Blog Archive: July 2012

CL XX: Marine Vessels

Posted By Tim Bray

Im not really a Boat Person. But a quiet pleasure of Cottage Life is sitting on the deck with a long lens catching whatever comes by, and sometimes what comes by is beautiful boats. This sailboat had two masts and two jibs which means four sails, and was dancing back and forth across Howe Sound, its crew clearly inhabiting the winds intention. On the other hand, this ones entirely industrial, purposeful; out there to catch your dinner, not for fun. Still, its geometries charm. Eventually, they came together and crossed the sunsets track. And I think to myself..

Fake Irises Fool Scanners

Posted By Bruce Schneier

We already know you can wear fake irises to fool a scanner into thinking you're not you, but this is the first fake iris you can use for impersonation: to fool a scanner into thinking you're someone else....

Stross and Doctorow on the road: the Rapture of the Nerds tour in Lexington, Brooklyn, Brookline, Rochester

Posted By Cory Doctorow

Charlie Stross and I are hitting the road this September 5-9 for a mini, post-Burning Man, post-WorldCon book-tour for our collaborative comic novel of the Singularity called Rapture of the Nerds. We're coming to Lexington, KY; Brooklyn, NY (a stop at MakerBot's BotCave, where there will be a very special surprise!), Brookline, MA, and Rochester, … [Read more]

Hacking Tool Disguised as a Power Strip

Posted By Bruce Schneier

This is impressive: The device has Bluetooth and Wi-Fi adapters, a cellular connection, dual Ethernet ports, and hacking and remote access tools that let security professionals test the network and call home to be remotely controlled via the cellular network. The device comes with easy-to-use scripts that cause it to boot up and then phone home for instructions. A "text-to-bash"...

Fear-Mongering at TED

Posted By Bruce Schneier

This TED talk trots out the usual fear-mongering that technology leads to terrorism. The facts are basically correct, but there are no counterbalancing facts, and the conclusions all one-sided. I'm not impressed with the speaker's crowdsourcing solution, either. Sure, crowdsourcing is a great tool for a lot of problems, but it's not the single thing that's going to protect us...

Late-Breaking C&B Session: A Special Announcement

Posted By Herb Sutter

At the end of the Monday afternoon session, I will be making a special announcement related to Standard C++ on all platforms. Be there to hear the details, and to receive an extra perk thats being reserved for C&B 2012 attendees only. Note: We sometimes record sessions and make them freely available online via Channel [...]

Detroit Bomb Threats

Posted By Bruce Schneier

There have been a few hoax bomb threats in Detroit recently (Windsor tunnel, US-Canada bridge, Tiger Stadium). The good news is that police learned; during the third one, they didn't close down the threatened location....

Bad time to track -CURRENT

Posted By Greg Lehey

For various reasons I still hadn't got swamp, my FreeBSD 10-CURRENT box, up to date. Today I finally managed it. Booted and got... panic: _mtx_lock_sleep: recursed on non-recursive mutex em0 @ /src/FreeBSD/svn/head/sys/dev/e1000/if_lem.c:881 And for some reason kgdb can't read the dump properly: Reading symbols from /boot/kernel/linux.ko...Reading symbols from /boot/kernel/linux.ko.symbols...done. done. Loaded symbols for /boot/kernel/linux.ko kgdb: kvm_read: invalid address (0x354540a) #0  0x00000000 in ?? () (kgdb) bt #0  0x00000000 in ?? () (kgdb) That should have given me a backtrace of the process that paniced.

CL XIX: I Made a Table

Posted By Tim Bray

You can read the back story in a 2010 Cottage Life piece. And yes, Ive been working on this thing for two years. This weekend we sat round it to eat, finally. The supporting structure came out interesting. I put ten coats of varnish on the top; its going to spend some time out int he rain. I think it looks nice, and its friendly and welcoming to sit at. My only real regret is having made it only six feet long; more would be better. There were some errors, but the effects are cosmetic not structural; its solid as a rock.

X still hanging

Posted By Greg Lehey

You can never prove the absence of a bug, right, just the presence? I had been wondering how to decide whether the recent changes to my X configuration fixed the hangs that I have been having. Now I have proof, unfortunately: it happened again today, not once, but twice. How do I debug this kind of problem?

On the Deadness of OAuth 2

Posted By Tim Bray

Wow, did Eran Hammer ever go off. His noisy slamming of the OAuth 2 door behind him has become a news story. I have opinions too. First of all, if you read his (long-ish) piece, you pretty much owe it to yourself to read the (very long) comments too. Second: Im kind of a n00b here. Im a crypto cretin, a PKI peasant, an attribute-exchange airhead, and have been known to confuse authentication with authorization. Having said that: Ive spent a lot of time, the last few months, getting to grips with real actual OAuth 2 software, and Ive learned over the years that when youre in the process of first using a new technology, thats a good time to write about it.

Back-to-Basics Weekend Reading - On Systems Simplicity

Posted By Werner Vogels

This weekend's reading departs a bit from the more academic papers of the past weeks. They are two classics that deal with great observations about the tensions between simplicity and complexity in building systems. The first paper is the 1980 Turing Lecture delivered by Tony Hoare, "The Emporers Old Clothes". He had received the Turing Award for his contributions to the fundamentals of programming languages, although for me some of his most influential work, communication sequential processes, still had to happen. In his lecture prof. Hoare, in the superb way of great story tellers, has many observations about programmers, program languages and systems building.

VirtualBox hangs and phantom processes

Posted By Greg Lehey

The make buildworld I started last night on swamp, one of my virtual machines, still hadn't finished this morning. It proved that the machine had hung. On further investigation, it wasn't the virtual machine itself but the host environment. I had to shoot down the entire VirtualBox system and restart. And then it happened again some hours later! What's wrong here? And how do I debug it? That wasn't the only strangeness I had today. Last night's backup failed because the backup disk was already mounted. But why? Tried umounting it, but something had it open: === root@eureka (/dev/pts/11) ~ 123 -> umount /backups/ umount: unmount of /backups failed: Device busy === root@eureka (/dev/pts/11) ~ 124 -> lsof /backups/ lsof: WARNING: compiled for FreeBSD release 8.3-PRERELEASE; this is 9.0-STABLE.

Friday Squid Blogging: Tentacle Doorstop

Posted By Bruce Schneier

Now this is neat. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Back-to-Basics Weekend Reading - On Systems Simplicity

Posted By Werner Vogels

This weekend’s reading departs a bit from the more academic papers of the past weeks. They are two classics that deal with great observations about the tensions between simplicity and complexity in building systems. The first paper is the 1980 Turing Lecture delivered by Tony Hoare, “The Emporers Old Clothes”. He had received the Turing Award for his contributions to the fundamentals of programming languages, although for me some of his most influential work, communication sequential processes, still had to happen.

Liars and Outliers Summed Up in Two Comic Strips

Posted By Bruce Schneier

I don't know the context, but these strips sum up my latest book nicely....

Who Spun the Web?

Posted By Robert V. Binder

Gordon Crovitz’s Wall Street Journal editorial “Who Really Invented the Internet?” (July 23, 2012) generated a lot blowback owing to factual errors in his recounting of how certain network technologies were developed. As he used this story to support a broader case for limited government, the responses were often vituperative. Although Crovitz was wrong on some of [...]

Who Spun the Web?

Posted By Robert V. Binder

Gordon Crovitz’s Wall Street Journal editorial “Who Really Invented the Internet?” (July 23, 2012) generated a lot of blowback owing to factual errors in his recounting of how certain network technologies were developed. As he used this story to support a broader case for limited government, the responses were often vituperative. Although Crovitz was wrong on some [...]

Criminals Using Commercial Spamflooding Services

Posted By Bruce Schneier

Cybercriminals are using commercial spamflooding services to distract their victims during key moments of a cyberattack. Clever, but in retrospect kind of obvious....

Dear Mom And Dad

Posted By Tom Limoncelli

Dear Mom And Dad, Many times I've tried to explain to you what I do for a living. " Computer system administrator" or "sysadmin" is a career that is difficult to explain and I'm sure my attempts have left you even more confused. I have good news. Oxford University Press has just published a book by 4 scientists who video taped sysadmins doing their job, analysed what they do, and explains it to the non-computer person. They do it by telling compelling stories of sysadmins at work plus they give interesting analysis with great insight. Why did they do this? Because businesses depend on technology more and more and that means they depend on sysadmins more and more.

Sysadmin Appreciate Day

Posted By Tom Limoncelli

Happy Sysadmin Appreciation Day. Whether you keep desktops running, LOLcats broadcasting, payrolling systems paying, or blogs blogging, or any of the myriad things sysadmins do, keep doing it with integrity, grace, patience, and love. The more the world depends on computers for everything from the water we drink to the food we eat, system administration (or system engineering, or devops, or networking engineering, or storage engineering, or whatever you call yourself) is one of the most important jobs in the world. And the greatest. Appreciate that!

Reviving FreeBSD build boxen

Posted By Greg Lehey

It's about time I committed some changes to FreeBSD, and as a prerequisite for that I need a separate build box. In the good old days I used old computers, but now we have virtual machines, and some time ago I created a few of them. I use them happily enough for Microsoft, but for some reason all three of my FreeBSD boxen wouldn't boot. The problems were only marginally related. swamp came up, but I couldn't log in. When I tried, I got the message: login: root pam_nologin.so: no pam_sm_authenticate() pam_sm_authenticate(): unexpected return value 4 Login incorrect login: What's that?

Posted By Tim Bray

User Innovation on NPR Radio

Posted By Benjamin Mako Hill

I was invited onto NPR in Boston this week for a segment on user innovation alongside Eric von Hippel (my advisor at MIT) and Carliss Baldwin from Harvard Business School. I talked about innovation that has happened on the CHDK platform -- a cool firmware hack for Canon cameras example I use in some of my teaching -- plus a little bit about free software, the democratization of development and design tools, and a little bit about user communities that LEGO has cultivated. I would have liked the conversation and terminology to do more to emphasize user freedom and free software, but I'm otherwise pretty happy with the result.

Police Sting Operation Yields No Mobile Phone Thefts

Posted By Bruce Schneier

Police in Hastings, in the UK, outfitted mobile phones with tracking devices and left them in bars and restaurants, hoping to catch mobile phone thieves in the act. But no one stole them: Nine premises were visited in total and officers were delighted that not one of the bait phones was 'stolen'. In fact, on nearly every occasion good hearted...

Optus outage didn't just hit me

Posted By Greg Lehey

Peter Jeremy pointed me at a newpaper article today: it seems I wasn't the only person hit by the network outage. They don't go into great detail, but the fact that it affected mainly postpaid customers suggests that it's something to do with authentication, which fits my problem description. The negotiation died just at the point where I should have received an IP address. Looking at what I got for the previous connection, I see: Jul 19 14:48:42 cojones ppp[89600]: tun0: IPCP: myaddr 121.44.75.9 hisaddr = 10.1.0.1 Looking at the reverse DNS, I see: 9.75.44.121.in-addr.arpa domain name pointer ppp121-44-75-9.lns20.syd6.internode.on.net.

Making Handcuff Keys with 3D Printers

Posted By Bruce Schneier

Handcuffs pose a particular key management problem. Officers need to be able to unlock handcuffs locked by another officer, so they're all designed to be opened by a standard set of keys. This system only works if the bad guys can't get a copy of the key, and modern handcuff manufacturers go out of their way to make it hard...

More upgrade pain

Posted By Greg Lehey

More playing around with FreeBSD inside VirtualBox today. Upgraded the virtual defake to the latest 9.1-BETA kernel and... it wouldn't boot. They've recently done a dirty trick and changed the name of the disk driver, so the boot disk became /dev/ada0 instead of /dev/ad0. The loader had no difficulty loading the kernel, but then the entries in /etc/fstab were wrong, and the root mount failed. That's OK: the loader enables you to tell it where the root file system is: mountroot> ufs:/dev/ada0s1a But that didn't work: Trying to mount root from ufs:/dev/ada0s1a []...

Interpreting Sipura dial plans

Posted By Greg Lehey

Calling Internode involved a small problem: I was downloading a CD image, and couldn't use VoIP. How do I get an outside line with the dial plan that I got for my SPA 3000 from MyNetFone? It reads: (*xx.|000S0<:@gw0>|121S0|151S0|181S0|[2-9]xxxxxxxS0|0[23478]xxxxxxxxS0|0011xxx.|1800xxxxxxS0<:@gw0>|1300xxxxxxS0|13[1-9]xxxS0|<#0,:>xxx.<:@gw0>|xxx.) And of course, there's very little help interpreting what this means, not even in the documentation. I have a link to a Dial Plan Parser, but it didn't help very much.

More network pain

Posted By Greg Lehey

Last night, just before going to bed, our network connection dropped. This happens from time to time, but this time it was different. The (wireless) link was reestablished, at least part of the authentication succeeded, but then... nothing. I couldn't be bothered last night, and hoped that it would clear up by the morning. It didn't. But when I restarted the ppp process, it came up immediately. So some error that ppp didn't think worth retrying. Reading ppp.log is a real pain. It's verbose and repetitive, and the meaning of some of the messages is really difficult to interpret. But now I have a log of the failure and a log of a successful connection, so I can compare them.

Implicit Passwords

Posted By Bruce Schneier

This is a really interesting research paper (article here) on implicit passwords: something your unconscious mind remembers but your conscious mind doesn't know. The Slashdot post is a nice summary: A cross-disciplinary team of US neuroscientists and cryptographers have developed a password/passkey system that removes the weakest link in any security system: the human user. It's ingenious: The system still...

X and backups

Posted By Greg Lehey

I back up my machines religiously every night using a cron job. And I at least skim the output every morning to ensure that nothing went wrong. Or so I thought. Today, with the help of my X loop bug, I managed to blow apart a virtual machine disk. A clear case for restoring the disk from backups. And then I discovered my backups hadn't run for about 2 weeks. No messages in /var/log/cron. Entry in /etc/crontab OK. And you don't need to run crontab for /etc/crontab; cron checks the timestamp and re-reads automatically. So what went wrong? The timestamp! I had copied the file from dereel to eureka, using the -p (preserve permissions and timestamps) option, so it was still dated October last year.

Counter Futures

Posted By Tim Bray

I was at the drugstore buying train tickets, waiting for a cashier, staring blankly at the magazine covers, and realizing theyre possibly (like many paper publications) doomed. So whats going to replace them? There is apparently a thriving market of people who will pay to read about movie-star marriages, home makeovers, and weight loss. So I tweeted When paper magazines are gone, what will they have by the checkout counters?. The People Speak Did I ever get answers. Here they are: Jhoon Saravia: QR Codes? Tap to buy e-magazines? Aaron Patterson: probably more batteries and candy. Trace Gilton: Fresh fruits and vegetables?

Excerpt from my forthcoming novel Pirate Cinema

Posted By Cory Doctorow

Tor.com has published an excerpt from my forthcoming YA novel Pirate Cinema, a book set in the UK in which a gang of squatter guerrilla filmmakers take on the entertainment industry and their pals in the government to save the world from corrupt, brutal anti-piracy laws. Booklist gave it a starred review, saying " ...Doctorows … [Read more]

How the Norwegians Reacted to Terrorism

Posted By Bruce Schneier

An antidote to the American cycle of threat, fear, and overspending in response to terrorism is this, about Norway on the first anniversary of its terrorist massacre: And at the political level, the Prime Minister Jens Stoltenberg pledged to do everything to ensure the country's core values were not undermined. "The Norwegian response to violence is more democracy, more openness...

enblend performance revisited

Posted By Greg Lehey

Yesterday I noted what appeared to be a 60-fold increase in the speed of enblend, but I wasn't quite comparing the same thing. In fact, not only did the panorama I took at the beginning of last month have more images: it was also much larger, in fact about 170 megapixels (26046×13023). So today I tried restitching it. That gave quite a different picture: enblend took nearly 58 minutes, still only about 20% of the time it took in 32 bits last month. The reason was clear: it had more memory to play with, and it used as much as it could get.

CL XVIII: Misty Mountains

Posted By Tim Bray

We were recently on the Great Plains and I love em, but a few days there and I miss the mountains. Some prairiefolk cant settle down here on the coast, they feel shut-in because you dont have the big sky and long view. Im OK with an earthstone fence in front of the horizon. And still, our skies are big sometimes. That buoy is ours I guess, been there since we bought the place. Never been tended to, gonna just sink if ignored long enough. Hmf. Right, lets get back to mountains and so on. You can spend as much time as you like staring across Howe Sound and it never gets old, I find.

More DxO bugs

Posted By Greg Lehey

I've already commented on a bugfeature of DxO Optics Pro: if the EXIF data of the input image is changed in any wayeven in valid waysit may ignore it completely. In my case, I had put my name in the Author tag. There's a clear workaround there, one that makes sense anyway: don't put the Author tag in the raw file, just in the output JPEG. DxO will even do this for you, though I haven't found a way to get it to store the values, so I have to reenter them every time I start it; it's easier to use my script afterwards.

Full 64 bit Hugin

Posted By Greg Lehey

It's taken me over 2 weeks to get my Hugin installation to work correctly with 64 bit executables. That's a good thing too: the 32 bit version of enblend maxes out with a process size of 3 GB, and that's not enough for some of my panoramas. Today I experienced some of the largest memory footprints I've ever seen:   PID USERNAME    THR PRI NICE   SIZE    RES STATE   C   TIME   WCPU COMMAND 86087 grog          1 108    5  5184M  2141M CPU0    3   4:21 100.00% enblend 87523 grog         20 103    0  8591M  3778M CPU2    2  12:20 102.25% java The most interesting thing, though, was the processing time.

The Happy Path to Showstoppers

Posted By Robert V. Binder

Why do big systems fail even after they've been tested? Commonly used happy-path testing routinely misses showstoppers. A multi-dimensional testng strategy does a much better job of shining a light on the dark corners where high-stress showstopper bugs hide.

The Happy Path to Showstoppers

Posted By Robert V. Binder

Every time I read about another high profile system outage, I wonder what was missed during development and testing. For example, although an unusual natural disaster triggered the recent Amazon cloud services outage, the root cause was a lurking bug that could have been revealed with a testing strategy that I (and others) have advocated for over twenty [...]

Checking out Intrade

Posted By Tim Bray

I kept hearing about how this or that political campaign or economic scenario was trending on Intrade, so I thought Id check it out. Then, of course, I had to make some bets. Its fun! But not a good way to make money I think. The rules couldnt be simpler (That page doesnt mention the flat $4.99/month it costs to play.) Im totally not a gambler. Played a bit of poker in college, without much success. Anyone in my trade finds themselves in Vegas sometimes, so once I went and got $100 and tried the casino thing; lost it in an hour without having much fun.

PCAST: 1,000Mhz for public use

Posted By Tom Limoncelli

If you suffered through my long rant about a totally different way to allocate wireless spectrum which would benefit everyone then you'll be happy to read this Arstechnica article about Obama's PCAST initiative moving forward. The old way to allocate frequencies was to give different industries their own "block". Each radio station, TV channel, WiFi protocol, etc. gets a block. This is inefficient. The new way is to have intelligent hardware that can share the spectrum: detect if someone is already broadcasting and back off seamlessly. The difference is that the first system is the best 1930s technology could provide. The latter is what you can do with modern systems where a computer can be programmed to actively monitor and control what is going on.

Wine under amd64

Posted By Greg Lehey

One of the problems about my migration to FreeBSD amd64 that I knew about in advance is that wine doesn't work. And that's annoying, because I use it to run Ashampoo photo optimizer in my photo processing. The idea was to use a virtual machine instead. But one problem that I hadn't expected with virtual machines is that startup and shutdown isn't instantaneous. It can take up to a minute in a manner reminiscent of this cartoon: By contrast, wine does fire up essentially instantaneously, like any other program. But I can't even run it across the network because the performance goes to hell.

Friday Squid Blogging: Preserved Squid

Posted By Bruce Schneier

Science or art? As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Back-to-Basics Weekend Reading - Virtualizing Operating Systems

Posted By Werner Vogels

This weekend's back-to-basics reading is on operating system virtualization. There are two papers that deserve the "classic" tag as they both form the basis for operating system virtualization that is in production today. Stanford's Disco, the predecessor of VMWare, uses a full hardware virtualization approach, where Cambridge's Xen introduced us to paravirtualization. Disco: Running Commodity Operating Systems on Scalable Multiprocessors by Edouard Bugnion, Scott Devine, Kinshuk Govil, Mendel Rosenblum in the Proceedings of the 16th ACM Symposium on Operating Systems Principles, October 5-8, 1997, St. Malo, France. Xen and the art of virtualization by Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Timothy L.

Tab Sweep (Non-geek)

Posted By Tim Bray

Not all sending-the-world-a-link publishing should vanish into FaceTwimblr+, methinks. So lets batch a few up. On Work I already plugged this, but it deserves another go-around. Colby Coshs Artisan chocolate and social revolution is the best essay by anyone Ive read anywhere lately. You need to read this, especially if youre young and wondering what to do with your life. On Publishing Nobody knows what the future of publishing is, but boy, are things ever moving fast. Its not controversial to say that many of the incumbents are doomed; an exception might be The Economist group, which may be a little hidebound, but is smarter-than-average.

I/O Performance (no longer) Sucks in the Cloud

Posted By James Hamilton

Many workloads have high I/O rate data stores at the core. The success of the entire application is dependent upon a few servers running MySQL, Oracle, SQL Server, MongoDB, Cassandra, or some other central database.   The best design patter for any highly reliable and scalable application whether on-premise or in cloud hosted, is to shard the database. You cant be dependent upon a single server being able to scale sufficiently to hold the entire workload. Theoretically, thats the solution and all workloads should run well on a sufficiently large fleet even if that fleet has a low individual server I/O performance.

Back-to-Basics Weekend Reading - Virtualizing Operating Systems

Posted By Werner Vogels

This weekend’s back-to-basics reading is on operating system virtualization. There are two papers that deserve the “classic” tag as they both form the basis for operating system virtualization that is in production today. Stanford’s Disco, the predecessor of VMWare, uses a full hardware virtualization approach, where Cambridge’s Xen introduced us to paravirtualization.

amd64 conversion pain not over

Posted By Greg Lehey

It's been over two weeks since I migrated to FreeBSD amd64, and I still have a long list of things that need fixing. Today managed to wedge the X server againhow I wish that would go awayand again had difficulty starting it. Then I discovered that my Emacs geometry problem, which I thought had gone away, is still with me. It seems that I didn't test it very well before. And somehow startx without parameters now wants to start server 1 instead of server 0. Why should that be?

Rapture of the Nerds excerpt on Tor.com

Posted By Cory Doctorow

Tor.com's just published an excerpt from Rapture of the Nerds, the comic science fiction novel that Charles Stross and I collaborated on, which comes out in September. Booklist just gave it a starred review, saying "Doctorow and Stross, two of the SF genres more exciting voices, team up to produce a story that is mindbendingly … [Read more]

Sequel to my General Purpose Computation talk coming up in Vegas, San Francisco

Posted By Cory Doctorow

I've written a sequel to my talk The Coming War on General Purpose Computing, called "The Coming Civil War Over General-Purpose Computing," which I'll be delivering twice this summer: first on July 28 at DEFCON in Las Vegas, and then on July 31 in San Francisco at a Long Now Foundation SALT talk, jointly presented … [Read more]

Excerpt from Homeland, the sequel to Little Brother

Posted By Cory Doctorow

Tor.com has just published an excerpt from Homeland, the sequel to my novel Little Brother. Homeland's coming out in February: Attending Burning Man made me simultaneously one of the most photographed people on the planet and one of the least surveilled humans in the modern world. I adjusted my burnoose, covering up my nose and … [Read more]

Camera-Transparent Plastic

Posted By Bruce Schneier

I just wrote about the coming age of invisible surveillance. Here's another step along that process. The material is black in color and cannot be seen through with the naked eye. However, if you point a black and white camera at a sheet of Black-Ops Plastic, it becomes transparent allowing the camera to record whatever is on the other side....

Expanding The Cloud  High Performance I/O Instances for Amazon EC2

Posted By Werner Vogels

AWS customers are bringing their most demanding workloads onto the cloud. These include the likes of high performance computation, for which we introduced the Cluster Compute and Cluster GPU instance types. Customers are also bringing workloads on AWS that require dedicated and high performance IO for which we are now introducing a new Amazon EC2 instance type, the High I/O Quadruple Extra Large (hi1.4xlarge), to meet their needs. The hi1.4xlarge has 8 cores and 60.5GB of memory. Most importantly it has 2 SSDs of 1 TB each and a 10 Gb/s Ethernet NIC that using placement groups can be directly connected to other High I/O instances.

Expanding The Cloud ? High Performance I/O Instances for Amazon EC2

Posted By Werner Vogels

AWS customers are bringing their most demanding workloads onto the cloud. These include the likes of high performance computation, for which we introduced the Cluster Compute and Cluster GPU instance types. Customers are also bringing workloads on AWS that require dedicated and high performance IO for which we are now introducing a new Amazon EC2 instance type, the High I/O Quadruple Extra Large (hi1.

Chinese Airline Rewards Crew for Resisting Hijackers

Posted By Bruce Schneier

Normally, companies instruct their employees not to resist. But Hainan Airlines did the opposite: Two safety officers and the chief purser got cash and property worth 4m yuan ($628,500; £406,200) each. The rest got assets worth 2.5m yuan each. That's a lot of money, especially in China. I'm sure it will influence future decisions by crew, and even passengers, about...

The new enblendfinally!

Posted By Greg Lehey

My remaining problems with the enblend version 4 port related to the outdated version of texinfo that we have in the base FreeBSD source distribution. Investigating the subversion logs showed that it had been updated regularly up to about 7 years ago, and then nothing. On the other hand, we have a newer version in the Ports Collection. Why? Sent a message to the project mailing list and got a clear answer: about 7 years ago texinfo changed its license to the GPL Version 3, which is incompatible with the BSD license, so we could no longer include it in the base system.

Google I/O 2012

Posted By Tim Bray

I was there, after having worked on parts of the program, I took pictures, and I guess I should share some of that. It seems years ago already. Outside Google I/O, its an event. The preparations are sort of heroic in scale. On The Morning Of, the satellite trucks were parked end-to-end outside the venue, and the anchorguys were uplinking like crazy, and if its on TV it must real, right? Inside People; lots and lots of people. Mostly male, mostly smart, mostly well-paid, mostly geeky. I was actually irritated about the sellout-in-seconds, and had lobbied for a more intelligent admission procedure.

On a quest for Viking-age swords

Posted By Niels Provos

On a quest for Viking-age swords

Posted By Niels Provos

On a quest for Viking-age swords

Posted By Niels Provos

Remote Scanning Technology

Posted By Bruce Schneier

I don't know if this is real or fantasy: Within the next year or two, the U.S. Department of Homeland Security will instantly know everything about your body, clothes, and luggage with a new laser-based molecular scanner fired from 164 feet (50 meters) away. From traces of drugs or gun powder on your clothes to what you had for breakfast...

Register for AWS re: Invent

Posted By Werner Vogels

The first annual AWS user and partner conference will be held November 27-29 at The Venetian in Las Vega. It is shaping up to be a great event with many Amazonians, partners and customers presenting in well over 150 sessions. There are sessions in many different categories: Architecture, Big Data, HPC, Computer & Networking, Storage, Databases, Security, Tools & Languages, Media Sharing & Content Delivery, Managing AWS Resources, Enterprise IT, Mobile, Start-up, and more. Starting today the information about the sessions and the registration is live at http://reinvent.awsevents.com. General registration opens up on July 25, 2012, however active AWS customers will get a chance to jump the line and start registering on July 20.

Register for AWS re: Invent

Posted By Werner Vogels

The first annual AWS user and partner conference will be held November 27-29 at The Venetian in Las Vega. It is shaping up to be a great event with many Amazonians, partners and customers presenting in well over 150 sessions. There are sessions in many different categories: Architecture, Big Data, HPC, Computer & Networking, Storage, Databases, Security, Tools & Languages, Media Sharing & Content Delivery, Managing AWS Resources, Enterprise IT, Mobile, Start-up, and more.

enblend build problems: solved

Posted By Greg Lehey

Sent mail to the Hugin group today about the enblend build problems. Quickly got a reply pointing me at the Arch Linux repository with patches that look right. But why are they there and not in the enblend repository? It seems that they have been added to the repository, but only in the development version, and there's nothing at all on the site to point at the problem.

Rebuilding the Foundation

Posted By Tim Bray

If youre a geek, you know what HTTP is. If youre not, youve still seen those letters, lurking at the front of URLs everywhere. Its one of the two or three things that makes the Web actually work. Its being redesigned, perhaps. This telling of the story is mostly for geeks, but for the rest: If this effort is successful, you might notice some things run a little quicker. If it fails, you might notice some things running slower, or getting more expensive, and the Net growing a little less private and safe. Back Story When we talk about HTTP versions we use slashes: HTTP/0.9, HTTP/1.0, HTTP/1.1, and so on.

Hugin's linefind

Posted By Greg Lehey

My experiments with Hugin's linefind program haven't been very positive so far, so today I tried one panorama both ways, with and without linefind. The results weren't encouraging: without linefind, I had an average error of 0.9 pixels and a maximum of 2.8. With linefind those values increased to 1.6 and 18.8. And the results? Conveniently it lost the cropping, so these two images (first without, then with linefind) don't quite match: One thing's clear, though: the first image (without linefind) has better verticals.

The new enblend revisited

Posted By Greg Lehey

Photo day again today, and managed to take my panoramas with no particular problems. Yes, smart (the virtual Microsoft machine on eureka) is even slower than braindeath, but of course I was able to spread the processing across both machines, with the result that my first processing step was done somewhat faster. And then I ran into trouble stitching the equirectangular panoramas: enblend: info: loading next image: X00-230009.tif 1/1 enblend: out of memory enblend: std::bad_alloc enblend: info: remove invalid output image "X00-23.tif" gmake: *** [X00-23.tif] Error 1 That was despite allocating 3.5 GB of memory for the process, something it didn't come close to using.

bash: broken for 18 months

Posted By Greg Lehey

The other bug that I found yesterday was the completion issue with bash. Callum Gibson went off into the web and came back with a number of references indicating that it was introduced about 18 months ago, people agree that it is a bug, and nobody is doing anything obvious about it. This message probably sums it up. It's a sad day when such a central piece of software can have a bug of this magnitude for this long. But then, who uses shells any more? The web browser is the way to go, and they're all riddled with bugs.

PHP: What to complain about

Posted By Greg Lehey

Finally bit the bullet today and started work on a replacement for the phpMyEdit deep freeze list. It's been a while since I've done this, and I spent sometime looking in vain for an example. Finally I took the most likely candidate and went off to the PHP manual web site, which told me thatof coursethe MySQL interface I was using is deprecated. I should choose mysqli or PDO_MySQL. Did some reading about that and came to the conclusion that there wasn't much in it. So what interfaces did I have compiled in? That's in /var/db/ports/php5-extensions/options. And none of the interfaces were installed.

Friday Squid Blogging: Barbecued Squid -- New Summer Favorite

Posted By Bruce Schneier

In the UK, barbecued squid is in: Sales of squid have tripled in recent months due to the growing popularity of Mediterranean food and the rise of the Dukan diet, as calamari looks set to become the barbecue hit of the summer....

Twisted Trees

Posted By Tim Bray

This is one of Haffords big tourist attractions. Since Hafford is a small place, its actually a very small tourist attraction, a clump of trees on someones farm down a country road off a country road. But theyre weird trees: Aspens, just like the other clump across the parking lot, only different. Different, just like the name says: Twisty. It was hinted darkly to me by a local that Mysterious Forces Were At Work; and the little sign by the grove trumpets the mystery. But Wikipedia reveals that this is, probably, a mutation.

Arnie, the Doughnut! (NYC)

Posted By Tom Limoncelli

To all my NYC friends: Come see my sister's musical! 6 shows only! See our video preview here: http://bit.ly/Mjrfll Read the Arnie feature in Time Out New York: http://bit.ly/NKscNk The New York Musical Theatre Festival (NYMF) Presents ARNIE THE DOUGHNUT Six shows only beginning tonight - July 13th TICKETS ARE EXTREMELY LIMITED - BUY NOW! HOW TO GET YOUR TICKETS: ONLINE: Click HERE! BY PHONE: CALL 212- 352- 3101 IN PERSON: at the NYMF Hub, 330 West 42nd Street Arnie will be at the PTC Performance Space, 555 West 42nd Street: Friday, July 13th, 2012 at 7:00 pm Saturday, July 14th, 2012 at 1:00 pm Saturday July 14th, 2012 at 4:00 pm Wednesday July 18th, 2012 at 1:00 pm Saturday, July 21st, 2012 at 11:00 am Saturday July 21st, 2012 at 2:00 pm Arnie, a lovable chocolate-frosted doughnut with rainbow sprinkles, is the happiest pastry in the bakery when he's ...

Back-to-Basics Weekend Reading - Hints for Computer Systems Design

Posted By Werner Vogels

For a while now I have been on a track to read one influential/fundamental Computer Science paper each weekend. I find that going back to the basics of system, network and language design forces a good appreciation for keeping designs simple and focus on those fundamentals that matter most to users. Often I posted the paper on twitter and a number of times I have had requests like "what was the paper you posted three weeks ago about memory management?" . I will now post them here so going back in time will be easy. Last weeks paper was the classic End-To-End Arguments in System Design, by J.

Why there are Datacenters in NY, Hong Kong, and Tokyo?

Posted By James Hamilton

Why are there so many data centers in New York, Hong Kong, and Tokyo? These urban centers have some of the most expensive real estate in the world. The  cost of labor is high. The tax environment is unfavorable. Power costs are high.  Construction is difficult to permit and expensive. Urban datacenters are incredibly expensive facilities and yet a huge percentage of the worlds computing is done in expensive urban centers.   One of my favorite examples is the 111 8th Ave data center in New York. Google bought this datacenter for $1.9B.  They already have facilities on the Columbia river where the power and land are cheap.

Pre-order "Taming Information Technology" because it is awesome

Posted By Tom Limoncelli

"Taming Information Technology: Lessons from Studies of System Administrators" by Eser Kandogan, Paul Maglio, Eben Haber and John Bailey Scientists video tape sysadmins at work then analyse the footage, making interesting observations about what we do, how we do it, and why. For every CEO that thinks sysadmins just lay about all day, this book shows what risky, dangerous work we do. For the parent that doesn't quite understand what their son or daughter the system administrator does, this book spells it out in plain language stories of what we do. For the person that thinks sysadmins just sit around fixing computers with a screw driver and CD-ROM, this book shows real situations where outages cost millions and teams of technical people battle clueless (and not so clueless managers).

Hacking BMW's Remote Keyless Entry System

Posted By Bruce Schneier

It turns out to be surprisingingly easy: The owner, who posted the video at 1addicts.com, suspects the thieves broke the glass to access the BMW's on-board diagnostics port (OBD) in the footwell of the car, then used a special device to obtain the car's unique key fob digital ID and reprogram a blank key fob to start the car. It...

Back-to-Basics Weekend Reading - Hints for Computer Systems Design

Posted By Werner Vogels

For a while now I have been on a track to read one influential/fundamental Computer Science paper each weekend. I find that going back to the basics of system, network and language design forces a good appreciation for keeping designs simple and focus on those fundamentals that matter most to users.

More PHP pain

Posted By Greg Lehey

Everywhere I go I find more fallout from decisions made in the latest version of PHP. As planned yesterday, got hold of the latest version of phpMyEdit and installed it. Ran the script phpMyEditSetup.php and got: Notice: Undefined index: db in /usr/local/www/data/phpMyEdit-5.7.1/phpMyEditSetup.php on line 65 Notice: Undefined index: tb in /usr/local/www/data/phpMyEdit-5.7.1/phpMyEditSetup.php on line 66 And that was all. For whatever reason, the generated page ended there. Tried again on dereel, still running the old version of PHP, and that worked. So I moved the generated file (freezer.php) to eureka and tried it there.

All-or-Nothing Access Control for Mobile Phones

Posted By Bruce Schneier

This paper looks at access control for mobile phones. Basically, it's all or nothing: either you have a password that protects everything, or you have no password and protect nothing. The authors argue that there should be more user choice: some applications should be available immediately without a password, and the rest should require a password. This makes a lot...

Dropped USB Sticks in Parking Lot as Actual Attack Vector

Posted By Bruce Schneier

For years, it's been a clever trick to drop USB sticks in parking lots of unsuspecting businesses, and track how many people plug them into computers. I have long argued that the problem isn't that people are plugging the sticks in, but that the computers trust them enough to run software off of them. This is the first time I've...

FreeBSD amd64: into the second week

Posted By Greg Lehey

The good news about my migration to FreeBSD amd64 is that it's almost over. Things are running more or less smoothly, and now I can address the things that I needed amd64 for in the first place. Yesterday I established that smart, a virtual Microsoft XP machine on eureka, was actually significantly slower than braindeath. Discussing it on IRC today, established that yes, Microsoft XP is multiprocessor-capable if it's installed that way, and that's the way it's installed on braindeath, which appears to have hyperthreading. That also confirmed that DxO Optics Pro uses both CPUs, so it was worthwhile investigating the situation on smart.

T.Runic

Posted By Tim Bray

I have an interesting job and a family, so it took me five times as long as anyone else, but now I have an Inferno-capable Level 60 Diablo III character. Im wondering if this is when I start getting bored. Herewith a few notes on the experience, and some tips for those who havent done D3 yet. Wanna Play? My characters name is TRunic, a Demon Hunter, built thus. She can pretty well walk through any situation at Hell Level, and is still grinding along through Inferno Act 1. Her DPS is about 18.7K, which is seen as low by connaisseurs of hard-assedness; but shes really pretty good at crowd control and kiting, so shell be there pumping out that damage well into a long fight.

Petition the U.S. Government to Force the TSA to Follow the Law

Posted By Bruce Schneier

This is important: In July 2011, a federal appeals court ruled that the Transportation Security Administration had to conduct a notice-and-comment rulemaking on its policy of using "Advanced Imaging Technology" for primary screening at airports. TSA was supposed to publish the policy in the Federal Register, take comments from the public, and justify its policy based on public input. The...

Cryptanalyze the Agrippa Code

Posted By Bruce Schneier

William Gibson's Grippa Code is available for cryptanalysis. Break the code, win a prize....

Migrating from braindeath

Posted By Greg Lehey

One of the reasons I wanted to move to FreeBSD amd64 was to have enough memory to run VirtualBox machines big enough for programs like DxO Optics Pro. Up to now the biggest memory I could get for smart, a Microsoft XP image, was about 800 MB. Today I tried again, once again running into problems with out of date driverswhy doesn't portupgrade upgrade them? But apart from that, everything went smoothly, and I was able to get up to 3.5 GB of memory. Installed the latest version of DxO and ran it. How much faster? The old machine has a 2.8 GHz Pentium D with 2 GB of memory.

Window manager bugs

Posted By Greg Lehey

Another issue I had with Hugin was the inability to drag the image in the fast preview Move tab. I had heard that it was a window manager bug, but that seemed unlikely. Still, it was worth checking, especially since there's an outstanding bug report against fluxbox reporting output from xev. I was able to reproduce it here with the 64 bit version of fvwm2. Without a window manager, or with the 32 bit version of fvwm2, a mouse click and release give the following events: ButtonPress event, serial 27, synthetic NO, window 0x8400004,     root 0x501, subw 0x0, time 327962631, (115,111), root:(922,132),     state 0x0, button 1, same_screen YES ButtonRelease event, serial 27, synthetic NO, window 0x8400004,     root 0x501, subw 0x0, time 327962783, (115,111), root:(922,132),     state 0x100, button 1, same_screen YES But with ...

Hugin and VirtualBox

Posted By Greg Lehey

Continued trying to get Hugin working on FreeBSD amd64 today, and with the help of the mailing lists finally made the breakthrough. The original problems (mainly crashing) have gone away. The single row panoramas that I had tried had worked, and the only problem I had was with the verandah centre panorama. While looking around, discovered that there is, indeed, good documentation for the control point detectors, where you'd expect it: Help. It fires up a web browser (how does it know which one?) with relatively complete documentation of the parameters, including the information for cpfind that should use the --multirow option unless you're doing big panoramas.

Creativity and Execution

Posted By Theo Schlossnagle

Music: The Internets Original Sin

Posted By Cory Doctorow

Music: The Internets Original Sin Here's a podcast of my recent Locus column, Music: The Internets Original Sin: Lets start with musics age. Movies are still in their infancy. Books are in their middle age. Stories themselves are ancient. But music is primal. Books may predate commerce, but music predates language. Our relationship with music, … [Read more]

Attacking Fences

Posted By Bruce Schneier

From an article on the cocaine trade between Mexico and the U.S.: "They erect this fence," he said, "only to go out there a few days later and discover that these guys have a catapult, and they're flinging hundred-pound bales of marijuana over to the other side." He paused and looked at me for a second. "A catapult," he repeated....

Guest of honor at Westercon 67 in Salt Lake City, July 2014

Posted By Cory Doctorow

I've just confirmed that I'll be the Guest of Honor at the 67th Westercon, in Salt Lake City, Utah, July 3-6, 2014. The hotel is the Marriott Downtown at City Creek, and memberships are currently $50 for attending, $25 for supporting. The website linked in the previous sentence is just a placeholder, though the real … [Read more]

Still more migration issues

Posted By Greg Lehey

On with my various experiments with the FreeBSD amd64 migration today. The biggest discovery was how to find 32 bit shared libraries. I had already discovered that ldconfig ignores files with specific names, but that appears to be a bug in ldconfig. In any case, using the old (probably deprecated) environment variable LD_32_LIBRARY_PATH works, so now I can run all my old 32 bit programs like kklondike and my version of xearth. More importantly, though, I can run the 32 bit versions of the Hugin programs.

How Many Devices?

Posted By Tim Bray

Does it make sense to carry around two, three, or more portable computing devices? Select from: Regular-size laptop; say 15"-screen or higher. Skinny laptop i.e. Air at 13" or even 11". Big tablet at ~10" as in current iPads. One-hander tablet, typically at 7". Handset, 3½"-5". (My current load: 1, 4, and 5.) The choice will be increasingly in everyones face if the rumormongers are correct and Apple ships an iPad in the #4 slot. Sidebar Amusingly, back in 2010 I arrogantly claimed Apple will totally do a 7" device. Last fall, I sheepishly mumbled Clearly Im eating those words.

Sensible Comments about Terrorism

Posted By Bruce Schneier

Two, at least: "Bee stings killed as many in UK as terrorists, says watchdog." "Americans Are as Likely to Be Killed by Their Own Furniture as by Terrorism." Is this a new trend in common sense? In case you forgot, here's a comprehensive list of ridiculous predictions about terrorist attacks (and an essay). And here's the best data on U.S....

Software Inventory

Posted By Joel Spolsky

Imagine, for a moment, that you came upon a bread factory for the first time. At first it just looks like a jumble of incomprehensible machinery with a few people buzzing around. As your eyes adjust you start to see little piles of things that you do understand. Buckets of sesame seeds. Big vats of dough. Little balls of dough. Baked loaves of bread. Those things are inventory. Inventory tends to pile up between machines. Next to the machine where sesame seeds are applied to hamburger buns, theres a big vat of...sesame seeds. At the very end of the assembly line, there are boxes and boxes of bread, waiting for trucks to drive them off to customers.

Official Report of the Fukushima Nuclear Accident Independent Investigation Commission Executive

Posted By James Hamilton

Last night, Tom Klienpeter sent me The Official Report of the Fukushima Nuclear Accident Independent Investigation Commission Executive Summary. They must have hardy executives in Japan in that the executive summary runs 86 pages in length. Overall, Its an interesting document but I only managed to read in to the first page before starting to feel disappointed. What I was hoping for is a deep dive into why the reactors failed, the root causes of the failures, and what can be done to rectify it.   Because of the nature of my job, Ive spent considerable time investigating hardware and software system failures and what I find most difficult and really time consuming is getting to the real details.

Students Hack DHS Drone

Posted By Bruce Schneier

A team at the University of Texas successfully spoofed the GPS and took control of a DHS drone, for about $1,000 in off-the-shelf parts. Does anyone think that the bad guys won't be able to do this?...

The Global Iron Blogger Network

Posted By Benjamin Mako Hill

Since last November, I've been participating in and coordinating Iron Blogger: a drinking club where you pay $5 to a "beer" pool if you fail to blog weekly. The revival of Iron Blogger in Boston has been a big success. Even more exciting, however, is that Iron Blogger concept has spread. There are now two other Iron Blogger instances: in San Francisco coordinated by Parker Higgens, and in Berlin run by Nicole Ebber and Michelle Thorne. Yesterday, we convened a virtual meeting of the Global Iron Blogger Council (i.e., an email thread) and we all agreed a new on iron blogger rule that might sweeten the deal for jet-setting prospective Iron Bloggers: any paid-up member of any Iron Blogger club can attend meet-ups in any other Iron Blogger cities if they happen to be in town for one.

ldconfig problems

Posted By Greg Lehey

One of the alternate possibilities I had while trying to solve the Hugin problem was to run the 32 bit binaries on eureka. For that, of course, you need the libraries, and they need to be located with ldconfig. Tried that, and for some reason it refused to accept the library /dereel/usr/local/lib/hugin: === root@eureka (/dev/pts/13) /home/grog 7 -> ldconfig -32  /dereel/usr/local/lib/hugin/ === root@eureka (/dev/pts/13) /home/grog 8 -> ldconfig -32  -r /var/run/ld-elf32.so.hints:         search directories: /dereel/usr/local/lib/hugin/ There are 9 libraries in that directory, and (not surprisingly) hugin requires them all: === root@eureka (/dev/pts/13) /home/grog 9 -> l  /dereel/usr/local/lib/hugin/ total 11 -rwxr-xr-x  1 root  wheel   122076 Jul 28  2011 libceleste.so.0.0 -rwxr-xr-x  1 root  wheel    24252 Jul 28  2011 libflann_cpp.so -rwxr-xr-x  1 root  wheel  9279544 ...

Software Inventory

Posted By Joel Spolsky

Imagine, for a moment, that you came upon a bread factory for the first time. At first it just looks like a jumble of incomprehensible machinery with… Read more "Software Inventory"

Getting Hugin to work on amd64

Posted By Greg Lehey

Spent nearly all day trying to get Hugin to work, with only moderate progress. The first issue was to install the latest version of Hugin, so checked that out and once again ran into this problem with tclap, compounded by the problem that I didn't understand where cmake was looking for the files. In the end gave up and unpacked them into /usr/include/tclap, a suboptimal place. But at least it should keep the builds quiet until I get it right. There is also a new dependency on SWIG, which was relatively trivial to fix. After that, tried again. No change. The first problem was just finding out why cpfind crashed: it logged to a window that disappeared as soon as it crashed, so there was no way to know what went wrong.

Chasing the hugin bugs

Posted By Greg Lehey

After the double reboot, at least I can now display the Hugin screens on eureka, and I confirmed that the trick with the two mouse buttons works. Spent some time investigating the strange behaviour of panomatic, which seems non-deterministic. In one case I found that it had put control points nowhere near each other (for example, one at the top of the image, the other at the bottom): Not only that: it claimed that the control points were very close to each other.

amd64 migration: the agony

Posted By Greg Lehey

So I more or less have FreeBSD amd64 running, but there are significant problems with Hugin, compounded by compatibility problems running the nvidia driver on dereel. After doing a couple of panoramas on Yvonne's machine lagoon, realized that I had a laptop with functional X on the desk to the right in my office. It is usually called pain when it runs Microsoft, but it also has a FreeBSD system, eucla, on the disk, so booted that, and sure enough, it worked. Problems: tiny 1024×768 display, and also the confusing names. I now have systems eureka (main machine) and eucla (laptop), not to mention the old echunga.

Prairie Town

Posted By Tim Bray

I spent a couple of days visiting family in Hafford, Saskatchewan. These Western towns arent like anywhere else, and my Dad came from one; I like visiting and photographing them. Heres the water tower through the trees, incredibly lush this time of year up into the edge of the parklands. Population 360, says Wikipedia, and shrinking. The Prairies are emptying out, farm and town. The traditional family farm no longer provides a living; some farms are still family-run, but the family has a bunch of employees and big operations top ten thousand acres. So the farmhouses that still stand every few miles along the country roads are mostly empty and crumbling.

amd64 migration: even worse than feared

Posted By Greg Lehey

On with the migration to FreeBSD amd64 (64 bit version) today. It wasn't easy. I had expected the transition not to be smooth, but I had never expected it to be this bad. Much of it was related to photo processing, the reason that I started the migration in the first place. I had noticed that the 64 bit version of Hugin had problems that didn't occur on the 32 bit version, and sent mail to the mailing list. One of the replies suggested that this is a known issue that also occurs on Mac OS X, so maybe something will come of that.

Friday Squid Blogging: Dissecting a Squid

Posted By Bruce Schneier

This was suprisingly interesting. When a body is mysterious, you cut it open. You peel back the skin and take stock of its guts. It is the science of an arrow, the epistemology of a list. There and here and look: You tick off organs, muscles, bones. Its belly becomes fact. It glows like fluorescent lights. The air turns aseptic...

Me on Military Cyberattacks and Cyberweapons Treaties

Posted By Bruce Schneier

I did a short Q&A for Network World....

Voices of Northern Women

Posted By Tim Bray

Last month I had the immense pleasure of attending Northern Voice 2012. This is the eighth year of Vancouvers own little blogging-and-social-media conference, distinguished by a resolute refusal to consider the business (or any other non-personal) dimensions of the thing. It got me thinking about gender issues, so here are thoughts on those. With pictures. Makes me think of Gumby. Intentional? One of the nice things about Northern Voice is the gender ratio, closer to sane than pretty well anything else I get to. Not only is such a milieu inherently more pleasant, it leads to the sessions being full of voices I wouldnt otherwise hear saying things I wouldnt otherwise think of.

Final Four Days for HOPE Tickets!

Posted By Tom Limoncelli

A public service message to people in the NYC-area: From: Hackers On Planet Earth <[email protected]> Date: Thu, Jul 5, 2012 at 3:44 PM Subject: [nine-announce] Final Four Days for HOPE Tickets! To: [email protected] As we're closing in on HOPE Number Nine, we need to inform you of a very important deadline: advance ticket sales will closing on Sunday, July 10th. Advance tickets help us to pay for a lot of the expenses involved in putting on an event like HOPE. Renting three floors of a hotel in midtown Manhattan can be a bit pricey, so every little bit helps. Not to mention that it saves attendees from paying the more expensive price at the door.

Naming Pets

Posted By Bruce Schneier

Children are being warned that the name of their first pet should contain at least eight characters and a digit....

Continued migration

Posted By Greg Lehey

On with my migration to FreeBSD amd64 today. A couple of mount problems on other machines because I had moved the file systems /src and /Photos from dereel to eureka, but nothing serious. The real problem was the weather software: it needed recompilation, after which it ran for a while. And then, after some other tweaks, it failed with a missing MySQL library. I had to compile it again. Where did the library go? But that wasn't the end of it. The weather station connects via USB, and the USB bus on dereel is dead. So I had to move the database to eureka.

So You Want to Be a Security Expert

Posted By Bruce Schneier

I regularly receive e-mail from people who want advice on how to learn more about computer security, either as a course of study in college or as an IT person considering it as a career choice. First, know that there are many subspecialties in computer security. You can be an expert in keeping systems from being hacked, or in creating...

amd64: biting the bullet

Posted By Greg Lehey

Today marks 14 months since I started planning to upgrade dereel, my main system, to a 64 bit version of FreeBSD. During that time I've always found reasons to procrastinate: the pain of migration is just too much, and it would be difficult to move back if something goes catastrophically wrong. But I've gradually come round to the idea of running a 32 bit machine and a 64 bit machine in parallel until it's done. And today I finally took the plunge, in the process taking both machines out into the garage and dislodging prodigious quantities of dust with a jet of compressed air.

Music: The Internets Original Sin

Posted By Cory Doctorow

Locus

Why we still fight about music and copyright on the Internet

Posted By Cory Doctorow

My latest Locus colum, "Music: The Internets Original Sin," asks why music copyright is such a hot potato on the Internet, even in the post-DRM age, when most tunes are $0.99 on Amazon in MP3. The short answer: music's ancient compact is not entirely compatible with contemporary commerce, and the industry has tried to "fix" … [Read more]

More backup and migration problems

Posted By Greg Lehey

Into the office this morning to find the photo backup disk not flashing. Further investigation revealed: x Photos/grog/20111103/orig/PB036725.ORF x Photos/grog/20111103/orig/PB036731.ORFtar: Photos/grog/20111103/orig/PB036731.ORF: Read error: Permission denied tar: Photos/grog/20111103/orig/PB036713.jpg: Cannot stat: Permission denied tar: Photos/grog/20111103/orig/PB036715.jpg: Cannot stat: Permission denied tar: Photos/grog/20111103/orig/PB036732.JPG: Cannot stat: Permission denied I've seen that before, and I've blamed NFS. But looking more carefully, this is tar x (extraction, as the leading x shows). And of course there were no permission problems. What's causing this? In any case, it required me to continue with rsync. And then I discovered: === grog@defake (/dev/pts/1) ~ 57 -> df -i /Photos /photobackup Filesystem     1048576-blocks    Used  Avail  Capacity iused     ifree %iused  Mounted on dereel:/Photos        1907196 1270951 617173     67%  450675   ...

Stop the Madness

Posted By Robert V. Binder

Big system crashes are not like bad weather.  They are not the work of invisible gremlins. They can be prevented. Reading reports about the Amazon cloud outage of a few days ago, it is apparent that while unusually bad weather triggered … Continue reading →

Jerusalem Cartooned

Posted By Tim Bray

I just read Jerusalem: Chronicles from the Holy City by Guy Delisle; its a graphic novel which would be a comic book if it werent a hardcover and werent about one of the worlds Great Big Problems. I recommend it totally. Delisle spent a year in Jerusalem, tagging along with his wife (an employee of Médecins Sans Frontières) and taking care of his kids. Theres no real storyline, just a diary full of small stories and smiles, what its like to be a househusband/artist in a neighborhood where tremendously sad things happen every day. I dont think this is going to change anyones mind about big Middle-East issues, and probably wont offend anyone except sympathizers with the inexcusable settlers movement.

Impact Factor of Computer Science Journals 2011

Posted By Diomidis D. Spinellis

The Thomson Reuters Web of Knowledge has published the 2011 Journal Citation Reports . Following similar studies I performed in 2007 , '08 , '09 , '10 , and '11 , here is my analysis of the current status and trends for the impact factor of computer science journals.

Commercial Espionage Virus

Posted By Bruce Schneier

It's designed to steal blueprints and send them to China. Note that although this is circumstantial evidence that the virus is from China, it is possible that the Chinese e-mail accounts that are collecting the blueprints are simply drops, and the controllers are elsewhere on the planet....

jQuery extended attribute: a possibility?

Posted By Greg Lehey

This evening Jashank Jeremy pointed me to a HTML5 working draft titled Embedding custom non-visible data with the data-* attributes. That looks surprisingly like what I'm already doing with the lazy loading code I'm working on at the moment. As I thought, it seems to be a good idea. And it seems that it works already, so there's no reason not to accept something like that, even if the naming restrictions seem a little bizarre.

X font hell

Posted By Greg Lehey

For some time I've had difficulties with Wikipedia fonts. A typical example is this, from the article on Archaeopteryx: That etymology is supposed to be in a Greek font, but only the À in the second word is correct. The rest looks nothing like Greek. I've seen this before, and I assumed that it's incorrect fonts that are the problem.

Don't trust USB disks, part 2

Posted By Greg Lehey

I back up my photo disk separately from other data. There's lots of it, it's incompressible, and it makes sense to have a mountable file system. I keep two copies, one of which is always at Chris Yeardley's house in case of larger catastrophe. One of the disks has a USB enclosure; the other had one until it died (under warranty) last year, and MSY still haven't managed to replace it. Today I mounted the disk with the enclosure on lagoon, Yvonne's computer, using USB.

Don't trust USB disks, part 1

Posted By Greg Lehey

Into the office this morning to discover my backup disk LED flashing. After further investigation discovered that the monthly level 0 dump was still running after 11 hours. And still further investigation showed: Jun 26 11:17:37 dereel kernel: da0 at umass-sim0 bus 0 scbus5 target 0 lun 0 Jun 26 11:17:37 dereel kernel: da0: <ST310005 28AS > Fixed Direct Access SCSI-2 device Jun 26 11:17:37 dereel kernel: da0: 1.000MB/s transfers Jun 26 11:17:37 dereel kernel: da0: 953869MB (1953525168 512 byte sectors: 255H 63S/T 121601C) After the last connection, for no obvious reason, the disk had been detected as a 1 MB/s device.

On Fear

Posted By Bruce Schneier

A poet reflects on the nature of fear....

WEIS 2012

Posted By Bruce Schneier

Last week I was at the Workshop on Economics and Information Security in Berlin. Excellent conference, as always. Ross Anderson liveblogged the event; see the comments for summaries of the talks. On the second day, Ross and I debated -- well, discussed -- cybersecurity spending. A the first WEIS, he and I had a similar discussion: I argued that we...

Wiki Conferencing

Posted By Benjamin Mako Hill

I am in Berlin for the Wikipedia Academy, a very cool hybrid free culture community plus refereed academic conference organized, in part, by Wikimedia Deutschland. On Friday, I was very excited to have been invited to give the conference's opening keynote based on my own hybrid take on learning from failures in peer production and incorporating a bunch of my own research. Today, I was on a panel at the conference about free culture and sharing practices. I'll post talks materials and videos when the conference puts them online. I will be in Berlin for the next week or so before I head to directly to Washington, DC for Wikimania between the 11th and 15th.

Email: in a bind

Posted By Greg Lehey

Yvonne came to me this evening with a mail message that had bounced: This is the mail system at host dereel.lemis.com. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. ... <[email protected]>: Host or domain name not found. Name service error for     name=localhost type=A: Host not found Huh? localhost not found? Went to dereel and checked. Of course localhost was there. === grog@dereel (/dev/pts/6) ~ 19 -> host localhost localhost.lemis.com has address 127.0.0.1 But I couldn't bounce the message either: Jul  1 19:34:04 dereel postfix/smtp[77480]: D5E55DA856: to=<[email protected]>, relay=none, delay=457, delays=457/0.01/0/0, dsn=5.4.4, status=bounced (Host or domain name not found.

File hiding with Microsoft

Posted By Greg Lehey

One of my continual rants about the Microsoft space is that the file system hierarchy has been chopped apart and pasted onto windows. How do I find the window? Simple, it's on the screen in front of you. Oh, it isn't? Well, we have nifty search tools for you that will find all files matching specific broad attributes within a matter of minutes. Today I had the issue: I wanted to scan something, for which I currently still need to use pain, my Microsoft laptop. After installation it came with a popup asking me where to store the image. A while back, that got on my nerves, so I disabled it.

Improving the lazy load

Posted By Greg Lehey

It's clear that my lazy load code still leaves a lot to be desired. While looking at the issues, discovered that the pages I am now generating severely upset the W3 validator, in particular the data-original attribute. I'm not sure how to handle this. On the one hand, HTML prescribes specific attributes for each tag, and others aren't allowed. On the other hand, JavaScript not only allows them: it appears to make sense. To find out how to resolve the issue, I at least need to learn more about JavaScript and jQuery. Tried that and decided that my own PHP functions were too untidy, and spent some time trying to make them easier to understand.

Three of San Fran

Posted By Tim Bray

Photos, I mean. I was staying a few blocks west of Moscone West, and thats the wrong direction. But I enjoyed the walk even though there were severely damaged people along the way to smile at or avoid or step over. With a sad story. Red is the color. Its a working town. Vancouver keeps its gritty small-biz necessaries shuffled further away from anywhere youre apt to go walking. Which seems oversanitary; but boy, could Howard Street ever do with a little green. This motel felt very California to me. Sad Story I was walking along near these parts in early evening, and a very tall very thin very young black woman suddenly materialized at my elbow: Excuse me, hey! I averted my face reflexively and stepped out a bit and she said Oh my god no I dont want anything, just do you know the nearest BART? and then ...

OpenFlow: A Radical New Idea in Networking

Posted By Tom Limoncelli

Queue Magazine (part of ACM) has published my description of OpenFlow. It's basically "the rant I give at parties when someone asks me to explain OpenFlow and why it is important". I hope that people actually involved in OpenFlow standardization and development forgive me for my simplifications and possibly sloppy use of terminology but I think the article does a good job of explaining OF to people that aren't involved in networking: http://queue.acm.org/detail.cfm?id=2305856 I hope that OpenFlow is adopted widely. It has some cool things in it. Enjoy. Tom

Wiki Conferencing

Posted By Benjamin Mako Hill

I am in Berlin for the Wikipedia Academy, a very cool hybrid free culture community plus refereed academic conference organized, in part, by Wikimedia Deutschland. On Friday, I was very excited to have been invited to give the conference's opening keynote based on my own hybrid take on learning from failures in peer production and incorporating a bunch of my own research. Today, I was on a panel at the conference about free culture and sharing practices. I'll post talks materials and videos when the conference puts them online. I will be in Berlin for the next week or so before I head to directly to Washington, DC for Wikimania between the 11th and 15th.