25.03.2017

Review at amazon: Quality of Service for Intenet Multimedia

Over the last three months i read a really amazing book about quality of service techniques.
Today everyone has internet access with more than 50Mbit/s, it seems like overbooking does not happen anymore and traffic priorization is no longer needed.
But this is only the half of the truth: Using cloud service, video streaming, onling gaming, ... you can really fast reach the limit of your internet access bandwith.
Companies face the same problem at a different scale: They can buy up to 1Gb/s but if they use techniques like shared workplace, cloud storage etc. even they will exhaust their bandwidth.

If you are interested how priorization can be done (and what are the problems in real life), you should read this book:

It covers the theory and practice for multimedia streaming which is just one of many categories of internet traffic. It is clear that the proposed solution can only be implemented by internet service provicers - but here you can understand what they do und why they are doing it.

if you are interested, take a look at my review at amazon.de. (as all my reviews written in german ;-)

04.03.2017

How to embed HTTP content inside a HTTPS webpage / Mixed content problems

If you are running a webpage and you decide to move to SSL protection you can encounter the following problem: Inside your webpage you are using tags like "iframe", "script" or "link" pointing to HTTP servers. This is considered as mixed active content (mozilla):

Mixed active content is content that has access to all or parts of the Document Object Model of the HTTPS page. This type of mixed content can alter the behavior of the HTTPS page and potentially steal sensitive data from the user. Hence, in addition to the risks described for mixed display content above, mixed active content is vulnerable to a few other attack vectors.
And this will not work...

The best solution is: change all links from HTTP to HTTPS and you are done.

But there are still websites which offer their content in HTTP only. If you really trust them, you can do the following:
Add the link inside a https proxy like https://ssl-proxy.my-addr.org/myaddrproxy.php/http/yourlink

Of course this is not an excellent solution, but a workaround which allows you to protect your website and if you seperate this solution from the pages, which deal with sensitive content you should be fine...

18.02.2017

Linux: keyring-password for wlan needed / legitimate wlan login

Each time i resume my notebook after a suspend to disk-cycle the connection to WLAN hangs with the following message:

 (Die Systemrichtlinien verhinder das Bearbeiten von Netzwerkeinstellungen für alle Benutzer / Enter password for default keyring to unlock)
I tried to fix this via network-manager with adding the hook at the checkbox "Alle Benutzer dürfen dieses Netzwerk verwenden", but this did not help at all.
The point is, that after resuming my login keyring wants a authentication with password again. But this behaviour can be easily changed with the tool seahorse.
(Installation in debian with:  apt-get install seahorse)

After starting seahorse choose "File -> New" and you will get the following dialog:
 Create a new password-keyring (Passwort-Schlüsselbund) -
 Choose a name -
 and do not enter a password (this is not really secure, but if you configure your screensaver to lock your screen with a password, this should not be a problem)
 Confirm an empty password - and the you are done.

At the end you have to delete the old keyring (the one with the password):
This is done with right clicking the appropriate item...

After all this steps you should not see this legitimate-popup anymore...