Blog Archive: September 2012
X hang problems: solved!
For well over a year I've been complaining about sporadic hangs with X, where the mouse cursor would get stuck bouncing between two screens. I've suspected blame on the part of the nVidia driver, the mouse driver, and even the FreeBSD USB stack. Today I got a message from Andrew Hout telling me that the bug had been identified and fixed. Only two weeks ago, as shown by this bug report, which includes a very good summary of the problem, which was in the nVidia driver after all. The latest version was released only earlier this week. And of course it had nothing to do with FreeBSD, as evidenced by the other reports on the web.
Announcement: I'll be speaking at the Australia IPv6 Summit
I'll be doing a 30-minute talk about how to convince your boss to take IPv6 seriously at the Australia IPv6 Summit. I'll be presenting via video conference. If you are in Australia and/or are concerned with IPv6, please attend this awesome conference. Registration is still open! Info here: http://www.ipv6.org.au/summit/program.php
EDID information for the new monitor
The other thing that I had noticed was the EDID information for the new monitor. There's more than reported by the X server, but how do I display it? Went looking and found edid-decode. Installed it and ran it. No output: it just hung. Looked for the documentation. No documentation, anywhere, not even UTSL. The source shows that if started without parameters, it reads from stdin. The first parameter, if supplied, is a file name, and clearly it supplies the EDID information. But where does it come from? No idea. Even minimal documentation would help, but as it is, I really have no idea how to use it.
More monitor investigations
One of the things that was clear after rearranging my monitors was that :0.1 (later the right half of :0.0) did not have optimal display settings. Went off looking for web sites helping with monitor calibrations, but it wasn't until Andy Farkas reminded me that I found this LCD test site, which is really quite impressive. And it gave the new monitor a clean bill of health: the settings were as good as perfect. The only thing I couldn't check properly was the black level, because it requires a really dark environment. But that, too, seems to be OK. The most interesting test was the clock and phase test, which on the new monitor worked fine, as it did on the OC monitor, but both BenQ monitors showed significant flickering.
Fun processing photos
House photo day again today, and despite the filthy weather decided to do it today rather than tomorrow. But because of the wind took a different approach to the garden centre panorama: instead of HDR images made from sets of 5 exposures, took a single exposure with flash to lighten the relatively close dark areas. A combination of that and the unexplained increase in processing speed DxO Optics "Pro" (now barely 30 seconds per image) meant that I was finished much faster than usual, despite the expected problems with control points due to the wind. One thing I didn't expect was when masking one of the panoramas.
RootBSD: keeping it up
Through much of my life, keeping it up has been important. Forty years ago at UNIVAC, it was a particular challenge, because the technology of the day required routine maintenance. But the 1108 was a multiprocessor system, and individual components could be maintained without taking down the entire system. Then Tandem Computers raised the whole thing to an art form, and uptimes of over 12 months were commonplace, limited only by the requirement of software upgrades. Part of my job at Tandem was to ensure highest uptime, and I'm always very reluctant to reboot a machine if there's any alternative. Yet another reason to hate Microsoft.
On Oatmeal
It has come to my attention that much of the world is Doing It Wrong. This is the obvious conclusion from the many supermarket shelf-feet of misguided Instant, Quick, and Flavored products. Oatmeal porridge done right is a fine start to any day; but like many of the best things in life, you cant hurry it up. What you want is a big bag full of basic oatmeal. The controversy over Rolled vs Steel-cut is lively; supermarket stalwart Quaker offers both. Ive actually noticed more flavor variation between one brand and another of rolled or steel-cut than between the two in general.
Button Button
We were going downtown on a shopping errand and just where we parked, found Button Button (view source on that site for a giggle). As they say, its an amusing little button store, and the buttons amused my eyes, so here are some pictures that might amuse yours.
Coming to the LOPSA-LAX meeting?
There is now a Meetup so you can RSVP: http://www.meetup.com/League-of-Professional-System-Administrators-Los-Angeles/events/84585402/
X hang bug: more insights
While configuring X, Yvonne came with her camera and wanted files read off it. Last time I read the files on eureka, it triggered this horrible X hang bug, where the mouse cursor jumps back and forth between two screens. I'm gradually coming to the conclusion that this could be a FreeBSD bug after all. This time switched to a VTY before inserting the card. No luck. When I returned to X, it hung anyway. But at least it seems that I'm finding a way to reproduce it. Now I suppose I should try with a PS/2 mouse.
Reinventing my X configuration
So now I have my new monitor up and running well. That's the easy part. For well over 20 years I've been continually refining my X desktop for my personal taste. For at least 20 of those years it has been a multi-head setup, and I've gradually come to the conclusion that 4 monitors are enough. But now I only have 3 on eureka, and the fourth on dereel proves to be a pain, in particular because it has its own screen saver timer. So, the first thing should be to find a way to connect a fourth monitor to eureka.
Back-to-Basics Weekend Reading - Counting Bloom Filters
I am in India for the AWS Summits in Mumbai, Chennai and Bangalore (next week). As always in India I have an amazing time, the events are packed, the participants are extremely enthusiastic and eager to learn, the customers very appreciative and the food is just amazing. This weeks reading was triggered by a note from Matt Wood who ran into a great in-depth analysis of the Bloom Filter data structure by Michael Nielsen on his Data Driven Intelligence blog.
Back-to-Basics Weekend Reading - Counting Bloom Filters
I am in India for the AWS Summits in Mumbai, Chennai and Bangalore (next week). As always in India I have an amazing time, the events are packed, the participants are extremely enthusiastic and eager to learn, the customers very appreciative and the food is just amazing. This weeks reading was triggered by a note from Matt Wood who ran into a great in-depth analysis of the Bloom Filter data structure by Michael Nielsen on his Data Driven Intelligence blog. I love probabilistic data structures and Bloom filters have unique properties of possible false positives, but no false-negatives. They have been used in many network devices, network protocols and distributed applications where a question like "have I possibly seen this before" needs to be able to operate at very large scale.
DxO acceleration
I've been running DxO Optics "Pro" in a Virtual Machine with a prerelease of Microsoft Windows 8 for some time now, and haven't been exactly happy with the speed. DxO claim that the 64 bit version is significantly faster than the older 32 bit versions such as the Microsoft XP I was running before. That version was single processor only, and it took a little over two minutes to process an image. You'd expect it to take a little over 30 seconds running on all 4 CPUs. But the new 64 bit version with Windows 8 took about 80 seconds per image.
Power problems not resolved
The first power failure had another result: once again, eureka failed immediately, though the UPS showed that it had enough power for 45 minutes, enough to weather the failure completely, as nerd-gw did. So what's causing the failure? It can't be the UPS, and it can't be the power supply. I'm still guessing that it's some kind of transient, but why does it only affect eureka?
Colonoscopy
That was the middle of my day. As a result of my age and other risk factors, I now get one every few years, and because Im a blogger, I can write about it; and I feel I have to, because I might save your life. It only takes a couple hours, its not terribly unpleasant, and its an insanely cost-effective way to not be one of the people killed by colon cancer; thats 50,000 or so in the US every year. So if youre middle aged, ask your damn doctor already. You can read a bit about what its like, with more cheerleading of course, here and here.
NPR on Biometric Data Collection
Interesting Talk of the Nation segment....
Automated calls, fraud and the banks: a mismatch made in hell
The Guardian
UK banks use robo-callers to make fraud-check calls, conditioning customers to hand out personal information to anonymous machines that phone them up out of the blue
My latest Guardian column, "Automated calls, fraud and the banks: a mismatch made in hell," reacts to the news that UK banks are using robo-call machines to check in with customers on possibly fraudulent transactions, and going about it in the worst way possible: The banks, bless them, are only trying to prevent fraud, but … [Read more]
Replacing Alice and Bob
A proposal to replace cryptography's Alice and Bob with Sita and Rama: Any book on cryptography invariably involves the characters Alice and Bob. It is always Alice who wants to send a message to Bob. This article replaces the dramatis personnae of cryptography with characters drawn from Hindu mythology....
Pregnant with Suspense
A couple days ago, I woke up to this exciting series of text messages from a unfamiliar phone number. Because I've not received a reply in the last couple days, because it was a Seattle phone number but I haven't lived in Seattle for years, and because I don't know of anyone in Seattle who was about to give birth, I'm pretty confident that this was indeed a case of misdirected text messages! But whoever you are: Congratulations! I know it was a mistake, but that really made my day!
Matrix NEO 270WQ monitor: first impressions
After that harrowing experience, I should have known better than to try to set up the new monitor. After all, it has a somewhat restricted interfaceno other modes than 2560×1440 will work At All. And I didn't have any mode lines for the device. But of course, egged on by Michael Ralston, I did put it in there. It didn't start well: I pressed on the start button, and nothing happened. Not even when I held it down for a long time. It took me a while to realize that the buttons are underneath the monitor, and not even very well aligned with the markings.
System upgrade: the sharks
Continued with my reconfiguration today. After updating the system on dereel, I was able to load the nvidia driver with no further problems, and I got one monitor up and running in native resolution. Jürgen Lock suspected a mismatch between kernel and /sys. That's possible, though I didn't think so, but after rebuilding the system there's no evidence left. So: the next steps were to replace UPS and power supply and then integrate the new monitor. The UPS was a surprise: I had assumed it was defective, because minor power fluctuations killed eureka 3 weeks ago. But when I disconnected the power to the UPS, it continued to supply power on battery.
Android OAuth via Google Play services
It started launching this morning, to every compatible Android device in the world running Froyo or higher. Thats a lot of devices, and even at Google scale itll take some time to roll out. This is a subtle but significant change in the ecosystem. Google Play services let the Android team release significant new APIs and capabilities to compatible devices without having to upgrade the whole platform. One of the first examples is the new Identity tools. OAuth 2.0 on Android Ive been working on this since early spring, and theres a post on the Android Developers blog with details, sample code, and so on.
What makes a sysadmin a "senior sysadmin"?
This came up in discussion recently. Here's how I differentiate between a junior and senior sysadmin: A senior person understands the internal workings of the systems he/she administers and debugs issues from a place of science, not guessing or rote memorization. A senior person has enough experience to know a problem's solution because he or she has seen and fixed it before (but is smart enough to check that assumption since superficial symptoms can be deceiving). A senior person automates their way out of problems rather than "working harder". They automate themselves out of a job constantly so they can be re-assigned to more interesting projects.
Using Agent-Based Simulations to Evaluate Security Systems
Kay Hamacher and Stefan Katzenbeisser, "Public Security: Simulations Need to Replace Conventional Wisdom," New Security Paradigms Workshop, 2011. Abstract: Is more always better? Is conventional wisdom always the right guideline in the development of security policies that have large opportunity costs? Is the evaluation of security measures after their introduction the best way? In the past, these questions were frequently...
Librarians, teachers: sign up to get free copies of my forthcoming YA novel Pirate Cinema
As many of you will know, I'm about to kick off the tour for a new YA science fiction novel, Pirate Cinema, which comes out next week. As with all my other novels, I'll be putting up Creative Commons-licensed editions of the book for your downloading pleasure. Now, whenever I do this, many readers write … [Read more]
Preparing to install the new monitor
My new monitor has been on the table outside the office for over a day now, and I still haven't installed it, much to Michael Ralston's disgust. But I want to have a smooth transition. I'm reminded of this cartoon from xkcd (click to enlarge): width="250" /> The first thing is what to do with the fourth display in the short term. The obvious thing to do is to connect it to dereel, but for some reason the nvidia driver doesn't work on dereel, something I encountered and ignored months ago: === root@dereel (/dev/pts/1) /usr/src 35 -> kldload nvidia kldload: can't load nvidia: File exists That's what ...
Quantum Cryptography
Long article on quantum cryptography and cryptanalysis....
Expanding the Cloud ? Provisioned IOPS for Amazon RDS
Following the huge success of being able to provision a consistent, user-requested I/O rate for DynamoDB and Elastic Block Store (EBS), the AWS Database Services team has now released Provisioned IOPS, a new high performance storage option for the Amazon Relational Database Service (Amazon RDS). Customers can provision up to 10,000 IOPS (input/output operations per second) per database instance to help ensure that their databases can run the most stringent workloads with rock solid, consistent performance.
Expanding the Cloud Provisioned IOPS for Amazon RDS
Following the huge success of being able to provision a consistent, user-requested I/O rate for DynamoDB and Elastic Block Store (EBS), the AWS Database Services team has now released Provisioned IOPS, a new high performance storage option for the Amazon Relational Database Service (Amazon RDS). Customers can provision up to 10,000 IOPS (input/output operations per second) per database instance to help ensure that their databases can run the most stringent workloads with rock solid, consistent performance. High Performance I/O Amazon RDS Provisioned IOPS is intended for applications that need predictable performance and have database workloads that generate largely random I/O. Amazon RDS Provisioned IOPS is ideal for mission-critical online transaction processing (OLTP) workloads that require a high performance storage option with consistent IOPS, within a narrow band of tolerance.
DevOps: Google reveals their "DiRT Exercises" (part 3 or 3 in my "disaster preparedness" series)
Weathering the Unexpected by Kripa Krishnan, Google For the first time ever Google discusses our "DiRT" (Disaster Recovery Test) procedure. This is the week of hell where systems are taken down with little or no notice to verify that all the failure protection systems work. Oh yeah... and the funny sidebar at the end was written by me :-) Enjoy! P.S. (I take credit for cajoling Kripa into writing the article. I think she did a bang-up job! Go Kripa!!)
New monitor
I've been following the progress of my new monitor for a few days. It was sent with DHL and arrived in Australia on Saturday, after only 38½ hours. That seems better than UPS, though I've never had anything sent from Korea before. It's difficult to know how long it would have taken end to end if it had arrived during the week, but as it was, this morning was the earliest practical delivery date. And indeed we found a notification in the letterbox: to be picked up at Napoleons CPO. They could have delivered it to the door, but I'm sure they have a valid excuse.
Saturday's photos, continued
The activities of the last few days have resulted in a significant backlog of photos to process. I still haven't written a web page for the flower photos of last Sunday, nor the house photos for Saturday. Continued with the latter today. The garden centre panorama was done with HDR, and because of the sun I had a number of images with my hands blocking out the sun. Tried the new method for merging the imagesall 66 of them. It found control points for all except one image, a particularly light component image that I was able to just get rid of.
Fixing my photos for tablets
Yesterday's rotated images on Steve's tablet were cause for concern. On IRC discovered that a number of people could reproduce it, and that it really did come from the Orientation EXIF tag. OK, that's simple enough, but how do I fix it? I had about 106,000 JPEG images to go through. How much traffic would it cost to upload the changes to my external web site? A short test shows that rsync handled the update pretty efficiently.
Typographic Notes
No story to tell here, just a few notes for publishing-tech fans, which I guess is more or less everyone who does Web stuff which is more or less everyone. But if you dont care about the difference between real apostrophes and ', you can stop reading now. Quotes Late last year I published Better Quotes and Better Quotes Redux, about why you should use real quotations marks, and how to make this a little easier on OS X. Some readers disagreed, but they were wrong. Since then, as a matter of principle, on every occasion I typed a single or double quote into a computer, unless it was code, Ive Done The Right Thing.
Security Vulnerability in Windows 8 Unified Extensible Firmware Interface (UEFI)
This is the first one discovered, I think....
SHA-3 to Be Announced
NIST is about to announce the new hash algorithm that will become SHA-3. This is the result of a six-year competition, and my own Skein is one of the five remaining finalists (out of an initial 64). It's probably too late for me to affect the final decision, but I am hoping for "no award." It's not that the new...
Web page rendering on tablets
While at Ron and Steve's, showed some of my web-based photos. Some came out rotated by 90°, something I've never seen before, such as this one: The issue appears to be this EXIF tag: Orientation : Rotate 270 CW That's a left-over from the way I took the images: camera mounted vertically, stitched together to make a landscape image, such as this one: I didn't know of any web browser that evaluated the EXIF data.
Web page rendering on tablets
While at Ron and Steve's, showed some of my web-based photos. Some came out rotated by 90°, something I've never seen before, such as this one: The issue appears to be this EXIF tag: Orientation : Rotate 270 CW That's a left-over from the way I took the images: camera mounted vertically, stitched together to make a landscape image, such as this one: I didn't know of any web browser that evaluated the EXIF data.
New power hardware
Then to CPL to pick up my power supply and yet another new UPS. An amazing place. A far cry from MSY: glossy, full of showcases, four people on duty doing I know not what. One of them served customers (2 in the 10 minutes we were there), another got the items, and the others sat in one of many offices. Despite the relationships, they were very slow. But I got my goods, and they look like what I wanted.
Network connection: registration hops cease
While investigating the cause of my Internet connection problems last month, I discovered a continual stream of cell hopping every couple of minutes. It continued through times of good and bad connection qualitybut this morning I discovered that it had stopped. The last hops were: Sep 21 15:11:01 nerd-gw fstats: +CGREG 1 81E3 8FC8F2E Sep 21 15:11:18 nerd-gw fstats: +CGREG 1 81E3 8FC48E8 Why did it stop? Why did it happen in the first place? The connection quality is still motley, but acceptable.
Hells Gladiator
I just read Sandman Slim by Richard Kadrey, on a Twitter tip from @GreatDismal, whose advice about books should always be followed, obviously. Its long and fun and ridiculous. Our Man Stark is a Really Bad Mofo who might perhaps have been Saved By The Love Of A Good Woman, only she died and he Went Downtown but now hes Back On The Streets Of LA and his Minds On Murder, except for Theyre Out To Get Him First. Well yeah, if you think this sounds a little derivative, clichéd even, youd be right, because it is. But Stark is interesting and a lot of fun to follow around, the plot doesnt give you much time to think, the stage is crowded with deeply strange and oddly believable characters, even if Stark often kills them before you really get to know them.
How to Calculate an Operation's Memory Consumption
How can you determine how much memory is consumed by a specific operation of a Unix program? Valgrind 's Massif subsystem could help you in this regard, but it can be difficult to isolate a specific operation from Massif's output. Here is another, simpler way.
Speaking at Oakville Public Library (and other Toronto stops) this week
Great news, West Torontonians! The free Oakville Public Library event I'm doing next Wednesday has been opened to all comers (it was previously teen-only). There's refreshments, too. You need to pick up a ticket at a local OPL branch, or you can call or email ([email protected] or 905-815-2042 ext. 5037) to book ahead. Hope to … [Read more]
Back-to-Basics Weekend Reading - Leases
I was in Los Angeles this week for the Digital Media on AWS Summit and to visit many of the studios and production houses that are using AWS for production and post-production work. There is some real jaw dropping work being done around this town and I had the privilege to see some of these highly guarded secrets, all powered by AWS. Of the work that is already public the systems that Uplynk has built for Disney/ABC are impressive. The single source format approach has their customers very enthusiastic about how simple multi device stream is for them with Uplynk handling all the transcoding, dynamic ad-insertion, black out handling by switching from live to vod, etc.
Friday Squid Blogging: Beached Firefly Squid
Pretty photo of firefly squid beached along a coast. I've written about firefly squid before. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Another Review of Liars and Outliers
I usually don't post reviews of Liars and Outliers -- they're all here -- but I am particularly proud of this one....
Back-to-Basics Weekend Reading - Leases
I was in Los Angeles this week for the Digital Media on AWS Summit and to visit many of the studios and production houses that are using AWS for production and post-production work. There is some real jaw dropping work being done around this town and I had the privilege to see some of these highly guarded secrets, all powered by AWS.
Join me at the October LOPSA New Jersey chapter meeting!
If you live near Princeton, Trenton or New Brunswick and haven't been to the New Jersey chapter of LOPSA meetings then... what are you waiting for? Seriously, folks! They have free pizza! What could be better than pizza, soda, and geekery? I'll be the speaker at the Thu, Oct 4, 2012 meeting. My topic will be: "Deploying IPv6 in the enterprise: How to convince your boss to approve your big plan" The New Jersey chapter is the only LOPSA chapter that hosts its own annual conference. It's a great bunch of folks and I encourage you all to attend.
Accountable Algorithms
Ed Felten has two posts about accountable algorithms. Good stuff....
Printing web pages: the pain
We're off to Melbourne on Sunday, and I'll pick up the power supply from CPL on the way. I have the address in my GPS navigator, but to be on the safe side it made sense to print out the location info page. What a catastrophe! I don't know what it is about this page, but it took me about 10 attempts before I got anything even remotely resembling a copy of the page: Firefox created a file that was completely illegible.
Power supplies: more is less
Another thing I have bought is an Antec EA-550 power supply. It costs $115, and I could get a power supply that does the job for $35. But I don't know the efficiency of the el cheapo supply, only that it's under 80%, while the Antec does about 91%. I've been measuring the power consumption of eureka, my main machine, for a week or two now, and it uses between about 170 W idle and 250 W at full load. Assuming 70% efficiency, the power supply is delivering between 120 W and 175 W. To deliver the same power at 90% efficiency would consume 133 and 195 W, a saving of, say, 50 W, or 1.2 kW per day.
Finding a dual port, dual link DVI display card
So now my monitor is on its way: Date: Wed, 19 Sep 2012 18:40:44 -0700 (MST) From: "eBay Member: bigclothcraft" <[email protected]> I will prepare to make shipment. I will test monitor before shipping. It takes 1~3 more business days to inspect monitor. Then, 40 minutes later: Date: Wed, 19 Sep 2012 19:18:00 -0700 From: eBay <[email protected]> Your item is marked as shipped and tracking information is available. Note: Tracking information can take up to 48 hours to be updated after the order is shipped.
High-Fidelity Harmony
Ive been meditating about audio fidelity recently, under the influence of The Civil Wars and Jeff Atwood. What happened was, I kept catching videos and radio spots by The Civil Wars and liking them. I thought maybe I should buy some, so I visited their Web site and noticed with pleasure that they sell uncompressed FLAC, not just MP3, so I snapped up Barton Hollow. Its good. But am I fooling myself in spurning compressed music? < !-- Coincidentally, and what provoked this fragment, Mike Johnson, one of my fave bloggers, wrote HD Downloads, which includes a useful introduction to consumer audio formats.
Spiceworks interview
I've been interviewed on SpiceWorks. Read it here: Check it out! Interesting trivia: The IT department where my S.O. works uses Spiceworks' ticket system.
Rapture of the Nerds, with Charles Stross
Earth has a population of roughly a billion hominids. For the most part, they are happy with their lot, living in a preserve at the bottom of a gravity well. Those who are unhappy have emigrated, joining one or another of the swarming densethinker clades that fog the inner solar system with a dust of … [Read more]
The NSA and the Risk of Off-the-Shelf Devices
Interesting article on how the NSA is approaching risk in the era of cool consumer devices. There's a discussion of the president's network-disabled iPad, and the classified cell phone that flopped because it took so long to develop and was so clunky. Turns out that everyone wants to use iPhones. Levine concluded, "Using commercial devices to process classified phone calls,...
Alternative panorama processing sequence
Creating images such as my verandah panorama takes a number of steps: first I take 20 bracketed sets of 5 photos at 1 EV intervals (because my Olympus won't give me 2 EV intervals) at 45° intervals, then I process three of them with align_image_stack and enfuse to a tone-mapped image, and finally I stitch them together with Hugin. But there's a simpler way: Hugin can do the tone-mapping too. It's not easy to find out how. There are a number of tutorials, but none of them appears to address this particular issue. In fact, there is a tutorial there, with the unlikely name Creating 360° enfused panoramas.
Join me at the October NYLUG meeting!
I'll be the speaker at the Thursday, October 11, 2012 NYLUG meeting in Manhattan (Chelsea, 14th and 9th ave). http://nylug.org I'll be talking about the Ganeti open source project which I'm involved in. The title of the talk will be: "Ganeti Virtualization Management: Improving the Utilization of Your Hardware and Your Time" If you are in or near NYC, I hope to see you there! Seating is limited. Please RSVP. http://nylug.org Tom
Casablanca: C++ on Azure
Ive blogged about Casablanca before. Heres a related talk from TechEd Australia: Casablanca is a Microsoft incubation effort to support cloud-based client-server communication in native code using a modern asynchronous C++ API design. Think of it as Node.js, but using C++ from simple services, to JSON and REST, to Azure storage and deployment, and [...]
Join me at the October LOPSA Los Angeles chapter meeting!
LOPSA-LA has a dinner on Tuesday, October 16, 2012. I'll be in the area for MacTech and they've asked me to give an after-dinner talk about Time Management. When: Tue, Oct 16, 7pm - 9pm. Location: Sheraton Universal Hotel's Californias Restaurant (333 Universal Hollywood Drive, Universal City, CA 91608) Topic: Time Management for Sysadmins: Impossible or are other people to blame? In this talk I'll explain why the fact that you can't manage your time effectively is everyone else's fault, not yours. I'll blame Darwin, your boss, your users, and maybe even your mom. There are a few solutions, which I'll discuss briefly.
Sunset Cycle
Were heading out after dinner to pick up gelati. Vancouvers been blessed with loads of surprising September warmth, but sunsets now soon after seven. Its like this: Shes big and strong enough to take the training wheels off, but she doesnt think she can, so she probably cant. We tried once and failed; but on the way back from this ice-cream trip, she said she thought shed be able to next time, so Im sure she will.
Analysis of PIN Data
An analysis of 3.4 million four-digit PINs. ("1234" is the most common: 10.7% of all PINs. The top 20 PINs are 26.8% of the total. "8068" is the least common PIN -- that'll probably change now that the fact is published.)...
New website! http://www.opsreportcard.com
I've gotten a lot of positive feedback about The Limoncelli Test. So much so, that Peter Grace and I have put all the material on a website called www.OpsReportCard.com. We hope to add resources that help you achieve these 32 points of enlightenment but for now it is mostly the same as The Test. We're also considering making selling an ebook based on the material. Post to the comments section here if you like that idea. We hope you enjoy it! www.OpsReportCard.com. Tom
Why Philip Roth had to explain himself in the New Yorker before his Wikipedia entry could be corrected
My latest Guardian column, "Why Philip Roth needs a secondary source," explains why it makes sense for Wikipedians to insist that Roth's claims about his novels be vetted by and published in the New Yorker before they can be included on Wikipedia: Wikipedians not only have no way of deciding whether Philip Roth is an … [Read more]
Recent Developments in Password Cracking
A recent Ars Technica article made the point that password crackers are getting better, and therefore passwords are getting weaker. It's not just computing speed; we now have many databases of actual passwords we can use to create dictionaries of common passwords, or common password-generation techniques. (Example: dictionary word plus a single digit.) This really isn't anything new. I wrote...
Choosing a monitor, continued
More thoughts about a new 2560×1440 monitor today. The main question was: should I buy a version with HDMI and D-Sub connectors or just a basic one with DVI? It's not even clear whether my video cards (nVidia 9500GT) can generate 2560×1440 analogue outputs. My attempts failed, at any rate. In passing, it's interesting to note that I found a mode line for 2304×1728 in my configuration, a resolution of 3,981,312 pixels, 8% more than the 3,686,400 pixels that these monitors will do. The card itself is OK: the eBay item descriptions all include it in their lists, but that's with DVI, and I can only drive one of them with my cards.
Chat with Charlie Stross and me on the WELL and Tor.com
Charlie Stross and I are doing a public interview on The WELL's Inkwell.vue conference -- you don't have to be a WELL member to ask questions, either! While I'm on the subject, Charlie and I are doing a live online Torchat tomorrow, Sept 19 at 16h Eastern/13h Pacific.
Friday Squid Blogging: Octonaut
A space-traveling squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
C&B 2012 panel posted: Ask Us Anything!
The second panel from C++ and Beyond 2012 is now available on Channel 9: Alexandrescu, Meyers and Sutter – Ask Us Anything Here is the Ask Us Anything panel from C++ and Beyond 2012. Andrei Alexandrescu, Scott Meyers and Herb Sutter take questions from attendees. As expected, great questions and answers& Table of contents (click [...]
Research Proposal Becomes Reality
Eight years ago I submitted a research proposal for developing a tablet-based game platform for toddlers. Although the proposal was not accepted for funding, it's nice to see the idea becoming a reality through the unveiling of the Toys 'R' Us $150 Tabeo tablet for kids .
Finding a high-definition monitor
So, do I repair my dead Sλmsung SyncMaster 2233SW monitor, or do I replace it? The first time it was replaced under warranty, but now it's way out of warranty. I could replace it with another 1920×1080 high definition monitor, but the writing is on the wall that higher definition is finally on its way. There are a number of surprisingly cheap 2560×1440 27" monitors available from Korea on eBay, and today I spent a lot of time investigating what is available. There's a lot of information available on the web, of course. It seems that all monitors use the same IPS panel from Lucky Goldstar, and most of them have only DVI inputs.
DevOps: "have more outages" Part 2 of 3: The interview
I moderated a discussion with Jesse Robbins, Kripa Krishnan, John Allspaw about Learning to Embrace Failure. This is the first time you'll see Google reveal what they've been doing since 2006. Read the entire discussion in the new issue of ACM Queue magazine: Resilience Engineering: Learning to Embrace Failure Participants include Jesse Robbins, the architect of GameDay at Amazon, where he was officially called the Master of Disaster. Robbins used his training as a firefighter in developing GameDay, following similar principles of incident response. He left Amazon in 2006 and founded the Velocity Web Performance and Operations Conference, the annual O'Reilly meeting for people building at Internet scale.
Europe officially runs out of IPv4 addresses
Earlier today, the RIPE NCC (Réseaux IP Européens Network Coordination Centre) announced it is down to its last "/8" worth of IPv4 addresses. This means that it is no longer possible to obtain new IPv4 addresses in Europe, the former USSR, or the Middle East, ... http://arstechnica.com/information-technology/2012/09/europe-officially-runs-out-of-ipv4-addresses/ I'll be doing my "Convince your boss to deploy IPv6" talk at the New Jersey chapter of LOPSA meeting next month. That's thursday, oct 4th near Princeton, NJ.
Diamond Swallowing as a Ruse
It's a known theft tactic to swallow what you're stealing. It works for food at the supermarket, and it also can work for diamonds. Here's a twist on that tactic: Police say he could have swallowed the stone in an attempt to distract the diamond's owner, Suresh de Silva, while his accomplice stole the real gem. Mr de Silva told...
ssh POLA violation
One of the problems I had with avidemux2 was that it wasn't installed on lagoon, Yvonne's computer, and it's so down-rev that I can't install it. So we ran it on eureka. But she couldn't connect: eureka refused her ssh keys. Regenerated them, but no luck: Sep 16 14:16:19 eureka sshd[213]: error: Could not load host key: /etc/ssh/ssh_host_ecdsa_key What's that? I've never had that before, and it didn't happen when I tried accessing with my credentials. Searched on the web and found a large number of hits, mainly from Linux.
Joining AVI clips
Yvonne wanted to edit some video clips today for upload to YouTube. They come from the camera in AVI format, and with a bit of pain we were able to extract specific scenes with avidemux2. But why must this software ignore the current working directory and put you into a completely unrelated directory that you used 9 months ago? That was only the first part, of course. We ended up with 11 scenes which we wanted to convert to 2. Some formats, such as MPEG TS, allow simple concatenation, but AVI doesn't. We were in a bit of a hurry, but the stuff I found on the web wasn't very encouraging.
Another dead monitor
My Sλmsung SyncMaster 2233SW monitor died today, not for the first time: it just didn't power on. Given that this was a replacement for a monitor that had a similar failure, it seems that this is a generic problem with the model. Is it worth repairing? I'll find out. But it's now 3½ years old, so in all likelihood it means a new monitor.
Microsoft "Windows" 8 performance and licensing
My experience with Microsoft Windows XP yesterday was painful, more due to DxO Optics "Pro" than to Microsoft. The (virtual) machine only has a single processor, and it took about 130 seconds per image to process. But the Windows 8 installation uses all 4 cores, and DxO has advertised that the 64 bit version is much faster. So I ran that, and indeed VirtualBox showed it was using about 3 CPUs. The result? About 90 seconds per image, an improvement of only 30% with 3 times as much CPU power. Why is that? Virtual machine issues? I'm torn between buying a real, fast box just to run Microsoft, or giving up on DxO.
Slow photo processing
House photo day today, with almost ideal conditionsexcept that braindeath, Chris Yeardley's loaner Microsoft box, appears to have died. I'm not convinced yet, but for today at any rate I had to run DxO Optics "Pro" in a VM. And that takes forever, especially since the latest version of DxO has problems with SMB shares and I had to copy the files physically onto the virtual disk, causing it to overflow. The processing itself was OK, but it took all day, and I still wasn't finished.
Cloud Atlas
This, by David Mitchell, came across my radar because of the news around the forthcoming movie. In book form its called Cloud Atlas: A Novel, but thats a bit misleading because its actually six, wrapped up together. I enjoyed it a lot but cant give an unmixed recommendation. Describing the combining structure would be a spoiler, so Ill limit myself to saying that itll be familiar to lovers of the music of Steve Reich (a small group, I bet). Lets just say its clever and well-executed. In fact, thats how Ill badge the whole work: Smart and well-done; perhaps a little too much so for its own good.
NBN fixed wireless: first impressions
Yet another thing that Scott mentioned is that he now lives in Haddon, Victoria, and since a fortnight ago he has network access via NBN fixed wireless. He's described his experience here. The most interesting thing he has discovered is that the relatively low bandwidth of 12/1 Mb/s is per ISP, of which you can have up to 4. He also mentions rumours of a 25/5 Mb/s link coming in the not-too-distant future, which certainly makes things more interesting. Now if only VCAT would hear this complaint.
Where is the radiation tower?
Discussing my planned move of house on IRC today, and Callum Gibson asked whether I'd still be in the range of the radiation tower. The simple answer is yes. But looking at that map (which requires me to enter Dereel manually), I discover that it has changed in the last 6 months. At that time the map showed the tower (the orange marker with C for Commenced) rather inaccurately placed a little to the north-east of the correct place. We also noted that Chris Yeardley's house is covered, but other parts, including the plot of land she wanted to sell us, aren't.
More network pain
Came into the office this morning to discover that we have been off the network since shortly after midnight. Optus had sent a terminate request: Sep 14 00:59:00 nerd-gw ppp[87396]: tun0: LCP: deflink: RecvTerminateReq(13) state = Opened Sep 14 00:59:00 nerd-gw ppp[87396]: tun0: LCP: deflink: LayerDown Sep 14 00:59:00 nerd-gw ppp[87396]: tun0: LCP: deflink: SendTerminateAck(13) state = Opened Sep 14 00:59:00 nerd-gw ppp[87396]: tun0: LCP: deflink: State change Opened --> Stopping For some reason the ppp process didn't even try to reconnect, so we didn't get back on the net until 10:30.
Back-to-the-Future Weekend Reading - CryptDB
This weekend I am not going back in time to fundamentals, but looking forward to the future. Encryption techniques to protect sensitive information such as personal identifiable information are becoming more and more practical, and ubiquitously. Whether in-the-cloud or on-premise there is a shift to a model where individual applications need to protect themselves instead of relying on firewall-like techniques. That goes especially for the interaction between applications and storage engines, and between applications and databases. In last year's SOSP Hari Balakrishnan's group at MIT CSAIL team presented a paper on CryptDB which has a novel SQL-aware encryption approach. "
Friday Squid Blogging: Giant Squid Museum
In Valdés, Spain. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Schneier on Security on Elementary
Two of my books can be seen in the background in CBS' new Sherlock Holmes drama, Elementary. A copy of Schneier on Security is prominently displayed on Sherlock Holmes' bookshelf. You can see it in the first few minutes of the pilot episode. The show's producers contacted me early on to ask permission to use my books, so it didn't...
Less Pain, More Money
Logging in is annoying and slows you down. My job these days is mostly about reducing that pain, ideally to zero by eliminating it. Google really wants this to happen; here are two reasons why, one general and one specific. In general, wed like everyone to spend lots of time online. Less logging in improves the experience, so there you go; not rocket science. But lets be more specific: Suppose we give you a browser and offer you a challenge like Whats a good mountain bike? or Find a doctor for your kid. In this situation, Google really wants you to type things like good mountain bike or Knoxville pediatrician into the search box.
Back-to-the-Future Weekend Reading - CryptDB
This weekend I am not going back in time to fundamentals, but looking forward to the future. Encryption techniques to protect sensitive information such as personal identifiable information are becoming more and more practical, and ubiquitously. Whether in-the-cloud or on-premise there is a shift to a model where individual applications need to protect themselves instead of relying on firewall-like techniques.
Man-in-the-Middle Bank Fraud Attack
This sort of attack will become more common as banks require two-factor authentication: Tatanga checks the user account details including the number of accounts, supported currency, balance/limit details. It then chooses the account from which it could steal the highest amount. Next, it initiates a transfer. At this point Tatanga uses a Web Inject to trick the user into believing...
Librarians! Teachers! Sign up for free copies of Rapture of the Nerds!
Charlie Stross and I have a new book out and I'm about to put up a website were readers can download free, CC-licensed copies of it in ebook form. As with other recent books, I'm going to collect and publish the names of librarians, teachers, and public institutions that would like to get free copies … [Read more]
More power pain
Into the office this morning to discover that both eureka and dereel had rebooted last night at 18:16. It appears to have been a power failure, but there was none. But at that time we blew a contact breaker on that circuit, which also supplies the kitchen. How I love underrated Australian power circuits!. Power stayed off for 30 seconds, clearly long enough to kill the UPS. What a pain these things are!
Estimating the Probability of Another 9/11
This statistical research says once per decade: Abstract: Quantities with right-skewed distributions are ubiquitous in complex social systems, including political conflict, economics and social networks, and these systems sometimes produce extremely large events. For instance, the 9/11 terrorist events produced nearly 3000 fatalities, nearly six times more than the next largest event. But, was this enormous loss of life statistically...
Steganography in the Wild
Steganographic information is embedded in World of Warcraft screen shots....
VC++ 2012 Desktop Expres (Free)
Today Microsoft released another free Express version of Visual C++ 2012. In addition to the free Express Visual C++ compiler for building tablet applications, Visual Studio Express 2012 for Windows Desktop directly supports traditional Windows and command-line applications in C++. This a great free C++ compiler on Windows for everything from hobby development to [...]
CL XXII: Blackberries
Leta be honest: Cottage Life is pretty soft. Thats the point, I believe, but... There Are Enemies. Chief among them are blackberries, not mobile devices I mean but vicious resourceful adaptive bloodthirsty vegetables. This story has a happy ending: we beat em and we eat em. In this lifetime, anyhow. The enemy fauna are invasive and aggressive and full of slum vigor; given space and sunshine they swarm open space, sending strong slender stems vaulting over anything mineral or vegetable to occupy new ground, digging deep in soft forest loam, launching new roots from any fragment that touches down, crowding out the native flora.
Stopping Terrorism
Nice essay on the futility of trying to prevent another 9/11: "Never again." It is as simplistic as it is absurd. It is as vague as it is damaging. No two words have provided so little meaning or context; no catchphrase has so warped policy discussions that it has permanently confused the public's understanding of homeland security. It convinced us...
A Real Movie-Plot Threat Contest
The "Australia's Security Nightmares: The National Security Short Story Competition" is part of Safeguarding Australia 2012. To aid the national security community in imagining contemporary threats, the Australian Security Research Centre (ASRC) is organising Australia's Security Nightmares: The National Security Short Story Competition. The competition aims to produce a set of short stories that will contribute to a better conception...
Expanding Flexibility - Introducing the Reserved Instance Marketplace
Today we launched a new feature that enables you to buy and sell Amazon EC2 Reserved Instances. Reserved Instances are an important pricing option for AWS customers to drive cost down. If you are able to predict the capacity required to run your application, there is likely some combination of Reserved Instance options that will help you drive you costs down significantly (up to 71%) when compared to on-demand pricing. There are three options: heavy-, medium- and low-usage options that allow you to optimize your savings depending on how much you plan to use your Reserved Instance. However, sometimes business and architectures change so that you need to change your mix of Reserved Instances.
Interview with the Singularity Weblog
I recently sat down for a video interview with the Singularity weblog to talk about about The Rapture of the Nerds, Singularity, science fiction, how fiction works, sf movies, and a lot of varied subjects. Cory Doctorow on Singularity 1 on 1: The Singularity Is A Progressive Apocalypse
X hangs: more insights
One of the positive results of upgrading my computer system is that the new version now recognizes my USB flash card reader, which up to now I have had to use with the old (USB 1.0) Apple. Now I can get much higher speeds without firing up another machine. Well, almost. Today I put it in the machine, it was recognized, but I got the dreaded mouse hang. Nothing else was wrong: after shooting down and restarting X, everything worked. So is this maybe an issue with the FreeBSD USB subsystem?
Navman: improving user experience
Message from David Corkery of Navman today: We are currently undertaking Search Engine Optimisation for the NAVMAN website to make the experience even better. We noticed that you have a link on your site back to www.navman.com.au on the following URL: http://people.lemis.com/grog/diary-oct2011.php It's great that you've done this and we really value the reference you've provided. However, we would like to request a slight change to this existing link, if it's not too much trouble. The current link text is 'Navman' we would like you to change this to 'Navman GPS' OK, not a problem.
Expanding Flexibility - Introducing the Reserved Instance Marketplace
Today we launched a new feature that enables you to buy and sell Amazon EC2 Reserved Instances. Reserved Instances are an important pricing option for AWS customers to drive cost down. If you are able to predict the capacity required to run your application, there is likely some combination of Reserved Instance options that will help you drive you costs down significantly (up to 71%) when compared to on-demand pricing.
New Attack Against Chip-and-Pin Systems
Well, new to us: You see, an EMV payment card authenticates itself with a MAC of transaction data, for which the freshly generated component is the unpredictable number (UN). If you can predict it, you can record everything you need from momentary access to a chip card to play it back and impersonate the card at a future date and...
DevOps: To increase reliability you need to have more outages
Here's a good strategy to improve the reliability of your systems: Buy the most expensive computers, storage, and network equipment you can find. It is the really high-end stuff that has the best "uptime" and "MTBF". Wait... why are you laughing? There are a lot of high-end, fault-tolerant, "never fails" systems out there. Those companies must be in business for a reason! Ok.... if you don't believe that, let me try again. Here's a good strategy to improve the reliability of your systems: Any time you have an outage, find who caused it and fire that person. Eventually you'll have a company that only employs perfect people.
Security at the 9/11 WTC Memorial
There's a lot: Advance tickets are required to enter this public, outdoor memorial. To book them, youre obliged to provide your home address, email address, and phone number, and the full names of everyone in your party. It is strongly recommended that you print your tickets at home, which is where you must leave explosives, large bags, hand soap, glass...
A Million Miles Away
I just received a note from United Airlines that I had flown 1 million miles on their airline. I didn't start flying United until I moved to Seattle, so all of these have been miles on Amazon business. The folks I was with immediately started cracking some jokes about a million miles of torture, but that was not at all what came to my mind. I thought about all the wonderful things I got to do on those million miles; all the great engineers and CxO's that I have met, all the cool startups that made time for me and shared their passion, and all the amazing enterprises going through major transformations who opened up about the inner workings of their businesses to me.
Lame mouse syndrome returns
Into the office this morning to discover that my mouse was limping again. The web has a number of hits for the problem, but nothing that's obvious. Now that I'm running 2 X servers, I was able to confirm that it hit both of them, and that there's no obvious connection with CPU time, though it's possible that some single process might be sucking it. Today I restarted both servers, not without difficulty: another issue is that the mouse is completely inactive when I start X, and I have to do it yet again. This is anything but reliable.
AT&T Survey
I got a survey from AT&T Wireless that asked a lot of questions comparing my experiences between WiFi and 3G on my AT&T mobile phone. If I were to reverse-engineer what they were getting at, either (a) they want to figure out why I dislike WiFi so they can fix those problems and encourage people to move traffic off their over-stressed 3G network, or (b) they need data to back up their coming campaign to bad-mouth WiFi and tell everyone to pay for their over-priced 3G. Based on the tone of the questions, I really think it is "b".
A Million Miles Away
I just received a note from United Airlines that I had flown 1 million miles on their airline. I didn’t start flying United until I moved to Seattle, so all of these have been miles on Amazon business. The folks I was with immediately started cracking some jokes about a million miles of torture, but that was not at all what came to my mind.
Another Stuxnet Post
Larry Constantine disputes David Stanger's book about Stuxnet: So, what did he get wrong? First of all, the Stuxnet worm did not escape into the wild. The analysis of initial infections and propagations by Symantec show that, in fact, that it never was widespread, that it affected computers in closely connected clusters, all of which involved collaborators or companies that...
MacTech 2012 session listing is up!
http://www.mactech.com/conference/sessions I'll be speaking on Thursday. Don't miss this great conference, October 17-19, 2012 in Los Angeles.
Video from the Stross and Doctorow show at MakerBot in Brooklyn
Joly McFie captured video of Charlie Stross's and my tour-stop at Brooklyn's MakerBot this week. We were there in support of our new novel Rapture of the Nerds, and did a talk, reading and Q&A that touched on the Singularity, its precedents, its discontents, and its inherent comedy -- all while 3D printers chattered in … [Read more]
Finding the Emacs screens
It's been over two months since I switched from i386 to amd64 (32 bit to 64 bit) FreeBSD, and there are still a number of irritations that I haven't fixed. One is that Emacs windows are positioned outside the display. I haven't found a solution for that; I suspect it's less a FreeBSD issue than an Emacs or X problem. But at least I've found one way to retrieve them when using fvwm2: select them via the WindowList menu, which will bring them back to top left: I probably knew about this kind of thing decades ago, but I never found much use for it until now.
Rain gauge problems
So I've replaced the rain gauge on my weather station, it has rained and... nothing. What's the problem? This one doesn't seem to have any mechanical issues, and the electronic connection seems to be working: when I mounted it the vibration caused some false rain. So what is it? Do I care? It's very inaccurate anyway. But it would be nice to understand the problem.
Back-to-Basics Weekend Reading - Load Sharing
One of the main reasons for picking some of these older papers as back-to-basics reading is that the first researchers on a topic had to develop the fundamental models and principles from scratch. As such there is much to learn from the descriptions of those first algorithms and models. One area that is tremendously important in todays distributed systems and has a long history is load balancing and load management. In this 1986 paper on load sharing Eager, Lazowska and Zahorjan layout the basics. Even though these early system lack todays scale and complexity the fundamentals are there.
Friday Squid Blogging: Controlling Squid Chromatophores with Music
Wacky. Other stories about the story. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Whats Wrong With Twitter?
About fifteen minutes after Twitter came on the scene, alternatives started crowding through the door behind it. So far, none of them have really made a difference. Why the crowd? There are ads And as they say, if the product youre using is free its not the product, youre the product. This seems to be the main driver behind App.net. I like App.net, but I dont like this argument, even though I also mostly dont like ads. Youd have to be a moron to ignore the historical success of services which are free, but with (mostly-disliked) ads. The proportion of people reading this who havent used such a service in the preceding 24 hours rounds to zero.
How I would teach a university-level sysadmin degree
The coursework would be very focused on understanding the internals of each layer of the stack. To make a comparison to the auto industry: Your training won't result in you being a mechanic that can follow the manufacturer's manual: you will be the person that can write the manual because that's how much you understand how the car works. But the real change I'd like to see is how the labs are done. When you enter the school they give you 12 virtual machines on their VMware cluster (or Ganeti cluster). In phase one you go through a progression that ends with turning those 6 machines into 2 load balancers, 3 web servers, a replicated database, a monitoring host, etc.
Back-to-Basics Weekend Reading - Load Sharing
One of the main reasons for picking some of these older papers as back-to-basics reading is that the first researchers on a topic had to develop the fundamental models and principles from scratch. As such there is much to learn from the descriptions of those first algorithms and models. One area that is tremendously important in todays distributed systems and has a long history is load balancing and load management.
Hacking Marathon Races
Truly bizarre story of someone who seems to have figured out how to successfully cheat at marathons. The evidence of his cheating is overwhelming, but no one knows how he does it....
Another power glitch
Mains power has been relatively reliable lately. The last failure was on 4 April 2012. This evening it looked as if we had another one, but it was the very briefest of fluctuations, and even my bedside clock, usually the first to reset, made it through. But my main machine eureka didn't! And it's on a UPS! What went wrong there? My best bet is that it was a massive power spike, but it didn't hit any of the other UPSs.
September
Here again, decades since it meant back-to-school for me; but now my kids go. It seems a bigger deal than the New Year, and weighs heavier as the number to come grows smaller. I Hate It The green leaves and young women are still worshipping the sun with their flesh, and I havent had to put on socks yet. But those hours of sun are on the steep downslope of the seasonal sine wave, less of them every week and you can feel it, and were gonna have to turn the furnace on at night one of these days. Winter is coming, like they say on BitTorrent oops Game of Thrones, and lets all just not overthink that lest we pick up seasonal-prospective-disorder.
The Big Picture
A few weeks ago I was sitting in an airplane with mountains going by outside the window, and idly snapped a few pictures. They werent bad, and I wondered about printing one. I consulted with my neighbor Scott August, who when not being an artist has a high-quality printing business, and asked him how big we could go. Heres how big: Thats a chair behind it, holding it up. To my eye it looks wonderful. Its 40 by 50 inches, more or less. I left all the grain in and Scott printed it on canvas and they sort of cancel each other out.
CSOs/CISOs Wanted: Cloud Security Questions
I'm trying to separate cloud security hype from reality. To that end, I'd like to talk to a few big corporate CSOs or CISOs about their cloud security worries, requirements, etc. If you're willing to talk, please contact me via e-mail. Eventually I will share the results of this inquiry. Thank you....
Database of 12 Million Apple UDIDs Haked
In this story, we learn that hackers got their hands on a database of 12 million Apple Apple Unique Device Identifiers (UDIDs) by hacking an FBI laptop. When I first read the story, my questions were not about the hack but about the data. Why does an FBI agent have user identification information about 12 million iPhone users on his...
DxO Optics Pro under Microsoft 8
Back home and set to installing DxO Optics Pro on bigpain, the new Microsoft 8 box. What did I get? 64 bit version or 32 bit version? DxO have been advertising the speed advantages of the 64 bit version at some length, but there was only one image to download. Hopefully it includes both variants. Installation went relatively smoothly, but I couldn't activate it: it seems that there's an activation counter somewhere, and I had used it too much. Still, there's always the 30 day free trial, so tried that. Yes, pretty much the same as before. With 4 CPUs it promised to convert images on average every 30 secondspretty much the same as what I would have got with the 32 bit version.
Enfield radiation tower
On the way home, found somehting that I had been looking for for a while: the Enfield NBN radiation tower: It wasn't quite where I had been expecting it, but yesterday I looked through the area and saw nothing. Today I noticed it from a few kilometres away, so presumably it has only just gone up.
Microsoft 8: first impressions
So it looks like the virtual hardware I use to run DxO Optics "Pro" is too wimpy: they prefer 64 bit machines, and clearly I should have multiprocessor support, which my version of Microsoft Windows XP doesn't have. But there's a prerelease version of Windows 8 available, and I downloaded it a few weeks ago. Time to install. There's always something confusing about Microsoft. Their view of the world, particularly networking, is just plain bizarre. The first thing I had to do was to enter an email addresswhy not a normal ID? I'm not sure, but it seems that it might not have been a user ID at all, but an email for registration.
Why SF movies make me insane
Why SF movies make me insane My latest Locus column is "Why Science Fiction Movies Drive Me Nuts," in which I propose that the reason the science in sf movies is so awful is that they're essentially operas about technology. The reason that SF movies command such a titanic amount of attention and money from … [Read more]
Wall Street Journal Review of Liars and Outliers
Liars and Outliers (along with two other books: Kip Hawley's memoir of his time at the TSA and Against Security, by Harvey Molotch) has been reviewed in the Wall Street Journal....
4 unix commands I abuse every day
A co-worker watched me type the other day and noticed that I use certain Unix commands for purposes other than they are intended. Yes, I abuse Unix commands.
Hacking Brain-Computer Interfaces
In this fascinating piece of research, the question is asked: can we surreptitiously collect secret information from the brains of people using brain-computer interface devices? One article: A team of security researchers from Oxford, UC Berkeley, and the University of Geneva say that they were able to deduce digits of PIN numbers, birth months, areas of residence and other personal...
Microsoft world: the pain
While at the Friends of the Ballarat Botanical Gardens, Lorraine Powell showed me the proofs of the new Pictorial History of the Ballarat Botanical Gardens book. She had it on a USB stick, and she wasn't connected to the net, so we moved it to Genevieve's machine and tried to email it to me. Gmail wouldn't come to the party: it was over 25 MB. OK, what's ftp for? But how do you find it? This machine doesn't even offer to give you a Command Prompt: I had to find the Run window and start COMMAND.COM manually. And yes, ftp is still there in Microsoft machines, but the on-system firewall blocks outgoing ftp.
Don't Install Software by Hand
An IT systems setup and configuration is a serious affair. It increasingly affects us developers mainly due to the proliferation and complexity of internet-facing systems. Fortunately, we can control and conquer this complexity by adopting IT-system configuration management tools.
Eye Twitch Patterns as a Biometric
Yet another biometric: eye twitch patterns: ...a person's saccades, their tiny, but rapid, involuntary eye movements, can be measured using a video camera. The pattern of saccades is as unique as an iris or fingerprint scan but easier to record and so could provide an alternative secure biometric identification technology. Probably harder to fool than iris scanners....
Back To School Sale: "Time Management for Sysadmins" for 50% off!
I'm proud to announce that TM4SA has been selected to be featured on this year's O'Reilly Back-to-School Special. The special runs this week only, from Sept 4th to the 11th. Save up to 50% on books, videos and courses. To receive the discount start shopping using this link http://oreil.ly/SUPaaT or use discount code "B2S2". Happy savings to all students and non-students alike!
More DxO experimentation
As it happened, I have just received another 4 GB of memory for eureka, meaning I could replace the 1 GB DIMMs with 2 GB and thus increase total RAM to 8 GBjust what I need to increase the memory size of my VirtualBox machines. So after yesterday's suggestion to increase memory, I put smart back up to 4 GB. No difference. And looking at the task manager, it's not surprising: Despite their slowness, the DxO processes aren't that big.
More DxO fun
DxO release frequent updates of their DxO Optics "Pro" software, and I generally install them in the hope that something might speed it up. The latest version is 7.5.4, and I installed it a couple of days ago. Faster? Difficult to say: as soon as I try to process anything, all the images disappear from the image browser window, at least on the version I have running in VirtualBox. No message, just dead in the water. And it's not consistent. In one scenario, the program runs for about a minute, then all files disappear from the Image Browser. The correction preview also disappears.
Open Brands
In late July, the Awesome Foundations invited me to participate in an interesting conversation about open brands at their conference. Awesome is a young collection of organizations struggling with the idea of if, and how, they want to try to control who gets call themselves Awesome. I was asked to talk about how the free software community approaches the issue. Guidance from free software is surprisingly unclear. I have watched and participated in struggles over issues of branding in every successful free software project I've worked in. Many years ago, Greg Pomerantz and I wrote a draft trademark policy for the Debian distribution over a couple beers.
New business cards
Since retiring, it's clear that I don't have business cards, but from time to time I want to give people something similar, more like what people used to call visiting cards. And from time to time I get a web advertisement with this offer from Vistaprint: 250 business cards, free. They're something like a free lunch. You only pay the postage. Letter postage for up to 500 g should run to about $3 and take between 1 to 4 business days to reach its destination. But this postage costs $7.85 and takes 21 days. You can have it faster, of course, but then it costs (much) more.
Reader Q&A: How to write a CAS loop using std::atomics
The following is not intended to be a complete treatise on atomics, but just an answer to a specific question. A colleague asked: How should one write the following conditional interlocked function in the new C++ atomic<> style? // if (*plValue >= 0) *plValue += lAdd ; return the original value LONG MpInterlockedAddNonNegative(__inout LONG volatile* [...]