My Take on DNSSEC – Part 3: How to configure it in BIND (cancelled)

Just as a quick note here:
I originally planned to do my third part on DNSSEC with configuration hints using the popular DNS server BIND. At the moment I also use BIND for my setup.

Now I discovered the „Advanced Secuity Notifications“ at ISC, which sells prior warnings about security issues in BIND. Personally, I don’t want to support this model.

Instead I am currently migrating to another DNS server implemenation, YADIFA, which I will then write about. But first I need to check my setup using this server.

Update: Maybe I will switch to Knot DNS instead of YADIFA. They seem to be both fairly equal in features. To the outside spectator YADIFA seems to be a dead project, even though they published a release in mid-december. The development is done by EUnic, the guys behind maintaining the .eu-domain. They seem to have some internal development/issue tracking/etc. and they only send the releases to GitHub.
In contrast, Knot DNS, being maintained by cz.nic, is more open in their development.

Installing pyLoad on a Raspberry Pi with Raspbian Jessie

If you are anything like me [1], you like to have dedicated Services which do stuff for you. One of the Services I like in particular is pyLoad [2]. This program you be used to automatically load files from OneClick Hosters. This is esspecially useful if you run this on a small computer like the Raspberry Pi [3] and dump the downloaded data to a central Storage like a NAS.

There are lots of blogposts out there which detail how to install pyLoad on a RaspberryPi [4][5][6]. For most parts I don’t really want to say anything against these, but there was one point in particular that I dislike about all of these. This is the reason why I am now writing my own guide. So let’s get started.

„Installing pyLoad on a Raspberry Pi with Raspbian Jessie“ weiterlesen

32C3 – My personal video list

Hi there,

After quite a long time of silence (*cough* Sorry about that) I think I can write a new post.

At the end of last year I was at the 32C3. That is the 32nd Chaos Communication Congress. This year about 12000 nice people got together and captured the Congress Center in Hamburg for four days. Apart from the giant program of talks (which I will talk about in a second) the ‚main‘ part of the congress is the opportunity to meet other peopel and have a blast of a time. I managed to meet a lot of nice people and I learned soo much during the time that I will need some time to fully sort that in my mind.

But back to the talks. This year I (again) volunteered as an Angel. These angels are the helpers that take shifts and do all the various jobs that need to be done to get the congress running. That starts at manning the bars or the cashier desk, controlling the access to the congress area at the entries, sorting empty bottles in the storage area but also range to announcing the speakers at the talks or operating the cameras which film the talks. This last one is a task which I did for the first time this year. I had lots of fun and learned some basic stuff about image composition and tracking speakers on stage. The talks I helped filming are also annotated in the list below.

All the talks are available at and the following list just shows my personal favorites. There are still some vidoes which I didn’t get to watching these are still missing from my list.

As I said there are still lots of talks to be watched. I will probably post a second list then.

The Company Strikes Back & Return of the Notebook

For some time now, I haven’t been writing here. But since I was asked how the story about my notebook ended, I thought I should post an update here.

Yes, I got my notebook back. It’s been three month now, that I have been using it, and everything seems to be fine. I wasn’t sure about that, when I received the package, so I documented every step of unboxing. 😉

IMG_20150602_180347 IMG_20150602_180654 IMG_20150602_180746


IMG_20150602_180820 IMG_20150602_180840

I reinstalled my Linux after that and I was glad that the problem with the display was gone and that everything worked fine. I have a small problem with standby under Linux but I believe that problem is on the software side.

About two weeks after I received the package, I got a letter from DHL, regarding a lost package. They wanted to know if I could shed some light on the missing package with a notebook inside. In the letter was a list of the contents of the package and my notebook was declared with a value of 150€. I was a bit sad when I saw that.

A new hope

It looks like the DHL managed to pull my notebook back out of the lava pit it fell into. I received a mail from Lenovo that my notebook was returned to them, due to a wrong address. I phoned them and they sent it again.

Currently all I have is a tracking number, but it is not known to the DHL at the moment. I am beginning to hope that I might get my notebook back, but I’m not convinced until I have it in my hands again.

Whatever happened to my Notebook?

Last year, around the end of March, I bought my new Laptop. I wanted a small device with a 11inch screen but with still a bit of punch so I was looking for a 4th generation i5 or i7 and 8GB of ram at least. I was searching for some time and all I came up with was the Apple MacBook Air 11. Ethically I can’t support buying Apple devices, so this was no real option, though I was damn near buying one nonthetless.

That was when I found the Lenovo Yoga 11. It came as a 11inch touchscreen device with a good i5 and 8GB of ram … so almost the perfect fit. The 360° display was no real thing for me, as I was looking for a laptop, but I didn’t object too much. The WiFi is only 2.4 GHz but I only discovered that some time later. I came across a cheap deal for the device, so I bought it.

For about 9 months I was really happy with the device. I even came to use the device in tablet mode sometimes.

Then a defect started to show. The display started to show ghost images on the edges. This was obviously a faulty display and should be fixed by warranty. I wasn’t able to send it to repair at that moment, as I needed the device to write my master thesis. Then, after my thesis was done and I could spare the notebook for some time, I sent it in for repair.

That was the last time I saw that device.

After not receiving any word from the support I phoned them about 3 weeks after sending it in. That must have been on about the 4th of May. The support told me „It’s already fixed and on the way. It should be at your place in the next days.“ – Yay. But nothing arrived.

About a week later I phoned them again. This time I got a tracking number from them. You can check the status here. At the time of writing, this says „Instruction data for this shipment have been received“ … since the 30th of April. About two phone calls later, I got the support to start an inquiry on my shipment.

The inquiry came up with „Should be delivered until end of the week. Otherwise it will come back to us and be sent again.“ – Okay, there is still hope that I will get my laptop back.

My last phone was on monday, when the support employee mentioned the word „replacement“ for the first time. I wasn’t really happy about that.

Today I received an email from Lenovo, stating that the parcel is lost by DHL. Unfortunately, they couldn’t provide me with an adequate replacement. For this reason, they want to give me my money back.

So the magic question is: Where the damned fucking fuck is my notebook? Somebody needs a high five … in the face … with a chair. And I would really like to know who that is.

Damn it, I am pissed!


Don’t ever rely on Lenovo support, they will leave you stranded without your hardware.

Why I like the Raspberry Pi B+ more than the B model

For my master thesis I happen to work with several Raspberry Pi B+. I already own two older RasPi B, one which is my Media Centre and one as a small utilities server. But the redesign has some major improvements that I really, really like.

  • 4 USB Ports: Not a major deal, but it makes my master project much easier because I can connect three Arduino to each RasPi without any problem.
  • Rearranged Ports: The old model has connectors on all four sides. My media centre has power and SD-Card from the top, Audio to the right, Network at the bottom and HDMI to the left. This leaves no side to stick it right in a corner or something like that. This can be done with the B+.
  • Micro SD: (I missed this point when ordering the Hardware for my master thesis) The card doesn’t stick out anymore and doesn’t fall out that easily.
  • Ethernet port pushed back: This last point makes the board a nice square package.
IMG_20150115_214948 IMG_20150115_215025
 I am really tempted to buy some new Hardware to replace my two perfectly working Bs.

Surprises with cheap Arduino versions

I just had a small surprise when I was assembling circuits for my master thesis project. When I was wondering why the Arduino wasn’t working as expected I discovered the following „bug“.

IMG_20150110_215338This missing soldering point is the ground for one PWM pin.

Its probably my own fault for buying cheap Arduino replacements from sainsmart instead of the original Arduino boards.

CCC-TV und Kodi (XBMC) … und 31C3 Vorträge

Ich habe gestern mal meinen Raspberry Pi aktualisiert und die neue Version 5 von OpenELEC installiert. Beim Stöbern durch das integrierte Repository für Erweiterungen bin ich über das neue CCC-TV-Plugin vom Kölner CCC gestolpert.

Gerade jetzt nach dem Congress ist das Plugin super. Direkter Zugriff auf und eine praktische Integration in die Android-App Yatse (Amazon / Play Store) machen das Nachschauen der Vorträge vom 31C3 sehr angenehm.

Leider ist mein Media-Center-Monitor inzwischen ziemlich im Eimer, aber ich bin einfach noch nicht dazu gekommen den auszutauschen.

IMG_20150105_225146 Ich weiß nicht ob ich hier noch eine Liste an empfohlenen Vorträgen abladen soll, aber ich werfe einfach mal rein, was ich bisher geschaut habe und was mich überrascht hat:

  • Deine Rechte sind in diesen Freihandelsabkommen nicht verfügbar
  • Fnord News Show
  • GIFs: Tod eines Mediums. Und sein Leben nach dem Tod.
  • Hacking Ethics in Education
  • Heartache and Heartbleed: The insider’s perspective on the aftermath of Heartbleed
  • IFG – Mit freundlichen Grüßen
  • Ich sehe, also bin ich … Du
  • Infocalypse now: P0wning stuff is not enough
  • Jahresrückblick des CCC
  • Krypto für die Zukunft
  • NSA Points of Presence in AT
  • SS7: Locate. Track. Manipulate.
  • SS7map : mapping vulnerability of the international mobile roaming infrastructure
  • Security Nightmares
  • Switches Get Stitches
  • Tell no-one
  • The Magical Secrecy Tour
  • The Perl Jam: Exploiting a 20 Year-old Vulnerability
  • Traue keinem Scan, den du nicht selbst gefälscht hast
  • UNHash – Methods for better password cracking
  • Vor Windows 8 wird gewarnt
  • Why is GPG „damn near unusable“?
  • „Wir beteiligen uns aktiv an den Diskussionen“

Bei Zusammenstellen der Liste bin ich schon wieder über einen Haufen andere Talks gestolpert, die ich noch sehen will. Es wird wohl eine Zeit dauern, bis ich das Archiv durch habe.

Top Holgi-LOLs

Zur Feier der „Not-Safe-For-Work-Reunion“ auf dem 31C3 wollte ich mal wieder die Top 5 Holgi-LOLs rauskramen. Allerdings scheint der damalige Blog inzwischen offline zu sein und auch im Webarchiv ist nur noch ein kleiner Teil zu finden (Link).

Also habe ich die entsprechenden Ausschnitte mal wieder aus den Podcasts herausgeschnitten: „Top Holgi-LOLs“ weiterlesen