ActiveSync over Bluetooth with high port numbers

February 28th, 2007 by jqr

Now that my Dell Axim’s USB dock has failed (which a quick forum search indicates to be the norm for this product), I need a way to ActiveSync it with my laptop. Bluetooth is one such option - and gives the additional benefit that I don’t need to carry a dock with me when I travel.

The problem is, ActiveSync seems to have problems with high COM port numbers, which are common under Windows XP2. Every you pair a new device a new higher set of COM ports is assigned (i.e. the number assigned to new ports is much like an auto-increment value in a database). For example, my laptop, which has paired with many, many Bluetooth devices over the years is into 3 digit COM port numbers:


(To find out COM port assignments, go Control Panel -> Bluetooth Devices -> COM ports tab)

The problem is ActiveSync won’t play the game:


Fortunately it’s just a problem with the File -> Connection Settings dialog. Basically a simple solution (as compared to editing the complex registry structures of the NT PnP manager) is to “Allow connections to one of the following” and choose any of the COM ports there. Now edit HKCU\Software\Microsoft\Windows CE Services\SerialPort and change it to the desired port number.

Now, use ActiveSync on the PocketPC to establish a connection back to the PC and all should work.

One problem is every time “OK” is clicked in the connection settings dialog this key will be changed back to whatever port is selected in that dialog. For me this is not a huge problem as I don’t regularly change those settings.

Posted in PDAs | No Comments »

Bateman’s Bay

February 22nd, 2007 by jqr

Some photos from my trip to Bateman’s Bay, on the magnificent New South Wales coast south of Wollongong. By coach it’s about 2 hours from Canberra.

Posted in Personal | No Comments »

AACS processing key found, but scheme not broken

February 14th, 2007 by jqr

On various web sites today [boingbong, slashdot] it has been reported that the AACS (the copy protection scheme used in Blu-ray and HD-DVD) “processing key” has been found and the scheme has been fully broken.

Whilst this is the next logical step after finding title keys the scheme is far from broken.

As I discussed in my previous AACS post, the media keys that are used to encrypt each disc (and is specific to a disc print) have been recovered with relative ease from the WinDVD software player. As I noted, this was not surprising as the key has to exist somewhere in software player memory to allow the AES decryption of the content to be viewed! No revelation there.

Now, if you read my earlier post and indeed this excellent series of postings by Ed Felten and Alex Halderman, the media key is encrypted multiple times for each subset-difference set in the binary tree of keys. A player that has not been revoked will be able to compute the processing key for the subset it belongs to and then use this processing key to decrypt one of the encryptions of the media key.

WinDVD’s processing key has been found. Again, this is expected as at some point it has to exist in main memory for the software to function, although according to the postings at doom9 WinDVD does try to obscure this information.


There is now a processing key out there that can decrypt the media keys for any of the existing HD-DVD titles. The people who designed AACS were well aware that this is an inevitable reality - that eventually a player’s keys will be compromised. This is why AACS used the subset-difference revocation scheme in the first place. AACS could now potentially compute new subset-differences to include in the MKB of future HD-DVD and Blu-ray discs. This will effectively render WinDVDs keys useless for these future titles. And so the cat-and-mouse game begins…

So to summarize whilst this is an impressive feat of reverse-engineering/debugging on a specific AACS implementation, it is no breakthrough in defeating AACS cryptographically. AACS was designed with this in mind and WinDVD can be revoked.

For more information see the AACS specifications.

Posted in Encryption | 2 Comments »

USB hubs malfunctioning after power surge

February 14th, 2007 by jqr

I, like many other people, have a bunch of USB hardware hanging off a hub. It’s a powered hub, but one that can run without external power if you are running low current drawing devices. Since I’m on a laptop setup, this is great as it’s one less power adapter to plug in unless I really need it.

Unfortunately I do need it when plugging in my $9-from-MSY 2.5″ hard disk cradle which I use for my backup hard drive. It draws too much current and needs the AC adapter on the hub plugged in. In fact this is the only way it works (it won’t even run off the laptop’s USB power).

Anyway this is manageable until I connect the hard drive having forgotten to plug in the hub to the mains (or the mains power gets disconnected etc etc). Windows immediately gives me this:


Which is fine of course but the rest of the hub has been blocked off as well killing my USB mouse etc. This is where the problem is - disconnecting and reconnecting the hub doesn’t solve the problem - it appears the device driver ‘remembers’ this device is causing a power surge. The popular misbehaving device trick of disable/re-enable also lets me down.

The dirty solution is to restart the PC. The quick and dirty solution is to go to Device Manager, View -> Devices by Connection, find the USB controller that is the parent of the misbehaved hub, and disable/re-enable it:


Posted in Hardware | 1 Comment »

AACS’s subset-cover scheme explained

February 12th, 2007 by jqr

A look at the algorithm at the heart of AACS copy protection’s revocation scheme

A lot of technical and mainstream media attention has recently turned towards the ‘cracking’ of the AACS copy protection on next generation media distribution formats Blu-ray and HD-DVD.

In actual fact nothing has been cracked – all that has been recovered is the media key from the memory of WinDVD, which was then fed into a piece of software that implements the AACS standard and decrypts the disc. Nothing is surprising about this – the content obviously exists in a decrypted form at some point in the chain for it to be viewed, and the key that encrypts the disc itself (the media key) has to exist in plain-text for the decryption to occur as well. So content can always be recovered given enough reverse engineering.

What is more interesting is AACS’s counter-measures against this inevitable reality. In simplest terms, AACS contains the ability to prohibit individual players (that are known to be compromised and leaking copyrighted content) from playing any future pressed discs. In fact for a very interesting overview of the capabilities and game theory behind AACS I highly recommend this series of blog articles by Ed Felten and Alex Halderman.

The technology is sophisticated enough to be able to eliminate any subset of players the copyright owners desire, and borrows from algorithms initially developed to protect pay-TV content. This contrasts with the CSS copy protection on DVD, which only can revoke a particular model of player. There exists some confusion I have seen on how this mechanism works. It does not involve new discs causing HD-DVD drives to modify some firmware and revoke themselves (although another part of the AACS specification employs this kind of idea). It is a purely cryptographic solution that no ‘firmware hacks’ can defeat. The rest of this post will concentrate on explaining the functioning behind the revocation algorithm at the heart of AACS - the subset-difference algorithm.

Read the rest of this entry »

Posted in Encryption | 5 Comments »

Optus UMTS900

February 9th, 2007 by jqr

Last week Singtel/Optus announced it would be expanding UMTS (the dominant 3G standard worldwide) into regional/rural Australia, to compete against the “incumbent” (as they call Telstra). Let’s delve into some technical details on this topic.

Optus are investigating the possibility of deploying UMTS in the recently defined UMTS Band VIII (NodeB Tx: 925-960MHz, UE Tx: 880-915MHz). This is the exact same spectrum as EGSM900 (and deliberately so, to allow owners of GSM900 spectrum to transition to UMTS). For Optus, this means in regional/rural areas, Optus can re-allocate some of the EGSM900 spectrum to UMTS with no additional spectrum purchase required.

As it stands now, UMTS is offered in its original Band I (1900MHz up / 2100MHz down) by the Hutchison-Telstra alliance and the Optus-Vodafone alliance in metropolitan Australia. Additionally, Telstra’s heavily promoted ‘Next G’ operates on UMTS band V (850MHz), which operates on the exact same frequencies as used by GSM850 (again, for reasons discussed earlier). UMTS850 is not a commonly-used – yet - UMTS band - the only way Telstra can feasibly use this is because Cingular Wireless-AT&T in the United States (with over 60 million subscribers) has chosen to use this band, as it owns existing GSM850 spectrum.

Read the rest of this entry »

Posted in Mobile Phones/Networks | 1 Comment »

Optus UMTS data for 2G users

February 7th, 2007 by jqr

As you may already know, Optus operate a UMTS2100 3G network in addition to their GSM900/1800 network. In fact those Optus 2G customers that have bought a recent UMTS-capable phone may have noticed that they are using the 3G network in many cases when in urban areas despite not actually being 3G customers. We can see that the distinction between a 2G customer and a 3G customer is now rather blurred.

Until recently however you would still be using plain old GPRS (Optus does not offer EDGE currently) if you were such a customer, limiting you to a typical 50-60 kbit at best. Now, Optus allow access to data transfer over the UMTS network to 2G customers with a 3G phone. This is great news for people like myself on a good value legacy plan who have no interest in the current crop of 3G services other than IP internet. Anyway, here are some quick figures on performance:

Read the rest of this entry »

Posted in Mobile Phones/Networks | No Comments »

Vodafone GPRS unlimited pack

December 29th, 2004 by jqr

Being in South East Queensland at the moment, with limited access to dial-up, I decided it would be the perfect opportunity to try out Vodafone’s data bundles, which are described here .

Now my standard provider I use for light GPRS usage, Optus, charges 0.55c/kB (decreasing to 0.33c/kB as usage increases) on GPRS Plan 2. Held up against the rest of the market offerings, this would be considered some of the cheaper pricing, as the average users are paying is the “standard” 2.2c/kB.

Unfortunately of course, this works out to around $5/meg, and with even some light email usage, instant messaging, and of course, the mobile bandwidth killer – web browsing, this can result in a very expensive bill.

I chose the $49.95/month “Power Use” package, which implies unlimited usage but the legal print suggests that 500M is considered excessive. I was able to easily apply at a Vodafone store, with no other fees (BYO handset) charged to me.

Read the rest of this entry »

Posted in Mobile Phones/Networks | No Comments »

Mobile phone emergency calls in Australia

February 18th, 2004 by jqr

If you happened to find yourself in an emergency situation, it’s quite possible that you, or someone with you has a mobile phone to call for help. But many people do not know that with GSM phones it is a little more complicated than dialing 000. In fact, there is another number which may succeed where 000 may not.

In this post I explain this mess of a situation we have, as well as cover the details on another widely publicized topic – the reason for the increased number of false 000 calls from mobiles.

Read the rest of this entry »

Posted in Mobile Phones/Networks | No Comments »