Nokia N900 Finally Shipping According to Reuters (Updated x 2)

Finally we have some good news about the Nokia N900, according to Reuters!

HELSINKI, Nov 10 (Reuters) – Nokia (NOK1V.HE) has started deliveries of its new top-of-the-range model N900, a key product for the world’s top phone maker in its battle against rivals iPhone and Blackberry.

Nokia Chief Executive Olli-Pekka Kallasvuo said in a speech the company started deliveries of the phone on Tuesday.

The Nokia press site has not yet been updated, but hopefully soon..

Update: The Nokia Conversations Blog is now covering the shipping, saying:

Today sees the first batch of Nokia N900 handsets boxed up and shipped out on their maiden voyage into wild.

Hooray! Now does this mean that they are being shipped from the factory to the resellers, or are already at the resellers ready to go to customers ?

Update 2: Well it appears, according to this blog post, to be from the factory to resellers..

The shipments of the Nokia N900 have now started. The factories are now working full speed and the devices are on their way to distribution.

So it does look like Amazon won’t have theirs to ship to my friends in the US before I get to LA, so I’ll miss the chance to play with it for a while. Oh well at least they are shipping! πŸ˜‰

RIP Tudor Jenkins, Reader in Physics, University of Wales Aberystwyth

My friend Alun Jones forwarded onto me the sad news of the death of one of my former lecturers, Tudor Jenkins (here’s the link, in case the original goes away), affectionately called “Tuba Jenkins” by his students as he played the tuba for the Aberystwyth Silver Band (Seindorf Arian Aberystwyth).

Dr TUDOR E. JENKINS, MA, DPhil (Oxon), FInstP

It is with great sadness that we report the untimely death of Dr Tudor Jenkins, Reader in Physics at the Institute of Mathematics and Physics at Aberystwyth University. Dr Jenkins died on 3rd November after a short illness aged 60.

Originally from the Rhondda Fawr, Dr Jenkins read Physics at Corpus Christi College Oxford, and obtained a D.Phill at the Clarendon Laboratory, Oxford. He subsequently studied as a post-doctoral research assistant in Cardiff University before being appointed as lecture in micro electronics at St Andrews University in 1979. He joined the Department of Physics at Aberystwyth in 1983 becoming Senior Lecturer in 1990 and Reader in 2007.

A tribute by Professor Neville Greaves, Director of the Institute of Mathematics and Physics, is published on

I remember I did his lasers course when I did my degree in Planetary and Space Physics at Aberystwyth back in the late 1980’s and whilst I wasn’t very good at that course I do remember his enthusiasm for physics and the fact he could inspire you to want to learn more. Turns out that he was recognised for that, in 2005 he won the Universities award for Teaching Excellence. This quote from the tribute also rings true to form:

Dr Tudor Jenkins was a committed and colourful colleague, famous for his often pithy Latin quotations with which he ended his e-mails. Looking forward to rationalising teaching modules for the 2009 session, he concluded wryly with Occam’s Razor: entia non sunt multiplicanda praeter necessitatem, which approximately translates as “entities must not be multiplied beyond necessity”. Tudor was always a pragmatist.

I also seem to remember that he had an enthusiasm for real ale.. πŸ˜‰

Serious SSL Renegotiation Problem

This just in from Ben Lawrie:

For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

But wait, there’s more..

To make matters even worse, through a piece of (in retrospect) incredibly bad design, HTTP servers will, under some circumstances, replay that arbitrary prefix in a new authentication context. For example, this is what happens if you configure Apache to require client certificates for one directory but not another. Once it emerges that your request is for a protected directory, a renegotiation will occur to obtain the appropriate client certificate, and then the original request (i.e. the stuff from the bad guy) gets replayed as if it had been authenticated by the client certificate. But it hasn’t.

Ben has a patch against the current development head of OpenSSL to ban renegotiation, but for most people it’ll need backporting to their current OpenSSL versions..