Bernd Zeimetz wanted to play Lotto using the famous crypto key that was used a processing key for most HD-DVDs so far. But he ran into the problem that the key (which is usually represented in hex) uses 256 numbers, lotto only has 1-49.

Well, remember that in fact the key is a single number. So why process it as hex digits which is very artificial?

def lotto(x, y):
  if x <= 0: return y
  return lotto(x / 49, [int(x%49+1)] + y)
lotto(0x09F911029D74E35BD84156C5635688C0, [])

Here's your list of lotto numbers:

[43, 25, 5, 27, 12, 13, 44, 45, 1, 6, 10, 1, 20, 30, 2, 44, 5, 20, 18, 11, 6, 34]

Base 49 representation (lower digits last, shifted by 1) of the key. If you need more digits, add leading 1s. (which is the same as adding leading zeros to a decimal number).

Tonight I turned 27. By chance, this fell onto a Tuesday, and there is a great dancing party every Monday. This monday, there was also a great band, the Souvenirs. They're pure fun and great for dancing - so I obviously opted to celebrate my birthday there.

This probably was the nicest birthday party I've ever had: lots of friends showed up (though mostly girls, but thats fine with me :-)), we danced a lot. And danced. And danced. :-) And I'll probably spend some more hours today dancing later this day.

And with dancing I mean: Swing, Lindy Hop, Balboa. I just love this music and these dances. So playful, sometimes cheeky - swinging...

Would you like to swing on a star
Carry moonbeams home in a jar

Sorry, no pictures or videos. Just memories.

Keep on swingin'!

I'm really looking forward to events such as Senigallia (Summer Jamboree) or the Munich Lindy Exchange.

And of course our regular events here in Munich, such as our Thursday open air get-together at Hofgarten, sundays in Salon Erna and mondays in Cord.

An often quoted feature of services such as OpenBC/Xing (and most of such 'pure social networking' sites) is that they basically allow you to keep an address book without having the need to update it yourself.

Some people may even argue that this is the only real benefit these social networking sites do actually offer.

There are of course services dedicated to helping you keep your address book up to date. These often offer plugins for Thunderbird and Outlook, so you can actually use the address book directly. (e.g. Plaxo) Some email providers even have a function to send out "please update my address book entry on you" emails to your receipients (e.g. web.de), but most people find these quite annoying.

Now some people might argue that you could use the FOAF standard for this. But publishing your FOAF data on the web is a privacy problem. Most people won't be willing to publish much more than their email address there. Just like some people are not willing to entrust their information to services such as OpenBC.

Using e.g. HTTP authentification to restrict access to your FOAF data is also not working very well: you'd need some user management to be able to revoke access or change the access credentials if the passwords are leaked somehow.

OpenID would definitely be interesting, but how many of your friends have OpenID yet? And not everybody has access to deploy the server side needed for this.

The easiest to deploy approach would be to just use public key encryption. You could then upload an encrypted copy of your data for each 'friend' to any web site. You could also upload different data (including work contact information only, for example) for different recipients.

My idea is like this:

• The contact information you are willing to share is published encypted via PGP for the recipient
• FOAF data includes a pointer to the base URI for this data
• Base URI + GPG key id gives the location for the data
• Data should be a more detailed FOAF file or vCard?
• Client ("address book management") applications retrieves and updates this data on demand ("update" button) or e.g. after a timeout of one month

Big benefits of this approach:

• Very high privacy
• You don't need to entrust any service provider with your data
• Distributed, vendor-neutral, provider-neutral approach
• Standards based (FOAF, HTTP, PGP, vCard/iCalendar)

Drawbacks:

• Standards such as FOAF and PGP aren't very widely used yet
• Not as easy to use (yet) as websites like OpenBC
• Require that you have some URI to publish your FOAF and contact data at
• No 'push' updates possible without active servers or sending emails
• (No implementations - well, this is just a concept right now!)

... is by waiting for the reverse engineers to offer better drivers than their fgrlx-crap (which doesn't even support my ATI card, and has some flicker artifacts on the Xpress 200m of my moms laptop).

It does "solve your opensource issues" if you wait for opensource people to do the work...

So the only good mainstream graphics choice these days remains intel, right? They might not be high-end enough for some games, but I don't care. It has all the 3D I need, and I could even run Compiz/Beryl if they would offer any benefits.

Traditionally, the german ministry of the interior has been taking patronage for the LinuxTag. Which per-se is a good thing.

However, the current minister of the interior has been publishing some "anti-terror proposals" that pretty much all opensource people see as a serious attack on their freedom, and that actually violate the constitution (or even the human rights, such as his statements towards torture).

So this is a very odd situation: everybody would like to say "no" to him, but at the same time, welcome his ministry because of the good cooperation with opensource people the last years.

IMHO, LinuxTag needs at least make a statement that while they welcome his efforts to establish the use of open source software in public administration, they can not agree with his political efforts with respect to the "war on terror", which pose a serious attack on the freedom of individuals.

After all, there will be security experts at LinuxTag, and who if not they are capable of judging that e.g. the famous "federal trojan" won't be able to help much against organized crime (including terror organizations) because these can also organize computing safety (e.g. by not using Windows and not accepting executable data in email...). Or show up how much data abuse his proposals with respect to data gathering allow.

Registrations for the Munich Lindy Exchange (20. - 23. September 2007) are open.

That will be a Lindy exchange to remember: this is the first Oktoberfest weekend, and of course the Lindy people will rock the Oktoberfest, too (apart from doing all kinds of other fun stuff, of course).

(And yes, that means you should plan ahead - flights could become rather expensive during Oktoberfest. :-( )

So if you are a Lindy Hop dancer, and want to meet some fun people, come to visit us. You won't be just a tourist, but you'll have "Munich natives" around you to show you all the cool places.

Organized by Swing and the city (Christine von Scheidt).

It's scary how much negative publicity a single user can cause for a whole project...

90% of the time when I read about OpenSolaris, it's by a highly aggressive troll, also known as the "author" of cdrecord (the term "current upstream maintainer" is probably more appropriate).

And it's always the same blah-blah, how much superior Solaris is to Linux.

But what is much worse is the way he posts and hist persistence. (I'd link some postings, but they're all in german at Heise). At Heise News, whenever there is a posting related to Linux (e.g. because of Berlin considering a Linux migration, or a posting about ZFS), he reiterates that you shouldn't be using Linux but OpenSolaris. And then flames anybody who again mentions Linux or GNU. Because as we all know, GNU tar is bad, and POSIX tar is the only god...

One reason to avoid OpenSolaris is just to keep a distance from him. I'm sure that there are some good things in OpenSolaris, too. And that there are some smart people working on it. But you have to understand: I'd be more willing to setup a FreeBSD, NetBSD or OSX system (or even a windows system) than maybe having to deal with him when I run into some problem where I might need assistance. When doing FL/OSS development, I want a nice community around me, and the part I see of the OpenSolaris community is not very well-behaved.

You might want to read this blog posting on Linux and Solaris scalability by DaveM for some comments on similar Solaris FUD. Seems like J.S. isn't the only aggressive advocate who prefers to flame instead of trying to impress with technical issues, professionalism and personality.

When reading this number

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

The first time I came across it, it was encoded in a puzzle; not a particularly difficult one (what key is inbetween of F8 and F10 on your keyboard?).

Turns out that this number can be used to decrypt most HD-DVDs produced so far.

No, you can't really think you have a copyright on this number? You could have it as a registered trademark, I guess. But I think everybody will be using it to refer to you. :-)

From a crypto point of view, it was just a matter of time until this number leaked out. And in fact, the HD-DVD encryption was designed to handle this cases (but it wasn't used correctly). Face it: cryptographers have been telling you right from the beginning that your encryption will be broken by it's very nature (remember: you are shipping decryption keys worldwide in your HD-DVD player devices).

[Update: others thought it might be an IPv6 address maybe?]

[Update #2: Google thinks there are about 300k pages with this number. Maybe we can stop this meme now? :-)]

[Update #3: it was pointed out to me that nobody claimed to have copyright on this number, but that it is a device to cirumvent encryption and thus violates the DMCA. And that this is similar to distributing magic markers that could be used to 'crack' a famous CD protection used by Sony some time ago...]

So ganz genau nimmt er es auch nicht mit der Menschenwürde...

Von Wolfgang-Schaeuble.de, seiner eigenen Homepage:

Ich lehne Folter, strikt ab. Ich nehme sie auch nicht augenzwinkernd hin. Aber wenn Nachrichtendienste von anderen Diensten Informationen bekommen, die uns womöglich helfen, eine sehr große Gefahr abzuwehren, werde ich diese Informationen nicht deshalb ungenutzt lassen, weil nicht ganz so zuverlässig wie bei uns garantiert ist, dass sie rechtsstaatlich einwandfrei erlangt wurden.

Diese Aussage muss man sich mal auf der Zunge zergehen lassen. "Rechtsstaatlich Einwandfrei"? Und was ist mit der Menschenwürde?

Dann sollte man sich mal die "Objektformel [wikipedia.de]", eine der anerkanntesten Formulierungen der Menschenwürde, durchlesen:

Die Menschenwürde ist getroffen, wenn der konkrete Mensch zum Objekt, zu einem bloßen Mittel, zur vertretbaren Größe herabgewürdigt wird.

Und dann beachte man, wie hier die gefolterten (potentiellen) Terroristen zur reinen Informationsquelle degradiert werden. Macht nichts, wenn die gefoltert wurden, hauptsache sie liefern uns Informationen?

Das Problem mit Schäuble und seinen Plänen sind (hoffentlich) nicht seine Intentionen. Dass es schön wäre, mehr gegen Terrorismus zu tun, da sind wir uns wohl alle einig.

Das Problem mit seinen Plänen sind die Missbrauchsmöglichkeiten, die sie eröffnen, und deswegen müssen sie verhindert werden.

In unsere Verfassung sind zahlreiche Erfahrungen von früher eingeflossen, gerade was den Machtmissbrauch betrifft. Deswegen (!) erlauben wir beispielsweise keinen Einsatz der Bundeswehr im Inneren (außer unbewaffnet, beispielsweise bei der "Jahrhundertflut"). Es geht darum, dass niemand die Bundeswehr "legal" gegen die Bevölkerung einsetzen könnte (was es ja durchaus schon gab!).

Ebenso wurden absichtlich in unser Grundgesetzt Klauseln eingebaut, die beispielsweise Versammlungsfreiheit (Artikel 8), und freie Meinungsäußerung (Artikel 5) garantieren.

Besonders erwähnenswert ist in diesem Zusammenhang Artikel 2 unseres Grundgesetzes. Dieses bildet die Grundlage beispielsweise für Artikel 13, der die berühmte Formulierung enthält "Die Wohnung ist unverletzlich."

All diese Regelungen haben einen Hintergrund: sie sollen verhindern, dass die Bundesrepublik Schritt für Schritt zu einem Überwachungsstaat und totalitärem Regime werden kann. Die unkontrollierte Überwachung von unschuldigen Bürgern, das verbieten von Versammlungen, willkürliche Durchsuchungen - all das sind Sachen, die es zu verhindern gilt.

Schäubles Pläne zielen jetzt aber genau darauf ab, diese Schutzgesetze aufzuweichen und abzuschaffen, unter der sehr abstrakten Behauptung, damit bessere Terrorabwehr machen zu können. Unabhängig von Schäubles Intentionen (über die wir nur Spekulieren können), eröffnet dies Mißbrauchsmöglichkeiten insbesondere auch für zukünftige (!) Regierungen.

Es ist aber sehr zweifelhaft, ob die von ihm geforderten Maßnahmen überhaupt wirkungsvoll sein können!

Viele Sachen sind heute bereits möglich, benötigen aber die Unterstützung der Gerichte. Was Schäuble versucht, ist also auch zu einem großen Teil die Ausheblung unserer Gewaltenteilung, indem er versucht von seiten der Legislative (Gesetzgebung), der Exekutive (Polizei, BND) zusätliche Befugnisse unter Umgehung der Judikative zu geben. Auch das ist verfassungsfeindlich, und gegen Grundprinzipien eines Rechtsstaats.

Daher ist Schäuble als Innenminister und als Politiker allgemein nicht tragbar, sondern er ist ein Feind unseres Rechtssystems!