Nicolas' Blog

I used to have a simple policy for my wifi network which would be “open” with no crypto whatsoever. I did this in order to allow for any visitor at home to be able to surf without having to share a secret with him. However, I soon realized that this was not good for the “privacy” of my data and turned to an OpenVPN-based solution in order to protect the traffic from my “known” hosts. This being done, in the absence of visitors, I would simply stop routing wireless traffic that was not VPN.

However, the advent of WPA and WPA-Enterprise made me believe that there was a simpler solution that would allow me to achieve the same thing but in a way that would also allow my visitors to benefit from some “privacy”. However, I still didn’t want to share a secret with them nor did I want to have them install anything on their machine.

Setting up WPA2 on my access point and coupling that with a Radius server was the solution I was looking for!

Read more »

In order to setup an ssh tunnel between port 8080 on the local machine and port 80 on the SSH server, you can go and type:

ssh -L8080:localhost:80 machine.example.org -l yourUsernameAtMachineDOTexampleDOTorg

But if you follow the law of the least effort, you won’t want to type that in everytime you need to establish the tunnel, you would rather type:

ssh tunnelName

and have SSH do everything by itself for you! This can be acomplished by inserting the following lines in your ~/.ssh/config file.

Host tunnelName        
User yourUsernameAtMachineDOTexampleDOTorg        
Hostname machine.example.org        
GatewayPorts yes        
LocalForward 8080 localhost:80

Notice the GatewayPorts yes directive, this is optional for the tunnel to come up but allows you to use the tunnel from other machines than just the one that establishes it!

A little east of Montpellier, between Uzès and Nimes is the Pont du Gard. This bridge built by the Romans was used as both a road bridge and aqueduct between these two cities. It is the theater of many cultural events as well as a recreational place during summer! At some point in time, people used to dive from it until it was forbidden a few years ago.

Read more »

Since 2004, I’m a member of the Thawte Web of Trust. I’ve always been quite a security enthusiast, my first experiences were under DOS using the pgp executable to try and cypher some text that I would put on a diskette and have a friend read the next day…

Those days are long gone but, even though the advent of the Internet and modern cryptography, the principles still remain! In the beginning there are only two things, a Public and a Private cryptographic key. The public key is used for cyphering content and verifying signatures, the private key is used to sign and decipher content.

So if you want to send a message to a friend of yours, you have various options:

• Sign it, don’t encrypt : Your friend needs your public key to verify your signature
• Encrypt it, don’t sign it: You need your friends’ public key
• Encrypt it, sign it: You need your friends’ public key and he needs yours to verify the signature

That’s a lot of key exchanges that could potentially lead to several attacks such as Eve trying to convince you that he’s got your friends’ public key when what he has is a fake. Eve, if she somehow catches the message you sent your friend will be able to decipher it.

Now, this is where certificates come into action, Trent which is trusted by both of you will “grosso modo” digitally sign your (name, email address and public key) tuple so it can not be tampered with. Of course, Trent needs to assert your identity before he signs your certificate, otherwise it makes no sense.

Thawte is just an instance of Trent, also known as a Certification Authority which delivers free personal certificates for email based on the concept of a Web of Trust (WoT)!

Read more »

Have you ever wanted to show others where you went and what your itinerary was to get there? If you’re starting a photo book about your last trip around China or your latest safary through Africa, here is a tool that might come in handy.

This online tool by Karl L. Swartz generates a map of your trips

Read more »

A nice little restaurant in Uccle (Brussels).

Located in a quiet section of the Uccle “commune”, just next to the Kauwberg which is one of the most important “green space reservoir” of Brussels in which you can enjoy a great after meal “promenade”.

The Ventre Saint Gris’ experience was excellent overall, having booked in advance made it easy for the owner to accommodate our 20 persons group. The timing was good, the waiting time between ordering and being served was really amazingly fast while the quality of the servings as well as the quantity was great.

A very nice experience where you can’t be disapointed, the menu is very dynamic so be sure to check their website where you’ll find all the details.

If you’re looking for a nice little Italian restaurant in southern France, the Piazza Papa is certainly a good choice.

Located in the center of Toulouse, the chain has two other places in Montpellier and Aix en Provence. I only know the Toulouse’s place. Apart from a calid ambiance, the waiters are always very nice and let you take your time. The food is great!

I specially recommend the salmone calzone as a starter followed by the salmone pizza, but that’s just because I love salmon on a pizza! Be sure to try the Café Liégois for desert, it’s one of the best Café Liégois that I’ve ever tasted!

It is not the first time I speak of the French Pays Cathare. In fact, about a month ago, I wrote something about Carcassonne which is the Pays Cathare’s most impressive city. However, Medieval cities are all over the place in Souh-West France and Mirepoix is another example of such.

Mirepoix is located in the French Ariège département, about an hour south of Toulouse in the direction of Foix. It is much smaller than Carcassonne but has much to offer to its visitor.

Read more »

In south-western France, a little north of Cahors, located at the border of the French Midi-Pyrénées and Limousin regions, more specifically at the border of the Lot and the Corrèze department, lies the French Quercy, more specifically the Haut Quercy (high Quercy).

This former region of France which was home of the Cadurques Gauls is very rich in Limestone. The architecture and colors that can be seen in this region are a testimony of this natural resource’s presence.

Read more »

The race for storage space between Yahoo! and Google has already been discussed on many blogs lately. The decision by Yahoo! to offer unlimited storage space for your emails has been welcome by most! I personally still prefer Gmail which to my opinion has much more usability than Yahoo!. This is specially true when combined with Google Calendar (or Agenda) and other Google goodies such as Google Notepad, Google Stocks, Picasa etc…

There is however, something not so logical when it comes to space and Google….

Read more »