Silly Hardware Drivers’ Hunt!

In my quest for some nice smartcard or USB crypto token to use for authentication instead of keypairs (for which I started considering the Italian electronic ID card, once I change my documents, which happens to be this summer), I’ve noticed how, for laptops lacking ExpressCard 54 or PCMCIA, people tend to suggest using USB readers for SIM-sized cards, most of which seems to be intended first for actual GSM SIM cards.

This made me think that I do have an USB SIM card reader, I just have no idea how to get it to work under Linux.

The strange SIM card reader I own

The device is reported with USB IDs 05e3:fd21 (which in the usb.ids database is registered to “Genesys Logic, Inc. 3M TL20 Temperature Logger” – which doesn’t seem to be related to what I have at all).

I have drivers for Windos for it, but I haven’t tried them myself, not yet at least. The setup program I have, once ran under Wine, installs some software by Innoproducts, called “SimEditor (IT01)”.

This software seems to contain, beside some manuals, an installer for some “flash disk driver”, and a driver for the actual USB device. Interestingly, the setup for the USB device consists of three files, two DLLs (one for 9x, one for NT), and an executable, all three compressed with UPX. The installer seems to be created with Borland’s or CodeGear’s C++ Builder, I see references to Delphi, and to TForm, but the giveaway is the System::AnsiString string in it. As a style information, they didn’t name everything properly, I see references to TForm1 and Unit1, which are the default names for forms and units in C++ Builder. Further looking at the strings report the copyright to Borland Corporation from 2002, so it’s pre-CodeGear time.

The INF file (knrusb.inf) dos not seem to report any vendor name, but looking for 16-bit little endian strings in the installer (if you ever hacked under Windows you know that it mixes pretty nicely ASCII and UTF-16 strings) finds the actual authors of the driver: “Copyright © 2004-2005 Kooner Technology (H.K.) Co., Ltd.”. Unfortunately I can’t find an email address for them to ask.

Does anybody know about this device? Do anybody know a way to contact these Kooner Technology? (I have an hotmail address from the whois, but I’m a bit wary of that, I’ll try it anyway).

Do anybody have any suggestion beside using USB snoop under Windows to see what it’s going on with the device? (and does anybody know for anything running under Windows XP, which is the only Windows version I have a license for?).

Even little differences count

If you ever find yourself relying for any reason on the behaviour of Microsoft Excel, make sure you never ever change its version. Seems like I had some problems with my job because the version of Microsoft Excel I bought is not the same as the one they are using at the office.

Also, if you want to shut up Valgrind’s warnings to make life easier for people developing against a given library, it’s time you hear about suppression files, rather than trying to change code you don’t know enough about.

Seems like a little difference in the patches applied by Debian (and Ubuntu) made OpenSSL vulnerable like it never was. Even my keys has to be considered compromised, so I had to change them on every service I use. This means Alioth, Gentoo’s Infra, GentooExperimental, SourceForge, Berlios, Savannah, Rubyforge, Launchpad (don’t ask), KDE, and of course my own server.

I think yesterday will be remembered for the years to come as a critical day. It’s like a city of the size of Milan starting to change the door locks for all the apartments at once. I’m surprised there hasn’t been more confusion.

Myself, I’m starting to consider some other kind of authentication, as the passphrases I use for the keys are quite long, and I’m tired of having to key it in every time I start the system. SmartCard and authentication tokens start to look quite nice, and it would be a nice test for Gentoo’s PAM infrastructure.

It’s unfortunate that Alon, who as far as I remembered managed these things, left Gentoo yesterday :/ Although I suppose that if I am to start looking into these things I might be able to lend a hand.

At the moment, I’m oriented toward an authentication token, as that would make it possible for me to have it around on the laptop too at any time. Strangely enough, I found an Italian producer, Eutronsec, and their CryptoIdentity token seems to be supported by pcsclite.

SmartCards are more likely useful in an organisation where you’d have one reader on a given system and many many cards around. Here I’d just have one reader and one smartcard if I did go that way. If the Italian ID card was a SmartCard I could have chosen that, but at the moment it doesn’t look like a convenient idea.

Unfortunately it seems like Eutronsec only sells to other companies, I’ve mailed them asking if they could sell to single entities, but I haven’t received an answer yet. I’m afraid I’ll have to start looking for alternatives if I want to proceed on this road.

On a totally different topic, but still related to “little differences”, I’m having difficulties finding cups that I can use with my espresso machine. Usual teacups that my family uses for coffee (yeah they are quite larger for coffee, we’re used to those though, a six servings Moka is good for three here) tend to be too thin at the bottom and large at the top, so the coffee spills a lot, especially when doing a hot boiling espresso. Mugs are quite better for the task, but all the ones I have here are little less than 9.5 centimetres (little more than three and a half inches), and require to be skewed to enter the espresso machine.

The idea would be an 8.5cm cup, but I can’t seem to find them in the shops around here, they are either 6 centimetres, which is way too short, or they are the “usual” mug size. In a Chinese shop around here I found some nice cups that are about 12cm actually, I was tempted to take one to hold the milk for cappuccino, actually, but they are quite too high for the espresso machine.