Profile

Cover photo
Philipp Kern
Works at Google
Attended Karlsruhe Institute of Technology
Lives in München, Germany
249 followers|319,909 views
AboutPostsCollectionsReviews

Stream

Philipp Kern

Shared publicly  - 
 
TIL that my N9 is essentially what Transmeta wanted to ship a decade ago. ("Project Denver")
1
Add a comment...

Philipp Kern

Shared publicly  - 
 
Wow. Just... wow. Ora "we need years to patch" cle, stay classy and continue to tell your customers to buy elsewhere.
 
Oracle's Chief Security Officer, Mary Ann Davidson, took to her corporate blog today to rant about security, and how Oracle has been pursuing its own clients that break its license ...
View original post
1
2
Thomas Witzenrath's profile photoFabian Schorp (coinee)'s profile photoJochen Spieker's profile photo
2 comments
 
Is she actually that naïve, or is she trolling?
Add a comment...

Philipp Kern

Shared publicly  - 
 
Das bringt mich ja in Rage. Erstens ist die PKW-Maut eh schon funktional kaputt und wird nicht wie geplant - mindestens stark verspätet - kommen. Aber wir müssen dringend die Massenverkehrsmittel noch teurer machen, damit die deutsche Autoindustrie mehr Wagen absetzen kann. Hut ab, liebe Grünen. Macht die Bahn mal günstiger, dann würden sie auch mehr nutzen.
 ·  Translate
4
Mar uh's profile photoGert Doering's profile photoPhilipp Kern's profile photoKlaus Huebler's profile photo
11 comments
 
Haben wir nicht einen Starpolitiker jetzt im Bahnvorstand . Guter Einstand. Wird bald die Diskussion um Busmaut für beendet erklären. Zum Wohle der Bahn .
 ·  Translate
Add a comment...

Philipp Kern

Shared publicly  - 
 
Floating-Becken sind überraschend toll. Sole-Becken kannte ich ja schon, aber jetzt kann ich mir die Schwerelosigkeit des toten Meeres gut vorstellen.
 ·  Translate
1
Add a comment...

Philipp Kern

Shared publicly  - 
 
Es gibt ein Versuchsangebot des MVV, um mit Zeitkarte günstiger an ein Anschlussticket zu kommen. Es funktioniert nur mit dem Handy und man kauft die Ringe, die einem zur Zeitkarte fehlen. Zumindest zum Flughafen wird es deutlich günstiger, wenn man keine Innenraum-Zeitkarte hat. Aber die Beschreibung, wie viele Ringe man lösen muss, ist wie alles vom MVV sehr konfus.
 ·  Translate
1
David Bremner's profile photoPhilipp Kern's profile photoMargarita Manterola's profile photo
5 comments
 
I never tried online. I went in person and talked to them until I got what I wanted. In general they are friendly even if getting an appointment is rather confusing :)
Add a comment...

Philipp Kern

Shared publicly  - 
 
The old technology is also being shown at the New York Transit Museum. I have sympathy for the old technology. New technology can't hope to run that long. And there were good mechanical interlock protections in place to ensure that no collisions can happen based on the signals.

On the other hand I don't know if they actually employ any sort of positive train control over there in the subway. Apparently https://en.wikipedia.org/wiki/1991_Union_Square_derailment was one of the the many reasons to deploy communications-based train control. Germany has a low-tech solution for this: https://en.wikipedia.org/wiki/Punktf%C3%B6rmige_Zugbeeinflussung
1
David Bremner's profile photo
 
There's a retired steam locomotive by the Ingolstadt Hbf that (from memory) ran 57 years and 1.5 million miles.
Add a comment...
Have him in circles
249 people
Pierre-Yves Gaillard's profile photo
christian strenge's profile photo
Andreas Pfau (omnibrain)'s profile photo
Steve Phelps's profile photo
Timmaraju Naga Srimanyu's profile photo
Camila Satyro's profile photo
Julio Merino's profile photo
Amaya Rodrigo Sastre's profile photo
Jürgen Christoffel's profile photo

Philipp Kern

Shared publicly  - 
 
This infosec business gets more horrible by the day.
 
»Lenovo is shipping a rootkit in their BIOS... «-- https://twitter.com/RichFelker/status/631103814477697025


TL;DR: »Any Windows contains a mechanmism called WPBT, where it checks if the BIOS contains a specific ACPI entry. If it does, it pulls a binary from the BIOS and modifies the installer.

Lenovo BIOS provides such a WPBT binary and infects any pristine windows installation with Lenovo binaries. The process replaces the autochk file with a modified version that phones home and downloads stuff unencrypted and unvalidated.«

Will sagen, der Hardware Vendor pullert Dir in die Installation sogar dann, wenn Du unmodifizierte Originalsoftware von Microsoft statt des von Lenovo preowned Dreck installieren willst, der auf dem Gerät ab Werk drauf ist, weil Microsoft ihren Kram ab Werk backdoored.

Background:
https://lkml.org/lkml/2015/5/20/1155

https://www.google.de/?gws_rd=cr&ei=8zrKVbWcJoLTygPm_LnwAg#q=wpbbin.exe+site:microsoft.com


Originaltext: 
http://arstechnica.com/civis/viewtopic.php?p=29497693&sid=ddf3e32512932172454de515091db014#p29497693 »Hi, I discovered this issue back in May when I bought a Lenovo Y40-80 which also has this. It really pissed me off so I did quite a bit of digging into it and successfully removed it, so after running into this thread I figured I'd share what I learned.

Before booting windows 7 or 8, the bios checks if C:\Windows\system32\autochk.exe is the Lenovo one or the original Microsoft one. If it is not the lenovo one, it moves it to C:\Windows\system32\0409\zz_sec\autobin.exe, and then writes it's own autochk.exe. During boot, the Lenovo autochk.exe writes a LenovoUpdate.exe and a LenovoCheck.exe file to the system32 directory, and sets up a services to run one of them when an internet connection is established. I don't know too much exactly what those do, but one appears to phone home to http://download.lenovo.com/ideapad/wind ... 2_oko.json which is a bit worrying with the combination of a "ForceUpdate" parameter shown and the lack of ssl, making it fairly likely that it's exploitable for remote code execution by anyone who can intercept your traffic(public wifi, etc).

Disclaimer: Unless you really know what you're doing, you really don't want to try this: As for removing it, you need to edit and re-flash your bios. The downloadable bios update from Lenovo doesn't seem to be extractable at least with any methods I know, and using bios dumping tools only gets you 6 of the 8MB of the bios chip, so unfortunately it has to be done the painful way. You'll need a usb flash rom reader/writer(a cheap CH341A one works fine) and SOIC-8 test clips. You can get each of those 2 items for about $10 each. Take the back cover off the laptop, and also disconnect the battery, and locate the bios chip on the motherboard. Connect the test clips to the bios and connect the other end of the other end of the test clips to the usb writer, and connect the usb writer to another computer. On the other computer use the usb reader/writer to dump a copy of the bios. The bios dump will be an 8MB file. You need to split it into 2 files: the first 2MB and the last 6MB. Download UEFITool from github( https://github.com/LongSoft/UEFITool ) and open the 6MB file. Look through the modules and find the one called "NovoSecEngine2" and mark it for deletion. Save a new copy of the 6MB file. Now make a new 8MB file by taking the 2MB beginning from earlier and appending the new 6MB file on to the end. Use the usb reader/writer to flash that new 8MB file to the laptop's bios, then disconnect the wires and put the laptop back together. Reinstall a fresh copy of windows again, and check your C:\Windows\system32\autochk.exe file to make sure it's signed by Microsoft, not Lenovo. If you have the original Microsoft one there, congratulations, your laptop is now clean.«
 ·  Translate
31 comments on original post
5
Add a comment...

Philipp Kern

Shared publicly  - 
 
So it /is/ possible to glitch in the Talos Principle. In "The Short Wall" you have a Play device and a Platform. With the two you can jump over the castle's wall. Not that it helps anything. It was a very poor attempt to reach the star. ;-) And of course the game will stop you hard if you leave the level boundaries.
1
Maik Zumstrull's profile photoPhilipp Kern's profile photo
3 comments
 
I thought that part was the point of the stars. Thinking outside of the box.
Add a comment...

Philipp Kern

Shared publicly  - 
 
Georg Schramm meinte ja schon vor einer Weile, dass Schäuble die Griechenlandkrise für die schwarze Null braucht. Immerhin haben wir es jetzt quasi schriftlich. (Klar, es folgt nicht direkt. Aber wenn die Griechenlandhilfen indirekt sind über EZB und ESM und nur beim Zahlungsausfall in unseren Büchern auftauchen passt das ja.)
 ·  Translate
2
Add a comment...

Philipp Kern

Shared publicly  - 
 
If your mainframe kernel doesn't make a certain DASD available in the initramfs you can, as a workaround, pass in dasd_mod.dasd=0.0.<addr> as a kernel parameter. (For instance by setting it in zipl.conf.)

Apparently there's a bug in Debian Jessie where the (root) disk is not properly set online after installation. (And that might not be the only bug, sadly.)
1
Add a comment...

Philipp Kern

Shared publicly  - 
 
Und es gibt den Flughafen wirklich. :o

(Nein, nicht Bielefeld. Aber close enough.)
 ·  Translate
1
Hans Franke's profile photoPhilipp Kern's profile photo
4 comments
 
Es gibt sogar eine Lufthansa-"Lounge". :>

Daher also Terminal B. Aber ja, aufgeräumt und funktioniert. Viele Parkmöglichkeiten und den Zubringer nach München und die Welt.
 ·  Translate
Add a comment...

Philipp Kern

Shared publicly  - 
13
1
sven falempin's profile photo
Add a comment...
Philipp's Collections
People
Have him in circles
249 people
Pierre-Yves Gaillard's profile photo
christian strenge's profile photo
Andreas Pfau (omnibrain)'s profile photo
Steve Phelps's profile photo
Timmaraju Naga Srimanyu's profile photo
Camila Satyro's profile photo
Julio Merino's profile photo
Amaya Rodrigo Sastre's profile photo
Jürgen Christoffel's profile photo
Collections Philipp is following
Education
  • Karlsruhe Institute of Technology
    Diplom-Informatiker, 2006 - 2013
  • Grimmelshausen-Gymnasium Offenburg
    Abitur, 1997 - 2006
Basic Information
Gender
Male
Story
Tagline
Coffee addict, Debian developer
Introduction
Disclaimer: Although I work for Google, my opinions and comments are my own and must not be interpreted as official statements.
Work
Occupation
Site Reliability Engineer
Employment
  • Google
    Site Reliability Engineer, 2013 - present
    Corporate Engineering
  • Steinbuch Centre for Computing
    Studentische Hilfskraft, 2009 - 2013
    Network administration, IPv6 evangelist
  • Proventa AG
    Junior Consultant, 2011 - 2012
    Linux system administration
  • Karlsruhe Institute of Technology
    Studentische Hilfskraft, 2010 - 2011
    Mainframe administration (z/VM and Linux on a z10)
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
München, Germany
Previously
Karlsruhe, Germany - Neuried, Germany
Links
Other profiles
Contributor to
Public - 2 weeks ago
reviewed 2 weeks ago
1 review
Map
Map
Map