Tis dat we vandaag 2 afspraken op de PhotoKina in Keulen hadden; maar de beurs die 1 keer in de 2 jaar gehouden wordt was, verdeeld over 10 beurshallen, bedroevend. Er was gewoon niets nieuws te melden. Het was eerder netwerken en relaties bezoeken. Nieuwe producten? Niet of nauwelijks aanwezig. Veel van hetzelfde. Dus om dan zo’n beurs 7 dagen te laten duren is wat teveel van het goede. Eigenlijk zonder van de tijd dus.

Ik ben vandaag in Cologne, ook wel Keulen genoemd. Een beurs bezoeken de Photokina

Yesterday I got the message (or read) that the most used software for Bluetooth Dongles, Widcomm software has a Vulnerability.

WIDCOMM Bluetooth Connectivity Software Buffer Overflows
Okay, that’s a little shocking as 70 to 80 percent of the Bluetooth Dongles sold do use this application Software.
The vendor status about this vulnerability is that Release 3.0 will fix this issue.

Little facts
Right now Widcomm is sold to many vendors using different IC’s. Among them are Ie. Broadcom and CSR (Bluecore2) with Bluetooth spec. 1.1
Versions of Widcomm are sold up to version 1.4.2.x but no updates for BT 1.1 are expected anymore.

Widcomm has been aquired by Broadcom a few month’s ago.
The Widcomm software BTW 3.0 does only work with bluetooth spec 1.2 and is only? working together with the broadcom chipset. It’s hardly to believe that the CSR chipset (Bluecore3) can operate together with this Widcomm (BTW 3.0) software

So in fact the BTW 3.0 software is not the real solution as allmost 99% of all dongles sold in the past are BT spec 1.1

Solutions are:
Using: IVT software, Using Microsoft’s SP2 with XP with standard bluetooth support (but lack of many profiles).
set the Bluetooth device configuration to be non-discoverable or hidden. This will not stop the device from being vulnerable but it may limit the exposure or stop using bluetooth ;-)

The choice is yours.

pfff … the husband of my wife’s sister had a terrible problem with his Wireless 54G Card. Lucky I had received a new driver this week. This new driver for 02Micro Cardbus Controllers and Atheros Wireless chipsets should fix this kind of wierd problems (not connecting to wireless infrastructure networks / crashes etc. etc.

With the new driver the Acer Aspire 1700 seems to work fine.
The only thing I have to do is modify the update/re-installation of the driver cause that’s not 100% perfect yet.

Today I found public-ip. A free hotspot software package.

1 ISO, boot from CD, Linux is started, enter your ID and I run a hotspot with authentication through public-ip.net.
AWESOME, finally I can protect our internet connection from people using my accesspoints without that I know it. (As we test a lot of AccessPoints we do have mainly no encryption active). Due to this my people need to have free access but other departments I want to keep out. WEP, or SSID is than no option.

People from Public-IP.net: Awesome and kewl job you did !

:: Foto 1: Münchener Halle: food food and beer, dancing on tables, where a sigar cost at least 15 Euro and 1 beer 10. I took my ‘Pfand’ ::

:: Foto 2: Pano from on of the biggest Halls at Cebit: Hall 2 ::

:: Cebit 2004, the fair itself was not surprising, but Hey Die Münchener Halle war ok ::

last day Cebit. first time using the WLAN overhere.

Cebit this year was not giving me anything news other than pain in my legs.
I will give more info, when I am back home. bye bye

Cebit 2004 is around the corner. Sunday Morning I will travel to Hannover with some collegues and will there be untill wednesday. (meetings, discussions), walking, walking… and if it still exist; Munchener BierHalle (maybe) .. That’s Bier und Schweine Axe.