Archives
-
Data Layer - SqlServer
-
Data Layer
-
Changing Pocket PC Language
The Pocket PC I recently received was completely in French, so I figured 'I'll just change this to English'.
It can't be that hard, can it? Apparently it was trickier then I thought.
The Pocket PC has the OS in it's ROM, and it has limited ROM, so no multilanguages in there.
It quickly became obvious to me the ROM had to be flashed with an English version, but where to get it?
I didn't buy the Pocket PC, so asking Dell to give me an English one probably would fail, and from various messageboards I discovered they won't do it anyway.
So, where to get it? From the Dell site I guessed, in the download section there was an English update for Windows Mobile 2003 Second Edition.
Since this update just flashes the ROM and puts the new version in it, I guessed this was ok.
But when trying to flash it, it started complaining about being the wrong language.
Apparently French can only be upgraded to French, and since I don't speak French fluently this wasn't practical :)
So, search engine to the rescue. I found this post on Aximsite, a site dedicated to Dell Axim resources.
It seemed logical, get the English and French ROM, make the updater believe the English ROM is actually a French language, and flash.
The process looked obvious to me, so, let's get started!
I opened up the French ROM and English ROM in a hex editor and located the differences:
Note:
This is different from the forum post! It's not the first 7 lines you have to copy paste.
Pasting the first 7 lines results in an Integrity Check error. It's enough to change everything before the "AXIM30".
After having modified the English ROM with the new header, I saved it to the French updated directory, overwriting the original French ROM update. (So, now you have a filename which indicates it's a French ROM, but it's actually the English ROM with the French header)
I did the same for the other image (there is a C and an N image).
Now I ran the updater, which did not give me an error about Integrity Check anymore, and also not about wrong language.
It succesfully updated the ROM and after the Pocket PC restarted, everything was English!
So, now I have an English Pocket PC :)
Ofcourse, the disclaimer on my blog applies especially to this post, as this is not something you should do quickly if you have no technical skills.
So: I (David Cumps) cannot be held responsible for any damage what-so-ever that might come from this post. You do this at your own risk. -
XP SP2 using Alternate Data Streams for Security Warnings
A while ago I blogged about Alternate Data Streams and how they are hidden from the users.
At that time, you could presume when an ADS was present, it was something special, because not many normal files have an ADS attached to it.
But yesterday I got an interesting question about XP SP2 showing a Security Warning when you want to execute something downloaded from the internet.
We guessed Alternate Data Streams were used, so I checked this out and it turns out XP SP2 indeed adds an ADS when you download a file from the Internet.
This stream is called Zone.Identifier and contains the following information:
D:\Tmp>more < TestZip.zip:Zone.Identifier
[ZoneTransfer]
ZoneId=3
Since SP2 did this, it probably means it's a modification to Internet Explorer.
So, I got the Firefox 1.0.3 and downloaded a file with the default settings, and as I guessed, no ADS with Zone.Identifier.
(I believe Firefox doesn't have such thing as Zones, but it would be nice if Firefox added this ADS to let the new Security Warning, informing you it's a downloaded file, come up). -
Presentation: eID in .NET
Yesterday I gave a presentation about eID in .NET, if somebody is interested I have uploaded the presentation together with some sample code to my personal website: Cumps.be
The purpose of this session is to give an idea about what's possible with the eID card in .NET and what is needed to get it working.
Some background information about eID is provided, after which four possible usage scenarios are described and what is needed to build them.
Note: The code are just technical tryouts, not ment to go straight into production :) Provided "AS IS". -
A day in Paris - Visual Gaming Finals
Yesterday I got invited by Microsoft France to Paris, to the Wax Club, to see the French Visual Gaming Finals.
My team mate, ZogStriP, participated in the High School competition there, so it was very exiting!
It was also a very good experience to learn french ;) And to get to know Paris, where the people are really crazy in traffic. Apparently, stop signs are just for decoration... Green or red, it all means the same :p
They played the games before and played the replay files on big screen, which were also recorded by a french television station. The station is on sattelite and is called GameOne, I don't know yet when they will broadcast it. I'll have to find someone who can digitally record it, because they interviewed me as well :p
So, the High School competition: there were 2 pools, one with 3 games and one with 6. Our best competitor was Z² who lost with a very little difference each time.
In the end, our dll won the High School competition! Resulting in a PDA for my team mate (I'm too old for High School ;p).
But here is where something special happened, he gave me the PDA!
He recently became MVS in France and just received one as well. Isn't it a nice gesture? Microsoft France made a very good choice making him MVS, he really deserves it with this kind of attitude, a real teamplayer. (So, for all French companies reading my blog, go to his blog and check it out, he would be a great asset for your company!)
After this, it was time for the Open Division.
There, our bot had a hard time. We lost the quarter finals by 1 point, due to a bug causing the AI to stop :/ So, chances for 1st and 2nd were gone. Finally we ended up at the fourth place, because the same bug occured again in the next game, which is really a shame.
One thing is sure, being 4th already is good, especially in France, the country of Visual Gaming, now we only have to fix this bug :p Result of ending on 4th place: A fingerprint reader and I also got interviewed, in English :p This is really a nice example of "dissolving boundaries" :)
And to finish, here's a picture of ZogStriP and me (ZogStriP right, me left):
To ZogStriP: Thanks! -
Google gets promotion from a strange source
I just found the Microsoft USB Flash Drive Manager trough Ohad Israeli and when I checked for updates, I got sent to this site, which had something funny on it ;)
I think Google will like it Microsoft promotes their product above MSN Desktop Search ;) -
Logging
-
Configuration
-
Remoting Client-Side
-
Remoting Server-Side
-
Windows Services
-
eID.Chat
To demonstrate the possible use of eID in Windows applications, I created a small client/server application. This application contains a central server, which listens on a certain port for possible clients. After a client connects, it has to authenticate with the user’s eID card. The server then validates the certificate and checks if it is in the list of allowed users to connect.
If everything is valid, the client can connect and chat with other clients. Every message send to the server is signed by the client and validated, making sure each message arriving at the server originated from that user. The server then extracts the username from the certificate and uses this to broadcast the message to the other clients. Ultimately, this means users only have to insert their eID card, enter their PIN and are safely chatting away with others.
The steps used to authenticate a client are as follows:
- The client asks for a logon.
- The server sends a random challenge back to the client and remembers this value.
- The client signs this challenge and sends the signed challenge back to the server along with its certificate.
- The server first validates if the serial number of the certificate is in the database of allowed serials, otherwise the client gets denied.
- After this it validates if the certificate is still valid. If it is expired or revoked, it denies the client.
- The server takes the public key from the certificate and verifies the signature of the client.
- If the signature is valid, the client is really who he claims to be, and is allowed to logon. The client certificate is stored to be used for future communication verification and to extract the client’s name to include in the broadcasted communication.
-
eID
Another thing I had to do was a feasibility study on eID. This means I had to look into this technology, research what the possible uses are, if they can be implemented and how they have to be implemented.
The eID project is an initiative from the Belgium government, to replace the current passport of every citizen by an eID card. This is a smartcard which looks like the current Belgian passport, and contains certificates and identity data on its chip. Main functionalities of the eID card are data capture, authentication and digital signature.
Data capture is used in applications to read identity data from the card, such as name, address, gender and others. This gives an advantage to business applications which use this data, because it takes less time to enter the data, and no more typing errors can occur.
Authentication is done by using a certificate on the card. When the private key of the certificate is accessed, the eID middleware, provided by the government, will show a dialog asking for the PIN code of the card. Normally, only the owner of the cards knows this code, and can allow access to the private key. Authentication could be used on websites, physical locations, client-server applications and others.
A digital signature can be used to proof that some content originates from a certain user and has not been modify along the way. Possible uses are signing an email or a document. With eID, a digital signature has the same legal proof as a written one.
Every eID card contains an authentication and digital signature certificate, signed by the Citizen CA, which itself is signed by the Belgium Root CA.
When a citizen request and eID card at his municipality, it gets registered at the population registry, which requests a new certificate. After this a citizen can logon to a website, which will validate the certificate trough the OCSP protocol with the CA.
On the eID file system there are two main directories. One contains the specific user data in a proprietary format and the other one is PIN protected and contains the certificates.
Windows applications can use the Crypto API to access the certificates while everything else can use PKCS#11. There are also toolkits which hide the internal workings of the card.
A certificate always has to be validated, meaning the validity period has to be checked and the serial number of the certificate has to be checked with OCSP or against a CRL.