binaryfactory.ca

PdaNet 1.40 has been released. I’ve been able to connect to various IPSec tunnels using the client on my laptop with this version , which makes connecting easier. You have to make sure you’re using UDP or that transparent tunneling has been disabled. I haven’t got it working with IPSec over TCP. It still fails on one of my VPNs and I can’t really figure out why but I think it might not be related to Pdanet itself..time to apt-get update it !

From the changelog:

Version 1.40

• Implement VPN and UDP support.
• Display a numeric battery meter (you know you want it).
• Resolve a CPU usage issue that drains the battery faster.
• Add a DNS cache for instant lookup, improve initial connection speed.
• Pause UI update when device is sleeping to save power.
• This version is a significant improvement over previous versions.

Here is a quick how-to on how to connect to your work’s VPN on the iPhone and use it on your laptop. Special thanks to Nutbar on HowardForums who helped me with the last trick about the connection order.

• Jailbreak your iPhone ( http://www.quickpwn.com/2008/09/jailbreak-iphone-2… )
• Install PdaNet from Cydia
  • Get PdaNet working by setting up an AdHoc Wifi network on your laptop. Then connect your iPhone to it, start PdaNet.
    • Test the connection on your laptop by browsing a few websites through the iPhone.
    • Disable PdaNet and Wifi for now.
• Try connecting to your IPSec VPN from your laptop. It *MIGHT* work but will probably not. If it does work, you’re done here!
• If it didn’t work, setup the VPN connection on your iPhone. Most types of VPNs are supported, I tried with IPSec but others such as L2TP and PPTP should work (Some providers apparently do not support PPTP/GRE unless you pay an extra fee.. *cough* Rogers *cough*)
  • Test the VPN connection on the iPhone by connecting to it and then loading an Intranet page from Safari to confirm that it is indeed working. If your VPN uses a second authentication page, like some Checkpoint setups do, open that page on the iPhone and authenticate again.
• Enable Wifi, connect to your AdHoc network. Start PdaNet.
• Enjoy your tethered VPN from your laptop. It might be a bit slow but you don’t have to get a card for your laptop, and if you’re on Rogers/Fido, the 6gig data plan allows for that. It can be a hell of a life saver when there’s that big problem at 2am and you’re in the middle of nowhere!*
• For very simple tasks that don’t require a lot of work and can be done over RDP, WinAdmin is a remote desktop program for iPhone that will work well over the VPN. Get it from iTunes ! (Not Available in Canadian Store yet, find it somewhere else!)
  

  WinAdmin screenshot

*note that Rogers doesn’t have coverage decent enough for that yet

*not tested on Edge but should work the same, just even slower.

*intensive data transfer actually drains the battery faster than it can charge over USB – don’t expect to be able to work 8hours in a row.

Common sense regarding web security is to never use the same password on multiple sites. That way, when one password gets compromised, not all of them are.

I usually generate passwords for every single web site that requires a login. For some of them, I even generate the username. There is no way I can remember all of them by heart, it is simply impossible. However, I use a combination of Firefox, Truecrypt, and KeyPass to store my passwords in a secure way. The whole hard drive is encrypted with Truecrypt, low-security site passwords are stored in Firefox, and the important ones are stored in KeyPass, which is also encrypted.

The reason for KeyPass is that you can’t rely on Firefox to keep your passwords safe, it’s not meant to do that. It does fine for my Slashdot password though, as long as the hard drive is encrypted.

With the release of the latest round of Smartphones, more and more people are using an iPhone, an Android phone, and Windows mobiles phones too. Now, these phones often come with nice data plans and decent browsers that didn’t exist just a few years ago. Before using Opera Mini and Safari mobile, going to Slashdot on a mobile phone to post a few comments did not feel like an interesting way to waste 10 minutes at all. Now, it is doable in a comfortable way.

Except typing passwords. That is definitely a pain. I don’t want to remember that 16char. password every time I post a retarded comment on Fark. Yet, I don’t really want to save cookies and authenticated sessions either, because the iPhone is not very secure (understatement of the year). I am convinced that a lot of people who use mobile phones will set a lot of their online passwords to something short, simple, and sometimes maybe even numeric only.

What is the solution? Secure mobile devices and certificates? Possibly. Fingerprint protected certificates could be nice as well, leveraged by some kind of “OpenID” infrastructure maybe.

I guess with the latest iPhone firmware, it takes more than clicking emergency call or receiving a call to unlock it, at least.

It was released yesterday ! I’m getting ok on the small keyboard…

Why isn’t it listed under new apps in app store? (in Canada at least )

Oh well… First mobile post.. In front of my laptop