Occupy Bellevue – Zitat aus der FAZ

Posted on 2012/01/07 by Kic

Heute fand eine Demonstration namens “Occupy Bellevue” vor dem Amtssitz des deutschen Bundespräsidenten statt. Davon berichtete natürlich auch die Frankfurter Allgemeine Zeitung. Ich zitiere hier nur den ersten Absatz und markiere eine bemerkenswerte Stelle durch Fettschrift:

Eigentlich ist Bellevue ein schöner Ort zum Demonstrieren: Man hat den Blick auf die Spree, den Tiergarten, die Siegessäule und natürlich auf das Schloss. Doch in Berlin kann der Himmel grauer sein als anderswo. Als die Demonstration begann, war es kalt, und ein klebriges Nieseln hing in der Luft. Obendrein war Wulff überhaupt nicht da. „Auf der Skihütte bei Freunden“, scherzte einer der zahlreichen Polizisten. Zumindest waren viele Kameras am Ort – man konnte eine Nachricht hinterlassen.

Das Ansehen des Präsidenten hat wohl schon sehr gelitten, wenn nun schon Polizisten solche Witze machen…

Posted in En-Route | Comments Off

Empire State Building @night

Posted on 2011/11/21 by Kic

image

Posted in En-Route | Comments Off

New York Statue of Liberty

Posted on 2011/11/21 by Kic

image

Posted in En-Route | Comments Off

New York Ink 48

Posted on 2011/11/19 by Kic

image

Posted in En-Route | Comments Off

IPSEC using Strongswan for iPhones and Mac computers

Posted on 2011/10/29 by Kic

If you want to use the built-in IPSEC VPN clients of iPhones and Mac computers, there is a very good documentation at the Strongswan site itself.

Most important are two things – you have to make sure your binaries have been built using the --enable-cisco-quirks option. Then it will behave like a Cisco router and you can make an IPSEC only tunnel.

The second issue (which is important for the Mac computers, iPhones seem to ignore this) is the server certificate. You must add the server’s full qualified domain name as it is seen by the clients to the certificate’s common name (which is normal) and the “X509v3 Subject Alternative Name” as “DNS:your.domain.tld”. Otherwise you will get the message that your server’s certificate is not correct.

Since my ipsec binaries were unable to add the “Subject Alternative Name”, I went back to good old openssl to create my CA and certificates. It is all standard, but you have to add the option “subjectAltName = DNS:copy:commonName” to openssl.cnf (server_cert section).

If you follow the documentation mentioned above and the two issues explained here you will be able to use the tunnel for both iPhones and Macs!

Posted in Apple, Computer | Comments Off

New mobile phone number

Posted on 2011/08/07 by Kic

Whoever had my old mobile number – it has changed to a new one. Write down the old number in +49178xxxxxxx format, remove the + and add 4425863032012 to the number. Prefix that with a + again :)

Posted in En-Route | Comments Off

London 3

Posted on 2011/06/10 by Kic

20110610-085542.jpg

20110610-085954.jpg

20110610-090018.jpg

20110610-090029.jpg

Posted in En-Route | Comments Off

London 2

Posted on 2011/06/09 by Kic

20110608-115934.jpg

20110609-120213.jpg

20110609-120336.jpg

20110609-120746.jpg

20110609-120853.jpg

20110609-121453.jpg

20110609-121528.jpg

Posted in En-Route | Comments Off

London

Posted on 2011/06/08 by Kic

20110608-013457.jpg

20110608-013638.jpg

20110608-013711.jpg

20110608-013933.jpg

20110608-014000.jpg

20110608-014207.jpg

20110608-014112.jpg

20110608-014139.jpg

20110608-014541.jpg

Posted in En-Route | Comments Off

Avebury

Posted on 2011/06/08 by Kic

20110608-012844.jpg

20110608-013308.jpg

Posted in En-Route | Comments Off