Tags:
Posted by: peter

As it turns out my new company requires a PPTP VPN connection to be able to check email from outside the LAN. While some might argue that you are better off not having access to work email from home, it is a necessary evil for most of us. While I personally think that an industry standard SSL encrypted IMAP connection is at least as secure as the broken PPTP protocol, there is something to be said for hiding Exchange Servers behind firewalls (Have that firewall be a Microsoft server itself, on the other hand is obviously a questionable gain in security).

Anyway, without more ado, here is the proceedure to painlessly (Without booting Windows) connect Linux to a MS PPTP Server:

  • Install the NetworkManager-pptp package (openSUSE users can find it at http://repos.opensuse.org/home:/hgraeber)
  • Restart NetworkManager (It may be easier to simply reboot)
  • Right Click on the NetworkManager icon in the GNOME/KDE sytem tray (next to the clock) and select “Options / Configure”
  • Select “VPN Connections / Add”
  • From the “Service” list select “ppp” (If you run KDE you will now see “You have the GNOME configuration applet installed and can use this to configure the VPN connection……” Press OK to run the GNOME configuration applet)
  • Select “Add
  • Select “Next / PPTP Tunnel / Next”
  • Give a “Connection Name”, Select type of “Windows VPN (PPTP)” and put in the hostname of your Windows VPN server
  • On the “Authentication” tab select “Refuse EAP” (Otherwise Windows rejects the connection attempt)
  • Optionally enable deflate and BSD compression modules from the “Compression and Encryption” tab
  • Click “Forward”, then “Apply”, then “Close”
  • You should now have a new selection with the name you selected for the VPN connection in NetworkManager’s “VPN COnnections submenu. Click on it and you should be able to connect to your VPN server (After entering a valid username and password)

    Tags:
    Posted by: peter

    Well, as many of you know, things with my company Suntel have been a bit unclear since my business partner went to work for our largest partner company (Vodafone). After many discussions, much soul searching, and several months of uncertainty (Including considering a move back to Australia) I am happy to say that I have started working with a great team of people at AirTies Wireless Networks as the “R&D Manager, VoIP Systems”.

    AirTies is very strong in the ADSL and Wireless market in Turkey with several million deployed devices, but is really just getting started in the voice market (To be fair the voice market is just getting started in Turkey also). We have some existing combo VoIP Gateway / Router products, but we have significant work ahead of us to become a serious player in the VoIP industry.

    Turk Telekom is currently in the process of un-bundling the local loop, and alternate operators should be able to assign and route local Turkish telephone numbers over IP by the end of the year, so it should be an exciting ride!

    Tags:
    Posted by: peter

    And there was some great news on the feeds this morning, the web tool kit used by my Nokia E61i (and Applie’s Safari web browser) is (re)merging with my desktop browser of choice’s (Konqueror) KHTML web tool kit:

    There is one major web rendering engine that grew entirely out of the open source world: KHTML is KDE’s web renderer which was built from the ground up by the open source community with very little original corporate backing. The code was good and branches were born as a result, the best known being Webkit. Now, after years of split, KHTML and Webkit are coming together once again.
    Tags:
    Posted by: peter

    And the IETF quote of the day is:

    Intervendor security interoperability is the elephant in the room. But it’s still not why we’re in the room
    Tags:
    Posted by: peter

    For the last 6 years I have happily been using HSBC Turkey for both my business and personal banking needs in Turkey. HSBC Turkey’s corporate banking site, funnily enough is considerably worse (and more buggy) than their personal banking site, however it gets the job done. Their personal banking site on the other hand is excellent, and more featurefull and a pleasure to use than HSBC bank sites in many other countries, Australia included!

    A few months ago however, we made a mistake of giving into the requests of some of our small customers and setting up an İş Bankası account as many of them use İş Bankası only and didn’t want to pay the high interbank transfer fees (Why Turkish banks get away with charging fees for transfers I’ll never know) when paying our invoices.

    This is where the battle started. Like any other normal person living in the 21st century I would like to be able to see access all my bank account balances and transaction histories, as well and pay bills and make money transfers via the internet. Now after 3 trips to my branch (not any branch mind you, you can only make any type of account changes through your home branch!), being forced to create a personal account which I have no intention of using, and spending 45 minutes on the telephone, I finally have “access” to internet banking…. If you can call it access…

    I can log in… so I suppose thats a start.. I can also see the balance of my accounts.. But among the 6000 menus, I’ll be stuffed if I can find where to see the account transaction history! It doesn’t help of course that the English translation is so bad (with interspersed Turkish messages) that its often impossible to understand. (So bad in-fact that I logged out and logged back in in Turkish because it was easier to understand!)

    Also, apparently, being able to actually transfer money anyplace is too much to ask, and even though the bank has a copy of my company registration papers, signature circular and passport, I would still have to visit a notary to get a notarised letter that says, yes, I would, pretty please, really, truly, very much like to be able to transfer MY MONEY anywhere at all!!

    Thanks for caring İş Bank.. You just lost a customer!

    Tags:
    Posted by: peter

    While I would not dare to lay claim to the title of “Security Expert”, there is unfortunately many people in the IT industry who do carry such titles and and make such claims, and most definately shouldn’t either. I do however have among my close friends people, not only people who can safely lay claim to the title of “Security Expert”, but who are in fact bona fide “Security Researchers”. These friendships and an interest in all things security related (not just IT) leads me to stumble across things like this presentation on 0day (0day means an unpatched security bug unknown to the public). Among other interesting points, it lists the figure of 348 days as the average time between a private discovery of 0day bugs and patching by the vendor. This is an astonishing figure! Basically, this means that any computer system you own is always vulnerable to security holes that you don’t, but someone else does know about!

    Tags:
    Posted by: peter

    Hard to believe though it may be, T-Mobile made a non-iPhone related announcement last week. And even harder to believe, its new product may be as game-changing as Apple’s.

    It’s called T-Mobile HotSpot @Home, and it’s absolutely ingenious. It could save you hundreds or thousands of dollars a year, and yet enrich T-Mobile at the same time. In the cellphone world, win-win plays like that are extremely rare.