Topic: Computer

Hardware, software & hacks

Why I don’t use WhatsApp

Recently you could read the following news at ( (translated):

WhatsApp has a vulnerability (CVE-2019-3568) that allows unauthorized remote access to the device. The attacker can simply smuggle the spyware into a device through a WhatsApp call, even if the called party does not pick it up. Since Monday evening there is a patch.

Also, there were reports last year that WhatsApp will scan messages to show personalized ads, which is probably the case now.

These and several other events of this kind (I also recall the “Cambridge Analytica” scandal on Facebook) have kept me from installing and using WhatsApp on any of my devices and I will not do that in the future.

Those who use WhatsApp should be aware that you are potentially vulnerable. On the one hand WhatsApp’s source code is not open source, so no one knows what backdoors and security vulnerabilities exist, and on the other hand WhatsApp is also an attractive target for attacks due to the huge number of users.

Alternative to WhatsApp

As an alternative I can recommend “Signal”. This is a free messenger whose sources are also disclosed and which is also recommended by security experts. Even Edward Snowden uses and recommends this app. As with WhatsApp, the mobile number for logging in and contacting other people is sufficient, whereby the operator of Signal does not have access to this data and all messages are encrypted and can only be read by the persons involved.

Continue reading

Why DAVDroid was renamed to DAVx5

For synchronizing address books and calendars on my Android smartphone I’v been using  DAVDroid for quite a while. It is Open Source and also available on F-Droid. However it is now called DAVx5 – why?

The reasons are explained in this tweet – using “droid” as part of a name violates a trademark of Lucasfilm. Also see this extensive article at Priceonomics. Therefore the creator of DAVDroid decided to change the name to “DAVxxxxx” and replace “xxxxx” by “x5” – even though the official statment says something different ;-).

Fast internet connection

From now on I have a fast internet connection using VDSL100 which nominally provides 100 Mbps downstream and 40 Mbps upstream (before: 50 and 10 Mbps).

Eventhough the achievable speeds are slightly lower, uploading data is still more than three times as fast as before :-).

BBC Computer Literacy Project

In the 1980ies the BBC explored the world of computers as part of the national initiative “The Computer Literacy Project” and produced numerous programs for almost a decade.

This material is now available as an archive where you can watch all the old programs again.  You can also run the software developed in the past for the “BBC Micro” in an emulator directly in your browser:

Segmented type displays to play with

Probably everybody knows public displays which are composed of segmented characters.

On you find an emulator for that which displays different variations from 8 to 93 segments per character. You can type any text on your own  and select different display variations with the displayed text.

Does anyone still remember the time when the first pinball machines started using 14 segment displays which allowed to show not only the current scores but also any kind of messages?

Experiences with NextCloud

Many years ago I already had look at OwnCloud, which was first released in 2010 and claimed to offer an alternative to commercial services like DropBox or Google. The idea was good, only the implementation and the security was lacking at the beginning, which had kept me back from permanent use.

For exchanging files I later discovered Seafile as an alternative. For addresses and appointments I used Baïkal to synchronize the data between my Android devices and different computers with CalDAV and CardDAV. Added to this is Roundcube as a webmail client with an extension for using the Baïkal address book via CardDAV.

Although this constellation basically worked, there were some drawbacks: a browser-based calendar does not exist at all and Baïkal has no longer being actively developed for some time – the latest version is from August 2016 (see release page at Github).

Continue reading

MouseJack and Logitech

If you are using wireless mice and keyboards you should be aware of the risks. Also see this article at Computerworld.

At least Logitech provides a firmware update which fixes the problems:

Announcement at Logitech concerning “MouseJack”

The program also checks if there is an update needed at all. So I found out that even the Unifying Receiver of a new keyboard (K270), bought in January 2018, was still shipped with an outdated firmware.

Only when the update tools displays a message that all found devices are up to date, there is no risk.