May 2006


nytimes.com recently posted a insightful article about how mp3s as a medium is forming modern music: Tool’s ‘10,000 Days’ Recalls the Good Old Days of CD’s. Tool’s new album is just what is says on the tin – a proper album, in contrast to a lot of the single-serving-idol-stand-alone-hits which is getting pushed onto the consumers (not listeners, consumers) these days. Much like Pink Floyd and the like did in the 70’s and the 80’s, Tool has once again released something that won’t sound very good played on the radio or as a single track. And it’s fantastic! It can’t really be enjoyed in fragments – you need to listen to it in its entirety, and you’ll need to run through it several times before you even can hope to get it. It’s an experience. Try finding one of those on iTunes.

So, you’ve bought a Linksys WRT55AG Wireless A+G router, and now you’ve realized it doesn’t work properly. It drops the wireless connections on random intervalls, it suddenly refuses to open new connections to the outside world and it even crashes completely from time to time! The all round fix for these sorts of problems is always “Just update the firmware!”, but without a firmware update in sight you’re kinda stuck. But fear not! Follow these tricks to at least make this rubbish piece of… kit at least possible to use.

Hey! Stop dropping my wireless connection!

The dropped wireless connections was my first indication that things weren’t all like they should be. They came as a complete surprise too, since the WRT55AG was set up to replace its younger brother, the Linksys WRT54GS, which I had been running for months without a glitch (as soon as the firmware was updated). The 55AG however, would drop the wireless connection up to several times an hour even if the signal quality was excellent. This made it completely useless to do anything but surf the web, as the connection would be down for ~5 seconds while the IP-address was renegotiated through the DHCP-server and all TCP-connections would be broken. Try streaming video, playing games or even staying connected to MSN, IRC or ICQ-servers… Frustrating!

Well, even if this technically doesn’t stop the router from fumbling up the connection to your wireless adapter, it does make the connection drops really hard to spot. What you need to do is set the adapter’s IP, gateway and DNS-addresses manually, instead of relying on the DHCP-negotiation. These addresses are set either in your network adapters software or under the properties of your adapter in the Windows Control Panel -> Network connections -> Right click on the wireless adapter -> Properties, select TCP/IP and press the Properties button.

If you’re not sure what these addresses should be you can follow these instructions as long as you’re already connected to the router:

1) Log onto the router. This is done by opening a web browser and typing in the address http://192.168.1.1 if this hasn’t been changed in the router’s configuration. If it has, you can find the router’s address in Windows by pressing Start -> Run -> type cmd and enter -> ipconfig and enter. The “Default gateway” is your router’s address. The default password is “admin” with no username.

2) In the router’s web configuration utility, press Status -> Local Network. You should see something like this:

DHCP Server DHCP Server: Enabled
Start IP Address: 192.168.1.100
End IP Address: 192.168.1.149This signifies the lower and upper limits for the IP-addresses the router gives out through DHCP. Choose a random address between 192.168.1.2 and 192.168.99 (or *.150 - *.255) as your network adapters address. Mine's 192.168.1.64, with the subnet mask 255.255.255.0.

3) The "Default Gateway" should be your router's address, probably 192.168.1.1.

4) You can get away with setting the DNS server(s) to your router's address too, but I've seen certain Windows installations acting funny when this is done, refusing to look up several addresses at a time and stuff like that. If you experience such problems set the proper DNS addresses directly. You'll find these in the router configuration by once again pressing the "Status" tab. Under the "Internet connection" tab you'll find something like this:

DNS1: 217.13.7.140
DNS2: 217.13.4.24
DNS3: 217.13.4.24

It's usual to have several DNS-servers. The router supports three, your Windows adapter probably just two. Use two if your ISP supplies them.

There you have it. The router will still technically drop the connection from time to time, but instead of a several seconds long blackout and dropped TCP-connections you'll just experience a short latency burst.

Hello? Hellooo?

So, you just lost the ability to make new connections to the outside world and no web servers are resonding? But you can still use your local network and log onto the router via the web interface?

This can be "fixed" by logging onto the router, and selecting Status -> IP Renew under the "Internet connection" header. Or selecting Setup -> Save settings. Other selections probably work too. My guess: some buffer has gone full, and it's flushed when the router reboots. *sigh*

Hello?! Hellooooooooo?!

So, everything just stopped, and you cannot connect to the router. It's crashed. The lights on the router keeps blinking merrily like there's nothing wrong, but it's gone. Pull the plug, wait a minute, reinsert. Come to think of it, this is how I fixed my C64 when that crashed. No, wait a minute. That had a proper power switch.

In conlusion, if you're on the lookout for a 802.11a router, get something else. You might also want to check out the User Opinions at CNet's. If you already own one it can be learned to live with. Much like most diseases.

A while back I got called on my cell phone by some rather unpleasant saleswoman who wouldn’t take no for an answer. Luckily, it’s possible to stop this sort unsolicited advertizing in Norway by registering in the Brønnøysund Register Centre’s “Central Marketing Exclusion Register“. However, much to my surprise, the online registration didn’t require more than my Norwegian social security number (ssnr) as an identification. Now, why is this a bad idea? Isn’t your ssnr supposed be your identification number and a secret? Well, your ssnr is secret, but ssnrs as a whole isn’t. The Norwegian ssnr is 11 digits, the first 6 is the persons birthday and -year (ddmmyy), the next 3 is basically a counter over the births that specific day (which also acts as a gender flag since women are given even numbers and men odd) and the last two a checksum. In other words, it’s easy to compute random valid Norwegian ssnrs.

I’ve written a small Java ssnr-calculator as a proof of concept. It’ll calculate about 80 valid ssnrs for a given date. The text parsing is a bit basic, so I can only guarantee valid ssnrs for actual dates between 1900 and 1999. Now, before you get any fancy ideas, logging onto the system with someone else’s ssnr might as far as I know be considered a crime since it can be interpreted as identity theft or something else entirely. And even if it isn’t illegal you really shouldn’t. Just don’t.

This means that while it may not be trival to pin any ssnr to a specific person, it is trivial to find a ssnr belonging to some random Norwegian. Thus, it’s possible for an attacker generate valid ssnrs and log onto the system as those poor sods and potentially change their status. A determined attacker can undermine the whole system by generating a large number of ssnrs and using a botnet and some patience change a large number of entries. I’m sure the good folks in Brønnøysund has some nifty system logs and intrusion detection systems, but given enough time and bots for the attack the poisoned entries could be made pretty hard to spot.

Now, this isn’t the most critical of systems. To put it into perspective the Norwegian Internet Banks had similar security holes making it possible for an attacker to log onto random accounts a few years back. The system is never the less unnecessarily vulnerable, and can be taken down. However, there is an easy fix. As mentioned it’s relativly hard to pin a ssnr to a specific person or the other way around*, so if the registration process asked for your name in addition to your snnr, the possibility of a large scale attack like this would be thwarted with miniumum inconvenience to the normal users. Life can be easy.

The Brønnøysund Register Centre was informed of the weakness a week before this post.

*It’s actually easier than one would think. In 2002, there was 55400 births giving an average of 150 births a day. Thus, if you know the persons birthday and -year and its sex you’ll end up with about 75 possibilites, and expect to find the correct one in 32.5 attempts on average. Still, way too complex for a large scale attack on a system like this. You can read more about the Norwegian social security numbers at matematikk.org.

Thank goodness! Finally! Another blog!

Then why should you waste your time reading the ramblings of this madman? Well, I’m currently studying informatics at the University of Bergen, and my I’ll be starting on my master thesis within the topic of computer and information security in the autumn of 2006. I’ll try to write occasional clever little tidbit about security and other things I find interesting. Or amusing. Or annoying. Expect articles about photography, politics (probably contained within the world of copyright laws), music, movies and games and the occational rant about badly designed user interfaces.