Archive for August, 2006

Login with GnuPG smartcard


Libpam-poldi allows you to use your Fellowship crypto card to log in your GNU/Linux system.

First check if poldi detects your cardreader: ‘poldi-ctrl -d’. Unfortunately some cardreader doesn’t work with poldi and the existing free driver. For example the cardma4040 needs the non-free driver from Omnikey.

If poldi successfully detected your cardreader you can start to configure poldi. Poldi has a pretty good documentation so i will keep my explanations rather short.

  1. Root has to register the new card for poldi:
    poldi-ctrl --register-card --account <your-user-account> --serialno <serialno of your card>

    You can also execute this command without ‘–account <your-user-account>’ but than the user will not be able to install or update his card’s keys.
    The serialno can be found by executing ‘gpg –card-status’ and looking for “Application ID”.

  2. Now we have to establish a mapping between the user and the smartcard he owns:
    poldi-ctrl --associate --account <your-user-account> --serialno <serialno of your card>
  3. Now you have to write your public key into the appropriate key file (you have to do this within your user account)
     poldi-ctrl --set-key
  4. That’s it, now you can test it with ‘poldi-ctrl –test’
  5. Now you have to tell pam, that you want to use poldi.
    Therefore you have to edit the files in /etc/pam.d. If, for example, you want to login to kdm with your card, edit the file /etc/pam.d/kdm. Replace the line ‘@include common-auth’ with

    auth    required   pam_poldi.so

    If you want to login unattended, use

    auth    required   pam_poldi.so try-pin=123456 quiet

    And if you want to fallback to regular unix passwords, use

    auth    sufficient pam_poldi.so try-pin=123456 quietauth    required   pam_unix.so nullok_secure

Now you should be able to use your GnuPG smartcard to log in your GNU/Linux system.

You can find a more detailed howto on my personal homepage which will still be available if this blog entry is already forgotten.

French “iPod Law” violates Human Rights


The so-called “iPod law” contains reduced fines for file sharing and forced companies to open their DRM specification to enable competition.

The French Constitutional Council has declared this aspects unconstitutional. The justification: The “iPod law” violated the Human Right of constitutional protections of property.

Mr. Menard, a partner at the Lovells law firm and a specialist in “intellectual property” said: “The Constitutional Council effectively highlighted the importance of intellectual property rights,” and added that Apple Computer and other companies could not be forced to share their copy-protection technology without being paid for it.

Does it sound like a joke? But it’s true. For more information read:

New York Times: Parts of French ‘iPod Law’ Struck Down (English)
Golem: iTunes-Gesetz verstößt gegen Menschenrechte (German)

UPDATE: Jacques Chirac, president of France, has signed the law and so it become valid. I don’t know if the French Constitutional Council will stop the law but as long as nothing happens the law is legally valid. Great Britain, Sweden, Denmark, Norway and Poland could be the next countries with similar laws. Source (German): The Inquirer DE.

Interview with DefectiveByDesign


Thanks to Markus from netzpolitik.org i have found this interesting interview with the DefectiveByDesign campaign.

The campaign has received quite a lot of attention in the media. For example the “Bono petition” saw press coverage in more than 115 news papers and news sitest in the USA.

Here a answer from DefectiveByDesign to a probably common question on this topic: “Are those two goals (content protection and consumer protection) compatible with one another?”

DefectiveByDesign: A better word than consumer, to describe me and you, is citizen. So is content protection and the rights of citizens compatible? When we live in a age where all digital works of art and all human knowledge can be transferred at (next to) zero cost, and where the cost of making one more copy is zero. Is it right to be building digital fences and digital handcuffs around this art and knowledge? If, as citizens of a society, we can see the advantages of allowing art and knowledge to flow without impediment, we as citizens will also have reason to find new ways to recompense the artists and knowledge purveyors. In fact, there are more artists working today than ever before, and more of their art is being enjoyed because of technology free from DRM and free of the Big Media gate keepers. The term “Content Protection” is a loaded term, framing the debate with their slant. I would say that this term really describes their attempt to hold back advancing society.