2007-04-24 09:47:59

DeNIC: CEO and co-founder Dolderer resigns

The CEO and co-founder of the german domain registry DeNIC, Sabine Dolderer, has resigned on March 23rd. As a reason she named internal differences within the registrar.

«It's no good when members of the same team work into different directions.», Dolderer wrote in her final mail.

Dolderer has been a member of the DeNIC board since 2001, and has been working with the domain registrar since 1994, when it was still a project of the University of Karlsruhe. She was one of the founders of DeNIC as an organization.

Article: http://www.heise.de/newsticker/meldung/87326


Posted by Tonnerre Lombard | Permanent link | File under: news, network

2007-04-24 07:34:47

Cases of forced abortion turned up in China

Several cases of forced abortion turned up in China. Following their one-child politics, Chinese authorities forced several women to abort their child – even in the last month before their birth.

For quite some time now, China is following the «One-Child Policy». This means that each married couple is allowed to have exactly one child. Normally, those who are unmarried and have a child, or if you are married and have more than one child, are forced to pay a fine, but allowed to keep their child.

However, the Chinese government has imposed restrictions on all of the regulatory areas to reduce the birth rate to 13.5%, and the officials' careers now depend on reaching this 13.5% limit. However, in some areas, the birth rate is somewhat above this limit, so it appears that the officials in those areas felt pressured to these measures.

Chinese officials deny the existence of such forced abortions. A family planning official in Baise, Mr. Nong, said in an interview with npr: «We were very surprised to hear of these accusations, but our investigation concluded some individuals who were dissatisfied with our family planning policies were fabricating stories. These facts simply don't exist. We really love and care for women here.»

If such strong accusations were raised in Europe, there would be a big international media coverage, followed by a media-covered investigation of the affair, and rolling heads. China, however, does not need to take measures this drastic, because the country is under european protection. We need China to create more revenue for our valued share holders, and we don't care about the barbaric atrocities that we allow to be committed.

The full story on NPR


Posted by Tonnerre Lombard | Permanent link | File under: news, politics

2007-04-22 18:56:50

Sonntagszeitung reports: Postcard cracked!

The swiss german news paper «Sonntagszeitung» reports that the swiss Postcard (a kind of credit card from the swiss Postfinance) has been cracked.

The article states claims that it is possible to create and sign a new postcard with a valid card number and arbitrary account data. This is said to be due to the fact that the Postcard is signed with a 320-bit RSA private key, which, if true, is easy to reverse engineer. In 1996, when Bruce Schneier published his «Applied Cryptography», he stated that it would be easily possible to break a 512-bit RSA key within a reasonable amount of time. Also, the amount of additional work to be invested when breaking a larger RSA key is not linear, so in fact it is several orders of magnitude easier to break a 320 bit RSA key. Also, quite a lot of time has passed since 1995. Nowadays, RSA is mostly used with keys that are at least 2048 Bit.

Back to the Postcard: It is also possible to create a copy of a Post card which has an additional «feature» which allows you to type in any PIN that you like. The PIN is used soleily for storing transaction logs on the Postcard itself and is not used in any way for authenticating the card. If appending to the log fails, the terminal aborts the transaction manually. This means that it's not necessary to know the PIN of a person whose Postcard you get hold of (e.g. because he put it into your card reader in your little store, thinking it would be a terminal). You can just make transactions without it.

However, the Postfinance decided to deny the existence of these security holes in their Postcard. Thus, Fix announced to make a public demonstration of the technique on television using soleily data of customers who have given their consent to participate in the demonstration. If there is indeed a security hole, the Postfinance is not going to be looking forward to the next few monthes...

Article: http://www.sonntagszeitung.ch/dyn/news/multimedia/743744.html
More information: http://www.postcard-sicherheit.ch/


Posted by Tonnerre Lombard | Permanent link | File under: chaos, news

2007-04-22 13:28:17

Good news from Linux: it's broken

There are some «good news» from the Linux world: currently, their CPU frequency scaling works effectively just as good as ours.

Actually, Linux has some advantages. They have ACPI CPU controllers, they read the CPU frequency data from ACPI and use ACPI to set the frequencies. This means that they can indeed set more frequencies.

However, they are not capable for some reason to set the CPU frequency to a value below 1GHz. Some FAQ declares that this is a limitation of the Intel Core 2 series, but this is indeed not the case. FreeBSD can set the frequency to 1997MHz, 1747MHz, 1497MHz, 1248MHz, 998MHz, 748MHz, 449MHz and 249MHz. This is well below 1GHz.

So I guess the correct solution is really to port FreeBSD's acpi_throttle driver.


Posted by Tonnerre Lombard | Permanent link | File under: programming

2007-04-22 11:16:32

Help on the Internet (But for AMD)

I found some more information on the Internet, but for AMD. I wonder if I can get any info from it. Unfortunately, the site is currently down:

http://kat.student.utwente.nl/~matthijs/cgi-bin/blosxom/Hardware/S270/Undervolting.html

Also, I wonder whether I can just set the CPU frequency under FreeBSD or Linux and read out the voltage in order to create a table for the time being...

Still, FreeBSD uses this ACPI throttling thing, which I should port sooner or later, since Intel stopped releasing CPU frequency/voltage specs...


Posted by Tonnerre Lombard | Permanent link | File under: programming