Please Put OpenSSL Out of Its Misery

OpenSSL must die, for it will never get any better.

POUL-HENNING KAMP

The OpenSSL software package is around 300,000 lines of code, which means there are probably around 299 bugs still there, now that the Heartbleed bug — which allowed pretty much anybody to retrieve internal state to which they should normally not have access — has been fixed.

That’s really all you need to know, but you also know that won’t stop me, right?

Please Put OpenSSL Out of Its Misery

 

The Logic of Logging

And the illogic of PDF

 

GEORGE NEVILLE-NEIL

 

Dear KV,

I work in a pretty open environment, and by open I mean that many people have the ability to become the root user on our servers so that they can fix things as they break. When the company started, there were only a few of us to do all the work, and people with different responsibilities had to jump in to help if a server died or a process got away from us. That was several years ago, but there are still many people who have rootly powers, some because of legacy and some because they are deemed too important to restrict. The problem is that one of these legacy users insists on doing almost everything as root and, in fact, uses the sudo command only to execute sudo su -. Every time I need to debug a system this person has worked on, I wind up on a two- to four-hour log-spelunking tour because he also does not take notes on what he has done, and when he’s finished he simply reports, “It’s fixed.” I think you will agree this is maddening behavior.

Routed by Root

 

http://queue.acm.org/detail.cfm?id=2588887

 

This is the Foo Field

The meaning of bits and avoiding upgrade bog downs

GEORGE NEVILLE-NEIL

Dear KV,

When will someone write documentation that tells you what the bits mean rather than what they set? I’ve been working to integrate a library into our system, and every time I try to figure out what it wants from my code, all it tells me is what a part of it is: “This is the foo field.” The problem is that it doesn’t tell me what happens when I set foo. It’s as if I’m supposed to know that already.

Confoosed

This is the Foo Field

 

The Bikeshed: Center Wheel for Success

“Not invented here” syndrome is not unique to the IT world.

POUL-HENNING KAMP

When I first read the claim that HealthCare.gov, the Web site initiated by the Affordable Care Act, had cost $500 million to create,4I didn’t believe the number. There is no way to make a Web site cost that much. But the actual number seems not to be an order-of-magnitude lower, and as I understand the reports, the Web site doesn’t have much to show for the high cost in term of performance, features, or quality in general. This is hardly a unique experience in the IT world. In fact, it seems more the rule than the exception.

Center Wheel for Success

 

Bugs and Bragging Rights

It’s not always size that matters.

GEORGE NEVILLE-NEIL

Dear KV,

I’ve been dealing with a large program written in Java that seems to spend most of its time asking me to restart it because it has run out of memory. I’m not sure if this is an issue in the JVM (Java Virtual Machine) I’m using or in the program itself, but during these frequent restarts, I keep wondering why this program is so incredibly bloated. I would have thought Java’s garbage collector would prevent programs from running out of memory, especially when my desktop has quite a lot of it. It seems that eight gigabytes just isn’t enough to handle a modern IDE anymore.

Lack of RAM

Bugs and Bragging Rights

 

A Lesson in Resource Management

Waste not memory, want not memory—unless it doesn’t matter

GEORGE NEVILLE-NEIL

Dear KV,

I’ve been reworking a device driver for a high-end, high-performance networking card and I have a resource allocation problem. The devices I’m working with have several network ports, but these are not always in use; in fact, many of our customers use only one of the four available ports. It would greatly simplify the logic in my driver if I could allocate the resources for all the ports—no matter how many there are—when the device driver is first loaded into the system, instead of dealing with allocation whenever an administrator brings up an interface. I should point out that this device has a good deal of complexity and the resource allocation isn’t as simple as a quick malloc of memory and pointer jiggling—a lot of moving parts are inside this thing.

http://queue.acm.org/detail.cfm?id=2523428

 

More Encryption Is Not the Solution

Cryptography as privacy works only if both ends work at it in good faith

POUL-HENNING KAMP

The recent exposure of the dragnet-style surveillance of Internet traffic has provoked a number of responses that are variations of the general formula, “More encryption is the solution.” This is not the case. In fact, more encryption will probably only make the privacy crisis worse than it already is.

More Encryption Is Not the Solution

 

The Naming of Hosts is a Difficult Matter

Also, the perils of premature rebooting

GEORGE NEVILLE-NEIL

Dear KV,

An argument recently broke out between two factions of our systems administration team concerning the naming of our next set of hosts. One faction wants to name machines after services, with each host having a numeric suffix, and the other wants to continue our current scheme of each host having a unique name, without a numeric string. We now have so many hosts that any unique name is getting quite long—and is annoying to type. A compromise was recently suggested whereby each host could have two names in our internal DNS (Domain Name System), but this seems overly complicated. How do you decide on a host-naming scheme?

Anonymous

The Naming of Hosts is a Difficult Matter

Have a question for Kode Vicious? E-mail him at kv@acmqueue.com. If your question appears in his column, we’ll send you a rare piece of authentic Queue memorabilia. We edit e-mails for style, length, and clarity.

Resolved: the Internet Is No Place for Critical Infrastructure

Risk is a necessary consequence of dependence

DAN GEER

What is critical? To what degree is critical defined as a matter of principle, and to what degree is it defined operationally? I am distinguishing what we say from what we do.

Mainstream media love to turn a spotlight on anything they can label “hypocrisy,” the Merriam-Webster unabridged dictionary meaning of which is:

the act or practice of pretending to be what one is not or to have principles or beliefs that one does not have, especially the false assumption of an appearance of virtue

 

Resolved: the Internet Is No Place for Critical Infrastructure

 

Cherry-picking and the Scientific Method

Software is supposed be a part of computer science, and science demands proof.

GEORGE NEVILLE-NEIL

Dear KV,

I’ve spent the past three weeks trying to cherry-pick changes out of one branch into another. When do I just give up and merge?

In the Pits

Dear Pits,

I once rode home with a friend from a computer conference in Monterey. It just so happened that this friend is a huge fan of fresh cherries, and when he saw a small stand selling baskets of them he stopped to buy some. Another trait this friend possesses is that he can’t ever pass up a good deal. So while haggling with the cherry seller, it became obvious that buying a whole flat of cherries would be a better deal than buying a single basket, even though that was all we really wanted. Not wanting to pass up a deal, however, my friend bought the entire flat and off we went—eating and talking. It took another 45 minutes to get home, and during that time we had eaten more than half the flat of cherries. I couldn’t look at anything even remotely cherry-flavored for months; and today, when someone says “cherry-picking,” that doesn’t conjure up happy images of privileged kids playing farmer on Saturday mornings along the California coast—I just feel ill.

Cherry-picking and the Scientific Method