but does the trick.

2014-03-25 07.50.28
Last thing is installing the sensor in the left upper corner of the GPIO Pins of your Raspberry Pi.

After booting you have to activate the One Wire protocol like this:
sudo modprobe w1-gpio
sudo modprobe w1-therm

Then you can read your sensor by using this command:
cat /sys/bus/w1/devices/28*/w1_slave

If you want to get your reading nicely formatted, you should install bc with
sudo apt-get install bc

and use this code:
echo "`cat /sys/bus/w1/devices/28*/w1_slave | grep t | cut -d= -f2`/1000" | bc -l | awk '{printf "%.2f \n", $1}'

[RaspPi] OpenWRT Trunk with latest Raspberry Pi 3.10.32+ #648 Kernel – as Image download

As a lot of people asked for the OpenWRT / Raspberry Pi Images, I decided to make a new version which replaces the old one from this post ([RaspPi] OpenWRT Trunk with latest Raspberry Pi 3.10.18+ #585 Kernel – as Image download).

That said, the rules haven’t changed:
- It is the trunk version of OpenWRT, injected with the latest Raspberry Pi Kernel
- opkg list does contain the current stable package list for the OpenWRT RPi port of the latest stable release and will work out of the box (opkg update, opkg install..) Most packages like apache should work out of the box – but kernel moduls could/will probably fail. I won’t build an package mirror and won’t build packages because of limitied time. Sorry!
- Other than the normal behavior, the RPi does use DHCP to get its IP Adress. To connect for the first time, use nmap to find your RPi in your network. (Then connect via telnet, set an password with passwd and you’re good to use SSH finally!)
- The main partition size has been changed from 48 MB to 64 MB – giving you additional space

You can just download and use the (7zip-ed) image here: rpi_openwrt_2.7z [ 6.1 MB ]

This is for the fact that I neither got enough time, nor CPU power at hand.
Sorry :(!

[Security] BetterCrypto.org – Applied Crypto Hardening

So, now something a little bit more personal: We all know about the problems in our modern world: NSA, espionage, data stealing / selling, and such. We all use computer systems on an daily base and we know about the importance of cryptography. BUT: We don’t really all have an masters degree in computer crypto or such. We all do things in a “well, should be quite right”-way. Because, well – we have a life and a lot of stuff to do. We can’t really tell apart which ciffer to use and such. But now – we don’t need to – anymore. Please visit https://bettercrypto.org/ and read their paper. It got excellent “Copy ‘n Paste” configuration commands for your Apache, Postfix, Mail, etc, etc!

Let’s make the world an better and more secure place. For us and all our users!

Thanks :)!

[Win8.1] Android MTP doesn’t work

Got Windows 8.1 installed? MTP doesn’t work?
Well – maybe you got the Windows 8.1 N Version installed. The Version without Windows Media Player – and without MTP Drivers!
Just install the Windows Media Feature Pack for Windows 8.1 – reboot – and it works. It’s Magic, ain’t it?!

[Ubuntu 12.04] Resolve Grub Boot Problems

If you killed your trusty grub (i.e. by new Install of Windows 8.. :/) you can repair it quite easily:
- Boot with an Ubuntu 12.04 Live CD
- CTRL + ALT + T
sudo add-apt-repository ppa:yannubuntu/boot-repair
sudo apt-get update
sudo apt-get install -y boot-repair && boot-repair

And click on the repair button! Done!

Source: http://askubuntu.com/questions/333483/how-to-restore-grub-after-deleting-it-from-windows-8-disk-manager