Introduction#

The patches for the TP-Link M7350 router have been merged into the upstream Rayhunter repository and the device is listed as recommended for European users. m0veax gave a talk on the project at the MRMCD, which presented great insights into how the development happened. I can highly recommend watching the talk if you are interested in the project.

Updating Rayhunter#

As the TP-Link M7350 patches have been merged, running a custom build is no longer necessary to use Rayhunter on this device. As such, I removed the old version of Rayhunter on my device and simply used the installer from the latest version from the repository (0.10.1 as of writing this post). I had an issue that the installer did not create a default configuration file, so I had to create one myself, where I simply set device = "tplink".

New features#

The latest version has made quite a lot of improvements:

• New heuristics
• Improved web interface
• On-device animation / logos

New heuristics#

The most important new feature is the new heuristics. Read up on the heuristics in the Rayhunter documentation. I have not yet encountered any warnings, but I will continue to run Rayhunter and report any findings.

New web interface#

The web interface has been improved significantly with a new design and better usability.

On-device logos#

It is now possible to display various logos and animations on the device's screen.

Conclusion#

Thanks to the great work of everyone involved, stingray detectors are now more accessible than ever. This project is making very good progress. I recommend everyone to watch m0veax's talk and read EFFs post on the Rayhunter.

On the positive side, switching to working full time as an reseacher has been a great decision. I was able to focus on research topics and progress in these projects. Times were busy, but I enjoyed the work and the challenges it brought.

I had my debut as a chaos event organizer at the GPN, where I continued my tradition of organizing the helpers at the unifest, to be now part of the GPN Trollhöhle. I am pretty happy with the team and the feedback we got. Still, there is a lot to improve for this year.

Also related to chaos, was my talk on DOI at the MRMCD. This was my second, it was ok, but looking back I now see a lot of room for improvement. I need to work on my talk pipeline and get more practice in giving talks. I notice that its hard for me to formulate my thoughts in a way that makes the main points clear to the audience. The attention does not go to the words where I want it to go and so it is hard to get the message across. I need to work on this.

I got to travel a bit more, including switzerland, london, berlin, hamburg and munich. I went to fewer BSides than 2024.

In the CTF department, I had an good year. I participated in fewer CTFs than 2024, but I was able to focus on quality over quantity. I made an writup on Lakectf quals pls respond challange.

The bad times were pretty rough. I lost three close family members this year, including my dad. This is something that will stay with me for a long time, and I am still processing it. I am grateful for the time I had with them and the memories we shared, I will never forget them. My dad was a big influence in my life, and I miss him dearly. He was always supportive of my endeavors, and I know he would be proud of what I am doing.

Challenge Overview#

The challenge provides a pcap file named chall.pcap. And the following description: "What are these SMS I received as soon as I connected to the gNB? Hint: To configure NAS5GS, please follow this guide https://github.com/SysSec-KAIST/LTESniffer/blob/main/pcap_file_example/README.md for the first part and enable the NR/5GS equivalent protocols of the LTEs one presented in 2nd part (i.e. MAC-NR,PDCP-NR,RLC-NR,NAS-5GS) PS:These packets are valid transmissions with an actual phone".

chall.pcap

Opening the pcap#

First, I opened the pcap file using Wireshark and configured it to accept the relevant protocols. I first set the DLT_USER table to dissect the relevant protocols as shown in the guide. I then enabled the protocols:

• nas_5gs_udp
• li5g_tls
• rlc_nr_udp
• pdcp_nr_udp
• mac_nr_udp
• ipv6_dect_nr
• + the defaults

as suggested in the hint. This allowed Wireshark to properly dissect the packets. This configuration is shown in the following screenshots:

Analyzing the packets#

After configuring Wireshark, I looked through the packets. Wireshark could reassemble PDCP-NR packets. Looking through the reassembled PDCP-NR packets, I found several NAS-5GS messages containing SMS data. In total, there were 4 SMS messages. The first message is a text message, while the other three contain binary data.

Extracting the SMS messages#

The contents of the SMS messages are defined in the GSM 03.40 standard, which is now maintained by 3GPP as TS 23.040 and ETSI as TS 123 040. The current version is 19.0.0 (December 2025). This standard defines formats for SMS messages, including text, images, animations, and sounds. For more advanced formats than just text, a data structure called User Data Header (UDH) is used to indicate the type of SMS message and how to interpret the data. Following the UDH are the actual data contained as Information Elements (IEs). These IEs are defined in the standard and are assigned specific identifiers (IEIs, Page 75). Outside the UDH, a SMS text indicates a simple text message for the format, when the UDH is not understood by the receiving device.

Message 1: Text Message#

The first SMS message was a simple text message. No User Data header. I extracted the text and this gives the first part of the flag: EPFL{Did_y0u_know_th4t_.

Message 2: Animation#

A IEI of 0x0e indicates a "Large Animation (16*16 times 4)". Within the standard, an animation (9.2.3.24.10.3.3) is simply defined as sequence of 4 pictures. A picture (9.2.3.24.10.3.2) is a pixel grid where each bit represents a pixel, that can be white (0) or black (1).

I quickly wrote a script to parse the animation data and render each frame as an image. The animation frames are as follows:

This gives the second part of the flag: SMS_h4s_s0_many_.

Message 3: iMelody#

Next, the third SMS contains the IEI 0x0c, which indicates an "iMelody" message. iMelody is a format for ringtones based on the work of Sony Ericsson back in the day, defined in the iMelody specification by the Infrared Data Association. As a side note, I had a Sony Ericsson phone, and I remember opening up iMelody files on it, but not understanding the format.

The iMelody data contained is ASCII text:

BEGIN:IMELODY
VERSION:1.2
FORMAT:CLASS1.0
STYLE:S2
MELODY:c4c4c4r2c2r2c4c2c4r2c4c4c4c4c2r2c2c4r2c2c2c4r2c4
END:IMELODY

The melody section contains notes and durations. I wrote a small script to parse the melody and create a WAV file. c4 denotes a short C note, and c2 a long C note, r2 denotes a rest. This is what the IMelody sounds like:

... - .-. ....- -. --. .

Decoding the Morse code gives the third part of the flag: STR4NGE_.

Thanks to n0rdan for getting the correct Morse code translation and providing the iMelody spec.

Message 4: Wireless Vector Graphic (WVG)#

The fourth SMS message was the hardest to interpret. It contained the IEI 0x18, which is a "Standard WVG object". The Wireless Vector Graphic (WVG), is a vector image format for mobile devices, described in Annex G of the standard. I did not find existing parsers for this format.

The Annex G provides a BNF for the format and general descriptions of the various elements. I go into more detail about WVG in Annex A at the end of this writeup.

During the CTF, I did not manage to get the parser to work 100%. Alkalem came in and provided a working parser during the CTF. With his result, my parser could be fixed and gave this structure:

WvgDrawing
├── Header
│   ├── is_standard: ✓
│   ├── version: 0
│   ├── ColorConfig
│   │   ├── scheme: 0 (Black & White)
│   │   ├── default_line_color: RGB(0, 0, 0)
│   │   ├── default_fill_color: RGB(0, 0, 0)
│   │   └── background_color: RGB(255, 255, 255)
│   └── CodecParams
│       ├── ElementMask
│       │   ├── enabled_count: 3
│       │   ├── element_type_bits: 2
│       │   ├── local_envelope: ✗
│       │   ├── polyline: ✓
│       │   ├── circular_polyline: ✓
│       │   ├── bezier_polyline: ✗
│       │   ├── simple_shape: ✗
│       │   ├── reuse: ✓
│       │   ├── group: ✗
│       │   ├── animation: ✗
│       │   ├── has_extension: ✗
│       │   └── enabled_types: [Polyline, CircularPolyline, Reuse]
│       ├── AttributeMask
│       │   ├── is_empty: ✓
│       │   ├── line_type: ✗
│       │   ├── line_width: ✗
│       │   ├── fill: ✗
│       │   └── line_color: ✗
│       ├── GenericParams
│       │   ├── angle_resolution: 3 (22.5°)
│       │   ├── angle_in_bits: 3
│       │   ├── scale_resolution: 0 (1/4)
│       │   ├── scale_in_bits: 3
│       │   ├── index_in_bits: 4
│       │   └── curve_offset_in_bits: 4
│       └── FlatParams
│           ├── drawing_size: 128x32
│           ├── max_x_in_bits: 7
│           ├── max_y_in_bits: 5
│           ├── xy_all_positive: ✓
│           ├── trans_xy_in_bits: 7
│           ├── offset_x: level1=3, level2=5
│           ├── offset_y: level1=3, level2=5
│           └── num_points_in_bits: 3
└── Elements (18 total)
    ├── [0] Polyline
    │   ├── point_count: 1
    │   └── points:
    │       └──[0] (83, 9) ← start (absolute)
    ├── [1] Polyline
    │   ├── point_count: 2
    │   └── points:
    │       ├──[0] (83, 14) ← start (absolute)
    │       └──[1] (83, 25) Δ(+0, +11)
    ├── [2] CircularPolyline
    │   ├── point_count: 4
    │   ├── curve_offsets: [0, -6, -4]
    │   └── points:
    │       ├──[0] (3, 15) ← start (absolute)
    │       ├──[1] (16, 15) Δ(+13, +0) [straight]
    │       ├──[2] (3, 15) Δ(-13, +0) [curve=-6]
    │       └──[3] (16, 22) Δ(+13, +7) [curve=-4]
    ├── [3] Polyline
    │   ├── point_count: 2
    │   └── points:
    │       ├──[0] (18, 12) ← start (absolute)
    │       └──[1] (28, 23) Δ(+10, +11)
    ├── [4] Polyline
    │   ├── point_count: 2
    │   └── points:
    │       ├──[0] (18, 23) ← start (absolute)
    │       └──[1] (28, 12) Δ(+10, -11)
    ├── [5] Polyline
    │   ├── point_count: 2
    │   └── points:
    │       ├──[0] (34, 9) ← start (absolute)
    │       └──[1] (34, 24) Δ(+0, +15)
    ├── [6] Polyline
    │   ├── point_count: 2
    │   └── points:
    │       ├──[0] (34, 15) ← start (absolute)
    │       └──[1] (37, 15) Δ(+3, +0)
    ├── [7] CircularPolyline
    │   ├── point_count: 5
    │   ├── curve_offsets: [4, 4, 4, 4]
    │   └── points:
    │       ├──[0] (41, 10) ← start (absolute)
    │       ├──[1] (49, 10) Δ(+8, +0) [curve=4]
    │       ├──[2] (49, 17) Δ(+0, +7) [curve=4]
    │       ├──[3] (49, 24) Δ(+0, +7) [curve=4]
    │       └──[4] (41, 24) Δ(-8, +0) [curve=4]
    ├── [8] Polyline
    │   ├── point_count: 2
    │   └── points:
    │       ├──[0] (42, 17) ← start (absolute)
    │       └──[1] (49, 17) Δ(+7, +0)
    ├── [9] CircularPolyline
    │   ├── point_count: 3
    │   ├── curve_offsets: [3, 0]
    │   └── points:
    │       ├──[0] (58, 15) ← start (absolute)
    │       ├──[1] (66, 15) Δ(+8, +0) [curve=3]
    │       └──[2] (66, 25) Δ(+0, +10) [straight]
    ├── [10] Polyline
    │   ├── point_count: 2
    │   └── points:
    │       ├──[0] (58, 11) ← start (absolute)
    │       └──[1] (58, 25) Δ(+0, +14)
    ├── [11] CircularPolyline
    │   ├── point_count: 4
    │   ├── curve_offsets: [-5, 0, 5]
    │   └── points:
    │       ├──[0] (78, 12) ← start (absolute)
    │       ├──[1] (70, 12) Δ(-8, +0) [curve=-5]
    │       ├──[2] (77, 23) Δ(+7, +11) [straight]
    │       └──[3] (70, 23) Δ(-7, +0) [curve=5]
    ├── [12] CircularPolyline
    │   ├── point_count: 6
    │   ├── curve_offsets: [0, -3, 0, -3, 0]
    │   └── points:
    │       ├──[0] (89, 12) ← start (absolute)
    │       ├──[1] (89, 26) Δ(+0, +14) [straight]
    │       ├──[2] (95, 26) Δ(+6, +0) [curve=-3]
    │       ├──[3] (95, 12) Δ(+0, -14) [straight]
    │       ├──[4] (89, 12) Δ(-6, +0) [curve=-3]
    │       └──[5] (95, 26) Δ(+6, +14) [straight]
    ├── [13] Reuse
    │   ├── element_index: 9 (references element #9)
    │   ├── Transform
    │   │   ├── translate: (41, 0)
    │   │   └── (no rotation/scale)
    │   └── has_array: ✗ (single instance)
    ├── [14] Reuse
    │   ├── element_index: 10 (references element #10)
    │   ├── Transform
    │   │   ├── translate: (41, 0)
    │   │   └── (no rotation/scale)
    │   └── has_array: ✗ (single instance)
    ├── [15] Reuse
    │   ├── element_index: 11 (references element #11)
    │   ├── Transform
    │   │   ├── translate: (40, 0)
    │   │   └── (no rotation/scale)
    │   └── has_array: ✗ (single instance)
    ├── [16] CircularPolyline
    │   ├── point_count: 7
    │   ├── curve_offsets: [6, 0, 0, 0, 0, 6]
    │   └── points:
    │       ├──[0] (122, 7) ← start (absolute)
    │       ├──[1] (124, 10) Δ(+2, +3) [curve=6]
    │       ├──[2] (124, 15) Δ(+0, +5) [straight]
    │       ├──[3] (127, 18) Δ(+3, +3) [straight]
    │       ├──[4] (124, 21) Δ(-3, +3) [straight]
    │       ├──[5] (124, 26) Δ(+0, +5) [straight]
    │       └──[6] (122, 29) Δ(-2, +3) [curve=6]
    └── [17] Polyline
        ├── point_count: 2
        └── points:
            ├──[0] (0, 28) ← start (absolute)
            └──[1] (6, 28) Δ(+6, +0)

Rendering it to SVG gives the following image:

So finally, the fourth part of the flag is: _ext3nsi0ns}.

Wrong Avenues#

At first, I did not see the GSM packets and thought I had to look into more recent NR formats, which might be encrypted with NAS5GS security. So I tried to decrypt them using various methods, but this was a dead end.

Issues with the specification#

There are some mistakes and missing details in the specification:

• Circular polylines have at least two points, but the number of points is stored as point_count - 2.
• Signed offset integer size depends on a flag, but the specification lists the same conditions for both sizes (=0). It should be (=1) for the larger size (Page 204 in Annex G).

Conclusion#

The flag was

EPFL{Did_y0u_know_th4t_SMS_h4s_s0_many_STR4NGE_ext3nsi0ns}EPFL{Did_y0u_know_th4t_SMS_h4s_s0_many_STR4NGE_ext3nsi0ns}EPFL{Did_y0u_know_th4t_SMS_h4s_s0_many_STR4NGE_ext3nsi0ns}

which I did not.

All code used and artifacts produced are available on GitHub.

Overall, I had fun working on this challenge. It was the first challenge I looked at, and I made some good progress early on, but the WVG part was hard. I found it interesting to see SMS message formats. There is a world of formats where people put in the effort to make things work on limited devices and networks. They decided to create big PDFs, but in the end these formats became irrelevant with modern smartphones. Still, its in the spec and applicable to 5G SMS messages.

This CTF was played as a collaboration between Royal Roppers and KITCTF, combinding each countries' leading Institutes of TechnologyInstitutes of Technology.

Sources#

• Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; 5G; Technical realization of the Short Message Service (SMS):
  • Originating GSM specification
  • .docx by 3GPP
  • PDF by ETSI
• Background on Formats:
  • https://en.wikipedia.org/wiki/User_Data_Header
  • https://en.wikipedia.org/wiki/GSM_03.40
• IMelody:
  • iMelody Wikipedia
  • iMelody by the Infrared Data Association

Annex A: More on the Wireless Vector Graphic (WVG)#

Wireless Vector Graphic (WVG) is a binary format for vector graphics. It consists of a header and elements. The format comes in various flavors. First, there is standard and character size WVG. The latter is used inline in text to represent handwritten glyphs or glyphs not present in the font. There are various compression modes and variable integer lengths. The format supports two coordinate systems, flat and compact. Each of these settings changes the semantics of the binary format. Coordinates can be represented by absolute positions or relative to another coordinate. The format supports color in multiple formats and has a default websafe color palette.

Elements: There are 9 basic elements and additional elements for advanced usage:

• Lines
  • Polyline
  • Circular polyline
  • Bezier polyline
• Polygons
  • Basic:
    • Ellipse
    • Rectangle (with rounded corners)
  • Special:
    • Regular polygon
    • Star
    • Grid
• Text
• Group
• Reuse
• Simple & Standard animation
• Frame
• Extended

Relevant for this challenge are standard WVG, flat coordinate system, black & white color scheme, and the elements polyline, circular polyline, and reuse.

The header defines which elements are used, so that the type indicator in each element uses as few bits as possible (2 in this case, for the three elements). The header also defines how many bits are used for coordinates and integers. In the format, relative coordinates can be encoded in two levels of precision. The number of bits for each level is given in the header; which level is used is given in the element.

A polyline is a sequence of connected line segments defined by points. In our setup, the first point is absolute, and subsequent points are relative to the previous point.

A circular polyline is similar to a polyline but supports curved segments. Each curved segment has a curve offset defining the curvature, by a formula given in the specification.

A reuse element references another element by its index and applies a transformation (translation, rotation, scaling) to it. In our case, only translation is used.

• David Bushell
• Bert Peters
• jwz
• Joachim Breitner
• Surma
• R. Knight
• Danny van Kooten
• Gwern
• Jeremy Kun
• Glyph
• Jarv
• Sebastian Hahner
• Nick Walker
• Pascoda
• Herman Martinus
• Chrisliebaer
• Ju256
• Intrigus
• Wachter Space
• Phil Venables
• Fefe
• Tim Bray
• Brad Fitzpatrick
• Moxie Marlinspike
• Martin Leyrer
• Stuart Thomson
• Davis Haupt
• Chris McLeod
• tabi
• Xe Iaso
• Edward Kim
• George Song
• YDRENIV
• James
• Taggart Tech
• Danny van Kooten
• Hanemile
• ik0ri4n
• Snarfed
• Mathias Endler
• 0xkato
• Max Böck
• David Dodda
• Brett Cannon
• Adam McKerlie
• Josh Comeau
• Ondrej Sevcik
• Andre Arko
• Salvatore Abello
• Alisa Sireneva
• Brian Krebs
• Troy Hunt
• Eric Migicovsky

Overall Concept#

I decided on a high-contrast black-and-white design for maximum visibility. As it is printed on white paper, I opted for a black border resembling a dog tag. The written text includes my name, email address, and DECT number. I further use the domain "rx.mt" for my asset IDs, storing them as subdomains (e.g., i1000.rx.mt) with TXT and LOC records for additional information. The design features test card colors on the bottom and a red box as design elements.

First Design Iteration#

This is printed on 70mm x 36mm labels, which are rather large but provide enough space for the information and can be printed on A4 sheets. This is the first iteration of the design:

Second Design Iteration#

From this first design, I created a second iteration with a bunch of logos. Of course, I only used logos that my stuff complies with. Also, I designed a datamatrix code that encodes the asset ID. Here's the updated design:

Small Label Variant#

I also created a smaller variant of the label for smaller items. This one is 50mm x 20mm.

Simple Pay#

Simple Pay was developed as a Smartphone based payment solution for a "School-as-a-State" project at the Helmholtz Gymnasium. I was into cryptocurrency at the time and wanted to create a digital wallet for students to use within the school ecosystem. Additionally, it had the goal to be used without internet access. Simple Pay had a Blockchain-based approach and no server-side components, but with my friends and me acting as a central authority to validate transactions. Transactions were performed by scanning QR codes and connecting to each other's devices via Bluetooth or Wi-Fi Direct. It used a lot of cryptography, that I did not understand fully at the time. My understanding of cryptography at the time was very superficial. It was fun to develop, I learned a lot about Android development, I wanted to make the App comparable to existing simple yet highly engineered Android apps.

Drink Manager#

Drink Manager is an app I developed to have an overview of Cocktail recipes and Cocktails overall. It's based on CocktailDB, a free API for cocktail recipes, but I ended up just downloading the data and storing it locally. The app was developed using Flutter. The App allows users to browse Cocktails by Categories, such as IBA classification, and by ingredients. Additionally, users can create shopping lists for the ingredients they need to make their favorite cocktails.

Rent and Lend#

Rent and Lend was developed during my time at university in the Software Engineering Practice module. Its basically "Kleinanzeigen" for borrowing and lending items within a local community. It consisted of a frontend and backend, with the frontend built using Kotlin and the backend using Spring Boot. We used OpenAPI to document our RESTful API. The app was developed using the waterfall model, which is a requirement for the module.

Hotinert_two#

Hotinert_two was developed for the Mobile computing and IoT module at university. It is also developed using flutter and is an app for the TECO affiliated Earable platform, which are earphones with integrated sensors. The app is a labyrinth game that uses the sensors to detect head movements and control the player's movement through the maze. Its inspired by the Among Us minigame "Weather Node". This game was developed in conjunction with a Tetris clone webapp that was controlled by the phones yaw and pitch sensors.

Glass Authenticator#

Glass Authenticator is a replication of authentication schemes [0] for the Google Glass, which runs on Android. It provided three authentication methods: voice commands, head movement and touch. It additionally provided an admin panel to setup a user study and was configurable with QR codes. The Google Glass has very poor processing power, even these simple schemes had performance issues and it required extensive optimization to run smoothly.

[0] Y. Li, Y. Cheng, W. Meng, Y. Li and R. H. Deng, "Designing Leakage-Resilient Password Entry on Head-Mounted Smart Wearable Glass Devices," in IEEE Transactions on Information Forensics and Security, vol. 16, pp. 307-321, 2021, doi: 10.1109/TIFS.2020.3013212.

I am pretty happy with this phone, it's the first true flagship I have ever owned. I think it's security features are the best on the market, I like having emergency satellite conenectivity, and the camera is great. I also like the design and Android is a must for smartphones for me. The display is also great, but it now has a defect. A vertical pink line has appeared on the display. I called a repair shop working with Google and they said that the display needs to be replaced, but they don't have the parts yet. Oh well.

Update: I went to another repair shop and they also did not have the parts. This is getting frustrating. I contacted Google support again and they sent me a replacement phone, but I had to make a deposit.

These effects can occur when the subunit has strong leadership and culture, is able to generate / acquire and manage resources independently or has stronger relationships with the outside world than the main organization. The subunit can then become more independent and may even start to compete with the main organization. This can lead to a loss of control for the main organization and weaken other subunits, which may lead to the main organization losing its relevance. These strong subunits may be truly able to operate some parts better than the main organization. They may start to do more and more things independently and pull away resources from the main organization. Even though this use of resources may result in better outcomes compared to the main organization allocating the resources and letting the subunits operate under its umbrella, it can lead to a fragmentation of the organization and it may hinder applying the successful strategies to the whole organization. Also it may be that other subunits operate in a more difficult environment, so pulling away resources from them may lead to a disproportionate reduction in their performance.

An organization in which one subunit performs exceptional, while straining the other subunits is not healthy on the long run. On a short time scale it can be beneficial, the strong subunit can be a source of innovation and success, but these strategies need to be applied to the whole organization. The strong subunit may also be able to provide resources and training to the main organization. The subunit must still find value in the main organization, otherwise it will see it as a burden, red tape and parasitism. The other subunits may also feel neglected and may not be able to compete with the strong subunit, leading to a loss of morale and motivation.

To conclude, centrifugal effects can be dangerous and control measures need to taken to mitigate them. The main organization needs to ensure that the subunits are aligned with its goals and that they are not pulling away resources from the main organization. On a short time scale centrifugal effects can be beneficial, but on the long run, the main organization needs to reevaluate itself and focus on its core competencies and the essential.

On this website, you can find a colorful animation of blobs. It's based on React Bits Meta Balls with further modifications. Feel free to check it out and let me know what you think! I am especially interested in adding new effects, let me know if you have any ideas. Put it on a projector!

Think about inventing the croissant. That's the basic form, and now you add chocolate, nuts or whatever or you add lye and make a pretzel croissant. That's the highly refined thing. Another example is in software: You have a basic text editor and it is really useful, but then take Word, which adds layers and layers of features, enterprise features and so on. The core is still a text editor, but it was extended so much that other text editors are not even comparable.

In a way inventing the basic form is harder and more creative than the highly refined thing. It is good, because it inspired a lot of more innovation on top of it. But the basic form might not become the most popular thing or the most influential thing. The highly refined thing might also not be so intellectually interesting, for example you have a basic form that is really takes a lot of brainpower to create, and then you scale it up, but repeating the same thing over and over and glue it together.

In a way, highly refining something and improving the basic form so much is creating a new thing. The croissant is a refined bread roll. The difference between bread roll and croissant and croissant and chocolate croissant is the depth on which it was refined. So in a way sticking existing ideas on top of each other is a way to create a new thing.

To conclude, I think sometimes highly refined things can be boring, but then again there are also highly refined things that apply smarter ideas and thus are more interesting. It's really the quality of the refinement that matters. Finding refinements that inspire more refinements on top are the most interesting. Sometimes you just gotta glue things together and make it work. But if each of the layers is not so smart, then the whole thing is not so interesting.

What makes it fascinating is that their web design often mirrors their architectural style. And of course, the architecture itself is amazing to look at. You start noticing recurring themes within a single architect’s style, and the differences between firms. It's like visual storytelling, layered in both buildings and websites.

Here are a few architecture firms whose work has influenced me personally:

• Herzog & de Meuron (Basel): Elbphilharmonie, Allianz Arena, Roche Towers
• SEHW (Berlin): New Fraunhofer SIT building “Eisberg”
• Bernhardt + Partner (Darmstadt): Informatikom 1 & 2
• Werner Sobek (Stuttgart): Facade of Informatikom 1
• Meyer Architekten (Düsseldorf): Modernisation of the Math Building in Karlsruhe
• Gehry Partners (Los Angeles): DZ Bank at Pariser Platz in Berlin, Vitra Design Museum unfortunately, not much on their website
• Hundertwasser: Bahnhof Uelzen, Die Wald-Spirale in Darmstadt
• Foster + Partners (London): Reichstag Berlin renovation, Commerzbank Tower, Apple Park

The workaround is to install Google Fit in a work profile. I use Shelter to manage my work profile. I installed Google Fit in the work profile and then set up my Google account and can see my historical data. I think this has to do with Health Connect. Somehow, Google Fit is not able to write historical data to Health Connect, but the data is in the cloud storage dedicated for Google Fit. The work profile does not have access to Health Connect, so Google Fit fetches the data from the original source, but the new data is also there. When I look at the data in Health Connect, I can see that the historical data is not there. It's not optimal, because now I have two instances of Google Fit and had to sign in to my Google account on the work profile. But at least I can see my historical data again.

The root cause of the problem is that Google Fit is not able to write historical data to Health Connect. If anyone has a solution to this, please let me know.

Also, I think Google Fit does a bad job at displaying time series data because you can only select to view weekly, monthly, three-monthly, or yearly data, which is paginated according to the selected time period. I would like to view the data in a continuous time series together with a regression line and markings for significant events.

Disclaimer: Don't get me wrong, Cro is musically very talented, but has songs that cover trivial topics.

One of his first popular songs, from 2012, is "Easy" and it is genius. Its certified 3x platinum in Germany. The song is about Cro being laid-back, but interacting with a woman called Isi, who is not laid-back and Cro is happy that they split up. The song samples "Sunny" by Bobby Hebb. the lyrics "Easy" are replaced with a sample from this song. What I find interesting is that the song is this sample, it sounds good and also the structure. It just consists of Intro, Verse, Hook and Outro, which is unusual for a pop song. For the ten-year anniversary of the song Cro rerecorded the song and released remixes. I like the remix from Roosevelt.

His albums "Roap", "MTV Unplugged: Cro" and "Melodie" capture a similar vibe. The songs are catchy.

Before his success, Cro was rapping in the underground. He did battle rap with Reimliga Battle Arena (RBA) under the name "Lyr1c". Many artists have been there including Kollegah and Juju. Cro later returned to the RBA in 2015 and battled against BlaDesa. In particular, I like the Rückrunde 2 from Cro, where Cro has a funny line about "Notaufnahme", his opponent only covering superficial topics "that could be from Cro" and him referencing his song "Whatever".

Cro also evolved his sound. His album "tru." is a departure from his previous work. To me it sounds more mature, introspective and experimental. The song "Unendlichkeit" is a good example of this. It's about having reached the top and continuing to strive for more. Another song, "Baum", also has a more serious tone.

His melodies are catchy and still sound fresh. German newcomer Zah1de used "Einmal um die Welt" and replaced the Verses with her own lyrics.

Cro in a way stayed approachable for his fans. There was a story about a fan of Culcha Candela who wanted them to play at her birthday party. The band makes snarky remarks about it and said would you ask Cro or Drake to play? Later Cro reached out to her and offered to play at her birthday party.

UPDATE: This post has been written in April 2025. In February 2026, I updated to the latest version of Rayhunter, which has made quite a lot of improvements. Read about it in my follow-up post here.

Rooting the TP-Link M7350 v8#

Last time I heard about TP-Link, it was because TP-Links security is a joke. TP-Link routers are only good to install OpenWrt on, because they are so easy to root; don't use them for anything serious. The same is true for their modems.

There exist multiple hardware revisions for the device, with v3 and v4 having good rooting scripts. I have a v8, which can be rooted using the "Chrome hack". GitHub user Ping2A discovered that the following JavaScript snippet opens telnet:

Globals.models.PTModel.add({applicationName: "telnet", enableState: 1, entryId: 1, openPort: "2300-2400", openProtocol: "TCP", triggerPort: "$(busybox telnetd -l /bin/sh)", triggerProtocol: "TCP"})

Essentially, it is a system command injection vulnerability in the admin panel.

Telneting into the device shows we are root. Looking around, the system does not inspire confidence in terms of TP-Link's security; the device runs Linux 3.18.20 and a "tp-link-ca" certificate is installed, which uses 2048-bit RSA and has a validity until 2068.

To get better shell access, adbd can be enabled:

/ # usb_composition
usb_composition
boot hsusb composition: 902B
boot hsic composition: empty
Choose Composition by Pid:
   <snip>
   902B -       RNDIS + ADB + Mass Storage
   <snip>
   tplink -     RNDIS + Mass Storage:ECM + Mass Storage(User Mode)
   tplink_rndis -       RNDIS + Mass Storage:ECM + Mass Storage(User Mode)
Pid number : 902B
902B
Choose core: y - hsic, n - hsusb  ? (y/n)n
n
Would you like it to be the default composition ? (y/n)y
y
Would you like the composition to change immediately? (y/n)y
y
Are you performing the composition switch from adbd? (y/n)n
n
Switching to composition number 0x902B
/ # Starting adbd: done

Uploading Rayhunter#

A custom build of Rayhunter is provided by m0veax; I use this version. Some of the changes have been added upstream; I have not tested them.

adb push rayhunter.config
adb push rayhunter-deamon

Starting Rayhunter#

Rayhunter states that it is recommended to install a SIM card, but it does not need to be online. Luckily, I had my old Vodafone SIM card lying around, which I migrated to eSIM in December to be able to use a Chaos Card. Thus, I did not need to go to the Handyshop. The TP-Link did not take my PIN, so I plugged it into my phone, removed the PIN, and put it back in the TP-Link.

On ADB, Rayhunter can be started:

# /media/card/rayhunter-daemon /data/rayhunter/config.toml

Rayhunter Web Interface#

On port 8080, Rayhunter serves a web interface, showing information about the software itself and the analysis.

The PCAPs can be downloaded and analyzed in Wireshark.

Conclusion#

Lucky for me but also boringly, I have not yet encountered a warning. I will continue to run the software, especially when I am in Hamburg in December again. I have encountered decoding errors due to "CHOICE Addition not supported yet" and "ignoring unhandled log type: WcdmaSignallingMessage". Furthermore, I thank everyone involved with getting Rayhunter on the TP-Link and my colleagues for gifting me the device. In the future, I hope to see the patches upstream and new features added. Finally, I recommend installing an SD card to store the logs and PCAPs.

Sources#

• EFF Rayhunter
• m0veax Rayhunter port
• Issue 186 and Issue 106
• m0veax research on TP-Link M7350

I specifically remember the talk "What's cooking in GNOME?" by Tobias Mueller about the GNOME project at GPN14. He talked about Gnome doing releases every 6 months, while the distributions do releases every half a year (27:30) and how Gnome software compiles compared to enlightenment. Also in this talk, he mentioned the GUADEC in 2014 in Strasbourg, which I visited briefly as I was in the city with my school class at the time. It is amazing to think that I have given a talk at GPN in 2024 at the same stage as Tobias did 10 years ago. In some way I am impressed by this realization.

I probably attended previous GPNs, but I don't have any specific memories of them. I am happy to be part of organizing the event now. I look forward to the next 10 years of GPN and the many more events to come.

Update 27.06.2025: I remembered another GPN I attended, it must have been GPN8 in 2009. I remember because it was during Ursula von der Leyens tenure as Minister of Family Affairs. She proposed to force ISPs to present literal "Stop Signs" to users when they visit illegal websites. The people at GPN were not happy about this and people were printing out stop signs and putting them on other people's signs as a joke like this.

This post should really be titled "16 Years of GPN".

Before you acquire a domain, check the history of the domain.

1. Wayback Machine
2. Check the domain on VirusTotal
3. Also check certificate transparency logs.

After you acquire the domain:

1. Add DNS
   • Add MX records
   • Add SPF, DKIM, DMARC
   • Add A records
   • Add AAAA records
   • CAA records
2. Add to Have I Been Pwned
3. Setup RedSift Monitoring
4. Add to Google Search Console
5. Add to Google Postmaster
6. Add to HSTS Preload List
7. Enable DNSSEC

Introduction to Passkeys#

Passkey is the user-friendly name for FIDO2 Credentials. This scheme is based on public key cryptography. The basic idea is that the user generates a key pair, the server stores the public key and when the user wants to authenticate, the server sends a challenge to the user. The user signs the challenge with the private key and sends it back to the server. To make it work two specifications are used: WebAuthn and CTAP2. WebAuthn is a W3C standard that defines the API for web applications to use FIDO2 credentials. CTAP2 is a protocol that defines how the client (e.g. a browser) communicates with the authenticator (e.g. a hardware token or a mobile phone) over NFC, BLE or USB.

Advantages of Passkeys#

The sales pitch of passkeys is that they are phishing resistant, resistant to stuffing, can optionally have a second factor built in, always have high entropy, but don't require the user to remember anything. Of course, these things are implementation dependent. A CVE was published which allows phishing. See this writeup on CVE-2024-9956 by Tobia Righi.

Attestation and the Metadata Service#

Attestation is how the authenticator proves to the server that it is a genuine, secure, device. The authenticator uses a special keypair to sign the attestation statement, ensuring that the credential keypair was generated on this device. The server checks the attestation signature against public keys of the vendor. For this FIDO offers the MDS. Olivier Potonniée has developed a good explorer website, which is available at FIDO MDS Explorer. Devices can be FIDO certified, ensuring functionality and some security properties. Read more about the certification in FIDO Certification Program. Certification is done by accredited labs. These labs must be accredited according to ISO/IEC 17025 and hold additional accreditation such as Common Criteria (CC) or FIPS 140-3. The labs are listed here. The MDS explorer shows the certification status of the devices.

Analyzing the MDS#

I will only focus on certified devices. FIDO MDS Explorer is used as a source for the data.

The Good#

No vendor currently offers a device that is certified at the highest level L3. There are currently 9 vendors with L2 devices. L2 requires the use of a secure element, thus software implementations are not allowed. From these, some are not purchasable, either because they are not available or because they are not sold to consumers. The following vendors are looked at in more details: Feitian, Token2, TrustKey and Yubico.

Yubico#

Yubico is the most well known vendor. They offer a wide range of devices, with different form factors, connectors and fingerprint readers. Notably, their firmware is not updatable. Yubico is a good choice for most users, as they are well supported and established, but they are not the cheapest and only support 100 credentials.

TrustKey#

TrustKey is a korean vendor, their devices are purchasable on Amazon, but the reviews are not great and their documentation is lacking.

Feitian#

Feitian is a chinese vendor, uniquely they support unlimited credentials. They offer various devices, with connectors and biometrics. They state at least 10 years of storage.

Token2#

Token2 is a swiss vendor, they are cheap and support 300 credentials, as well as PIV. Their firmware is updatable and open source, having passed an independent audit. Their Firmware is available on GitHub and based on this project implementing FIDO2 for Java Card. Their security model states "This application is likely not secure" [security_model.md]. The certification of Token2 is done by Bank Card Test Center Shenzhen Branch. The device is programmable, which I like and the case has a nice design.

The Bad#

Ledger#

The Ledger (Zoomer) Crypto Wallet is a hardware wallet, but it also supports FIDO2, but it is not FIDO certified, which might cause incompatibility.

Windows Hello#

Windows Hello is a software based authenticator and FIDO certified, but it only uses COSE Algorithm -257, which is RSASSA-PKCS1-v1_5 with SHA-256. This algorithm is not recommended according to RFC 7518, but TPMs support it.

The Ugly#

Google Titan#

I use the Google Titan YT1, which is a hardware token, but only supports FIDO 2.0 and not the newer FIDO 2.1. This is a problem as you cannot manage the credentials on the device, you can't delete them and you can't set a PIN. It lacks NFC. I got it for free from DEFCON, but I would not recommend it.

Nitrokey#

Nitrokey is a german company and they offer Nitrokey, which supports FIDO2 and PIV, but it only supports 27 ECC keys and its pricing is comparable to Yubico. Its firmware is open source, but 27 keys is just not enough.

The Funny#

The Company Token offers a Ring, a Token Ring. This is unrelated to the Token2 company. Valmido offers a device praising it as a "next-generation smartcard", which has a wooden finish, a display and a fingerprint reader. Cryptnox build a smartcard based (Zoomer) crypto hardware wallet, which is FIDO certified.

Conclusion#

For a hardware token I would buy one Token2 and one Feitian, as they are cheap and have good features. I would not buy a Yubico, as they are expensive and have limited features. If you have a Ledger, you can use it as an authenticator. For a software based authenticator I use Bitwarden.

So here is the list:

• Publish a paper
• Give more talks
• Build awesome technology
• Get better at CTF
• Do more organizing of events
• Enrich the community

These are all related to my passion for security and technology. But while focusing on these things, I must not forget what really matters: my friends and family, my health, my sanity and all the other mundane things.

Publish a paper#

I have a few ideas, but I also know writing a paper is hard and getting it published is harder. The ingredients are clear: solid fundamentals, a good idea, and good execution. I think I can do it, but I need to put in the work. Also, I want to publish in a community run zine like Phrack or Paged Out!

Give more talks#

I have given a few talks and it is a lot of fun. I want to give more talks, but I also want to give better talks. I am especially interested in giving a talk at a hacking conference, like Congress, but smaller or something more underground like BSides or just at a local meetup. I need to create a talk pipeline, where I can just come up with ideas, do some research and then look for suitable venues. I want to work on topics which are interesting, where I can add value (no "intro to X" or "infosec 101") and where I can learn something. Feedback and talking with the audience is important, so I can learn more and improve my skills.

Build awesome technology#

I want to build awesome technology. Just like a wacky side project, something which is useful, uses novel approaches and is build with a tech stack I like. This would ideally come out of other projects, like my work or ctf.

Get better at CTF#

CTF is a lot of fun, as it combines technology, problem solving and competition within a community. To hone my skills, I need to play more CTFs, build challenges, do writeups and talks.

Do more organizing of events#

During my time at university, I was involved with Unifest and with smaller festivities. This was a very valuable experience, because the people I met, the things I learned and the service it provided to the community. I want more of that, with myself doing more advanced organizing. So to start, I am involved with organizing the helpers for GPN, previously I did the same for Unifest. In the future, I want to organize a conference myself.

Enrich the community#

I also want to share my knowledge and experience with the community, this can be done in ways described above, but I also want to give back to a broader audience. I'm not sure how to do this yet. I have thought about starting a youtube channel multiple times, but when I look at the current landscape, I don't think I can reach the scale I want to reach. I look at creators that do similar things, and I see so many that were not sustainable, of course there a people who succeed like LiveOverflow or Low Level, but they are the exception. There are others, which were able to build a community, but their concept is not what I believe in, like flashy, "how to darknet" type of stuff. I want something more fundamental and innovative. One way to reach a broader audience is to give surface level talks. I once was at a event where a guy was introduced with "programmed since he was 10 and build websites since he was 12". I don't want to be that guy. When you are in the computer pool past 10pm, everybody did this. This is not a flex, this is the bare minimum. So I can give comparable talks, but surface level talks are not what I am after. I don't have an idea on how to do this. I still need to cook up a real concept, and then find the time to do it.

Sometimes we are so stuck in our ways of thinking that we don't even consider the simple approach. For example in Germany certain public services are overengineered, but it works.

What makes something more complex or simple? Simplicity is more about directly using the first principles and building up from a lower level. Complexity is of course also build on first principles, but it is using more layers of abstraction, building on a more shaky foundation which is secured by more pillars.

Why we use complex approaches, when we could use simple approaches? Occam's razor recommends to use the simplest approach, which incorporates all the requirements. This is generally good advice, why cook up something insane, when you can also just do it? A simple approach is not more shallow or of lesser quality, it is just more direct.

In which cases is a complex approach better? First of all, we need a complex approach, when we don't know the simple approach. But there are also cases where a complex approach is better, because it is more flexible, innovative, tries to solve a problem in a more general way or is the standard, tried and true, approach.

The truth is, there will always be someone better than me. I ask what are they doing that I am not doing? What is their secret?

Also, the unhappiness can be separated into two categories. The first one is, that I am not happy with my work compared to the work of other, the second one is that I am not happy with my work on its own. The former might me more easy to come to terms with. Comparing myself to others can be constructive, because I can improve my work. I know in each individual case, why my work is not as good as theirs. Maybe there are people who really don't cook with water and really can do magic, but in the most cases I can find improvements that I can apply to my work. The latter might be more difficult to accept. In the first case, you look at something great and have something to strive for, but in the second case, you look at something bad and not really know what to do with it. I might have ideas on how to improve it, but it might not result in an improvement. Hindsight is 20/20, but when I work on something new, I don't have the hindsight.

What I have noticed about myself is that I take a long time to plan things, in my personal life and in my work. My plans are often not particularly complex, there are details in my plan that I only carry out when I need them. But planning might be too slow.

How can I be happy with my work, when I see all the things I could have done better? I think one way to be happy with my work is if I am happy with the process. With that I mean, if I (1.) was happy while doing the work and if I (2.) am happy with the approach. I am unhappy while doing the work, I think I should change it up until I am happy or cancel it if I can't find a way to be happy with it. The second one is something I think is important in general. But what if I am unhappy with the approach?

There are also the lyrics on the album, so many witty lines, "No, I never go home, don't sleep, don't eat. Just do it on repeat".

She also made three more songs, where Guess stands out to me. It is a interpolation of Daft Punk's Technologic. It takes the original classic and makes it new again. The lyrics are funny. It is really unbelievable how she made it work under pop. For me, this song is kind of the summary of the album and the innovation she brings to pop.

Then there is the remix albums, brat and it'completely different. It's like Charli decided which other artists sound she likes to incorporate into her songs. Yung Lean and Robyn on the same song, what a combination. Julian Casablancas part on mean girls is a great addition.

The sound she pushed captured the zeitgeist. Take Germanys entry for the Eurovision Song Contest Baller is sounds like brat. Lady Gagas 2025 album also uses similar sounds. I have always been a fan of Charli and EDM music, her pushing the sound into pop really makes me like her even more.

What is Innovation?#

Innovation is the process of applying new ideas to solve problems. To think what no one has thought before, to do what no one has done before, that is just the beginning. To innovate is to create something new, that is useful.

The Coolest Innovations#

The coolest innovations are those that are simple, broadly applicable, really new and are vividly communicated. Examples are the Diffie-Hellman Key Exchange, Shannon's entropy and Bloom Filters.

Keep Innovating#

To keep innovating is more than just to innovate once. Innovating once is great, but to keep innovating means to do something new again, and you can't just do the previous thing again. You need to come up with new ideas. This is hard.

How to Keep Innovating#

To keep innovating, you need depth, breadth and creativity. You need depth because you need to understand the problem you are solving, what has been done before and how to execute. You need breadth because you need to look at the problem from different angles. You need creativity because you need to come up with new ideas. Execution is also important. You need to be able to turn your ideas into reality.

Why We Need to Keep Innovating#

Without innovation, we will stagnate. Stagnation is the nucleus of regression. There are so many problems with the status quo that, if we don't innovate, we will be stuck with them. Status quo is not an option, until all the stuff is made of gold, that is a long way to go.

Often, computer science is seen as beeing about programming, but I think that is a narrow view. Programming is a tool, but if there were a better tool, we would use that. Programming can be a tool for buissines applications, but it can also be a tool for computer science. Programmim is rooted in cs, but there is more to cs than investiagting programming or appliying programming. Think of innovations like online banking, generative ai, or avatar (the movies), programming was a part of it, but the real hard work to enable these things is not coding, but rather networking, security, neural networks, etc.

What makes a paper goated?#

Andreas Zeller reccomends to:

1. do work that is relevant
2. strive for simplicity
3. keep innovating and I think these are great guidelines. To do relevant work means to look at the world and identify how the world can be improved most effectivly. A simple approach is easy to understand, and easy to build upon, thus making it more likely to be used. Innovation is creation of new ideas. Not only should we innovate, but we should keep innovating. Consistenty coming up with novel ideas is hard, but it is what drives the field forward.

For me, I think a paper is goated if it is foundational and practical while being simple and visionary. Bonus points if it is vivid.

Shannon's A Mathematical Theory of Communication#

Shannon paved the way for modern cryotography, and is the father of information theory. In this paper, Shannon introduces the concept of entropy, which is a measure of the uncertainty of a random variable.

Venevar Bush's As We May Think#

Bush was a military scientist, and in this paper he describes a machine, the Memex, that is a precursor to the modern computer. He describes a machine that can store and retrieve information, and that can be used to solve complex problems.

Noam Chomsky's Three Models for the Description of Language#

Chomsky is a linguist, and in this paper he describes three models for the description of language. He describes the generative model, the transformational model, and the interpretive model. He argues that the generative model is the most powerful, and that it is the model that is used by humans to generate and understand language. Chomsky is an interesting intellectual.

Richard Hamming's You and your research#

You gotta read or listen to this one.

Diffie and Hellman's New Directions in Cryptography#

Diffie and Hellman brought up real innovation here. They had a vision about how powerful public key cryptography can be and they developed the first public key cryptosystem. They invented the Diffie-Hellman key exchange protocol, which enables the secure exchange of cryptographic keys over a public channel. Their work combines practical applications with theoretical insights, as well as beeing relativly vivid and easy to understand.

Rivest, Shamir, and Adleman's A Method for Obtaining Digital Signatures and Public-Key Cryptosystems#

Rivest and Shamir set out to give counterexamples to the vision of Diffie and Hellman, but ended up finding a way to make it work. Together with Adleman, they developed the RSA cryptosystem. RSA also combines practical applications with theoretical insights. RSA is relativly simple and can be vividly explained, its security guarantees are interesing to analyze, and it is still used today.

Saltzer and Schroeder's The Protection of Information in Computer Systems#

This one is goated. Salzer and Schroeder propose principles for secure system design.

Joux's A One Round Protocol for Tripartite Diffie-Hellman#

Joux extends the Diffie-Hellman key exchange protocol to three parties. It uses pairing based cryptography, which is a powerful tool for secure multi-party computation. His work is vivid, innovative and has practical applications.

Satoshi Nakamoto's Bitcoin: A Peer-to-Peer Electronic Cash System#

The anaonymous Satoshi Nakamoto developed the first decentralized cryptocurrency. He started with this paper, based on the ideas from RSA and Chaum.

Ken Thompson's Reflections on Trusting Trust#

This paper came out of Thompson winning the Turing award. He describes a backdoor put into the compiler to produce binaries that contain the backdoor.

Anne Adams and Martina Angela Sasse's Users are not the enemy#

This paper is about usable security. Sasse founded the field of usable security, and this paper is a foundational work in that field. Another noteworth paper is "Why Johnny can't encrypt" by Alma Whitten and J.D. Tygar. Johnny has been a recurring character in security papers.

Dijkstra's A Note on Two Problems in Connexion with Graphs#

Dijkstra is a pioneer in algorithms. He invented the shortest path algorithm, which is used in many applications, such as routing in computer networks. In this paper, he describes two problems related to graphs: the shortest path problem and the minimum spanning tree problem. He presents algorithms to solve these problems, which are based on the idea of dynamic programming. Dynamic programming is a powerful tool, it is op.

Bloom's Space/Time Trade-offs in Hash Coding with Allowable Errors#

Bloom invented the bloom filter, which is a probabilistic data structure that can be used to test whether an element is a member of a set. It is a simple and efficient data structure that has many practical applications. For example, it is used in network routers to filter out unwanted traffic or in databases to speed up queries.

Moore's Cramming more components onto integrated circuits#

Mopre's the co-founder of Intel, this is the original "Moore's Law" paper.

Patterson and Hennessy's Computer Architecture: A Quantitative Approach#

Patterson and Hennessy are the authors of this textbook covering computer architecture. Hennessy is a former president of Stanford University. Patterson and Hennessy won the Turing award for their work on RISC.

Google's MapReduce: Simplified Data Processing on Large Clusters#

In this paper, Google describes the MapReduce programming model, which is a simple and efficient way to process large amounts of data on a cluster of computers. MapReduce is based on functional programming and consits of two functions: map and reduce. This model is executed on lists, first the map function transforms each element of the lists, which can be done in parallel, and then the reduce function is applied to the transformed elements to produce the final result, which is done in series.

James Kajiya's Rendering Equation#

This is a foundational paper in computer graphics. Kajiya describes a physically based rendering equation that models the interaction of light with surfaces. Finding ways to solve this equation cheaply is a major challenge in computer graphics.

Dijkstra's Go To Statement Considered#

Dijkstra argues that the goto statement is harmful, because it makes programs harder to understand and maintain. He proposes structured programming as an alternative, which uses loops and conditionals instead of gotos.

The Art of Computer Programming by Donald Knuth#

Knuth is very influential. His book sieries "The Art of Computer Programming" is a classic. He invented tex and metafont to typeset his books.

Here is a funny video of him mishearing a question about a teacher as t-shirt: https://www.youtube.com/watch?v=74BfHoE66rc&t=2537s Knuth is famous for sending checks over $2.56 to people who find errors in his books.

Further reading:

• Minix

• Dennis Ritchie and Ken Thompson's The Unix Time-Sharing System

• Fred Brooks's The Mythical Man Month

• AI:

  • Turing's Computing Machinery and Intelligence
  • Joseph Weizenbaum's ELIZA - A Computer Program For the Study of Natural Language Communication Between
  • AlexNet
  • Attention is all you need by Vaswani et al.

I will start with the following banks and services, in no particular order:

• Ing-Diba
• C24
• Klarna
• DKB
• Revolut
• Bank Norweigen
• Local VR Banks
• Trade Republic
• Curve
• Wise
• VimPay
• XPCard

Further, I am also interested in testing out the following banks, but have not yet setup accounts with them:

• N26
• Comdirect
• Consorsbank
• Santander
• Targo Bank
• Deutsche Bank
• Sparkasse
• Amex

Previously, I had an account with Vivid Money, but I closed it because I was not happy with their service.

Regarding features, I am interested in investigating and reviewing the following:

• Online and Mobile Banking
• SEPA (instant) transfers
• Mastercard/Visa payments
• Apple Pay/Google Pay
• Fee structure
• Money Withdrawals at ATMs
• Girocard
• Cashback

The banks all employ a core banking system. This is a software stack used for common banking tasks, such as opening accounts, processing deposits, withdrawals, and payments, and generating statements. There are not so many vendors in this space, and the software is usually not developed in-house.

Ing-Diba#

Banking Card#

They offer a free physical Visa debit card, which has a weird cutout. Apple and Google Pay are supported.

Mobile App#

App has good features and is established.

Web App#

Web app is very good and has all the needed features.

Core Banking#

They use Kordoba as their core banking system.

C24#

Account Opening#

Account opening was easy, did not require a video call. I could log in and use the account.

General#

They also offer free SEPA instant transfers. C24 is the best way to find out if a SEPA transfer is instant, as there is a toggle in the interface.

Banking Card#

They offer a free physical Mastercard as well as a free Girocard, without cobranding. Their cards look and feel cheap, but they allow you to select which name gets printed on them (first and last name, last name only or initial of the first name and last name). Apple and Google Pay are supported for the Mastercard, up to 8 free virtual cards can be created.

Mobile App#

App is OK, and developing fast.

Web App#

Their web app is also OK, not as good as the mobile app and missing some features that are only available in the mobile app.

Core Banking#

They use Mambu as their core banking system.

Klarna#

Account Opening#

Account opening was easy, did not require a video call. I could log in and use the account.

General#

Their killer feature is the integration of shopping, their payment system and buy-now-pay-later. They don't offer sending SEPA instant transfers, but they accept them. The account can be topped up for free two times a month, and then they charge a fee; the minimum top up is 10 €.

Banking Card#

They offer a free Visa credit card, which is the best-looking card I have seen so far. They also offer a free virtual debit card. Apple and Google Pay are supported.

Mobile App#

App is international-fintech-grade.

Web App#

The web app is lacking features, you can only see your transactions, account details, balance, and do some account management.

Core Banking#

Klarnas core banking system is built in-house.

DKB#

Account Opening#

Account opening was easy, but not as fast as others.

General#

They offer a free Visa debit card. Their bank account is a bit more traditional.

Banking Card#

They offer a free Visa debit card, which is above average quality-wise. Apple and Google Pay are supported.

Mobile App#

Their new app is missing features. They don't offer sending SEPA instant transfers. Their app shows transfer details not shown by others (see Revolut).

Web App#

Their web app has all the features of the mobile app. You can send transfers, change the PIN of your card, and do other account management. Sometimes you are sent to their old web app, which is not as good, sometimes even iframed into their new web app.

Core Banking#

DKB uses core banking from Finanz Informatik/F-I-TS, which is part of Sparkassen-Finanzgruppe.

Revolut#

Account Opening#

Revolut's account-opening process is a bit cumbersome. They require a video call to verify your identity, which is a bit annoying. But after that, I could log in and use the account.

General#

They really have cool features; for example, they allow free top-ups using credit cards, and they offer sending and receiving free SEPA instant transfers, which makes them useful to quickly pool up money from the different accounts. Revolut accepts SWIFT transfers as well. They have good exchange rates for foreign currencies.

Banking Card#

They offer a virtual Mastercard only. Apple and Google Pay are supported. Further, virtual or single-use virtual cards can be created for free.

Mobile App#

Revoluts mobile app is nice, better than Klarna. They also have a feature where you can send money to credit cards, even going as far as letting you scan cards with NFC and send money to them. Revolut sends your street name and number in a SEPA transfer, which is shown by DKB. Supports Passkey.

Web App#

The web app is really lacking features, you can only see your transactions, account details and balance. Their web app is worse than Klarnas.

Integrations and API#

API seems to offer ok features and data quality. Connecting to other services happens through their web portal.

Core Banking#

Revolut built its core banking system in-house.

Bank Norweigen#

Account Opening#

Account opening was slow and required many details.

General#

They offer a free Visa credit card and a Norwegian IBAN. Bank Norwegian is the only provider telling me I have to set an "online shopping password" for my credit card. What the hell is that? When I try to set it with a secure password, it tells me it has to not contain Ä, Ö or Ü, which it does not contain. Only 15 characters are allowed, which I think is too short. They don't support SEPA instant transfers.

Banking Card#

Their Visa is golden and has a pretty design. Apple and Google Pay are supported.

Mobile App#

The app sucks, it's a webview of their web app.

Web App#

Web app login requires date of birth in addition to the phone number. The first time I logged in, it asked me to accept a new TOS, based on a decision of the BGH from 2021. I opened the account in 2024, why do I have to accept a TOS change linking to 2021?

Core Banking#

They use Banqsoft as their core banking system.

Local VR Banks#

App sucks, free Girocard with maestro or vpay cobranding. They have virtual giro cards, but the app really sucks compared to Google Pay. I can't imagine that the developers from Atruvia (also the provider of the core banking) use the app themselves, and it shows. These are the only banks requiring the use of a TAN generator, which I think is a bad user experience.

Trade Republic#

They don't offer a regular giro account, but a depot account. They offer a free Visa debit card, and a call money account, matching the ECBs key interest rate. Not sure about their core banking. They don't support SEPA instant transfers. While they have a pretty-looking user interface, technology-wise they are lacking. They are only realy good at executing a saving plan, and storing money, besides they are not really useful. They don't accept incoming SEPA instant transfers, which is a big downside.

Curve#

Curve is pretty fun, it's basically a proxy on the credit card network. You can use it like Google Wallet with extra steps. They offer a free Mastercard, and you can link your other cards to it. You can get cashback on purchases, and you can change retroactivly which card gets charged. You can also use "if this then that" rules to set the card that gets charged.

Wise#

Wise is honestly not that interesting.

VimPay#

VimPay is a little fun, as it shows much information about the transaction. When adding the card to Google Pay, it showed two transactions from Google, St. Louis, USA over 0.00 €. They offer a free Mastercard.

XPCard#

XPCard is a "gaming card". They offer a free Mastercard from Advanzia Bank. They offer cashback for gaming related retailers, like Douglas, Sephora and Jeans Welt.

Conclusion#

I think at the moment the best stack is Revolut for the wild features, C24 as a salary account and maybe Klarna. Join my Matrix room if you want to discuss this further.

First is to note that this is how I got the sensor on MY setup and this post exists for MY documentation. None the less this maybe helpful to someone.

I run bedrock linux with Fedora being my main distro, but having some packages from Arch.

1. Make sure to have fprintd installed in both Fedora and Arch and fprintd-pam in Fedora.

2. The libfprint patch for the vfs0090 sensor needs to be installed from the AUR: libfprint-vfs0090-git.

3. Edit the fprintd.service file on Fedora to execute fprintd from arch:

   (This is the hacky part)

   /bedrock/strata/fedora/usr/lib/systemd/system/fprintd.service

   ExecStart=/bedrock/bin/strat arch /usr/lib/fprintd

   Make sure fprintd is systemctl enable'd.

4. Enable fingerprint authentication in Fedora:

   # authselect enable-feature with-fingerprint

(This was figured out over weeks and may need reboots in between steps or other changes I forgot to mention)

Other differences from Jekyll compared to Hugo are:

• Plugin support
• Less strict separation between layout and content
• No org-mode support
• Longer build times