The DeskCon Project makes use of the OpenSSL Libraries on Linux and Android. That means that a Heartsbleed Attack is possible, at least at the Desktop side.
Most Android Versions do not have the “Heartbeat” Feature enabled (only Android 4.1.1) so most are save, but to be sure you can use this App to test your Device.
This has been fixed in OpenSSL 1.0.1g. Please update your OpenSSL Package!
This is just a little Side Project, a Desktop Application that lets you browse through Twitch.tv Streams, Channels and open them in your Video Player (VLC, MPlayer, MPV, …). No need for a CPU heavy Flash Plugin. For now it’s for Linux only, but given it is written in Python, a Port to other Systems shouldn’t be difficult. You can get the latest from here.
This Project uses “Livestreamer” to start the streams, more information on their website livestreamer.tanuki.se
Sometimes i like to watch a Stream on Twitch or Justin.tv, but the Flashplayer is always acting up, stutters and eats my CPU. Then I came across Livestreamer, which is a Commandline Program.
And to avoid typing the specific Terminal Command over and over, I developed this GUI Software.
Now I will focus more on DeskCon again.
DeskCon Connection Security2
First of all, I’m not a Security Expert, I just use the well known Encryption and Security standards. So if you find any flaws in how I implemented that stuff, please tell me.
Basically I use self-signed Certificates with a TLSv1.2 SSL Connection. During the “pair”-Process, Desktop and mobile Device exchange their X509v3 Certificate and print out the Fingerprints (sha256), so that the User can verify their Identity. If the User says they match, the Certificates will be stored.
The Certificates are generated from a 2048-bit RSA Key-pair and signed with SHA256 Algorithm.
The SSL Connection is actually over TLSv1,TLSv1.1 or TLSv1.2 depending on your Android Version (TLSv1.2 is supported in Android 4.1 and up) and the OpenSSL Library Version. Server and Client have to authenticate each other with the mentioned Certificates.
So the whole data Transfer is encrypted and the Devices (Desktop and MID) can be sure they talk with the right Machine.
Android Desktop Integration1
I’m more or less finished with an initial Version of the Android App and Desktop Software. The Desktop part consists of 2 Elements. First is the Server running in the Background (no Gui) and Second is an Applet.
The Server shows Desktop Notifications and sends Information to the Applet via Dbus. The Applet is specific to the Desktop Environment (Gnome, Unity,…) you use. The Gnome Shell Version is ready and a Demo can be seen in this Video
I didn’t show the File Transfer and some other stuff, but this is how it will look like.
I’m currently fixing some Bugs, after that I’ll release a first version for Gnome and start working on a Unity Applet. I’ll also describe how the whole Security works in another Post.
I’ve been busy with a new Project lately. It’s an Android App in combination with a Desktop Application, to integrate a Smart-phone in the normal Desktop UI.
I’ve seen “Android Notifier” and “KDE Connect”, both are awesome but don’t work well with Gnome Shell or Ubuntu Unity. There are many Apps out there which already notify you on your Desktop Computer, but most of them are Browser-Extensions which need a Third-party Server (your data is routed over some other website).
So the plan is a new Android App which communicates over the LAN with a Software running on Linux, Windows or Mac. I’m almost finished with the Linux Gnome Shell version and want to release it on Github soon.
Smart Howl Update0
Pushed out an Update of Smart Howl this Week. One of the Key-Features of this Version are Categories, to manage your stored Texts. Some new Customization Options (Theme and Buttons) are also available.
Version 1.0 :
- added Categories
- added Save-Button Option
- added dark Theme Option
- added “click to add to Text” Option
- drop Text in “Favorites” Tab, saves as Favorite
- drop Text on a Category, saves Text in that Category
- merged “All” and “History” Tabs
- some Bugfixes