This IS weird. I have my own protected wifi network. My macs are connected to it. I have a DHCP server giving 10.0.1/24 to wifi hosts. I have a DSL line towards XS4ALL.

Today I installed an ethernet over power out of the box between a fixed IP macmini down and WiFi / DSL router upstairs. When I could not mount a disk from my WiFi network towards the fixed macmini, I started digging... And found out the above picture; I AM connected to MY wifi network, however, the DSL router somehow has default gateway towards a network of a neighbour that seems to be connected to Versatel!?!?

Yes, my fixed macs still use my own WiFiconnection. But my wifi macs while using my own network go via the mesh network of the powerlines via DHCP server of the neighbour towards to the internet via my neighbour.

If you thought that stealing bandwidth via WEP Wifi was cool in the late 90ies, this Ethernet of Power breaking will be even bigger.

But.. but.. Surley the protocol running Ethernet of Power is encrypted? Yes. But with a default key! Both my neighbour and I shopped the same box at the local shop with the same boxes with the default key installed. Making our power of ethenret devices / lines ONE network. Once I "resetted" the key manually on both my devices, I couldnt see my neighbour anymore and it were two networks again.

So
1) never trust anything
2) always change the defaults
3) You will hear about breakins like this in the near future. For example snffing all the traffic via the office next to a political party...

Will put "encryption" on the power network to prevent this... I hope

Bert Boerland moet worden nagekeken. Volgens Facebook.

Sommige vertalingen....

Yes, the very fast Opera browser on the iPhone proxies all request! In normal language, every webpage you visit from your iPhone with the opera browser is send towards Opera. Thereby, they get al the information from you. If you submit a form, it is send to Opera. If you search in Google, it is send to opera. If you login to a website, your password is send to Opera!

They wil claim the need to do this because of the prorpietary way they handle images and HTML to speed up a website. And it is a speedy browser:

I think part of the speed comes form the fact that they proxy all traffic and some funky stuff with preloading images. However, it is absurd that a browser gets /all/ the data I send, all the websites I visit, all the passwords I submit, all the search queries I do. It might not be spyware but sure gets close to this.

How did I found out?

I visitied Facebook on Opera and got this message from facebook:

Then I visited Facebook form my iMac and saw:

Then I did a test on my own host and grepped the logging:

Ans here is the code:

pimsbb2@newborn:~$ sudo tail -f /var/log/apache2/access.log | grep -i test
[sudo] password for pimsbb2:
94.246.126.161 - - [17/Apr/2010:21:05:24 +0200] "GET /test HTTP/1.1" 404 500 "-" "Opera/9.80 (iPhone; Opera Mini/5.0.0176/764; U; en) Presto/2.4.15"
^C
pimsbb2@newborn:~$ whois 94.246.126.161
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

inetnum: 94.246.126.0 - 94.246.127.255
netname: IPO-OPERA
descr: Opera Software ASA

I am not the first person to finds out about it, see for example pcworld.com. But I am the person to tell you that you should be aware that you send all your data cleartext towards Opera when using the app (https is fine however). And I am the person to tell you I will not use the app anymore. Bad Opera! Bad! No cookie.

I love twitter, sometimes I can not post as much as I would like to. But I am a long term heavy user and you can follow me if you can read Dutch and think I write sensible stuff every now and then. And I wil return by following you.

One of the great ways that twitter is used is in ways the twitter staff could not predict but only could facilitate by openening up the API's. Other sites can for example twet on behalf of you. For example, that you voted on Obama, put an RSS feed of your flickr account via a webservice to twitter to share it with your followers, etc.

The problem is that all these service need your userid and password to post on behalf of you of your twitter account. And here is the source of a big problem. Maybe the website you are using does not (need) to save your userid/password combination. Maybe they do. Maybe the service is safe and others will never be able to get your password via a hack. Maybe the owner of the site will never go bad and post on behalf of others. Maybe the service will not change its' Terms and Condidtions overnight so they can put adds in your tweets. And maybe you are using strong passwords for all your accounts that are not the same, so the webservice can not your gmail? Maybe.

But I am sure we will see an ugly accident in the near future, people are almost used to the fact that you should type in your userid and password in a popup box and as long as the password is not echo-ed on the screen but hidden with "****" it is safe to use that service.

Or so they think...

If you

• are passionate about the best CMS out there
• know some 5 people who are as well
• want to make name in the Drupal community
• have more time spare then you have spare

PLEASE consider to step forward and send a (detailed) report to the Drupal Association where you apply for organizing the next DrupalCon in North or South America.

We really /really/ can use a group of persons that will help the community, the Drupal ecosphere and themselves by stepping up to become bigger then themselves by being dedicated to make the best DrupalCon even better!

What we need from you:

1. The number of people that are able and willing to work for a period of 6 month more then 8 hours per week to organize this DrupalCon.
2. A venue that can hold between 600-800 people with a main hall that can hold these people and 3 other rooms (all with good facilities like WiFi, video and audio) as well as some BoF rooms.
3. A small plan regarding the schedule. How many days? Tracks for business? Development? End-users?
4. A budget. Do not focus on breaking even, do not focus on sponsors, focus on the cost per attendee for different scenario's.

If you submit this plan to the board within the next two or three weeks, the Drupal Association can look at it and vote for the best candidate. If they choose you, be prepared for eternal Drupal Fame!