If you’re subscribed to this blog with a Feedburner url then please get yourself a new feed url from front page. Syndication to Feedburner will stop soon and you won’t receive new posts otherwise.
ID-kaart Firefox 4 beeta 2-ga
SSLi turvavea tõttu on Firefoxi arendajad ära keelanud sellise funktsionaalsuse nagu renegotiation. Seni kaua, kui enamlevinud SSL implementatsioonides pole parandusi tehtud ja serverite haldajad neid kasutusele võtnud, ei ole veebilehitsejal võimalik tuvastada, kas suheldakse haavatava SSL-seadistusega või mitte. Sestap ongi kasutajate kaitseks vastav funktsionaalsus ära keelatud.
Keelu tõttu ei õnnestu mitmetesse rakendustesse ID-kaardiga sisse logida. Vastav veateade on järgmine:
Veakood: ssl_error_renegotiation_not_allowed
Esialgse seisuga on endiselt töökorras näiteks Swedbanka sisse logimine, samas on puudutatud näiteks pilet.ee ja ka eesti.ee. Kui siiski on tahtmine ka neisse sisse logida, siis on võimalik Firefoxile öelda, et konkreetsete lehekülgede puhul tuleb võimalikku ohtu ignoreeerida.
Selleks:
- Ava about:config
- Trüki filtrisse renego
- Leia tulemuste hulgast security.ssl.renego_unrestricted_hosts
- Lisa selle vaikimisi tühjale väärtusele sisene.www.eesti.ee ja/või www.pilet.ee
- Mitme aadressi eraldajana kasuta koma
Samal teemal loe veel siit.
Less polling, more battery
As written in previous post I got the driver for Omnikey 4040 cardreader to work eventually. I also noticed two other things later.
First, you’re not supposed to remove the reader while operating system is running. It completely freezes kernel, it doesn’t panic but nothing responds either. Not even the magic REISUB sequence.
Second, it polls really often. Powertop reports about 80-90 wakeups for [kernel core] cm4040_do_poll (cm4040_do_poll). That’s more than you want for something that doesn’t have to be super-responsive and that you don’t use most of the time. Apparently having the source code of the driver it’s easy to fix. Now, if you’re familiar with drivers then what I’m going to suggest is probably not a proper but rather a hack fix but it has the advantage of working ;). So in the driver code there’s a line which reads:
#define POLL_PERIOD msecs_to_jiffies(10)
I simply edited it to read:
#define POLL_PERIOD msecs_to_jiffies(250)
Any bigger value like 500 made the reader less responsive than I considered reasonable. With that value Powertop now reports 4 wakeups which is indeed roughly 25 times less and only about 1.3% of wakeups with few other apps running.
Edit: some picky applications time out with 250. I needed to change it to 100 so that smartcard login with rdesktop would work.
Customer support!
People mostly write about customer support when it’s crappy. This is an exception.
I was getting tired of having smartcard reader that connects to USB, the wire is absolutely annoying and it’s so easy to forget it at home when leaving. So I bought an Omnikey 4040 that connects to PCMCIA. First try was fail, Flex computer shop sold me wrong reader and I didn’t notice until I got home. They were totally fine to replace it though :).
Next I tried setting it up. Another fail. There seems to be a kernel driver which didn’t work. I then filed a support request with HID Global Corporation. Two weeks later they sent me driver code that compiles for my kernel (2.6.32) and works too.
I then put it to another test. Tried to sign a document with new still in development phase id-card software from Smartlink. Signing hanged application. Oh, well, it’s not announced stable anyway. However web-based signing actually worked with a website that is known to be tricky.
When you look at the picture you’ll notice that id-card software warns that the site isn’t using up-to-date API when accessing card and you’ll also see that the document signed is wrong, I only signed a local txt file. But, it actually works on linux and quite well, which is awesome!
Edit: Correction: It didn’t really hang, it just takes longer than expected to respond :).