Network problems, more insights
Another dropout this morning, 10 minutes between 3:03 and 3:13. And later I got a call from Paul at Internode support with the information that Optus (“our wholesaler”) had called to say that the problem had been solved. They didn't give any details; it seems that they never do. Discussed the matter for a while, and discovered that yes, indeed, the PPP session had been up since Saturday. So the issue is not so much dropouts as complete congestion: nothing gets through. I wonder how long it takes the PPP session to time out. Spent some time adapting my failure statistics program to the new form of the table (with a “link statistics” field that is a float).
Memory tip: Remembering short lists
[For the next week or so I'll be posting the techniques I use to help me remember things. I'll be covering topics like memorizing short lists, oddball things, and names.] The human brain isn't good at remembering lists. Our brain didn't evolve to be good at that. Instead we evolved to be good at making tools and inventing things. One of the things we invented is paper, which is much better at storing lists than our brain. We also invented PDAs and cell phones. If I don't have paper, I can TXT the list to myself. However, we don't need those tools for short lists.
Human Readable (With a Little Help)
I'm taking a hiatus from podcasting while I recuperate from hip surgery; instead, I'll be posting a couple stories a week from the podcast edition of my DIY short story collection, With a Little Help. I hope you enjoy 'em -- I love how these readings came out. You can buy the whole audio on … [Read more]
Jury Says it's Okay to Record the TSA
The Seattle man who refused to show ID to the TSA and recorded the whole incident has been cleared of all charges: [The jury] returned not guilty verdicts for charges that included concealing his identity, refusing to obey a lawful order, trespassing, and disorderly conduct. Papers, Please! says the acquittal proves what TSA critics have said all along: That checkpoint...
Coming to Toronto for speech and reading, Mar 5-6
This March, the University of Toronto's Faculty for Information is bringing me to Toronto to give a keynote at its Boundaries, Frontiers and Gatekeepers conference. Admission is free for U of T iSchool students. For others, the keynote is $5 at the door, or the whole event is $7 for non-U-of-T-students and $10 for the … [Read more]
Building ports the new way
Over to Chris Yeardley today and borrowed an old machine from her (1.8 GHz Duron, 1 GB memory, more than enough for the test/build machine). Put my disks in it and discovered that—fortunately—they weren't damaged, so I was able to continue with my build process. I now have taken on board the suggestions I discussed last September: first fetch the ports with the non-intuitive make checksum-recursive, then configure them with make config-recursive (I got the sequence the wrong way round last time), and finally build them. Things didn't quite go the way I expected them to. First, some of the checksum-recursive targets failed, either because they weren't there, or they didn't work correctly, so I had to ignore failures.
Goal at 94%! Your donation can push us over the top!
Would you please help me and help thousands of women in San Francisco? We are so close to the goal of raising $1,000 for Lyon-Martin! Thanks to everyone that has donated so far! The response has been very impressive. LM has made is very easy to donate. Click here. $10 or $5 will really help. I'm matching the first $1000 and if we reach $1000 I'll donate another $500. Hopefully one of my books has saved you much more than $20, why not "pay it forward"? To a syadmin $10-$20 is chump change. Donate today and help save this clinic! LM has made is very easy to donate.
PosterBurner is Cool!
I recently designed a poster to commemorate the launch of my AWS book. Starting with a high resolution PDF of the cover, I added images of the first page of each chapter, a picture of the product page on Amazon, a couple of reviews, and a picture of some Argentinian developers each holding a copy [...]
Exposing the secret
Earlier this month I wrote about secret activities which I couldn't reveal at the time: next year's linux.conf.au will he held in Ballarat. That's by far the smallest town to ever have hosted such a conference, and we're quite busy trying to get our act together.
Trojan Steals Credit Card Numbers
It's only a proof of concept, but it's scary nonetheless. It's a Trojan for Android phones that looks for credit-card numbers, either typed or spoken, and relays them back to its controller. Software released for Android devices has to request permissions for each system function it accesses–with apps commonly requesting access to the network, phone call functionality, internal and external...
Upgrading dereel, next attempt
Spent some more time today looking at the problems installing ports into an alternative directory. I didn't come up with an easy answer, so considered and tried the alternatives: set up a jail and do the install in the jail, do it in a virtual machine, or do it on a different physical machine. The jail was severely hampered by confusing, inaccurate and out-of-date documentation. With the help of Peter Jeremy, got a jail up and running. First I took a variant of a part which was documented and built a virgin system in the jail: export DESTDIR=/destdir cd /src/FreeBSD/svn/stable/8 nice make -j 4 world nice make -j 4 distribution nice make -j 4 kernel KERNCONF=DEREEL mount -t devfs devfs $DESTDIR/dev Next I updated /etc/rc.conf with: ...
Domodedovo Airport Bombing
I haven't written anything about the suicide bombing at Moscow's Domodedovo Airport because I didn't think there was anything to say. The bomber was outside the security checkpoint, in the area where family and friends wait for arriving passengers. From a security perspective, the bombing had nothing to do with airport security. He could have just as easily been in...
67% of the goal reached! Please help me make it to 100%
I'm matching the first $1000 and if we make it there, I'll donate another $500. Please help us get there. Thanks to Nathan, Michael, Lee, Jennifer, David, Gabe and Dave so far! We've accumulated $670 so far. Maybe we should set the goal to $2000? Paypal makes it easy to donate. Best quote so far, "I figure the dude's helped me save AT LEAST $10 worth of wasted effort over the years, if he seems to dig Lyon-Martin Women's Health, then I do too." If my books have helped you, please donate. If for some reason you don't like me and/or want revent, donate a LOT so that we hit the $1,000 mark and I'm forced to donate another $500.
Downtown
I mean in the Manhattan sense; I was there Tuesday and having an hour to spare went for a walk, ending up at the South Street Seaport, from whence this picture. This is once again the remarkable Canon S90 at work. I'll be honest, the picture doesn't quite capture the way the tower lights looked to me; the contrast had less drama, the play of light and dark more subtlety.
$100 to Put a Bomb on an Airplane
An undercover TSA agent successfully bribed JetBlue ticket agent to check a suitcase under a random passenger's name and put it on an airplane. As with a lot of these tests, I'm not that worried because it's not a reliable enough tactic to build a plot around. But untrustworthy airline personnel -- or easily bribeable airline personal -- could be...
LM fundraising campaign day 2: 12%
Thanks to the people that have donated $120 so far, we have reached 12% of the goal of raising $1,000 to help keep Lyon-Martin Health Services open. This clinic served 2500 patients last year and will close if they can not raise $250,000 very soon. Remember that if we reach $1,000 by Feb 3th I'll chip in another $500. Wouldn't you love to know you forced Tom give up $500 more than he originally planned? As mentioned yesterday, I am matching the first $1,000 donated by my friends, readers, and fellow geeks. To be honest, I'm a bit disappointed that only $120 has been raised so far but the campaign is still young.
Scroogled (With a Little Help)
I'm taking a hiatus from podcasting while I recuperate from hip surgery; instead, I'll be posting a couple stories a week from the podcast edition of my DIY short story collection, With a Little Help. I hope you enjoy 'em -- I love how these readings came out. You can buy the whole audio on … [Read more]
Whitelisting vs. Blacklisting
The whitelist/blacklist debate is far older than computers, and it's instructive to recall what works where. Physical security works generally on a whitelist model: if you have a key, you can open the door; if you know the combination, you can open the lock. We do it this way not because it's easier -- although it is generally much easier...
Building Sage (Open Source Math) on Amazon EC2
A quarter or two ago my son Andy took a rather unique course at the University of Washington. In his Math 480b: Programming for the Working Mathematician course, Andy learned about a number of important topics including the Unix command line, Python programming (including classes, exceptions and decorators). In the second half of the quarter [...]
System upgrade, next attempt
So, time to try to upgrade my main system again. Every time I look at my incomplete web page on the subject, I find new issues. Today started by copying the root partition of cojones (the laptop I'm currently using for Internet access) to /destdir on dereel, removing a whole lot of stuff and then building a new world. That all went nicely and much faster than I expected. The next step was to build ports. And there I saw something I've never seen before: === root@dereel (/dev/ttyp9) /usr/ports/shells/bash 208 -> echo $DESTDIR /destdir === root@dereel (/dev/ttyp9) /usr/ports/shells/bash 209 -> make install ===> Creating some important subdirectories ===> Starting chrooted make in /destdir...
Links for Thursday, January 27, 2011
SysAdmin 1138 Expounds: The Linux Boot Process, A Chart - “I did this because Things have Changed from the last time I really studied this. Back when I started it was BIOS, LILO, and Initd. I never did bother to wrap my head around Grub, mostly because the automatic tools have gotten a lot better [...]
Please read if you live in/near San Francisco
This is going to be one of my rare non-sysadmin/non-technology posts on EverythingSysadmin.com. If you have a problem with that, please skip this post. Lyon-Martin Health Services (LM) needs your help. LM is a great institution in San Francisco that provides compassionate, respectful health care to women and transgender people at a sliding scale. They've done this for 30 years but yesterday they announced they will be closing their doors. If they can raise $250,000 soon they may be able to reorganize and stay open. I'm setting up a matching donation challenge: I'm asking readers of this blog to chip in $10-20 to help them reach their goal.
U.S. Strategy to Prevent Leaks is Leaked
As the article says, it doesn't get any more ironic than that. More importantly, it demonstrates how hard it is to keep secrets in the age of the Internet. Me: I think the government is learning what the music and movie industries were forced to learn years ago: it's easy to copy and distribute digital files. That's what's different between...
Hackers and crackers: the confusion
I pride myself on my job title “hacker”, but it's open to misconstruction. Today I got mail from somebody in South Africa: Hi Greg, i am out of options and found you on a hackers site, i need help in cracking a ovi password for my wife's email address is there any possibility that you can perhaps help me or point me in the right direction please. I need help please i don't know what to do anymore please. It's clear that he doesn't understand the difference between hackers and crackers, though he talks of cracking, not hacking.
Security Theater in the Theater
This is a bit surreal: Additional steps are needed to prepare Broadway theaters in New York City for a potential WMD attack or other crisis, a New York state legislature subcommittee said yesterday. [...] Broadway district personnel did not know "what to do in case of an emergency as well as the unique problems that a theater workplace poses in...
Unsecured IP Security Cameras
It's amazing how many security cameras are on the Internet, accessible by anyone. And it's not just for viewing; a lot of these cameras can be reprogrammed by anyone....
Still other network problems
Into the office this morning to find myself off the net—by no means for the first time. But this time was different. Every indication was that the link was up, there were no log messages, but no traffic was flowing. And I couldn't stop the ppp process: === root@cojones (/dev/pts/0) /usr/src 12 -> ps aux | grep ppp root 861 0.0 0.8 5196 2864 ?? Ss 16Jan11 11:59.85 ppp -ddial internerd === root@cojones (/dev/pts/0) /usr/src 13 -> kill 861 === root@cojones (/dev/pts/0) /usr/src 14 -> ps aux | grep ppp root 861 0.0 0.8 5196 2864 ??
Frozen Family
We spent this last Christmas in Saskatchewan, which is flat, and so we went to a part that wasn't to have very cold fun. In Regina, there's a man-made lake, and they had to put the dirt they dug out for it somewhere, and quite a lot went into hill in the Wascana Centre, which isn't all that high and you can drive to the top of, but everything's relative and it sure feels high when you're standing on top of it. High, and on December 24th at -15°C with a breeze, really cold. I photographed my twin nieces Anne and Elizabeth up there; Elizabeth explains “I was trying to smile but it was too cold”.
Bioencryption
A group of students at the Chinese University in Hong Kong have figured out how to store data in bacteria. The article talks about how secure it is, and the students even coined the term "bioencryption," but I don't see any encryption. It's just storage. Another article: They have also developed a three-tier security fence to encode the data, which...
Morozov's Net Delusion: skeptical take on net-freedom marred by straw-men
My latest Guardian column, "We need a serious critique of net activism," is a long, detailed review of Evgeny Morozov's new book The Net Delusion, a book that seeks to debunk "cyber-utopianism" and the idea that the Internet can be used as a force for freedom. I agree with much of what Morozov has to … [Read more]
REAL-ID Implementation
According to this study, REAL-ID has not only been cheaper to implement than the states estimated, but also helpful in reducing fraud. States are finding that implementation of the 2005 REAL ID Act is much easier and less expensive than previously thought, and is a significant factor in reducing fraud. In cases like Indiana, REAL ID has significantly improved customer...
Annual Free Software Foundation Fundraiser
var fsf_widget_text = "Help protect your freedom!" ; var fsf_widget_d_btn = "Donate"; var fsf_widget_share = "Share this widget." ; var fsf_widget_size = "normal"; var fsf_associate_id = "3427"; The Free Software Foundation is in the last week of its annual fundraiser and has still has a bit of ground to make up. The FSF needs members and donations to merely sustain its basic activity protecting free software and engaging in minimal outreach. So as I've done in the last couple years, I've written a fundraising appeal for the organization. That why today my face is plastered, Jimmy Wales style, all over the FSF website.
Ammyy: here to help you
Phone call this afternoon from somebody who said he was called Jacob. Apparently my computer had been generating error messages, and he wanted to help me solve them. Clearly a scam. I had some time, so I played along. My first attempt to offer him support didn't work: he didn't understand (clearly not in his script). His first question: “Are you running Microsoft windows?” Me: “Of course not”. “What is your operating system?” “FreeBSD”. “What is your operating system?” “FreeBSD”. “What is your operating system?” “FreeBSD”. Finally he gave up and said “are you running windows?” That's clear: “yes, of course”.
Tab Sweep – Technology
I see lots of things online that I'd like to share. Often I do that via Twitter, but inevitably the number of browser tabs climbs, each representing something that I feel is owed further thought or attention. This is that. The only organizing principle is that these notes are tech-centric; It should be unsurprising that some go back months. Think Like The Web Most good startups and even quite a few enterprises have sort of figured out which way the Web's grain runs and how to avoid cutting across it. But I still see people and organizations being foolish in their obliviousness to how things work round here.
Tab Sweep – The World
Herewith notes provoked by certain long-lived browser tabs not primarily focused on technology or the Net. Considerably random. Still Warming In the great debates of this or any day, you're entitled to your own opinion, but not your own facts. And in the debate around anthropocentric global warming, the facts are not, among reasonable people, still in question: Climate change and evolution, from The Economist, not only slam-dunks the data, but continues with an instructive lesson on how it is that we come to believe things via a nice analogy with evolution; something that a notable contingent of airheads also fails to believe in.
Hacking Tamper-Evident Devices
At the Black Hat conference lasts week, Jamie Schwettmann and Eric Michaud presented some great research on hacking tamper-evident seals. Jamie Schwettmann and Eric Michaud of i11 Industries went through a long list of tamper evident devices at the conference here and explained, step-by-step, how each seal can be circumvented with common items, such as various solvents, hypodermic needles, razors,...
Video of the week: How to tell people to "go away"
As I edit the videos from my "time management" collection I see that some of them came out better than others. This is one of my favorites. Episode 27: How to say 'Go Away' to a user and still be polite? http://www.youtube.com/watch?v=vbv4yprHQXQ When a user interrupts us with a question and we are busy there are ways to say "go away" without sounding like a jerk. (1) make sure they feel heard. If they don't feel heard, anything you say will sound like a jerk. (2) re-enforce good behavior: teach them the right way to get help (file a ticket, etc.)
Stack Overflow 2010 recap
(reposted from the Stack Overflow blog) 2010 was an absolutely amazing year here at Stack Overflow. We grew from 7 million visitors to over 16 million, putting us in Quantcast's top 400. We raised $6 million in venture capital, and we went from three full time employees to 27. We built a 7500 square foot office in New York, and we launched a ton of new features and sites, like Stack Exchange, a network of 33 Q&A sites on diverse topics from cooking to computer science. Stack Exchange grew 51% in December alone. Wow. The expert Q&A model that Stack Overflow pioneered is really working.
Other People's Money (With a Little Help)
I'm taking a hiatus from podcasting while I recuperate from hip surgery; instead, I'll be posting a couple stories a week from the podcast edition of my DIY short story collection, With a Little Help. I hope you enjoy 'em -- I love how these readings came out. You can buy the whole audio on … [Read more]
Brute-Force Safecracking
This safecracking robot tries every possible combination, one after another: Combination space optimization is the key. By exploiting of the mechanical tolerances of the lock and certain combination "forbidden zones", we reduced the number of possible combinations by about an order of magnitude. Opening the safe took "just a few hours." Along the same lines, here's a Lego robot that...
Telstra BigPond, try 3
On my recommendation, Chris Yeardley has procured a Telstra BigPond mobile broadband USB stick. Why on earth would I do that, based on my previous experience? Well, Internode support is at least one order of magnitude better than Telstra's pitiful excuse for support, but they're using Optus infrastructure, and it's living up to the negative things I've heard about it. If Chris can get things to work with Telstra, it might be worth the effort. Also on my recommendation, Chris took the “standard” device, a USB stick, and we took the USIM out of it and put it in the Telstra routers.
Devilishly Hot Deviled Eggs w/ Company
Blowfish in Good Time Max
This screen shot is from the movie "Good Time Max." 17 minutes and 52 seconds into the movie, it shows Blowfish being used as an encryption algorithm....
It is not the critic who counts ...
When Steve Case was asked "how do you turn defeat in to failure" he gracefully quoted Teddy Roosevelt. It is a great speech that will probably inspire people forever. I believe the sentiment of that speech is even more important today. We are enjoying a tremendous rise in entrepreneurial activities and the many startups in technology and in the consumer internet are driving hard to innovate and get their product in the hands of customers at neck breaking speeds. At AWS we are proud to power many of these companies and in my personal interactions I see a whole new generation of technology leaders arising who will have impact for a long time to come.
Cyberwar is Overhyped
A new report from the OECD says the threat of cyberwar has been grossly exaggerated. (Hey, that's what I said.) There are lots of news articles. Also worth reading is this article on cyberwar hype and how it isn't serving our national interests, with some good policy guidelines....
The Legality of the Certificate Authority Trust Model
Interesting research: We looked at the standard legal documents issued by the certificate authorities or "CAs," including exemplar Subscriber Agreements (agreements between CAs and website operators); "Certification Practice Statements" (statements by CAs outlining their business practices); and Relying Party Agreements (purported agreements between CAs and "relying parties," such as end-users). What we found was surprising: "Relying Party Agreements" purport to...
Still inadequate networking
My packet loss continues. Things got better between about 4:00 and 8:00, but over the course of the afternoon I was back to up to 30% packet loss. I wish they'd get their act together.
Why haven't all my graphs been useful like this?
Unfriending
I've never really got much out of Facebook. Quite likely because I've been Doing It Wrong; so I'm trying to fix that. What happened was, I got on Facebook back in 2007; in the early days I accepted friend requests from almost anyone and in particular anyone who worked at Sun. This turned out to be a bad idea; every time I stuck my head in there, all these people I didn't know were shouting and poking and tagging, and I kept getting messages from strangers asking me to become their fans. So, I've decided to try to make it work.
Cost-Benefit Analysis of Full-Body Scanners
Research paper from Mark Stewart and John Mueller: The Transportation Security Administration (TSA) has been deploying Advanced Imaging Technologies (AIT) that are full-body scanners to inspect a passenger's body for concealed weapons, explosives, and other prohibited items. The terrorist threat that AITs are primarily dedicated to is preventing the downing of a commercial airliner by an IED (Improvised Explosive Device)...
Do Corporations Have a Right to Privacy?
This week, the U.S. Supreme Court will hear arguments about whether or not corporations have the same rights to "personal privacy" that individuals do. This is a good analysis of the case. I signed on to a "friend of the court" brief put together by EPIC, arguing that they do not. More background here. And an editorial from The Washington...
Profile Story On Me :-)
Calling All Windows Trainers
The PICC Conference is looking for Windows Trainers. If you have experience training people on PowerShell, ActiveDirectory, or Windows 7 (or know someone who does) please read Matt's blog post.
Network connection: ups and downs
No question, my network connection is much better now. There are no longer these ridiculously long ping delays (up to 90 seconds in the past). The worst I see now is about a second, about the average I had with satellite. How did they do it? Easy, it would seem: they drop every packet that doesn't get back soon enough.
Odd Art Forger
He's not in it for the money: Mr. Landis...has been one of the most prolific forgers American museums have encountered in years, writing, calling and presenting himself at their doors, where he tells well-concocted stories about his family's collection and donates small, expertly faked works, sometimes in honor of nonexistent relatives. Unlike most forgers, he does not seem to be...
AWS Elastic Beanstalk: A Quick and Simple Way into the Cloud
Flexibility is one of the key principles of Amazon Web Services - developers can select any programming language and software package, any operating system, any middleware and any database to build systems and applications that meet their requirements. Additionally customers are not restricted to AWS services; they can mix-and-match services from other providers to best meet their needs. A whole range of innovative new services, ranging from media conversion to geo-location-context services have been developed by our customers using this flexibility and are available in the AWS ecosystem. To enable this broad choice, the core of AWS is composed of building blocks which customers and partners can use to build any system or application in the way they see fit.
An Only Slightly Fictionalized Story
Before heading back to graduate school, my brother worked full-time as a personal fitness and strength trainer. Like many trainers, he started out in an established gym and then struck out on his own once he had established an clientele base. Working on his own, he got almost all of his new business from referrals. Although one might think that a trainer's trusted long-term clients would be the source of most new business, it was mostly the newer, less established clients who referred new trainees. The established clients had already referred everyone in their social network that might be interested.
TPOSANA 2nd edition now on Kindle!
We're happy to announce The Practice of System and Network Administration is now available on Kindle! http://www.amazon.com/dp/B004JLMUJ0 Thanks to everyone at Addison-Wesley and Amazon for making this happen. Thanks to all the fans that clicked on the link on Amazon asking for a Kindle edition.
Movie-Plot Threats at the U.S. Capitol
This would make a great movie: Rep. Dan Burton, R-Ind., renewed his call for the installation of an impenetrable, see-through security shield around the viewing gallery overlooking the House floor. Burton points out that, while guns and some bombs would be picked up by metal detectors, a saboteur could get into the Capitol concealing plastic explosives. The House floor, he...
Goodbye satellite
My TV programme update on cvr2 failed today. Further investigation showed that it had a default route of sat-gw.lemis.com, and that connection is now gone: 3 years of pain over and done with, but I'm still left with a bad taste in my mouth, particularly about the way SkyMesh treated me. I'd also be happier if I got the feeling I could rely on my 3G connection. That has been better lately, though. While CJ was here, we put up a better antenna mast: It's sturdier, but of course it doesn't bring any better signal.
Links for Monday, January 17, 2011
Penelope Trunk: How to Answer the Question, What Do You Do? - “3. Don't focus on your job. This is not a job interview–it's an attempt to get to know you so the person can connect with you. So you don't need to go straight to your job for an answer. Some people have a [...]
More Stuxnet News
This long New York Times article includes some interesting revelations. The article claims that Stuxnet was a joint Israeli-American project, and that its effectiveness was tested on live equipment: "Behind Dimona's barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran's at Natanz, where Iranian scientists are struggling to enrich uranium." The worm itself now appears...
Interview with School Libraries in Canada
I did a fun interview with School Libraries in Canada, a journal of the Canadian Association for School Libraries: CD - I remember the first really substantial thing that happened to me in a school library. That was the day that they marched my grade three class down to the school library at Crestview Elementary … [Read more]
Video of the week: "Get boring!"
As I edit the videos from my "time management" collection I see that some of them came out better than others. This is one of my favorites. Episode 18: "Get Into That Old Boring Routine" http://www.youtube.com/watch?v=DG3aSFk5Lfk In this video I passionately describe the importance of routines and how they can be used to eliminate "the bad kind of excitement" and instead emphasize "the good kind of excitement" we deserve. He lists examples related to planning meetings, buying gasoline for his car, and preventing a very wet, messy, situation at work. These routines create a "domino effect" of benefits.
New Revelations in the Mahmoud al-Mabhouh Assassination
I wrote a lot last year about the assassination of Mahmoud al-Mabhouh in Dubai. There's a new article by an Israeli investigative journalist that tells the story we already knew, and adds a bunch of interesting details. Well worth reading....
Testing is a waste of time
Do your developers do unit testing, system testing, or even worse the so called "continuous test"? Just tell them this redundancy will not be tolerated. It is a waste of time. If you skip those tests then the customers will find those bugs for free! Don't be foolish and turn down this free labor! (The owners of everythingsysadmin.com apologize for the above message. Tom was replaced by an evil pointy haired boss Tom. Evil Tom was wrestled to the ground and the real Tom has taken back control of the keyboard. Please disregard the above message.)
Anniversaries & Ideologies
I took my little girl to the Sunday toddler drop-in at the local community center and thought about this weekend's birthdays: Wikipedia's tenth and the IETF's twenty-fifth. The drop-in is a lifesaver when you've got a bored pre-schooler and lousy weekend weather. They've got a gym with various kind of trikes and ride-ons and climb-ons and balls; across the hall a playroom with a model kitchen; for $3.75 your kid gets quality entertainment and very decent snacks. In my mind, it's in the same category as Wikipedia and the IETF: something created by the public for the public. The lone-inventor narrative captures imaginations and makes for a hell of a story; and I guess there've been some.
NVIDIA Project Denver: ARM Powered Servers
NVIDIA has been an ARM licensee for quite some time now. Back in 2008 they announced Tegra, an embedded client processor including an ARM core and NVIDIA graphics aimed at smartphones and mobile handsets. 10 days ago, they announced Project Denver where they are building high-performance ARM-based CPUs, designed to power systems ranging from “personal computers and servers to workstations and supercomputers”. This is interesting for a variety of reasons, first they are entering the server CPU market. Second NVIDIA is joining Marvell and Calxeda (previously Smooth-Stone) in taking the ARM architecture and targeting server-side computing. < ?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /> ARM is an interesting company in that they produce designs and these designs get adapted by licensees including Texas instruments, Samsung, Qualcomm, and even unlikely players such as Microsoft.
Interview on Channel 9
Over the holidays, Erik Meijer interviewed me on Channel 9. We covered a wide variety of topics, mostly centered on C++ with some straying into C#/Java/Haskell/Clojure/Erlang, but ranging from auto and closures to why (not?) derive future<T> from T, and from what the two most important problems in parallelism are in 2011 to why and how [...]
Interview on Channel 9
Over the holidays, Erik Meijer interviewed me on Channel 9. We covered a wide variety of topics, mostly centered on C++ with some straying into C#/Java/Haskell/Clojure/Erlang, but ranging from auto and closures to why (not?) derive future<T> from T, and from what the two most important problems in parallelism are in 2011 to why and how [...]
Fine-tuning the antenna
More antenna adjustments today, and now I'm getting an RSSI in the order of 7 to 8, though it fluctuates wildly. On one occasion it briefly reported 17 (20 dB more). I suspect there's some issue with the firmware on the modem.
Friday Squid Blogging: Deep-Sea Squid Video
"Anthology of Deep-Sea Squids," from the Monterey Bay Aquarium....
Me on Airport Security
Last week, I spoke at an airport security conference hosted by EPIC: The Stripping of Freedom: A Careful Scan of TSA Security Procedures. Here's the video of my half-hour talk....
Upcoming Gig: MWC
That stands for Mobile World Congress, right around Valentine's Day, in Barcelona. A whole tribe of Androiders are going, and the mock-up of our booth is boggling minds all over the 'plex. Barcelona, baby, and the global mobile maelstrom; what's not to like?
Loaded Gun Slips Past TSA
I'm not really worried about mistakes like this. Sure, a gun slips through occasionally, and a knife slips through even more often. (I'm sure the TSA doesn't catch 100% of all bombs in tests, either.) But these items are caught by the TSA often enough, and when the TSA does catch someone, they're going to call the police and totally...
The Right Book (With a Little Help)
I'm taking a hiatus from podcasting while I recuperate from hip surgery; instead, I'll be posting a couple stories a week from the podcast edition of my DIY short story collection, With a Little Help. I hope you enjoy 'em -- I love how these readings came out. You can buy the whole audio on … [Read more]
Surviving a Terrorist's Nuclear Attack
Interesting reading, mostly for the probable effects of a terrorist-sized nuclear bomb. A terrorist bomb is likely to be relatively small -- possibly only a fraction of the Hiroshima bomb's explosive power -- and likely exploded at ground level. This means that the area totally destroyed by the explosion is likely to be much smaller than the area exposed to...
Cooking eggs: the experts speak
Mail from Leighton Haynes today with some interesting links about how to boil an egg. My own interest in this sort of thing goes back to a project I did at university 40 years ago, writing numerical analysis software for the case of heat transmission in an infinite slab. To quote the comment at the beginning of the program: 'COMMENT' THIS PROGRAM EXAMINES THE TRANSIENT TEMPERATURES IN A 00000801 FLAT, PARALLEL SIDED FINITE THICKNESS SLAB OF UNIFORM INITIAL 00000802 TEMPERATURE T INITIAL AND THICKNESS X, EXPOSED AT TIME T=0 TO 00000803 EXTERNAL HEATING.
Stealing SIM Cards from Traffic Lights
Johannesburg installed hundreds of networked traffic lights on its streets. The lights use a cellular modem and a SIM card to communicate. Those lights introduced a security risk I'll bet no one gave a moment's thought to: that criminals might steal the SIM cards from the traffic lights and use them to make free phone calls. But that's exactly what...
Interested in Core Database Engine Development?
If you have experience in database core engine development either professionally, on open source, or at university send me your resume. When I joined the DB world 20 years ago, the industry was young and the improvements were coming ridiculously fast. In a single release we improved DB2 TPC-A performance by a factor of 10x. Things were changing quickly industry-wide. These days single-server DBs are respectably good. It's a fairly well understood space. Each year more features are added and a few percent performance improvement may happen but the code bases are monumentally large, many of the development teams are over 1,000 engineers, and things are happening anything but quickly.
The Security Threat of Forged Law-Enforcement Credentials
Here's a U.S. Army threat assessment of forged law-enforcement credentials. The authors bought a bunch of fake badges: Between November 2009 and March 2010, undercover investigators were able to purchase nearly perfect counterfeit badges for all of the Department of Defense's military criminal investigative organizations to include the Army Criminal Investigation Command (Army CID), Naval Criminal Investigative Service (NCIS), Air...
Network connection: finally some debugging
Another 3G PPP disconnect this morning, and this time I got a unified log, so it's more understandable what the sequence was: Jan 11 22:31:38 swamp ppp[1117]: tun0: Warning: nat_LayerPull: Problem with IP header length (59074) Jan 12 07:19:11 swamp ppp[1117]: tun0: Phase: deflink: read (2): Got zero bytes Jan 12 07:19:11 swamp kernel: ugen0.2: <HUAWEI Technology> at usbus0 (disconnected) Jan 12 07:19:11 swamp kernel: u3g0: at uhub0, port 2, addr 2 (disconnected) Jan 12 07:19:11 swamp ppp[1117]: tun0: CCP: deflink: State change Stopped --> Closed Jan 12 07:19:11 swamp ppp[1117]: tun0: CCP: deflink: State change Closed --> Initial There are a number of these “Problem with IP header length” messages, which I presume are due to uncorrected errors.
Stuck in the Ceiling
Just a picture I shot while walking around San Francisco not too long ago. One of these years maybe I'll start planning my pictures.
Ukulele Orchestra
To be precise, Children's Ukulele Orchestra. I was out at Vancouver airport sometime around Christmas and they were performing and were not bad at all. The menacing part at the left is part of Bill Reid's Jade Canoe which is remarkably beautiful and, at Vancouver Airport, a plaything for toddlers and oldsters and ukulele orchestras.
Don't make your own patch cables.
True story: My first job out of college we made our own patch cables. Usually we'd make them "on demand" as needed for a new server or workstation. My (then) boss didn't want to buy patch cables even though we knew that we weren't doing a perfect job (we were software people, eh?) . Any time we had a flaky server problem it would turn out to be the cable... usually one made by my (then) boss. When he left the company the first policy change we made was to start buying pre-made cables. That was during the days of Category 3 cables.
Attacking High-Frequency Trading Networks
Turns out you can make money by manipulating the network latency. cPacket has developed a proof of concept showing that these side-channel attacks can be used to create tiny delays in the transmission of market data and trades. By manipulating specific trading activities by several microseconds, an attacker could gain unfair trading advantage. And because the operation occurs outside the...
DROAM - Dreaming about Cheap Data Roaming
I frequently travel outside of the US. Often to Europe and increasingly to the Middle & Far East and Australia. The one thing that I have always struggled with during my travels are the data plans of the cell phone companies. They are complex and ridiculously expensive. For an internet road warrior they are a complete nightmare. One wireless company for example has an international plan that will charge you $25 per month for 50MB after which they will charge you $20 per MB. I frequently do more than 30MB a day, so this plan has no advantage for me. After many investigations I settled for T-Mobile which has an international Blackberry supplement that is $20/month for all BB mail traffic.
Network problems: new insights
My 3G network connectivity continues to be completely unacceptable. At 10:12 I got the following ping summary: --- resolv.internode.on.net ping statistics --- 100 packets transmitted, 88 packets received, 12.0% packet loss round-trip min/avg/max/stddev = 110.599/26936.523/51855.631/15682.176 ms Called up Internode support and left my number; Rob called me back a couple of minutes later and we discussed the matter. He spent some time talking to his second-level people, and at least nobody is talking about signal strength any more. The fact that Yvonne managed to make a VoIP call yesterday is valuable help.
The Things That Make Me Weak and Strange Get Engineered Away (With a Little Help)
I'm taking a hiatus from podcasting while I recuperate from hip surgery; instead, I'll be posting a couple stories a week from the podcast edition of my DIY short story collection, With a Little Help. I hope you enjoy 'em -- I love how these readings came out. You can buy the whole audio on … [Read more]
Scott Sigler's WALH podcasting promo
Scott Sigler was kind enough to create an awesome 60-second promo for With a Little Help.
With a Little Help unboxing
Michael Sauers was so pleased with his limited-edition copy of With a Little Help that he produced an unboxing video and a photoset.
Give With a Little Help to a library or school
Last month, I launched my DIY short story collection With a Little Help and invited librarians and teachers to send in their addresses so that I could publish a list of worthies to whom copies of the book could be donated. Due to a technical cock-up, these emails went awry and I only figured this … [Read more]
"Homeland Security Hasn't Made Us Safer"
This will be nothing new to readers of this blog, but it's nice to read other people saying it too....
Hugo Award nominations are open
The Hugo Award nominations are now open; attendees at last year's World Science Fiction Convention in Melbourne or next year's in Reno are eligible to nominate. I usually wait until the annual Locus List of notable publications to help me make my choices and jog my memory, but in case you're wondering, yes, indeed, I … [Read more]
Net Neutrality explained for writers and other artists
My latest column for Locus magazine is "Net Neutrality for Writers: It's All About the Leverage," a piece about the risks to artists of allowing network carriers to demand bribes for "premium carriage" of our content. Not that the telcos really care about this. Art, schmart. They just want to get paid, and paid, and … [Read more]
ASUS responds
In the evening received a message from ASUS, from whom I bought the RT-N13U router. Solving my problem? No. It was clearly in relation to the incident, though it must have been too much trouble for them to say so; another reason not to buy more than one thing from ASUS. What they wanted was to know how satisfied I was with their support. I'm continually amazed that people send out messages like this without checking whether the issue has been closed. But this one took the cake: Date: Mon, 10 Jan 2011 15:25:06 +0800 From: "SIP" <sip@asus.com> Subject: ASUS Callcenter Kundenzufriedenheits Umfrage X-Mailer: Microsoft CDO for Windows 2000 <http://support.asus.com/images/asus-logo.gif> Sehr geehrter Kunde, wir möchten Ihnen Danken, das wir die Möglichkeit hatten sie ...
James Fallows on Political Shootings
Interesting: So the train of logic is: anything that can be called an "assassination" is inherently political; very often the "politics" are obscure, personal, or reflecting mental disorders rather than "normal" political disagreements. But now a further step, the political tone of an era can have some bearing on violent events. The Jonestown/Ryan and Fromme/Ford shootings had no detectable source...
Debugging e169-stats
More investigation of the e169-stats program today. From ktrace I saw that it was reading the status messages, but I didn't see anything on the screen. The code appeared to be particularly sensitive to changes in the status format, so decided an alternative approach with sscanf. But that didn't work either. Gradually I got the impression that it had something to do with the xterm I was running it in, and tried it on the console. Bingo! It worked. Further investigation showed that it wanted a darker background, but not completely black.
HotSec'11 CFP Out: Singular emphasis on new ideas and problems!
Obese Pipes
Jim Gettys has been demonstrating the seriousness of the “buffer bloat” problem; see Home Router Puzzle Piece Two – Fun with wireless, and The criminal mastermind: bufferbloat! This is mostly just to draw your attention to Jim's work, because you can probably improve your own Internet experience by acting on his advice; but have I have a related gripe of my own. As Jim points out, old guys like he and I can remember a time when the Internet used slower connections but felt faster. The good news is that it can probably feel faster again, if certain ISPs and network-hardware engineers stop the bufferbloat abuse.
What Kind of Mother?
Why Chinese Mothers Are Superior by Amy Chua went through the Internet hive mind today like a hot knife through butter. I have some direct personal experience of these issues. Other Voices But before I get into that, I should link to some of the remarkably intense and wide-ranging reactions to Ms Chua; I liked the pieces from Christine Lu, Betty Ming Liu, and the MetaFilter community. We can draw a couple of conclusions right away: First, Ms Chua is serious and this isn't, as some speculated, a work of satire. However, the piece may be to some extent troll-flavored linkbait for her upcoming book Battle Hymn of the Tiger Mother.
Google Megastore: The Data Engine Behind GAE
Megastore is the data engine supporting the Google Application Engine. It's a scalable structured data store providing full ACID semantics within partitions but lower consistency guarantees across partitions. I wrote up some notes on it back in 2008 Under the Covers of the App Engine Datastore and posted Phil Bernstein's excellent notes from a 2008 SIGMOD talk: Google Megastore. But there has been remarkably little written about this datastore over the intervening couple of years until this year's CIDR conference papers were posted. CIDR 2011 includes Megastore: Providing Scalable, Highly Available Storage for Interactive Services.
More network woes
Into the office today to find the network link down again, and once again I was connected to the net by a different second hop. Peter Jeremy explained why. Too many hops: In a more serious tone, though, this time I had had the ppp process try to redial. And try it did: by the time I got there, it had filled up all the log files, and I no longer had any information about what happened to cause the problem. My own attempts also failed: I had to reboot the machine.
Network ping-pong
Into the office this morning to find that my network connection was down again: the PPP link had dropped, and I still hadn't got round to getting it to retry. Finally got that done. When things settle down here—assuming that they do get better—I'll have to remove the first few days from the record. Why did the link drop? I'm connected back to the old PPP server, it seems: === grog@dereel (/dev/ttyph) /var/log/pings 434 -> traceroute www traceroute to www.lemis.com (203.10.76.45), 64 hops max, 40 byte packets 1 swamp (192.109.197.138) 0.204 ms 0.128 ms 0.108 ms 2 lns1.mel4.internode.on.net (150.101.212.19) 154.904 ms 159.519 ms 219.955 ms I wonder why they're doing that.
Friday Squid Blogging: Biggest Squid Ever
It's an oil field: Brazil's state-run Petrobras confirmed Wednesday that oil fields recently discovered offshore contained 8.3 billion barrels of recoverable crude and gas -- and said the biggest field was being renamed "Lula." That nomenclature happens to be the nickname of President Luiz Inacio Lula da Silva, who steps down on Saturday after overseeing eight years of prosperity in...
The Social Dynamics of Terror
Good essay: Nineteenth-century anarchists promoted what they called the "propaganda of the deed," that is, the use of violence as a symbolic action to make a larger point, such as inspiring the masses to undertake revolutionary action. In the late 1960s and early 1970s, modern terrorist organizations began to conduct operations designed to serve as terrorist theater, an undertaking greatly...
Removing the rod antenna
Called up ASUS support about the ASUS RT-N13U router, and this time got through to Andrew, who seems to be their only support person. At least he sounds more competent than most. He went through a few things with me (“Configure as AP instead of as router”), but that didn't work either. He promised to contact the people in Taiwan and get some information. But in the meantime I've applied for a return authorization. About the only piece of 3G hardware that I'll almost definitely keep is the Yagi antenna. That means that I can give Chris the rod antenna.
SMS of Death
This will be hard to fix: Using only Short Message Service (SMS) communications–messages that can be sent between mobile phones–a pair of security researchers were able to force low-end phones to shut down abruptly and knock them off a cellular network. As well as text messages, the SMS protocol can be used to transmit small programs, called "binaries," that run...
Sony PS3 Security Broken
Sony used an ECDSA signature scheme to protect the PS3. Trouble is, they didn't pay sufficient attention to their random number generator....
Sophisticated Targeted Link Spam
What appeared to be an intelligent comment in one of my blog postings turned out to be targeted link spam. This is a worrying trend, because, although we can defend ourselves against mass attacks, we're very vulnerable to targeted strikes.
Capacity Planning
Google images: where do they come from?
Today was the last day of Christmas, with the twelve drummers drumming. So, of course, I thought of FASTRAND. And for some unmentioned reason, presumably copyright issues, Wikipedia has removed the image. So I went looking for one on Google images. I've seen a lot of false positives on Google images, but this one really blew my mind. About 535 results, three of which were really of FASTRAND, a few of which showed drums or old UNIVAC computers, and most of which seemed to have no relationship whatsoever. While browsing through, found this: That's a very familiar image: it's the north side of my house, and following the link shows that I took it on 25 September 2010, and included it ...
The Wikipedia of Long Tail Programming Questions
“Have you ever noticed how certain questions come up again and again on Stack Overflow sites?” – From The Wikipedia of Long Tail Programming Questions, over on the Stack Overflow blog. Need to hire a really great programmer? Want a job that doesn't drive you crazy? Visit the Joel on Software Job Board: Great software jobs, great people.
Eavesdropping on GSM Calls
It's easy and cheap: Speaking at the Chaos Computer Club (CCC) Congress in Berlin on Tuesday, a pair of researchers demonstrated a start-to-finish means of eavesdropping on encrypted GSM cellphone calls and text messages, using only four sub-$15 telephones as network "sniffers," a laptop computer, and a variety of open source software. The encryption is lousy: Several of the individual...
Finally - Linux on My Desktop
At the beginning of 2011 I finally made a big switch, one long overdue and one that I should have made 15 years ago. Way back in 1985 I was hired into a newly formed group at American Management Systems of Arlington, Virginia. The group was tasked with making Unix easier to use. I started [...]
Inputting UTF-8 characters: documented
I've complained in the past about the problems of entering special UTF-8 characters in X, and described how I worked around the problem with Emacs macros. Today I got a message from somebody calling himself Pmarin with a more general solution, borrowed from Plan 9 from User Space. He even included a key description file, which is freely redistributable according to the license. Paraphrasing Pmarin's message, using it is pretty simple: Store the key description file as ~/.XCompose.
Guard Towers at WalMart
This feels very creepy and police-state-like. What on earth could WalMart be worried about?...
Improving Internet connectivity
More high latency this morning: 76 bytes from 150.101.212.19: icmp_seq=35 ttl=249 time=10069.493 ms tso=23:52:35 tsr=23:52:45 tst=23:52:45 76 bytes from 150.101.212.19: icmp_seq=36 ttl=249 time=9072.398 ms tso=23:52:36 tsr=23:52:45 tst=23:52:45 76 bytes from 150.101.212.19: icmp_seq=37 ttl=249 time=8075.340 ms tso=23:52:37 tsr=23:52:45 tst=23:52:45 76 bytes from 150.101.212.19: icmp_seq=38 ttl=249 time=7078.278 ms tso=23:52:38 tsr=23:52:45 tst=23:52:45 76 bytes from 150.101.212.19: icmp_seq=39 ttl=249 time=6081.208 ms tso=23:52:39 tsr=23:52:45 tst=23:52:45 76 bytes from 150.101.212.19: icmp_seq=40 ttl=249 time=5215.160 ms tso=23:52:40 tsr=23:52:45 tst=23:52:45 76 bytes from 150.101.212.19: icmp_seq=41 ttl=249 time=4218.071 ms tso=23:52:41 tsr=23:52:45 tst=23:52:45 76 bytes from 150.101.212.19: icmp_seq=42 ttl=249 time=3682.928 ms tso=23:52:42 tsr=23:52:46 tst=23:52:46 Decided that that was bad enough to report, so sent off a message to Internode support with the information.
Links for Monday, January 3, 2011
John Wiegley: Git From the Bottom Up - “In my pursuit to understand Git, it's been helpful for me to understand it from the bottom up–rather than look at it only in terms of its high-level commands. And since Git is so beautifully simple when viewed this way, I thought others might be interested to read what [...]
Polar Bears Destroying Hidden Cameras
Watch the video. What valuable security lessons does this teach? EDITED TO ADD (1/3): And why aren't the polar bears destroying the hidden cameras that are filming the polar bears destroying the hidden cameras?...
Links for Saturday, January 1, 2011
Hummingbird: Real Time Web Traffic Visualization - “Hummingbird lets you see how visitors are interacting with your website in real time“ Official 3DXplorer Blog: 3DXplorer at the University of Washington - “University of Washington is one of the most active universities in the field of Virtual Worlds and one of the rare ones delivering a certificate [...]
Bacchus, Golden
On the last day of 2010 we drove 976km from Calgary to Vancouver. Along the way we stopped in Golden, BC for coffee and muffins at Bacchus Books & Cafe, which I totally recommend if you're there, and it's got me thinking about the future (if any) of physical-media retail. But first, a quick sidebar: No, that's not a misprint, and it's actually worse than that; the day before we'd gone 760km from Regina, where my family had gathered for Christmas, to Calgary. We gather because we enjoy each other and we travel because we're scattered across the country. This time my branch of the family chose on impulse to drive because we could and because the airfares were stupid and because Western Canada is awesomely beautiful, particularly in winter.
