Blog Archive: April 2012
C++ Libraries: Casablanca
At GoingNative in February, I emphasized the need for more modern and portable C++ libraries, including for things like RESTful web/cloud services, HTTP, JSON, and more. The goal is to find or develop modern C++ libraries that leverage C++11 features, and then submit the best for standardization. Microsoft wants to do its part, and heres [...]
Back to the enblend port
I compiled and installed enblend 3 weeks ago. But I didn't update the port. On the positive side, the documentation has been greatly improved. But it changed in a manner which makes it very difficult to install, and the formalities of the FreeBSD ports collection don't make it any easier. As I discovered the first time round, the documentation is now formatted with texinfo. There's lots of that about, so much that texinfo is in the base FreeBSD system. But the FreeBSD version is ancient, and it can't convert the enblend documentation.
Worlds youngest C++ programmer?
Im seeing many younger programmers picking up C++. The average age at C++ events over the past year has been declining rapidly as the audience sizes grow with more and younger people in addition to the C++ veterans. But this one just beats all [Facebook link added]: A six-year-old child from Bangladesh is hoping to [...]
C++ and Beyond Panel: Modern C++ = Clean, Safe, and Faster Than Ever
I just posted the following panel announcement to the C++ and Beyond site. The three-day event (plus evening-before reception) with me, Scott Meyers, and Andrei Alexandrescu will be held on August 5-8, and early-bird registration is open until May 31. C++11 is kind of like C++ Dreamliner. Its built with world-class modern materials. It [...]
I'll be speaking at LOPSA-NJ on Thursday
The NJ Chapter of LOPSA is graciously letting me do a dress rehearsal of my Ganeti presentation that will be presented at the PICC Conference next week. http://picconf.org If you can't make it to the conference or just want to be able to attend one of the conflicting sessions, this is a great opportunity for you. Complete details are on the www.lopsanj.org website. Topic: Ganeti Virtualization Management:Improving the Utilization of Your Hardware and Your Time Date: Thursday, May 3, 2012 Time: 7:00pm (social), 7:30pm (discussion) If you are planning on coming please RSVP so we have the right amount of pizza.
Why did an MPAA executive join the Internet Society?
Here's a podcast of my last Guardian column, Why did an MPAA executive join the Internet Society?: Late in March, I started to get a steady stream of emails from concerned readers: did you see that the Internet Society has appointed the former chief technology officer of the MPAA to be their North American regional … [Read more]
JCS Chairman Sows Cyberwar Fears
Army General Martin E. Dempsey, the chairman of the Joint Chiefs of Staff, said: A cyber attack could stop our society in its tracks. Gadzooks. A scared populace is much more willing to pour money into the cyberwar arms race....
Goodbye Jorge, goodbye Samba
Sad news today: Jorge de Moya died a couple of days ago. For years he was the only breeder of pure Paso Fino horses in Australiauntil about 8½ years ago, when Yvonne somehow talked him in to giving her a pure-bred foal in exchange for a Paso Peruano foal out of her mare La Tigre. The foal itself was a story: Yvonne wanted to call her Samba, which I thought my friends at the Samba project would find inappropriate. So I said that if she wanted to call her that, she should first get approval from both Tridge and Jeremy. Fat chance, I thought.
Reinstalling scanner software
Finally got my office tidied up and moved the scanner to the desk to my right, where pain (my Microsoft laptop) is. Connected up, installed, and ran it. It works. But it doesn't work on braindeath. Why? I've deinstalled and reinstalled and rebooted and done all those Microsoft things, but it continues to have fatal errors. Is this some case of incomplete deinstallation? One difference suggests that it is: when I installed on pain, I had to accept the usual EULA stuff. When I reinstalled on braindeath, I didn't. That suggests that at least some information remains after deinstallation.
Tom @ LILUG, Wed, April 10, 2012, Woodbury, Long Island, NY
I'll be giving a talk about Ganeti, the open source virtual cluster manager April 10th @ 8:00pm at the Woodbury Campus of Cold Spring Harbor Lab, in the Woodbury Auditorium. For more information visit: http://lilug.org See you there!
A Million Lives Saved
Well, not really. But my LifeSaver 2 app has now uploaded over a million calls and messages for a temporary stay in the cloud and (in theory) transfer to other devices. This is not as impressive as it sounds since the number of unique users is still just a few hundred; but it pleases me nonetheless. I observe that the number of downloads is quite a bit smaller; it seems that people upload, and then it takes them longer than they thought to get their new device brought up and LifeSaver installed; long enough for the cloud scrubber to have erased their upload, so they have to do it again.
Fair-trade goldfarming project inspired by For the Win
Tom Dane writes: 'For The Win' was incredibly exciting and inspiring. It is not the first book of yours that made me feel that way, but it was the difference in motivating me to become a small part of the movement to use gold farming for development and freedom. The kind of stuff you were … [Read more]
Still more NiZn batteries
My latest delivery of NiZn batteries arrived today, including not one, but two replacements for the failed AAA battery. That was nice, but also necessary, since another had failed since then. Charged the first lot (AA) with no incident. Taking photos later, the flash gun gave me a low battery indication. I had only just put batteries in it a couple of weeks ago, but fortunately I now had freshly charged replacements. On taking the old ones out, I noted the voltages: Battery number Before After 5 ...
Vote for Liars and Outliers
Actionable Books is having a vote to determine which of four books to summarize on their site. If you are willing, please go there and vote for Liars and Outliers. (Voting requires a Facebook ID.) Voting closes Monday at noon EST, although I presume they mean EDT....
Friday Squid Blogging: Chesapeake Bay Squid
Great pictures. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Attack Mitigation
At the RSA Conference this year, I noticed a trend of companies that have products and services designed to help victims recover from attacks. Kelly Jackson Higgins noticed the same thing: "Damage Mitigation as the New Defense." That new reality, which has been building for several years starting in the military sector, has shifted the focus from trying to stop...
More scanner woes
It's been a few weeks since I connected my Epson scanner to braindeath, the loaner Microsoft box I use mainly for photo processing. It has been flaky: much of the time it works, sometimes (far too often) it crashes. Today I was scanning some documents and stopped to look at something else. When I returned to continue scanning, the program crashed. And crashed. And crashed. Removing and reinstalling the software (if that's what really happened when I asked for it) didn't help. I'm dead in the water. How do you debug this kind of problem? I wish I knew. I suspect that some remnant software or configuration information is in the way.
An Illustrated Guide to SSH Agent Forwarding
I don't think I really understood SSH "Agent Forwarding" until I read this in-depth description of what it is and how it works: http://www.unixwiz.net/techtips/ssh-agent-forwarding.html In fact, I admit I had been avoiding using this feature because it adds a security risk and it is best not to use something risky without knowing the internals of why it is risky. Now that I understand it and can use it, I find it saves me a TON of time. Highly recommended (when it is safe to use, of course!) Tom
Biometric Passports Make it Harder for Undercover CIA Officers
Last year, I wrote about how social media sites are making it harder than ever for undercover police officers. This story talks about how biometric passports are making it harder than ever for undercover CIA agents. Busy spy crossroads such as Dubai, Jordan, India and many E.U. points of entry are employing iris scanners to link eyeballs irrevocably to a...
DxO Optics Pro against Photoshop
About the only software I have purchased in the last 5 years or more is DxO Optics Pro. It wasn't an easy decision: it only runs on Microsoft, and it's glacially slow. It would probably run in a VM, but it requires so much memory that I can't do it in my current environment, so to run it at all I have borrowed a computer from Chris Yeardley. It also has irritating bugs features like not being able to handle EXIF data correctly, at least on my Olympus E-30, if the data has been modified in any way: it wants to be the first program to access the raw image.
Fear and the Attention Economy
danah boyd is thinking about -- in a draft essay, and as a recording of a presentation -- fear and the attention economy. Basically, she is making the argument that the attention economy magnifies the culture of fear because fear is a good way to get attention, and that this is being made worse by the rise of social media....
gmail via my own server
One of the things that we decided at the Friends' meeting was that we should use gmail to run the general mailing list. That's not my style at all, of course, but it solves a number of problems in this particular case. Currently they're accessing a particularly complicated webmail system from TransACT, on whom we don't want to be dependent, and they tell me they can only access it from one computer in the Friends' George Longley Building. One of the things I want them to be able to do is for each authorized user to access it from wherever they want, so gmail sounds like a good option.
Water almost everywhere
Last week was really mild, but that changed, and the temperatures have dropped a lot. 4 days ago we had a top temperature of 25.5° and a low of 12.2°. Today's top temperature was 12.6°: And in the last 3 days we had over 20 mm of rainif you measure it by the old-fashioned rain gauge. According to my weather station there was no rain. I had already looked at the rain gauge, which for once was not blocked by cobwebs, and there's nothing obviously wrongmaybe a slightly stiff action.
Meeting with the friends again
It's been some time since I've had much to do with the computer setup of the Friends of the Ballarat Botanical Gardens, but it seems that they've been doing things, and they've run into trouble: Communication is the big word (and the reason why I didn't hear anything of the other issues). Like elsewhere in the Microsoft space, email communication is a big issue, so into town today to discuss face-to-face, also taking the opportunity to have a very overdue haircut. They now have a new paid assistant, Genevieve Lowe, who will end up doing a lot of the work. The meeting itself didn't really bring any new information.
Mobile vs. PC?
In answering a reader question about Flash today, I linked to Adobes November press release and I commented: Granted, Adobe says its abandoning Flash only for new mobile device browsers while still supporting it for PC browsers. This is still a painful statement because [in part] & the distinction between mobile devices and PCs is [...]
Reader Q&A: Flash Redux
David Braun asked: @Tom @Herb: Whats so wrong with flash that it should be boycotted? Have I been being abused by it in some way Im not aware of? Also,does HTML5 have any bearing on the subject? Im not saying it should be boycotted, only that I avoid it. Here’s what I wrote two years [...]
Amazing Round of "Split or Steal"
In Liars and Outliers, I use the metaphor of the Prisoner's Dilemma to exemplify the conflict between group interest and self-interest. There are a gazillion academic papers on the Prisoner's Dilemma from a good dozen different academic disciplines, but the weirdest dataset on real people playing the game is from a British game show called Golden Balls. In the final...
Same Old Sex Organs
Of plants, I mean, of course. Which is to say, around this time every year I get all deranged about the flowers and inflict loads of pictures of them on you. If this sort of photographic cliché offends or (worse) bores you, stop now, move on to the next blog. My florals are getting a little on the kinky side. I cant not take pictures of them, but since Ive taken the obvious ones for lo these many years, Im really trying for something different, which leads to some distinctly odd colors and textures. This tulip was caught under the rhubarb bush, with sun coming through the green and the pink.
More On That Pipeline
Ive written before about the BC pipeline controversy. Like many Canadians, Im unconvinced that it makes sense to bet heavily on filthy carbon-laden bitumen, unconvinced that we should rip the hell out of Northern Albertas people and landscape to extract it, unconvinced that we should ship it out of the country so we can buy the refined product back, unconvinced that we should pipe it through our wilderness to the sea, and really unconvinced that it makes sense to run 250 supertankers a year into the narrow stormy fjords of northern BC. Heres an an outstanding open letter from an expert, addressing that last point.
Tom @ LOPSA-NJ, Thu May 3, 2013, Lawrenceville, NJ (near Princeton)
I'll be speaking at LOPSA-NJ's May meeting about Ganeti, the open source project I'm involved in. The title is "Ganeti Virtualization Management: Improving the Utilization of Your Hardware and Your Time". For more information check out the LOPSA NJ web site.
Talk Video: Welcome to the Jungle
Last month in Kansas City I gave a talk on “Welcome to the Jungle,” based on my recent essay of the same name (sequel to “The Free Lunch Is Over”) concerning the turn to mainstream heterogeneous distributed computing and the end of Moores Law. Perceptive Software has now made the talk available online: Welcome to the Jungle In the [...]
Alan Turing Cryptanalysis Papers
GCHQ, the UK government's communications headquarters, has released two new -- well, 70 years old, but new to us -- cryptanalysis documents by Alan Turing. The papers, one entitled The Applications of Probability to Crypt, and the other entitled Paper on the Statistics of Repetitions, discuss mathematical approaches to code breaking. [...] According to the GCHQ mathematician, who identified himself...
Portable image formats
Subhash (apparently no surname) in Wien has been looking at the optical qualities of the Zuiko Digital ED 7-14mm f/4 wide angle lens, and he published some images processed from the raw image with Photoshop. There's clear chromatic aberration and probably other stuff that I didn't look at. So I asked him for the raw image with an intention to process it with DxO Optics "Pro" to see if it would do any better. But he didn't have the raw image any more. He had converted it to DNG format and discarded the original. And DxO wants to always be the first to touch a raw image, so I ended up with a now you see me, now you don't situation: It clearly displays the image at ...
Tab Trick
A person watching over my shoulder asked How are you switching around so fast? and I realized that while most readers here know this trick, some may not, and its awfully useful. In Chrome and Firefox on OS X, comand-1 takes you to your leftmost tab, command-2 to the next one over, and so on. (Except for, command-9 selects the rightmost; huh?) Also, in both Chrome and Firefox, you can right-click on a tab and pin it; which shrinks it down to just the favicon, and locks it in place. So the trick is, put the same heavily-used tabs in the same place, and leave them there forever.
PICC opening keynote: Bill Cheswick
The PICC committee is excited to announce our opening keynote speaker: Bill Cheswick, Security guru and co-author of "Firewalls and Internet Security" Topic: Rethinking Passwords "We've known that passwords have been inadequate for over thirty years and they have only gotten worse. Can we escape the varying 'eye-of-newt' password rules that plague everyone's online lives? Can we get grandma safely to the other side of the authentication street? I will review some of the many research ideas that have been proposed, and offer some suggestions toward getting us out of this thicket." DINNER will be provided to all attendees on Friday at 6pm; Bill's talk will begin after dinner (8pm).
Confessions of a Static Typing Bigot
I've been a strong typing bigot most of my (programming) life. Pehaps not too suprising for a guy whose favourite saying is "Every thing has it's place, and every place has it's thing." But, like some self-righteous character on a bad TV show whose comeuppance is thoroughly telegraphed, late at night I would sneak off, open up my text editor, and do some JavaScript programming. Sure, I felt guilty, but it was fun, and it didn't seem quite so much like work. But its not like I was ready to abandon strong typing either. There truly were situations in which is seemed helpful not only to me, but to the developers I worked with as well.
Confessions of a Static Typing Bigot
I've been a strong typing bigot most of my (programming) life. Pehaps not too suprising for a guy whose favourite saying is "Every thing has it's place, and every place has it's thing." But, like some self-righteous character on a bad TV show whose comeuppance is thoroughly telegraphed, late at night I would sneak off, open up my text editor, and do some JavaScript programming. Sure, I felt guilty, but it was fun, and it didn't seem quite so much like work. But its not like I was ready to abandon strong typing either. There truly were situations in which is seemed helpful not only to me, but to the developers I worked with as well.
Confessions of a Static Typing Bigot
I've been a strong typing bigot most of my (programming) life. Pehaps not too suprising for a guy whose favourite saying is "Every thing has it's place, and every place has it's thing." But, like some self-righteous character on a bad TV show whose comeuppance is thoroughly telegraphed, late at night I would sneak off, open up my text editor, and do some JavaScript programming. Sure, I felt guilty, but it was fun, and it didn't seem quite so much like work. But its not like I was ready to abandon strong typing either. There truly were situations in which is seemed helpful not only to me, but to the developers I worked with as well.
GotW #104: Smart Pointers, Part 2 (Difficulty: 5/10)
While spelunking through the code of a new project you recently joined, you find the following factory function declaration: JG Question 1. Whats wrong with this return type? Guru Questions 2. What is the recommended return type? Explain your answer, including any tradeoffs. 3. Youd like to actually change the return type to [...]
GotW #103: Solution
The solution to GotW #103 is now live. Filed under: C++, GotW
Still more photo processing
Yesterday I noted that my real HDR images looked washed out by comparison with the pseudo-HDR images generated by DxO Optics "Pro", so today I did a little more experimentation. To make the HDR images, I take sequences of three images exposed 1 EV apart (the maximum that the camera offers in exposure bracketing). I set manual exposure so that the least exposed image (nominally -1 EV) is roughly correctly exposed or 1/3 EV underexposed. The result images look like this: I don't use the middle image at all; it's ...
My privacy talk at Googles DatenDialog in Berlin
I gave a talk at Google's DatenDialog -- a privacy conference -- in Berlin some months ago, and they've posted the video.
eBooks in colour
By multiple coincidence, received this quarter's copy of c't Digitale Fotografie 2/2012 today, the focus is on HDR, and there are eBooks on the accompanying DVD, one of them written by Reinhard Wagner, the moderator of the Oly-E.de forums. So clearly I wanted to download it to the eBook reader. That wasn't as simple as it seems. The file on the DVD was a ZIP archive with a (presumed) Microsoft executable and a file in a format that neither file(1) nor my reader understood: === grog@dereel (/dev/pts/31) ~/Documentation/Photography 14 -> unzip -l phf.zip Archive: phf.zip Length Date Time Name --------- ---------- ----- ---- 98846170 02-27-2012 15:30 Profibuch-HDR-Fotografie-ct.dat 1843200 02-27-2012 15:30 Profibuch-HDR-Fotografie-ct.exe --------- ------- 100689370 ...
Friday Squid Blogging: Extracting Squid Ink
How to extract squid ink. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Technical Equity or Technical Debt: Stay Fit or Get Flabby
Technical Debt refers to aspects of a codebase are incomplete, defecient obsolete, or buggy. This can occur for many reasons: insufficient time, uncertainty, omissions, poor workmanship, or poor management. This is termed “debt” because it will take additional time and … Continue reading →
Technical Equity or Technical Debt: Stay Fit or Get Flabby
Technical debt refers to aspects of a codebase are incomplete, deficient, obsolete, or buggy. This can occur for many reasons: insufficient time, uncertainty, omissions, poor workmanship, or poor management. This is termed “debt” because it will take additional time and money to correct, update, or revise. Technical equity refers to aspects of a codebase that facilitate its [...]
Technical Equity or Technical Debt: Stay Fit or Get Flabby
Technical debt refers to aspects of a codebase are incomplete, deficient, obsolete, or buggy. This can occur for many reasons: insufficient time, uncertainty, omissions, poor workmanship, or poor management. This is termed “debt” because it will take additional time and money to correct, update, or revise. Technical equity refers to aspects of a codebase that facilitate its [...]
Technical Equity or Technical Debt: Stay Fit or Get Flabby
Technical debt refers to aspects of a codebase are incomplete, deficient, obsolete, or buggy. This can occur for many reasons: insufficient time, uncertainty, omissions, poor workmanship, or poor management. This is termed “debt” because it will take additional time and money to correct, update, or revise. Technical equity refers to aspects of a codebase that facilitate its […]
Sensor Kinetics Pictures
Recently Ive become interested in the sensors that live inside Android devices, and how to use them. It turns out that interacting with them is a little on the non-obvious side, as is interpreting the read-outs. So I drew some graphs. Co-ordinates The sensors put out x, y, and z numbers that are expressed in terms of the three obvious axes, like so. Accelerometer This gives you numbers that represent the acceleration (minus G, gravitation) on the three axes. The magnitude of the vector is thus 9.81 or so when the device is standing still, zero when its falling toward the hard cold ground.
Liars & Outliers Update
Liars & Outliers has been available for about two months, and is selling well both in hardcover and e-book formats. More importantly, I'm very pleased with the book's reception. The reviews I've gotten have been great, and I read a lot of tweets from people who have enjoyed the book. My goal was to give people new ways to think...
The internet needs a bill of rights
[first draft] Someone asked me about "The Internet Needs a New Pair of Pants" and I thought it would be a good chance to post some thoughts I've had. For the most part he's asking the wrong questions. Only #10 and #11 really matter. But first a quick tangent... We don't "store data" on the internet. You can 'store data' by putting it on a hard drive and then powering it off. That's easy. Anyone can do that. What you do on the internet (or "in the cloud") is you make data available (either to everyone, a restricted group, or just yourself).
Women in Advanced Computing (WiAC) Summit, June 12, 2012
Usenix is sponsoring the first Women in Advanced Computing (WiAC) Summit to run during Federated Conferences Week in Boston. WiAC will be all day June 12th, 2012. Carolyn Rowland and Nicole Forsgren Velasquez are co-chairs. Carolyn recently posted on G+ a request for ideas: What would make this a must-attend event? What topics should we cover in order to appeal to women of varying professions and backgrounds: researchers, to developers, sysadmins, IT managers, etc.? Carolyn wrote "We'd like this year to be the start of a recurring Usenix event that allows people who believe we need to support women in the computing professions to come together to share ideas, meet new people and get inspired."
TSA Behavioral Detection Statistics
Interesting data from the U.S. Government Accounting Office: But congressional auditors have questions about other efficiencies as well, like having 3,000 "behavior detection" officers assigned to question passengers. The officers sidetracked 50,000 passengers in 2010, resulting in the arrests of 300 passengers, the GAO found. None turned out to be terrorists. Yet in the same year, behavior detection teams apparently...
Steve Jobs on Programmers (via Brent Schlender)
Earlier this week, Brent Schlender published selected Steve Jobs quote highlights from his interview tape archives. Heres one about us: The difference between the best worker on computer hardware and the average may be 2 to 1, if you’re lucky. With automobiles, maybe 2 to 1. But in software, it’s at least 25 to 1. [...]
Do You Want to Help Build the Next AWS Service?
Over the past several years I?ve spent much of my time traveling around the world speaking about distributed systems. From building infinitely scalable data stores, architectures for high performance computing, to the challenges imposed by the CAP theorem, there are wonderful, complex, fascinating problems to be solved in the area of distributed computing.
The advantages of eBooks
Mail from Oliver Herold referring to yesterday's article about eBooks. It seems that good eBooksclearly not including the ALDI one I havehave E-ink displays, which are not reflective or backlit. And the Amazon Kindles are really not that much more expensiveUS $79 for the Kindle compared to AU $69 for the ALDI reader. The biggest price differential is the postage for the Kindle. But what do I really get? Yes, it has E-ink, which looks better and uses less power (something Oliver didn't mention). But it's only black and white. And the resolution is still this ridiculously low 167 ppi, less than that of a fax.
Books Both Ancient and Modern
I dont read lots of books; too busy with work and being a Dad/husband/homeowner/citizen. But theres always one on the go, and so they add up. Some are airplane-ride fluff, but not all. As a consequence I think about what it means for a novel to be modern; in particular because some recent highly-touted works have irritated me on account of their overly-self-conscious modernity. Among other things, its obvious that the term modern is strongly unrelated to the year of publication. Is Old Good? No. Just because I get mad at certain authors trying too hard to be modern doesnt mean that Im a worshiper at the temple of the classics.
Dance Moves As an Identifier
A burglar was identified by his dance moves, captured on security cameras: "The 16-year-old juvenile suspect is known for his 'swag,' or signature dance move," Heyse said, "and [he] does it in the hallways at school." Presumably, although the report doesn't make it clear, a classmate or teacher saw the video, recognized the distinctive swag and notified authorities. But is...
War on General Purpose Computing talk at U Westminster Law School/Guardian
Last month, I gave a version of my "War on General Purpose Computing" lecture to the University of Westminster Law School. The Guardian captured the talk on video and edited it for length, then posted it.
Smart Meter Hacks
Brian Krebs writes about smart meter hacks: But it appears that some of these meters are smarter than others in their ability to deter hackers and block unauthorized modifications. The FBI warns that insiders and individuals with only a moderate level of computer knowledge are likely able to compromise meters with low-cost tools and software readily available on the Internet....
Expanding the Cloud Introducing AWS Marketplace
Today Amazon Web Services launched AWS Marketplace, an online store that makes it easy for you to find, buy, and immediately start using software and services that run on the AWS Cloud. You can use AWS Marketplaces 1-Click deployment to quickly launch pre-configured software on your own Amazon EC2 instances and pay only for what you use, by the hour or month. AWS handles billing and payments, and software charges appear on your AWS bill. Marketplace has software listings from well-known vendors including 10gen, CA, Canonical, Couchbase, Check Point Software, IBM, Microsoft, SAP, Zend, and others, as well as many widely used open source offerings including Wordpress, Drupal, and MediaWiki.
Do You Want to Help Build the Next AWS Service?
Over the past several years Ive spent much of my time traveling around the world speaking about distributed systems. From building infinitely scalable data stores, architectures for high performance computing, to the challenges imposed by the CAP theorem, there are wonderful, complex, fascinating problems to be solved in the area of distributed computing. During my travels Ive met thousands of brilliant engineers who are leveraging the cloud to deliver exciting new products and revolutionize IT as we know it. One thing thats become obvious to me is that there are innovative, inspiring developers in every corner of the planet from Australia to Iceland and from Israel to Peru.
Dog collar instructions
Sent off a message to the seller of the dog collar I received yesterday, and got a couple of very quick responses. Sorry, the box is still the old one, and it says 200 m range, but never mind, it's really 800. And yes, here are the instructions: Yes, what they sent were exactly these JPEGs.
Expanding the Cloud ? Introducing AWS Marketplace
Today Amazon Web Services launched AWS Marketplace, an online store that makes it easy for you to find, buy, and immediately start using software and services that run on the AWS Cloud. You can use AWS Marketplace?s 1-Click deployment to quickly launch pre-configured software on your own Amazon EC2 instances and pay only for what you use, by the hour or month.
eBook readers: a solution or a problem?
On the radio this morning the announcer mentioned a Kindle, something of which Yvonne had never heard. I've never thought much of them myself, but by chance, today ALDI had an eBook reader in their specials, for $70. The great thing about ALDI is that you have 2 months to try the things out, after which you can return for your money back with no questions asked. So I asked her to buy one. The reader bears a striking resemblance to my GPS navigator: No data on it, of course, but that was OK: it handles PDF, and I could download data from the web.
GUIs: Computer interfaces for illiterates
I've often compared modern computer usage with illiteracy. Icons and mice and things don't require you to read, and current development is going in that direction. But I was still amused to see an article on Al Jazeera news. In Bangladesh being illiterate isn't necessarily a disadvantage when using computers: it can be an advantage. This company is hiring illiterate people to scan sensitive documents. Since they can't read, the data is safe(r).
Importing Microsoftt Excel
We need to set up mailing lists for the Friends of the Ballarat Botanical Gardens, notably one for the membership. Currently membership data are kept in a Microsoft Excel spreadsheet, arguably one of the worst tools for the job. So my plan is to import the spreadsheet into a MySQL database and maintain it there. Extracting the email addresses is then of course trivial. Spent most of the morning trying to work out how to import Excel into MySQL, not helped by the fact that I really, really don't get on with Microsoft at all well. As one of the documents I found told me, the first step is to save the spreadsheet in CSV format.
Hating iMovie
I took a movie of my son reading a story hed written, as part of a multimedia presentation for school. I shot it with my Pentax K-5 and the 50-135 F2.8, by candlelight (you can do things with modern SLRs that Kubrick had to have lenses custom-built for at huge expense). Well, and by candlelight I mean twenty or so tea-lights. When I pulled the AVIs into iMovie, the quality was ravishing, the firelight flickering on his creamy 12-year-old skin. When I exported the finished product, no matter how many times I twiddled the QuickTime and other export settings, it looked rather pretty, but omitted all the subtlety of tone and thus most of the beauty in what the camera had captured.
Password Security at Linode
Here's something good: We have implemented sophisticated brute force protection for Linode Manager user accounts that combines a time delay on failed attempts, forced single threading of log in attempts from a given remote address, and automatic tarpitting of requests from attackers. And this: Some of you may have noticed a few changes to the Linode Manger over the past...
Stolen Phone Database
This article talks about a database of stolen cell phone IDs that will be used to deny service. While I think this is a good idea, I don't know how much it would deter cell phone theft. As long as there are countries that don't implement blocking based on the IDs in the databases -- and surely there will always...
New dog collar: new low
Despite our previous bad experience, Yvonne continued to ask me to buy another remote-controlled dog collar for Nemo, so I finally ordered one on eBay with a claimed range of 800 m. Today it arrived: No instructions. Range stated on the box as 200 m, not 800. And a detached component that looks like a neon tube. Peter Jeremy confirmed, specifically that it's an NE-2.
Trello at UserVoice
The folks over at UserVoice are using Trello quite extensively throughout their development process. Founder Richard White describes it all in detail. Need to hire a really great programmer? Want a job that doesn't drive you crazy? Visit the Joel on Software Job Board: Great software jobs, great people.
Amazon Web Services
Most of the time I write about the challenges posed by scaling infrastructure. Today, though, I wanted mention some upcoming events that have to do with a different sort of scale. In Amazon Web Services we are tackling lots of really hairy challenges as we build out one the worlds largest cloud computing platforms. From data center design, to network architecture, to data persistence, to high-performance computing and beyond we have a virtually limitless set of problems needing to be solved. Over the coming years AWS will be blazing new trails in virtually every aspect of computing and infrastructure. In order to tackle these opportunities we are searching for innovative technologists to join the AWS team. In other words we need to scale our engineering staff. AWS has hundreds of open positions throughout the organization. Every single AWS team is hiring including EC2, S3, EBS, EMR, CloudFront, DynamoDB and even ...
Stevens Creek
When Im down here visiting the Plex I often stay at Hotel Zico; its comfy and attractive and inexpensive and central. It offers more or less nothing by way of food but I have breakfast at Google and dont eat at hotels otherwise anyhow. Its right at the intersection of 85 and 82 and thereby hangs a tale. I pulled into the parking lot earlier than usual on Monday and noticed that the parking lot had unusually high wire fences and behind them were lots of trees and other unattended greenery. The closer I looked, the weirder it got. There were trees and a valley with water at the bottom and I could even see a paved footpath; but (this is on El Camino just barely north of 85) no obvious way to get there; tall chain-link fances everywhere.
Forever-Day Bugs
That's a nice turn of phrase: Forever day is a play on "zero day," a phrase used to classify vulnerabilities that come under attack before the responsible manufacturer has issued a patch. Also called iDays, or "infinite days" by some researchers, forever days refer to bugs that never get fixed--even when they're acknowledged by the company that developed the software....
Open Source Tools for Model-Based Testing
To prepare for my upcoming panel session at QUEST, I’m creating an inventory of open source model-based testing tools. Here’s my preliminary list. If I’ve missed any or have an incorrect link, please post a comment with a correction. Developer … Continue reading →
Open Source Tools for Model-Based Testing
I discussed the following inventory of open source and free model-based testing tools in a recent QUEST panel session. After checking each tool, it is clear there’s wide variation in maturity, stability, and provisioning. I see five groups. Binaries: an installable available without source code. Fielded: a codebase that has an active user community using the tool for non-research work, at arms-length with [...]
Open Source Tools for Model-Based Testing
I discussed the following inventory of open source and free model-based testing tools in a recent QUEST panel session. After checking each tool, it is clear there’s wide variation in maturity, stability, and provisioning. I see five groups Binaries: an installable available without source code. Fielded: a codebase that has an active user community using the tool for non-research work, at arms-length with the developers. [...]
Why a pro-SOPA MPAA technologist changed sides and went to work for ISOC
My latest Guardian column is "Why did an MPAA executive join the Internet Society?" which digs into the backstory on the appointment of former MPAA CTO Paul Brigner as North American director of the copyright-reforming, pro-net-neutrality Network Society group, which manages the .ORG domain name registry. I asked Brigner whether his statements about DNS blocking … [Read more]
Outliers in Intelligence Analysis
From the CIA journal Studies in Intelligence: "Capturing the Potential of Outlier Ideas in the Intelligence Community." In war you will generally find that the enemy has at any time three courses of action open to him. Of those three, he will invariably choose the fourth. Helmuth Von Moltke With that quip, Von Moltke may have launched a spirited debate...
Trello at UserVoice
The folks over at UserVoice are using Trello quite extensively throughout their development process. Founder Richard White describes it all in detail.
My keynote to the Pirate Party General Assembly in Prague
I was in Prague last Saturday, giving an address to the General Assembly of Pirate Parties International. The video is on YouTube.
Opening Day
Ive written before about our Little Leagues opening day, but this is probably the last time; my 12-year-old son is graduating and my daughter shows no interest. This is Canadas oldest Little League, one of its biggest and still growing at that; follow that link to last years write-up if you care, or if you want to see more smile-provoking pictures of kids baseball festivities. An Opening-Day ceremony requires a band and a mascot, self-evidently. Everybody loves a parade. The kids parade out by divisions, and each division gets its own sign. Now theres a fine-looking piper. Each team gets to wave its hat once in the course of the ceremonies.
Hawley Channels His Inner Schneier
Kip Hawley wrote an essay for the Wall Street Journal on airport security. In it, he says so many sensible things that people have been forwarding it to me with comments like "did you ghostwrite this?" and "it looks like you won an argument" and "how did you convince him?" (Sadly, the essay was published in the Journal, which means...
Protecting your Facebook privacy at work isnt just about passwords
Here's a podcast of my last Guardian column, Protecting your Facebook privacy at work isn't just about passwords: Facebook has threatened to sue companies that force their employees to reveal their Facebook login details. As laudable as this is, I worry that it will fail to accomplish its primary objective protecting Facebook users from … [Read more]
How Information Warfare Changes Warfare
Really interesting paper on the moral and ethical implications of cyberwar, and the use of information technology in war (drones, for example): "Information Warfare: A Philosophical Perspective," by Mariarosaria Taddeo, Philosophy and Technology, 2012. Abstract: This paper focuses on Information Warfare -- the warfare characterised by the use of information and communication technologies. This is a fast growing phenomenon, which...
The new enblend
Finished my port of enblend version 4.0 today in time to use it for today's panorama processing. Surprise, surprise: no particular problems. In one case I got a crash: enblend: excessive overlap detected; remove one of the images enblend: info: remove invalid output image "00-05.tif" gmake: *** [00-05.tif] Error 1 This was the house-e image, where I had accidentally taken two identical photos. That's always been a problem, and the error message tells you what to do. But it's still surprising.
NiZn revisited
Yesterday's NiZn batteries charged overnight, sort of. After completion, they had voltages of 1.828 V (OK) and 1.295 V (definitely not OK). The batteries are in parallel in the mouse, so the defective one had presumably pulled the good one down. But that's the second defective battery in a batch of 4, and so far I've had difficulty getting the seller to replace them. Hopefully this isn't a sign of the reliability I should expect.
Panties for Sale!
For years, whenever I link to a book, I included my wifes Amazon Associates code; shed started in on that first, and it made sense to pool the family rewards. But Ive started using my own because its our family book-buying pool. This has some surprising side-effects. The way the Amazon program works is (Im guessing, but probably right) is by setting a short-lived cookie; as long as it stays alive, anything you buy while poking around Amazon sends rewards to whoever sent you over there. So when someone follows a link from here, I might get a commission from things other than the book I was discussing.
More NiZn woes
In the evening, had problems with teevee: the mouse stopped working. I'm continually having problems with USBso much so that I seldom mention thembut this one seemed not to want to go away. And then the LED in the mouse went out. Further investigation showed that the batteries (NiZn) had voltages of 1.275 and 0.936 V. The discharge value should be just under 1.6 V, and this isn't a heavy current user. What's wrong here? Defective batteries?
Friday Squid Blogging: Squid Fiction
Great short story in Nature. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
IPv6 is now the default
RFC 6540: IPv6 Support Required for All IP-Capable Nodes This new RFC basically says that vendors can no longer consider IPv6 as an optional feature. If you say it supports 'IP' you better include IPv6. The RFC specifically calls out these best practices: New IP implementations must support IPv6. Updates to current IP implementations should support IPv6. IPv6 support must be equivalent or better in quality and functionality when compared to IPv4 support in a new or updated IP implementation. New and updated IP networking implementations should support IPv4 and IPv6 coexistence (dual-stack), but must not require IPv4 for proper and complete function.
Me at RSA 2012
This is not a video of my talk at the RSA Conference earlier this year. This is a 16-minute version of that talk -- TED-like -- that the conference filmed the day after for the purpose of putting it on the Internet. Today's Internet threats are not technical; they're social and political. They aren't criminals, hackers, or terrorists. They're the...
Disguising Tor Traffic as Skype Video Calls
One of the problems with Tor traffic is that it can de detected and blocked. Here's SkypeMorph, a clever system that disguises Tor traffic as Skype video traffic. To prevent the Tor traffic from being recognized by anyone analyzing the network flow, SkypeMorph uses what's known as traffic shaping to convert Tor packets into User Datagram Protocol packets, as used...
Your computer has a Trojan
While playing around (painfully) with yesterday's breed standard documents, came across an interesting message: What's FBviewer.exe? Just some random file in my ~/Downloads directory, it seems. Potentially it is dangerous, and I just had it there (safely in FreeBSD) for examination. So I clicked Move to Vault, whatever that means, and it's now off dereel and (presumably) somewhere on braindeath, which is no safer for it.
Talk + panel online: (Not Your Fathers) C++ + Native Languages Panel
Last week at the Lang.NEXT 2012 conference in Redmond, I gave a 40-minute C++ talk and participated on a native languages panel. Both are now online at Channel 9. Heres the 40-min C++ talk, taken from the C9 site: (Not Your Fathers) C++ Herb Sutter What makes ISO C++11 "feel like a new language"? What [...]
OmniOS
MBP vs MBA
I recently upgraded to a recent 15" MacBook Pro (about to be superseded, if the Web rumor mill is correct). All the hip people, notably including my wife, are toting MacBook Airs these days; and yep, those sure are some slick little sex-bombs. But here are some reasons Id really have trouble switching from MBP to MBA. Its a real brick. This means someone like myself, who has big strong hands and touch-types very fast, can touch-type faster, because it doesnt wiggle around when you hit it. It has real speakers, which play something that sounds not entirely unlike real music.
Bomb Threats As a Denial-of-Service Attack
The University of Pittsburgh has been the recipient of 50 bomb threats in the past two months (over 30 during the last week). Each time, the university evacuates the threatened building, searches it top to bottom -- one of the threatened buildings is the 42-story Cathedral of Learning -- finds nothing, and eventually resumes classes. This seems to be nothing...
My Setup
The Setup is an awesome blog that posts of interviews with nerdy people that ask the same four questions: Who are you, and what do you do? What hardware are you using? And what software? What would be your dream setup? I really care about my setup so I am excited, and honored, that they just posted an interview with me! I answer questions about my setup often so I tried to be comprehensive with the hope that I will be able to point people to it in the future.
What languages are used to build what software?
I’ve been meaning to post a link to Vincent Lextrait’s nice (and actively maintained) catalog of what languages are used to build what modern and major mainstream software: The Programming Languages Beacon This table contains a list of major software products or utilities, with details about the programming languages used to implement them. Information on [...]
Brian Snow on Cybersecurity
Interesting video of Brian Snow speaking from last November. (Brian used to be the Technical Director of NSA's Information Assurance Directorate.) About a year and a half ago, I complained that his words were being used to sow cyber-fear. This talk -- about 30 minutes -- is a better reflection of what he really thinks....
ACBF, an open/free digital comics format
Robo Pastierovic has created Advanced Comic Book Format (ACBF), a free/open format for online comic books. ACBF has a lot of cool features: support for creator metadata; per-panel/page definitions; multiple text-layers for multiple languages; text formatting and style data; auto-indexing and more. The format is CC-BY-SA, and can be found on Launchpad, along with GPL'ed … [Read more]
Expanding the Cloud Introducing Amazon CloudSearch
Today Amazon Web Services is introducing Amazon CloudSearch, a new web service that brings the power of the Amazon.coms search technology to every developer. Amazon CloudSearch provides a fully-featured search engine that is easy to manage and scale. It offers full-text search with features like faceting and user-defined rank functions. And like most AWS services, Amazon CloudSearch scales automatically as your data and traffic grow, making it an easy choice for applications small to large. With Amazon CloudSearch, developers just create a Search Domain, upload data, and start querying. Why Search? Search is an essential part of many of today's cloud-centric applications.
"Raise the Crime Rate"
I read this a couple of months ago, and I'm still not sure what I think about it. It's definitely of the most thought-provoking essays I've read this year. According to government statistics, Americans are safer today than at any time in the last forty years. In 1990, there were 2,245 homicides in New York City. In 2010, there were...
A Heathrow Airport Story about Trousers
Usually I don't bother posting random stories about dumb or inconsistent airport security measures. But this one is particularly interesting: "Sir, your trousers." "Pardon?" "Sir, please take your trousers off." A pause. "No." "No?" The security official clearly was not expecting that response. He begins to look like he doesn't know what to do, bless him. "You have no power...
Revisiting the enblend port
Spent some time in the afternoon looking at the port of enblend. First I needed to get the information for downloading correct. The link on the web site included multiple redirections: === grog@dereel (/dev/pts/21) ~ 32 -> ftp http://sourceforge.net/projects/enblend/files/latest Requesting http://sourceforge.net/projects/enblend/files/latest Redirected to http://sourceforge.net/projects/enblend/files/latest/download Requesting http://sourceforge.net/projects/enblend/files/latest/download Redirected to http://downloads.sourceforge.net/project/enblend/enblend-enfuse/enblend-enfuse-4.0/enblend-enfuse-4.0.tar.gz?r=&ts=1334113120&use_mirror=internode Requesting http://downloads.sourceforge.net/project/enblend/enblend-enfuse/enblend-enfuse-4.0/enblend-enfuse-4.0.tar.gz?r=&ts=1334113120&use_mirror=internode Redirected to http://internode.dl.sourceforge.net/project/enblend/enblend-enfuse/enblend-enfuse-4.0/enblend-enfuse-4.0.tar.gz Requesting http://internode.dl.sourceforge.net/project/enblend/enblend-enfuse/enblend-enfuse-4.0/enblend-enfuse-4.0.tar.gz How do you extract a URL from that? The original URL has the disadvantage that it doesn't point at a specific tarball; next update will point elsewhere, and the checksum will no longer match.
Expanding the Cloud ? Introducing Amazon CloudSearch
Today Amazon Web Services is introducing Amazon CloudSearch, a new web service that brings the power of the Amazon.com?s search technology to every developer. Amazon CloudSearch provides a fully-featured search engine that is easy to manage and scale. It offers full-text search with features like faceting and user-defined rank functions. And like most AWS services, Amazon CloudSearch scales automatically as your data and traffic grow, making it an easy choice for applications small to large.
Meta Magic
I just finished Among Others by Jo Walton, enjoying it hugely. Not only am I pretty sure that some of you would like it too, I can predict who will and who wont. Predictions The novel concerns a young person whos mixed up in magic (believably and carefully) while fighting through the problems of adolescence in a dysfunctional but super-interesting family. Right away, some of you are thinking sounds interesting; the rest can stop reading right here. Next: if youre a bookish kind of person who as a kid read everything in sight; to whom books were and are important, the chances are very high that this is for you.
Teenagers and Privacy
Good article debunking the myth that young people don't care about privacy on the Intenet. Most kids are well aware of risks, and make "fairly sophisticated" decisions about privacy settings based on advice and information from their parents, teachers, and friends. They differentiate between people they don't know out in the world (distant strangers) and those they don't know in...
The new enblend
The most obvious real problem with my panorama stitching on Saturday was that the version of enblend was version 3.1, years out of date. The ChangeLog gives a date of 13 March 2008, over 4 years ago. Since then there has been a revision 3.2, and on 13 December 2009 version 4.0 was releasedwith documentation!if you can work out how to get it. It includes a 70 page detailed description and a number of articles I haven't looked at yet. It's been a while since I last built a FreeBSD port, and somehow the ground rules seem to have changed. Finally fetched the tarball and started trying a new port.
Laptops and the TSA
The New York Times tries to make sense of the TSA's policies on computers. Why do you have to take your tiny laptop out of your bag, but not your iPad? Their conclusion: security theater....
Hugin crash: solved?
When you get an obscure error message, Google is your friend. In this case the message I got yesterday was Mask is entirely black, but white image was not identified as redundant.. And the search pointed me to the Hugin FAQ, which tells me: Try to use the additional enblend parameter "--fine-mask" to get rid of the error. Note (Jan 2010): This should be fixed in the latest enblend 4.0 release. So I checked: yes, though I'm using a very recent Hugin, my enblend (which proves to be a separate port) is still version 3.1.
PTGui revisited
Despite all my attempts yesterday, I didn't manage to stitch one variant of my verandah panorama with Hugin. Is this the panorama or Hugin? By chance, on the German Olympus forum there was a discussion thread about stitching software. Karl Grabherr uses PTGui, which is closely related to Hugin. But it costs money, and he justifies that with the claim that it's much faster than Hugin. That's a valid reason. But then Dieter Bethke, who also uses it, states that he particularly likes the spherical panorama preview. That's presumably the panosphere in the Hugin fast panorama preview window. Presumably it hadn't been added when Dieter last looked at Hugin.
On Privacy
Recently, my employer announced that Android app developers pages come with a place to link to their privacy policy. This is such an obviously, painfully good idea; I cant pass up the opportunity for a short lecture on Why You Should Care and What You Should Do. Like it says in the sidebar, Im not speaking for Google, but I can report that Google is full of people who think about privacy and worry about it and talk about it all the time. I think mobile app developers should think and worry and talk just the same. Things I believe about privacy: It Matters to You There may be a few apps out there that raise exactly zero privacy concerns, but yours probably isnt one of them.
Tom speaking at LILUG (Long Island) on Tuesday about Ganeti and virtualization
I'll be the guest speaker at LILUG this week. If you've never been to LILUG and live in Long Island this is a great time to check out this great Linux Users Group! I'll be giving a talk about the Ganeti open source project. Ganeti is a system that manages clusters of virtual machines. In my demo I'll build a cluster right in front of everyone and show off some of its features. If you use Xen or KVM virtual machines, Ganeti will help you do it easier, cheaper and more reliably. Tuesday, April 10th @ 8:00pm at the Woodbury Campus of Cold Spring Harbor Lab, in the Woodbury Auditorium.
We want await! A C# talk thats applicable to C++
A nice talk by Mads Torgersen just went live on Channel 9 about C#s non-blocking Task<T>.ContinueWith() library feature and await language feature, which are a big hit in C# (and Visual Basic) for writing highly concurrent code that looks pretty much just like sequential code. Mads is one of the designers of await. If youre [...]
The joys of multimedia
Good Friday today, so I decided to listen to Bach's St. John Passion. I didn't already have it on disk, so I had to read it in from CD. That's a job for grip. Put the CD in the drive, started up grip, and read: Did a bit of checking there, but found nothing obvious. In particular I had the correct CD-ROM device, and it seems to work. Never mind, I had done this before with iTunes, and I had more or less worked round its myriad irritations.
The Of Course Principle of Design
Nicely put: Most companies (including web startups), he said, are looking to wow with their products, when in reality what they should be looking for is an of course reaction from their users. Simple and obvious beats flashy. So many great designs are obvious in retrospect. Hat tip to John Gruber. Filed under: Friday Thoughts
Friday Squid Blogging: Squid Art
Happy Easter. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Two Botanicals
It was a sort-of holiday (Easter day off in Canada, but not for Google US) which meant I was juggling childcare and OAuth-related meetings and MySQL issues. By child-care I mean going out on a walk where the kid has a bike and I have a camera. Vancouver has a kazillion ornamental flowering fruit trees, and theyre just getting into their stride. Theyre a treat for the eye but dont (in my experience, contain too many good photos. This is sort of an accident, I was zeroing in on some sunlit blossoms and trying different focus ranges, and what this picked up was more interesting than the flowers.
A Systems Framework for Catastrophic Disaster Response
The National Academies Press has published Crisis Standards of Care: A Systems Framework for Catastrophic Disaster Response. When a nation or region prepares for public health emergencies such as a pandemic influenza, a large-scale earthquake, or any major disaster scenario in which the health system may be destroyed or stressed to its limits, it is important to describe how standards...
Customer Conversations - How Intuit and Edmodo Innovate using Amazon RDS
From tax preparation to safe social networks, Amazon RDS brings new and innovative applications to the cloud Empowering innovation is at the heart of everything we do at Amazon Web Services (AWS). I often get to meet, discuss, and learn from innovators how they are using AWS to deliver transformative applications to their users, customers and partners. Often we think about innovation as doing 'new things' or based on revolutionary new technologies such as DynamoDB, but it is more important to ensure that one can also innovate based on existing paradigms. One of the services that is very successful in driving innovation at our customers in this context is Amazon RDS, the Relational Database Service.
James Randi on Magicians and the Security Mindset
Okay, so he doesn't use that term. But he explains how a magician's inherent ability to detect deception can be useful to science. We can't make magicians out of scientists -- we wouldn't want to -- but we can help scientists "think in the groove" -- think like a magician. And we should. We are not scientists with a...
Customer Conversations - How Intuit and Edmodo Innovate using Amazon RDS
From tax preparation to safe social networks, Amazon RDS brings new and innovative applications to the cloud Empowering innovation is at the heart of everything we do at Amazon Web Services (AWS). I often get to meet, discuss, and learn from innovators how they are using AWS to deliver transformative applications to their users, customers and partners.
You have too many computers!
Received an online survey today, asking me about what technical equipment I had. They clearly weren't prepared for the answer: I wonder how people come to these restrictive ideas.
Scanner software: Microsoft 1, Apple -3
After yet another abortive attempt to reinstall my Epson scanner software on boskoop, I gave up. No error messages, everything that could conceivably be replaced had been replaced, but the application just started and stopped without any message. This is just too much pain. But I have this Microsoft box on loan from Chris Yeardley, so tried installing on that. Surprise, surprise: it went very smoothly, and much faster. That could be due in part to the faster machine, but there were also fewer repetitive stops (do you accept the license conditions for the documentation? do you really want to install the documentation? Please enter your password several times over).
Apple network nonsense: the explanation
Mail from Jashank Jeremy today explaining Apple's stupid .local pseudodomain. It seems that it's related to mDNS, a kind of pseudo-DNS used for the local network when no real DNS is available. And yes, from boskoop it works: === grog@boskoop (/dev/ttyp3) ~ 1 -> ping -c 1 boskoop.local PING boskoop.local (192.109.197.163): 56 data bytes 64 bytes from 192.109.197.163: icmp_seq=0 ttl=64 time=0.135 ms --- boskoop.local ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.135/0.135/0.135/nan ms And netstat shows (inter alia) a listen on mdns: === grog@boskoop (/dev/ttyp3) ~ 2 -> netstat -afinet udp4 0 0 *.mdns *.* I had expected something ...
OH Man!
Since installing a whiteboard in our kitchen, conversations at the Acetarium have been moving in new and interesting directions. For example, Mika and I recently noticed that, when rotated correctly, the skeletal formula for 2,3-dimethyl-2-butanol looks pretty friendly!
Mac users: update NOW
"More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that's being installed on people's computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday."Fast-growing Flashback Botnet Includes Over 600,000 Macs, Malware Experts Say Technical details here: New Flashback Variant Changes Tack to Infect Macs This is serious, folks. Run your "Software Update" now and reboot. Help your non-technical friends do it too.
Reader Q&A: What does it mean for [[attributes]] to affect language semantics?
Followup on this earlier question, @bilbothegravatar asked: @Alf, @Herb I dont quite get the [[noreturn]] example. While it may (not) compile on VC++, (as far as I understand) it does not carry any semantic meaning, and, whats more, it is *perfectly* safe for any compiler that sees [[noreturn]] to just ignore it the [...]
USENIX Announces New Executive Directors: Anne and Casey!
This week the USENIX Board announced that Anne Dickison and Casey Henderson have been appointed USENIX Co-Executive Directors effective April 2, 2012. Anne and Casey have been with the Association since 2003 and 2002 respectively. Previous to their new appointments Anne was the USENIX Marketing Director and Casey was the Information Systems Director. If you've been at a USENIX conference since 2002 you've probably met them or seen them in the registration area. It was a delight to work with both of them when I co-chaired LISA '11 last year. Anne's super-power was not freaking out when I was and Casey's super-power was not being annoyed by my constant flood of technical requests.
Helen Nussenbaum, Privacy, and the Federal Trade Commission
Good article....
JetBlue Captain Clayton Osbon and Resilient Security
This is the most intelligent thing I've read about the JetBlue incident where a pilot had a mental breakdown in the cockpit: For decades, public safety officials and those who fund them have focused on training and equipment that has a dual-use function for any hazard that may come our way. The post-9/11 focus on terrorism, with all the gizmos...
Advice to writers
Jon Winokur, editor of the stupendous Portable Curmudgeon books, asked me to contribute to his latest project, "Advice to Writers," so I did.
Port upgrade pain, continued
Spent some time investigating the causes of the ports problems I've been happening. Surprise, surprise: my fault. It's been years since I set up my CVS update scripts, and they work. But they include a cvsup run, so I didn't use them on defake because I was checking out of the repository on dereel. And when running cvs I forgot the options. As a result I didn't get the new /usr/ports/security/gnutls/files/ directory, which contained the kludges used to rename the shared library. After a checkout with the correct options, all was well. Well. Almost. Comparing with Peter Jeremy's source tree showed something interesting: groggy: -rw-r--r-- 1 root lemis 1910 Apr 2 10:43 Makefile peter: -rw-r--r-- 1 root wheel 1981 27 Mar 00:32 Makefile Clearly his is bigger than mine.
My question for LOPSA board candidates
"I'd like to know about your experience with community-based projects. Please tell us about a project that you took responsibility for seeing through to completion (i.e. did most of the work). Please, only projects that are "done" or have reached a self-sustaining mode only. One or two sentences is fine. It doesn't have to be a project where you thought of the idea, just one where you assured it reached the finish line." I look forward to hearing their answers.
Bay Aerials
Its what you do when you fly into San Francisco; you take pictures out the airplane window, because the city is photogenic. And those of us in the tech business fly in a lot. Plus, I got a new computer and should say a few words about how it works as a blogging photographers platform. But first, the pictures. I got a sort of a natural zoom as the plane came in from the north. I bet there are a few people reading this who can find their homes or offices on one of these photos. The Computer I recently asked the world which computer to get, and everyone said Wait, because there are cool new ones coming but they also said that what really mattered was memory.
The Battle for Internet Governance
Good article on the current battle for Internet governance: The War for the Internet was inevitable -- a time bomb built into its creation. The war grows out of tensions that came to a head as the Internet grew to serve populations far beyond those for which it was designed. Originally built to supplement the analog interactions among American soldiers...
Lost Smart Phones and Human Nature
Symantec deliberately "lost" a bunch of smart phones with tracking software on them, just to see what would happen: Some 43 percent of finders clicked on an app labeled "online banking." And 53 percent clicked on a filed named "HR salaries." A file named "saved passwords" was opened by 57 percent of finders. Social networking tools and personal e-mail were...
See you at CrabbyAdmins on Wednesday! (April 4)
The Baltimore/DC chapter of LOPSA is called CrabbyAdmins (a reference to the crab industry in the Chesapeake bay). I'll be speaking there on Wednesday night about the Ganeti open source project. This meeting will be in Columbia, MD, hosted at Next Century (across the street from OmniTI). It will run from 7pm-9pm. If you are interested in inexpensive virtualization or just live in the area and want to meet your local sysadmin community (or me!), please stop by! Full info and directions here: http://bit.ly/HfiVNE Tom
System naming, Apple style
In passing, discovered that after reinstallation boskoop has decided to call itself greg-leheys-power-mac-g4-agp-graphics, which appeared at the top of the windows and also in log messages. How do you change that? Went looking and found nowhere obvious. Clearly I was looking in the wrong place: it should have been Network/Sharing. It's not clear why, since I don't share anything, and my concerns are in log messages and local windows, but clearly that's the Apple Way. So I went in there and found: OK, that's clear enough.
Apple software installation: so easy
These problems with FreeBSD ports are in stark contrast with the relative ease with which I reinstalled my Apple a couple of weeks ago. But as I said at the time, That's not an indication of the relative ease of installing MacOS X and FreeBSD, though: I do almost nothing on the Apple, so there's not much work. Today I wanted to scan some documents. I hadn't reinstalled the scanner software, just copied the directories in /Applications from the backups. Started up the scanner Application.
More ports build pain
Spent some time looking at yesterday's update disaster today. There were a number of issues: giflib refused to build: ===> mencoder-1.0.r20111218_1 depends on shared library: gif.5 - not found ===> Verifying install for gif.5 in /usr/ports/graphics/giflib ===> giflib-4.1.6 conflicts with installed package(s): libungif-4.1.4_5 They install files into the same place. A number of packages depended on this one and failed as a result: === root@defake (/dev/pts/1) /var/db/pkg 3 -> pkg_delete libungif-4.1.4_5/ pkg_delete: package 'libungif-4.1.4_5' is required by these other packages and may not be deinstalled: emacs-23.3_6,2 mencoder-1.0.r20110329_4 mplayer-1.0.r20110329_3 Arguably portupgrade should be able to deal with this one, particularly since one of the dependencies was mencoder.
Reader Q&A:
Motti asked: While youre dealing with readers Qs&. In your keynote in Going Native you mentioned that type inference should almost always be used, except for some obscure cases with expression templates. Yes. To give people context, the idea is when declaring local variables, prefer to use auto to deduce the type. For example: This [...]
Law Enforcement Forensics Tools Against Smart Phones
Turns out the password can be easily bypassed: XRY works by first jailbreaking the handset. According to Micro Systemation, no backdoors created by Apple used, but instead it makes use of security flaws in the operating system the same way that regular jailbreakers do. Once the iPhone has been jailbroken, the tool then goes on to brute-force the passcode, trying...
Computer Forensics: An Example
Paul Ceglia's lawsuit against Facebook is fascinating, but that's not the point of this blog post. As part of the case, there are allegations that documents and e-mails have been electronically forged. I found this story about the forensics done on Ceglia's computer to be interesting....
Reader Q&A: When will better JITs save managed code?
In the comments on last weeks interview, MichaelTK asked: @Herb: You mentioned two things I dont fully understand in your talk. 1) Why would C++ be a better choice for very large scale applications than NET/Java? I mean the zero abstraction penalty (which is more a JIT compiler issue and not intrinsically hardwired into C#) [...]
Reader Q&A: Keywords and Attributes
Referring to C++ AMP, a reader emailed me to ask: Are you going to replace restrict keyword with new C++11 attribute feature [[]] ? No, because restrict is a language feature and [[attributes]] are specifically designed to be ignorable and shouldnt be used for things having language semantic meaning. During the ISO C++11 process, I [...]
Updating ports: back to portupgrade
I'm still dragging my heels on cutting across to the 64 bit version of FreeBSD. One of the reasons is the concern about getting everything to work properly. At least I should be able to update my ports with less pain than I've been experiencing. Yesterday I upgraded the system itselfthat went without any problems. Today I tried, once again, to upgrade the ports (765 of them, including dependent ports). I've been using portmaster recently, and I've always had trouble. The trouble may not be portmasters fault, but the habit it has of stopping on any error, and on insisting on input in the middle of the build, makes it very irritating.
Nocturnes
Three darkish photos taken on a Vancouver Sunday evening. This one is sort of deceiving; the sun was setting outside the restaurant, casting fragments of dazzle at the other end of the long narrow room, which was quite adequately lit. When I first brought this up on the computer screen, it was black with just a touch of light here and there; its an OK photo made usable by the remarkable capabilities of todays photo-support software, in this case Lightroom 4. This is perhaps the canonical example of a picture that depends radically on the use of raw capture as opposed to jpeg.
A Whip to Beat Us With
Here's a podcast of my last Publishers Weekly column, A Whip to Beat Us With: Jim C. Hiness e-books are marketed both through a big publisher and solo. The books that were re-priced by Amazon were his solo titlesunagented, and unrepresented by a major publisher. As an individual, Jim has no leverage over Amazon. Not … [Read more]
Buying Exploits on the Grey Market
This article talks about legitimate companies buying zero-day exploits, including the fact that "an undisclosed U.S. government contractor recently paid $250,000 for an iOS exploit." The price goes up if the hack is exclusive, works on the latest version of the software, and is unknown to the developer of that particular software. Also, more popular software results in a higher...
How DRM weakens publishers negotiating leverage with retailers
My latest Publishers Weekly column is "A Whip to Beat Us With," which describes how publishers who allow retailers to add DRM to their products hand those retailers a commercial advantage to exercise over the publishers themselves. Jim C. Hiness e-books are marketed both through a big publisher and solo. The books that were re-priced … [Read more]
NBN tower objections
There's more discussion going on about the NBN tower. Scott Weston has found the decisions of previous VCAT hearings, notably a complaint about the the tower built in Haddon, Victoria a couple of years ago. Like all such cases, the objections were dismissed, which in this case is interesting, because the applicant lived next door to where the tower was built, only 250 metres from the tower (as close as I can judge), and with a bit of effort she can see the tower from her house. By contrast, the objectors to the Dereel tower live 640 metres from the site (Elaine J.