My name is Philipp C. Heckel and I write about nerdy things.
This site moved here recently from blog.philippheckel.com!

Blog


  • Jun 15 / 2012
  • 9
Cloud Computing, Linux, Scripting

Script: Your US proxy server in one minute using Amazon EC2

Many of the well known websites determine your location based on your IP address and restrict their content or functionalities based on the country you’re in. Some examples are Gmail (Germans get only @googlemail.com-addresses, legal reasons), YouTube (content is restricted by the GEMA), and Pandora (limited to US citizens) to name only a few. To circumvent these restrictions, being able to quickly get an IP address outside of your own country is most helpful.

To do exactly that I wrote a little script that will start your very own US proxy server in one minute using Amazon EC2. In combination with browser plug-ins such as FoxyProxy, the script enables you to route all your web traffic through a proxy on an Amazon-owned machine — with an IP address in the US, Ireland, Singapore, Tokyo or Sao Paulo (location of Amazon data centers).

Continue Reading

  • Jun 10 / 2012
  • 22
Android, Mobile, Programming

Android Example: Communication between Activity and Service using Messaging

I recently wrote my first little app for my Android smartphone and I was surprised how easy it was. Being familiar with regular Java, learning the new Android APIs was very simple for the most part. However, there was one thing that wasn’t particularly straight forward: communicating between an Activity, i.e. the user interface, and a background Service started by the application. After many hours, I found some sample code on Stack Overflow which I used to create a very generic reusable solution to start, stop and communicate with your own Service implementation.

Continue Reading

  • Mar 01 / 2011
  • 43
Programming, Security

Hacking Flash Applications and Games: A Case Study

Adobe’s proprietary Flash format has become a significant part of the Internet as it is today. While its importance in Web applications is slowly decreasing due to Web 2.0 technologies and HTML5, it is still a major player in the browser game and application sector. The majority of these games and applications are for entertainment only and offer you nothing but a nice rank in the high score. On rare occasions, however, there are Flash games in which you can actually win something valuable such as concert tickets or even money. And of course there are applications that let you stream, but not download content from a website.

So what’s the problem with that, you think? The problem is that almost all Flash applications can be hacked very easily and most developers are not aware of that.

As a reminder of how vulnerable Flash applications are, this post aims to raise awareness for these issues. In a case study, it shows how a Flash-based game and its server side high score can be tricked within a few minutes using free tools only.

Continue Reading

  • Feb 01 / 2011
  • 3
Administration, Linux, Programming, Security

Altering old SVN revisions: removing confidental data from a Subversion repository

Version control systems like CVS or Subversion are designed for keeping track of the changes of a project and for having the possibility to revert to old revisions if something goes wrong. In contrast to regular relational databases, these systems are made only for adding new content to a repository, and not for removing data from it. In fact, deleting old content is not a built-in functionality in SVN, and mostly requires removing entire revisions from the repository or even creating a new one.

But what happens if you accidentally commit a password or other sensitive information to a repository? This post explains how to remove this confidential data permanently from the repository by simply overwriting it in old revisions, i.e. without having to remove revisions or create a new repository.

Continue Reading

  • Jan 12 / 2011
  • 3
Linux, Multimedia, Scripting

Picasa for Linux: Export albums in sort order

As one of the best picture organizers out there, Picasa is (in my opinion) almost complete in terms of features and has a nice look and feel at the same time. Even though Google stopped developing the Linux version after 3.0, it still works perfectly using Wine and a couple of cp-statements.

However, as stated many times by Picasa users and bloggers [1,2,3,4,…], Picasa’s export function misses a tiny little feature that maintains the sort order of the album when exporting it to a folder. Instead of renaming the pictures to keep them sorted in normal file managers (by name), Picasa just copies the files of an album to one folder and thereby destroys the order. As if that wasn’t enough, Picasa also overwrites duplicates filenames from different source folders.

This missing feature has even led to small standalone projects that fix this issue, e.g. Picasa Independent Album Exporter (PIAE) and Picasa Order Preserver. While both applications do their job, both are a bit heavyweight, and PIAE only works for Windows (and not on Wine).

This post presents a tiny little Perl script that renames pictures of an exported album according to their Picasa sort order.

Continue Reading

  • Aug 22 / 2010
  • 6
Mobile, Programming

Aware Context API (ACAPI) – Using the sensors in Java ME

The capabilities of cell phones increased dramatically in the last few years. While in the old days most mobile phones were primarily used to make phone calls, modern smart-phones are mostly all-round devices. With the possibility of accessing the Internet and the availability of various sensors (e.g. location or noise), mobile applications have become interactive and flexible. The trend towards location-based services and context-awareness allows applications to react on their surroundings and to behave intuitively towards the user.

For developers, context-awareness can be both a blessing and a curse. While the mobile operating systems iPhone OS and Android come with relatively good sensor-support, the vast majority of devices deal with Java ME’s basic and heterogeneous sensor functionalities.

The Aware Context API (ACAPI) aims to bridge this gap by providing a framework for building context aware applications for mobile devices based on Java ME. In this article, I’d like to introduce ACAPI, its structure and usage briefly. Please feel free to comment.

Continue Reading

  • May 08 / 2010
Distributed Systems, Virtualization

Hybrid Clouds: A Comparison of Cloud Toolkits

In the last few years, the importance of the Internet has risen constantly and made it indispensable for businesses and most individuals to be on-line around the clock. One of the greatest drivers of this development was and still is the shift of the traditional one-to-many Web to an advanced, participatory version of the Word Wide Web. Rather than only making editorial information accessible to many users, the Web 2.0 encourages participation and enables user generated contributions. Leveraging this new paradigm, services like Flickr, Facebook, or Twitter have become very prominent examples for this development.

An essential part of this evolution, but mostly hidden to the end-consumer, is the set of tools that enable these large scale applications. Cloud computing is a relatively new technology that serves as underlying architecture for most of these platforms. By providing virtualized computing resources as a service in a pay-as-you-go manner, cloud computing enables new business models and cost effective resource usage. Instead of having to maintain their own data center, companies can concentrate on their core business and purchase resources when needed. Especially when combining a privately maintained virtual infrastructure with publicly accessible clouds in a hybrid cloud, the technology can open up new opportunities for businesses and help consolidating resources.
However, since cloud computing is a very new term, there are as many definitions of its components as there are opinions about its usefulness. Most of the corresponding technologies are only a few years old and the toolkits lack of maturity and interoperability.

This article introduces the basic concepts of cloud computing and discusses the technical requirements for setting up a hybrid cloud. It briefly looks into security concerns and outlines the status quo of current cloud technologies. In particular, it evaluates several existing cloud toolkits regarding its requirements, occurring problems and interoperability.

Continue Reading

  • Jan 29 / 2010
Administration, Linux, Scripting, Security

WP-UN: WordPress version update notification with cron

WordPress is a very popular open-source blog software and is used widely throughout the Internet. However, with great success comes great attack potential: like any other wide spread open-source software, WordPress is target for frequent hacking attacks and spam-bots. All the more important is it to always update the distribution to the latest release.

As Debian/Ubuntu user, I am spoiled when it comes to update management: apt-get updates most of my software, and apticron notifies me when updates are available. For WordPress however, the packaged versions of Debian/Ubuntu are really old and less adjustable which unfortunately makes a manual installation inevitable. While there are several automated WordPress update mechanisms out there, I couldn’t find a simple notify-on-update tool.

This post introduces the WordPress Update Notifier (WP-UN), a simple script that frequently compares the installed WordPress version with the latest available one. If a new version is available, it sends an e-mail to a given address.

Continue Reading

  • Jan 28 / 2010
  • 2
Administration, Linux

How to: Postfix as mail relay with greylisting support using SQLgrey

Greylisting is a very efficient technique for fighting spam and can reduce the spam messages in your mailbox by more than 90%. It uses the fact that most spammers only try delivering their spam-mails once, whereas real mail transfer agents (such as the ones regular e-mail service providers are using) try delivering each message up to 4-5 days before they give up.

I have always wondered why most ESPs don’t offer greylisting for their mailboxes, but only rely on less effective and resource-hungry post-retrieval filter methods. Unfortunately, my e-mail provider is one of them so that I get at least a couple of spam mails a day …

Luckily, it is very easy to set up your own mail relay with greylisting support, i.e. a mail server that simply forwards the mail to your real provider once it passes the greylist-filter.

This little tutorial describes how to set up Postfix and SQLgrey as mail relay.

Continue Reading

  • Sep 21 / 2009
  • 8
Linux

Dell Latitude E6400: the Ubuntu fan and noise problem

A couple of days ago, my 4 year old laptop (HP nx8220) decided that it was time to retire and refused to switch on a couple of times. Even though it works most of the time, I can’t rely on it anymore and will therefore look for new notebooks in the next week.

On my journey through the Web I looked into the details of various business notebooks. I stumbled across the Dell Latitude E6400, which looks nice and has everything I wanted. Unfortunately, it also seems to have problems with Ubuntu. In particular, the fan seems to run all the time (and not too slow, but very loud) – as many forum posts and user reviews prove [1,2,3,4].

Since I couldn’t find a solution, I decided to ask the Dell support via their support chat.

Continue Reading