Blog Archive: September 2012

Sun, 30 Sep 2012 23:44:14 UTC

X hang problems: solved!

Posted By Greg Lehey

For well over a year I've been complaining about sporadic hangs with X, where the mouse cursor would get stuck bouncing between two screens. I've suspected blame on the part of the nVidia driver, the mouse driver, and even the FreeBSD USB stack. Today I got a message from Andrew Hout telling me that the bug had been identified and fixed. Only two weeks ago, as shown by this bug report, which includes a very good summary of the problem, which was in the nVidia driver after all. The latest version was released only earlier this week. And of course it had nothing to do with FreeBSD, as evidenced by the other reports on the web.

Sun, 30 Sep 2012 16:26:34 UTC

Announcement: I'll be speaking at the Australia IPv6 Summit

Posted By Tom Limoncelli

I'll be doing a 30-minute talk about how to convince your boss to take IPv6 seriously at the Australia IPv6 Summit. I'll be presenting via video conference. If you are in Australia and/or are concerned with IPv6, please attend this awesome conference. Registration is still open! Info here:

Sat, 29 Sep 2012 23:41:34 UTC

EDID information for the new monitor

Posted By Greg Lehey

The other thing that I had noticed was the EDID information for the new monitor. There's more than reported by the X server, but how do I display it? Went looking and found edid-decode. Installed it and ran it. No output: it just hung. Looked for the documentation. No documentation, anywhere, not even UTSL. The source shows that if started without parameters, it reads from stdin. The first parameter, if supplied, is a file name, and clearly it supplies the EDID information. But where does it come from? No idea. Even minimal documentation would help, but as it is, I really have no idea how to use it.

Sat, 29 Sep 2012 23:24:20 UTC

More monitor investigations

Posted By Greg Lehey

One of the things that was clear after rearranging my monitors was that :0.1 (later the right half of :0.0) did not have optimal display settings. Went off looking for web sites helping with monitor calibrations, but it wasn't until Andy Farkas reminded me that I found this LCD test site, which is really quite impressive. And it gave the new monitor a clean bill of health: the settings were as good as perfect. The only thing I couldn't check properly was the black level, because it requires a really dark environment. But that, too, seems to be OK. The most interesting test was the clock and phase test, which on the new monitor worked fine, as it did on the ›OC monitor, but both BenQ monitors showed significant flickering.

Sat, 29 Sep 2012 22:33:58 UTC

Fun processing photos

Posted By Greg Lehey

House photo day again today, and despite the filthy weather decided to do it today rather than tomorrow. But because of the wind took a different approach to the garden centre panorama: instead of HDR images made from sets of 5 exposures, took a single exposure with flash to lighten the relatively close dark areas. A combination of that and the unexplained increase in processing speed DxO Optics "Pro" (now barely 30 seconds per image) meant that I was finished much faster than usual, despite the expected problems with control points due to the wind. One thing I didn't expect was when masking one of the panoramas.

Sat, 29 Sep 2012 22:23:48 UTC

RootBSD: keeping it up

Posted By Greg Lehey

Through much of my life, keeping it up has been important. Forty years ago at UNIVAC, it was a particular challenge, because the technology of the day required routine maintenance. But the 1108 was a multiprocessor system, and individual components could be maintained without taking down the entire system. Then Tandem Computers raised the whole thing to an art form, and uptimes of over 12 months were commonplace, limited only by the requirement of software upgrades. Part of my job at Tandem was to ensure highest uptime, and I'm always very reluctant to reboot a machine if there's any alternative. Yet another reason to hate Microsoft.

Sat, 29 Sep 2012 19:00:00 UTC

On Oatmeal

Posted By Tim Bray

It has come to my attention that much of the world is Doing It Wrong. This is the obvious conclusion from the many supermarket shelf-feet of misguided Instant, Quick, and Flavored products. Oatmeal porridge done right is a fine start to any day; but like many of the best things in life, you cant hurry it up. What you want is a big bag full of basic oatmeal. The controversy over Rolled vs Steel-cut is lively; supermarket stalwart Quaker offers both. Ive actually noticed more flavor variation between one brand and another of rolled or steel-cut than between the two in general.

Sat, 29 Sep 2012 19:00:00 UTC

Button Button

Posted By Tim Bray

We were going downtown on a shopping errand and just where we parked, found Button Button (view source on that site for a giggle). As they say, its an amusing little button store, and the buttons amused my eyes, so here are some pictures that might amuse yours.

Sat, 29 Sep 2012 15:21:56 UTC

Coming to the LOPSA-LAX meeting?

Posted By Tom Limoncelli

There is now a Meetup so you can RSVP:

Sat, 29 Sep 2012 01:24:43 UTC

X hang bug: more insights

Posted By Greg Lehey

While configuring X, Yvonne came with her camera and wanted files read off it. Last time I read the files on eureka, it triggered this horrible X hang bug, where the mouse cursor jumps back and forth between two screens. I'm gradually coming to the conclusion that this could be a FreeBSD bug after all. This time switched to a VTY before inserting the card. No luck. When I returned to X, it hung anyway. But at least it seems that I'm finding a way to reproduce it. Now I suppose I should try with a PS/2 mouse.

Sat, 29 Sep 2012 01:00:39 UTC

Reinventing my X configuration

Posted By Greg Lehey

So now I have my new monitor up and running well. That's the easy part. For well over 20 years I've been continually refining my X desktop for my personal taste. For at least 20 of those years it has been a multi-head setup, and I've gradually come to the conclusion that 4 monitors are enough. But now I only have 3 on eureka, and the fourth on dereel proves to be a pain, in particular because it has its own screen saver timer. So, the first thing should be to find a way to connect a fourth monitor to eureka.

Fri, 28 Sep 2012 16:00:00 UTC

Back-to-Basics Weekend Reading - Counting Bloom Filters

Posted By Werner Vogels

I am in India for the AWS Summits in Mumbai, Chennai and Bangalore (next week). As always in India I have an amazing time, the events are packed, the participants are extremely enthusiastic and eager to learn, the customers very appreciative and the food is just amazing. This weeks reading was triggered by a note from Matt Wood who ran into a great in-depth analysis of the Bloom Filter data structure by Michael Nielsen on his Data Driven Intelligence blog. I love probabilistic data structures and Bloom filters have unique properties of possible false positives, but no false-negatives. They have been used in many network devices, network protocols and distributed applications where a question like "have I possibly seen this before" needs to be able to operate at very large scale.

Fri, 28 Sep 2012 00:05:56 UTC

DxO acceleration

Posted By Greg Lehey

I've been running DxO Optics "Pro" in a Virtual Machine with a prerelease of Microsoft Windows 8 for some time now, and haven't been exactly happy with the speed. DxO claim that the 64 bit version is significantly faster than the older 32 bit versions such as the Microsoft XP I was running before. That version was single processor only, and it took a little over two minutes to process an image. You'd expect it to take a little over 30 seconds running on all 4 CPUs. But the new 64 bit version with Windows 8 took about 80 seconds per image.

Thu, 27 Sep 2012 22:03:11 UTC

Power problems not resolved

Posted By Greg Lehey

The first power failure had another result: once again, eureka failed immediately, though the UPS showed that it had enough power for 45 minutes, enough to weather the failure completely, as nerd-gw did. So what's causing the failure? It can't be the UPS, and it can't be the power supply. I'm still guessing that it's some kind of transient, but why does it only affect eureka?

Thu, 27 Sep 2012 19:00:00 UTC


Posted By Tim Bray

That was the middle of my day. As a result of my age and other risk factors, I now get one every few years, and because Im a blogger, I can write about it; and I feel I have to, because I might save your life. It only takes a couple hours, its not terribly unpleasant, and its an insanely cost-effective way to not be one of the people killed by colon cancer; thats 50,000 or so in the US every year. So if youre middle aged, ask your damn doctor already. You can read a bit about what its like, with more cheerleading of course, here and here.

Thu, 27 Sep 2012 18:14:22 UTC

NPR on Biometric Data Collection

Posted By Bruce Schneier

Interesting Talk of the Nation segment....

Thu, 27 Sep 2012 15:28:53 UTC

Automated calls, fraud and the banks: a mismatch made in hell

Posted By Cory Doctorow

The Guardian

Thu, 27 Sep 2012 15:28:21 UTC

UK banks use robo-callers to make fraud-check calls, conditioning customers to hand out personal information to anonymous machines that phone them up out of the blue

Posted By Cory Doctorow

My latest Guardian column, "Automated calls, fraud and the banks: a mismatch made in hell," reacts to the news that UK banks are using robo-call machines to check in with customers on possibly fraudulent transactions, and going about it in the worst way possible: The banks, bless them, are only trying to prevent fraud, but … [Read more]

Thu, 27 Sep 2012 14:10:59 UTC

Replacing Alice and Bob

Posted By Bruce Schneier

A proposal to replace cryptography's Alice and Bob with Sita and Rama: Any book on cryptography invariably involves the characters Alice and Bob. It is always Alice who wants to send a message to Bob. This article replaces the dramatis personnae of cryptography with characters drawn from Hindu mythology....

Thu, 27 Sep 2012 14:08:00 UTC

Pregnant with Suspense

Posted By Benjamin Mako Hill

A couple days ago, I woke up to this exciting series of text messages from a unfamiliar phone number. Because I've not received a reply in the last couple days, because it was a Seattle phone number but I haven't lived in Seattle for years, and because I don't know of anyone in Seattle who was about to give birth, I'm pretty confident that this was indeed a case of misdirected text messages! But whoever you are: Congratulations! I know it was a mistake, but that really made my day!

Wed, 26 Sep 2012 22:53:07 UTC

Matrix NEO 270WQ monitor: first impressions

Posted By Greg Lehey

After that harrowing experience, I should have known better than to try to set up the new monitor. After all, it has a somewhat restricted interfaceno other modes than 2560×1440 will work At All. And I didn't have any mode lines for the device. But of course, egged on by Michael Ralston, I did put it in there. It didn't start well: I pressed on the start button, and nothing happened. Not even when I held it down for a long time. It took me a while to realize that the buttons are underneath the monitor, and not even very well aligned with the markings.

Wed, 26 Sep 2012 22:15:44 UTC

System upgrade: the sharks

Posted By Greg Lehey

Continued with my reconfiguration today. After updating the system on dereel, I was able to load the nvidia driver with no further problems, and I got one monitor up and running in native resolution. Jürgen Lock suspected a mismatch between kernel and /sys. That's possible, though I didn't think so, but after rebuilding the system there's no evidence left. So: the next steps were to replace UPS and power supply and then integrate the new monitor. The UPS was a surprise: I had assumed it was defective, because minor power fluctuations killed eureka 3 weeks ago. But when I disconnected the power to the UPS, it continued to supply power on battery.

Wed, 26 Sep 2012 19:00:00 UTC

Android OAuth via Google Play services

Posted By Tim Bray

It started launching this morning, to every compatible Android device in the world running Froyo or higher. Thats a lot of devices, and even at Google scale itll take some time to roll out. This is a subtle but significant change in the ecosystem. Google Play services let the Android team release significant new APIs and capabilities to compatible devices without having to upgrade the whole platform. One of the first examples is the new Identity tools. OAuth 2.0 on Android Ive been working on this since early spring, and theres a post on the Android Developers blog with details, sample code, and so on.

Wed, 26 Sep 2012 15:00:00 UTC

What makes a sysadmin a "senior sysadmin"?

Posted By Tom Limoncelli

This came up in discussion recently. Here's how I differentiate between a junior and senior sysadmin: A senior person understands the internal workings of the systems he/she administers and debugs issues from a place of science, not guessing or rote memorization. A senior person has enough experience to know a problem's solution because he or she has seen and fixed it before (but is smart enough to check that assumption since superficial symptoms can be deceiving). A senior person automates their way out of problems rather than "working harder". They automate themselves out of a job constantly so they can be re-assigned to more interesting projects.

Wed, 26 Sep 2012 12:11:15 UTC

Using Agent-Based Simulations to Evaluate Security Systems

Posted By Bruce Schneier

Kay Hamacher and Stefan Katzenbeisser, "Public Security: Simulations Need to Replace Conventional Wisdom," New Security Paradigms Workshop, 2011. Abstract: Is more always better? Is conventional wisdom always the right guideline in the development of security policies that have large opportunity costs? Is the evaluation of security measures after their introduction the best way? In the past, these questions were frequently...

Wed, 26 Sep 2012 11:56:12 UTC

Librarians, teachers: sign up to get free copies of my forthcoming YA novel Pirate Cinema

Posted By Cory Doctorow

As many of you will know, I'm about to kick off the tour for a new YA science fiction novel, Pirate Cinema, which comes out next week. As with all my other novels, I'll be putting up Creative Commons-licensed editions of the book for your downloading pleasure. Now, whenever I do this, many readers write … [Read more]

Wed, 26 Sep 2012 00:49:55 UTC

Preparing to install the new monitor

Posted By Greg Lehey

My new monitor has been on the table outside the office for over a day now, and I still haven't installed it, much to Michael Ralston's disgust. But I want to have a smooth transition. I'm reminded of this cartoon from xkcd (click to enlarge): width="250" /> The first thing is what to do with the fourth display in the short term. The obvious thing to do is to connect it to dereel, but for some reason the nvidia driver doesn't work on dereel, something I encountered and ignored months ago: === root@dereel (/dev/pts/1) /usr/src 35 -> kldload nvidia kldload: can't load nvidia: File exists That's what ...

Tue, 25 Sep 2012 18:29:10 UTC

Quantum Cryptography

Posted By Bruce Schneier

Long article on quantum cryptography and cryptanalysis....

Tue, 25 Sep 2012 16:00:00 UTC

Expanding the Cloud  Provisioned IOPS for Amazon RDS

Posted By Werner Vogels

Following the huge success of being able to provision a consistent, user-requested I/O rate for DynamoDB and Elastic Block Store (EBS), the AWS Database Services team has now released Provisioned IOPS, a new high performance storage option for the Amazon Relational Database Service (Amazon RDS). Customers can provision up to 10,000 IOPS (input/output operations per second) per database instance to help ensure that their databases can run the most stringent workloads with rock solid, consistent performance. High Performance I/O Amazon RDS Provisioned IOPS is intended for applications that need predictable performance and have database workloads that generate largely random I/O. Amazon RDS Provisioned IOPS is ideal for mission-critical online transaction processing (OLTP) workloads that require a high performance storage option with consistent IOPS, within a narrow band of tolerance.

Tue, 25 Sep 2012 12:40:52 UTC

Homomorphic Encryption

Posted By Bruce Schneier

Good summary article....

Tue, 25 Sep 2012 01:49:53 UTC

DevOps: Google reveals their "DiRT Exercises" (part 3 or 3 in my "disaster preparedness" series)

Posted By Tom Limoncelli

Weathering the Unexpected by Kripa Krishnan, Google For the first time ever Google discusses our "DiRT" (Disaster Recovery Test) procedure. This is the week of hell where systems are taken down with little or no notice to verify that all the failure protection systems work. Oh yeah... and the funny sidebar at the end was written by me :-) Enjoy! P.S. (I take credit for cajoling Kripa into writing the article. I think she did a bang-up job! Go Kripa!!)

Mon, 24 Sep 2012 23:07:53 UTC

New monitor

Posted By Greg Lehey

I've been following the progress of my new monitor for a few days. It was sent with DHL and arrived in Australia on Saturday, after only 38½ hours. That seems better than UPS, though I've never had anything sent from Korea before. It's difficult to know how long it would have taken end to end if it had arrived during the week, but as it was, this morning was the earliest practical delivery date. And indeed we found a notification in the letterbox: to be picked up at Napoleons CPO. They could have delivered it to the door, but I'm sure they have a valid excuse.

Mon, 24 Sep 2012 22:57:45 UTC

Saturday's photos, continued

Posted By Greg Lehey

The activities of the last few days have resulted in a significant backlog of photos to process. I still haven't written a web page for the flower photos of last Sunday, nor the house photos for Saturday. Continued with the latter today. The garden centre panorama was done with HDR, and because of the sun I had a number of images with my hands blocking out the sun. Tried the new method for merging the imagesall 66 of them. It found control points for all except one image, a particularly light component image that I was able to just get rid of.

Mon, 24 Sep 2012 22:48:49 UTC

Fixing my photos for tablets

Posted By Greg Lehey

Yesterday's rotated images on Steve's tablet were cause for concern. On IRC discovered that a number of people could reproduce it, and that it really did come from the Orientation EXIF tag. OK, that's simple enough, but how do I fix it? I had about 106,000 JPEG images to go through. How much traffic would it cost to upload the changes to my external web site? A short test shows that rsync handled the update pretty efficiently.

Mon, 24 Sep 2012 19:00:00 UTC

Typographic Notes

Posted By Tim Bray

No story to tell here, just a few notes for publishing-tech fans, which I guess is more or less everyone who does Web stuff which is more or less everyone. But if you dont care about the difference between real apostrophes and ', you can stop reading now. Quotes Late last year I published Better Quotes and Better Quotes Redux, about why you should use real quotations marks, and how to make this a little easier on OS X. Some readers disagreed, but they were wrong. Since then, as a matter of principle, on every occasion I typed a single or double quote into a computer, unless it was code, Ive Done The Right Thing.

Mon, 24 Sep 2012 18:09:24 UTC

Security Vulnerability in Windows 8 Unified Extensible Firmware Interface (UEFI)

Posted By Bruce Schneier

This is the first one discovered, I think....

Mon, 24 Sep 2012 11:59:58 UTC

SHA-3 to Be Announced

Posted By Bruce Schneier

NIST is about to announce the new hash algorithm that will become SHA-3. This is the result of a six-year competition, and my own Skein is one of the five remaining finalists (out of an initial 64). It's probably too late for me to affect the final decision, but I am hoping for "no award." It's not that the new...

Mon, 24 Sep 2012 00:15:07 UTC

Web page rendering on tablets

Posted By Greg Lehey

While at Ron and Steve's, showed some of my web-based photos. Some came out rotated by 90°, something I've never seen before, such as this one: The issue appears to be this EXIF tag: Orientation                     : Rotate 270 CW That's a left-over from the way I took the images: camera mounted vertically, stitched together to make a landscape image, such as this one: I didn't know of any web browser that evaluated the EXIF data.

Mon, 24 Sep 2012 00:13:48 UTC

Web page rendering on tablets

Posted By Greg Lehey

While at Ron and Steve's, showed some of my web-based photos. Some came out rotated by 90°, something I've never seen before, such as this one: The issue appears to be this EXIF tag: Orientation                     : Rotate 270 CW That's a left-over from the way I took the images: camera mounted vertically, stitched together to make a landscape image, such as this one: I didn't know of any web browser that evaluated the EXIF data.

Sun, 23 Sep 2012 23:06:14 UTC

New power hardware

Posted By Greg Lehey

Then to CPL to pick up my power supply and yet another new UPS. An amazing place. A far cry from MSY: glossy, full of showcases, four people on duty doing I know not what. One of them served customers (2 in the 10 minutes we were there), another got the items, and the others sat in one of many offices. Despite the relationships, they were very slow. But I got my goods, and they look like what I wanted.

Sun, 23 Sep 2012 22:44:03 UTC

Network connection: registration hops cease

Posted By Greg Lehey

While investigating the cause of my Internet connection problems last month, I discovered a continual stream of cell hopping every couple of minutes. It continued through times of good and bad connection qualitybut this morning I discovered that it had stopped. The last hops were: Sep 21 15:11:01 nerd-gw fstats: +CGREG  1  81E3  8FC8F2E Sep 21 15:11:18 nerd-gw fstats: +CGREG  1  81E3  8FC48E8 Why did it stop? Why did it happen in the first place? The connection quality is still motley, but acceptable.

Sun, 23 Sep 2012 19:00:00 UTC

Hells Gladiator

Posted By Tim Bray

I just read Sandman Slim by Richard Kadrey, on a Twitter tip from @GreatDismal, whose advice about books should always be followed, obviously. Its long and fun and ridiculous. Our Man Stark is a Really Bad Mofo who might perhaps have been Saved By The Love Of A Good Woman, only she died and he Went Downtown but now hes Back On The Streets Of LA and his Minds On Murder, except for Theyre Out To Get Him First. Well yeah, if you think this sounds a little derivative, clichéd even, youd be right, because it is. But Stark is interesting and a lot of fun to follow around, the plot doesnt give you much time to think, the stage is crowded with deeply strange and oddly believable characters, even if Stark often kills them before you really get to know them.

Sat, 22 Sep 2012 14:46:15 UTC

How to Calculate an Operation's Memory Consumption

Posted By Diomidis D. Spinellis

How can you determine how much memory is consumed by a specific operation of a Unix program? Valgrind 's Massif subsystem could help you in this regard, but it can be difficult to isolate a specific operation from Massif's output. Here is another, simpler way.

Sat, 22 Sep 2012 10:16:08 UTC

Speaking at Oakville Public Library (and other Toronto stops) this week

Posted By Cory Doctorow

Great news, West Torontonians! The free Oakville Public Library event I'm doing next Wednesday has been opened to all comers (it was previously teen-only). There's refreshments, too. You need to pick up a ticket at a local OPL branch, or you can call or email ( or 905-815-2042 ext. 5037) to book ahead. Hope to … [Read more]

Sat, 22 Sep 2012 01:00:00 UTC

Back-to-Basics Weekend Reading - Leases

Posted By Werner Vogels

I was in Los Angeles this week for the Digital Media on AWS Summit and to visit many of the studios and production houses that are using AWS for production and post-production work. There is some real jaw dropping work being done around this town and I had the privilege to see some of these highly guarded secrets, all powered by AWS. Of the work that is already public the systems that Uplynk has built for Disney/ABC are impressive. The single source format approach has their customers very enthusiastic about how simple multi device stream is for them with Uplynk handling all the transcoding, dynamic ad-insertion, black out handling by switching from live to vod, etc.

Fri, 21 Sep 2012 21:30:53 UTC

Friday Squid Blogging: Beached Firefly Squid

Posted By Bruce Schneier

Pretty photo of firefly squid beached along a coast. I've written about firefly squid before. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 21 Sep 2012 20:29:25 UTC

Another Review of Liars and Outliers

Posted By Bruce Schneier

I usually don't post reviews of Liars and Outliers -- they're all here -- but I am particularly proud of this one....

Fri, 21 Sep 2012 15:00:00 UTC

Join me at the October LOPSA New Jersey chapter meeting!

Posted By Tom Limoncelli

If you live near Princeton, Trenton or New Brunswick and haven't been to the New Jersey chapter of LOPSA meetings then... what are you waiting for? Seriously, folks! They have free pizza! What could be better than pizza, soda, and geekery? I'll be the speaker at the Thu, Oct 4, 2012 meeting. My topic will be: "Deploying IPv6 in the enterprise: How to convince your boss to approve your big plan" The New Jersey chapter is the only LOPSA chapter that hosts its own annual conference. It's a great bunch of folks and I encourage you all to attend.

Fri, 21 Sep 2012 11:45:47 UTC

Accountable Algorithms

Posted By Bruce Schneier

Ed Felten has two posts about accountable algorithms. Good stuff....

Fri, 21 Sep 2012 01:19:31 UTC

Printing web pages: the pain

Posted By Greg Lehey

We're off to Melbourne on Sunday, and I'll pick up the power supply from CPL on the way. I have the address in my GPS navigator, but to be on the safe side it made sense to print out the location info page. What a catastrophe! I don't know what it is about this page, but it took me about 10 attempts before I got anything even remotely resembling a copy of the page: Firefox created a file that was completely illegible.

Fri, 21 Sep 2012 01:11:47 UTC

Power supplies: more is less

Posted By Greg Lehey

Another thing I have bought is an Antec EA-550 power supply. It costs $115, and I could get a power supply that does the job for $35. But I don't know the efficiency of the el cheapo supply, only that it's under 80%, while the Antec does about 91%. I've been measuring the power consumption of eureka, my main machine, for a week or two now, and it uses between about 170 W idle and 250 W at full load. Assuming 70% efficiency, the power supply is delivering between 120 W and 175 W. To deliver the same power at 90% efficiency would consume 133 and 195 W, a saving of, say, 50 W, or 1.2 kW per day.

Fri, 21 Sep 2012 00:19:44 UTC

Finding a dual port, dual link DVI display card

Posted By Greg Lehey

So now my monitor is on its way: Date: Wed, 19 Sep 2012 18:40:44 -0700 (MST) From: "eBay Member: bigclothcraft" <> I will prepare to make shipment. I will test monitor before shipping. It takes 1~3 more business days to inspect monitor. Then, 40 minutes later: Date: Wed, 19 Sep 2012 19:18:00 -0700 From: eBay <> Your item is marked as shipped and tracking information is available. Note: Tracking information can take up to 48 hours to be updated after the order is shipped.

Thu, 20 Sep 2012 19:00:00 UTC

High-Fidelity Harmony

Posted By Tim Bray

Ive been meditating about audio fidelity recently, under the influence of The Civil Wars and Jeff Atwood. What happened was, I kept catching videos and radio spots by The Civil Wars and liking them. I thought maybe I should buy some, so I visited their Web site and noticed with pleasure that they sell uncompressed FLAC, not just MP3, so I snapped up Barton Hollow. Its good. But am I fooling myself in spurning compressed music? < !-- Coincidentally, and what provoked this fragment, Mike Johnson, one of my fave bloggers, wrote HD Downloads, which includes a useful introduction to consumer audio formats.

Thu, 20 Sep 2012 15:00:00 UTC

Spiceworks interview

Posted By Tom Limoncelli

I've been interviewed on SpiceWorks. Read it here: Check it out! Interesting trivia: The IT department where my S.O. works uses Spiceworks' ticket system.

Thu, 20 Sep 2012 11:37:20 UTC

Rapture of the Nerds, with Charles Stross

Posted By Cory Doctorow

Earth has a population of roughly a billion hominids. For the most part, they are happy with their lot, living in a preserve at the bottom of a gravity well. Those who are unhappy have emigrated, joining one or another of the swarming densethinker clades that fog the inner solar system with a dust of … [Read more]

Thu, 20 Sep 2012 11:02:44 UTC

The NSA and the Risk of Off-the-Shelf Devices

Posted By Bruce Schneier

Interesting article on how the NSA is approaching risk in the era of cool consumer devices. There's a discussion of the president's network-disabled iPad, and the classified cell phone that flopped because it took so long to develop and was so clunky. Turns out that everyone wants to use iPhones. Levine concluded, "Using commercial devices to process classified phone calls,...

Wed, 19 Sep 2012 23:30:20 UTC

Alternative panorama processing sequence

Posted By Greg Lehey

Creating images such as my verandah panorama takes a number of steps: first I take 20 bracketed sets of 5 photos at 1 EV intervals (because my Olympus won't give me 2 EV intervals) at 45° intervals, then I process three of them with align_image_stack and enfuse to a tone-mapped image, and finally I stitch them together with Hugin. But there's a simpler way: Hugin can do the tone-mapping too. It's not easy to find out how. There are a number of tutorials, but none of them appears to address this particular issue. In fact, there is a tutorial there, with the unlikely name Creating 360° enfused panoramas.

Wed, 19 Sep 2012 23:00:00 UTC

Join me at the October NYLUG meeting!

Posted By Tom Limoncelli

I'll be the speaker at the Thursday, October 11, 2012 NYLUG meeting in Manhattan (Chelsea, 14th and 9th ave). I'll be talking about the Ganeti open source project which I'm involved in. The title of the talk will be: "Ganeti Virtualization Management: Improving the Utilization of Your Hardware and Your Time" If you are in or near NYC, I hope to see you there! Seating is limited. Please RSVP. Tom

Wed, 19 Sep 2012 22:05:06 UTC

Casablanca: C++ on Azure

Posted By Herb Sutter

Ive blogged about Casablanca before. Heres a related talk from TechEd Australia: Casablanca is a Microsoft incubation effort to support cloud-based client-server communication in native code using a modern asynchronous C++ API design. Think of it as Node.js, but using C++  from simple services, to JSON and REST, to Azure storage and deployment, and [...]

Wed, 19 Sep 2012 21:29:13 UTC

Join me at the October LOPSA Los Angeles chapter meeting!

Posted By Tom Limoncelli

LOPSA-LA has a dinner on Tuesday, October 16, 2012. I'll be in the area for MacTech and they've asked me to give an after-dinner talk about Time Management. When: Tue, Oct 16, 7pm - 9pm. Location: Sheraton Universal Hotel's Californias Restaurant (333 Universal Hollywood Drive, Universal City, CA 91608) Topic: Time Management for Sysadmins: Impossible or are other people to blame? In this talk I'll explain why the fact that you can't manage your time effectively is everyone else's fault, not yours. I'll blame Darwin, your boss, your users, and maybe even your mom. There are a few solutions, which I'll discuss briefly.

Wed, 19 Sep 2012 19:00:00 UTC

Sunset Cycle

Posted By Tim Bray

Were heading out after dinner to pick up gelati. Vancouvers been blessed with loads of surprising September warmth, but sunsets now soon after seven. Its like this: Shes big and strong enough to take the training wheels off, but she doesnt think she can, so she probably cant. We tried once and failed; but on the way back from this ice-cream trip, she said she thought shed be able to next time, so Im sure she will.

Wed, 19 Sep 2012 17:31:26 UTC

Analysis of PIN Data

Posted By Bruce Schneier

An analysis of 3.4 million four-digit PINs. ("1234" is the most common: 10.7% of all PINs. The top 20 PINs are 26.8% of the total. "8068" is the least common PIN -- that'll probably change now that the fact is published.)...

Wed, 19 Sep 2012 17:30:00 UTC

New website!

Posted By Tom Limoncelli

I've gotten a lot of positive feedback about The Limoncelli Test. So much so, that Peter Grace and I have put all the material on a website called We hope to add resources that help you achieve these 32 points of enlightenment but for now it is mostly the same as The Test. We're also considering making selling an ebook based on the material. Post to the comments section here if you like that idea. We hope you enjoy it! Tom

Wed, 19 Sep 2012 17:22:09 UTC

Why Philip Roth needs a secondary source

Posted By Cory Doctorow

The Guardian

Wed, 19 Sep 2012 17:21:52 UTC

Why Philip Roth had to explain himself in the New Yorker before his Wikipedia entry could be corrected

Posted By Cory Doctorow

My latest Guardian column, "Why Philip Roth needs a secondary source," explains why it makes sense for Wikipedians to insist that Roth's claims about his novels be vetted by and published in the New Yorker before they can be included on Wikipedia: Wikipedians not only have no way of deciding whether Philip Roth is an … [Read more]

Wed, 19 Sep 2012 09:41:36 UTC

Recent Developments in Password Cracking

Posted By Bruce Schneier

A recent Ars Technica article made the point that password crackers are getting better, and therefore passwords are getting weaker. It's not just computing speed; we now have many databases of actual passwords we can use to create dictionaries of common passwords, or common password-generation techniques. (Example: dictionary word plus a single digit.) This really isn't anything new. I wrote...

Wed, 19 Sep 2012 00:03:34 UTC

Choosing a monitor, continued

Posted By Greg Lehey

More thoughts about a new 2560×1440 monitor today. The main question was: should I buy a version with HDMI and D-Sub connectors or just a basic one with DVI? It's not even clear whether my video cards (nVidia 9500GT) can generate 2560×1440 analogue outputs. My attempts failed, at any rate. In passing, it's interesting to note that I found a mode line for 2304×1728 in my configuration, a resolution of 3,981,312 pixels, 8% more than the 3,686,400 pixels that these monitors will do. The card itself is OK: the eBay item descriptions all include it in their lists, but that's with DVI, and I can only drive one of them with my cards.

Tue, 18 Sep 2012 23:11:02 UTC

Chat with Charlie Stross and me on the WELL and

Posted By Cory Doctorow

Charlie Stross and I are doing a public interview on The WELL's Inkwell.vue conference -- you don't have to be a WELL member to ask questions, either! While I'm on the subject, Charlie and I are doing a live online Torchat tomorrow, Sept 19 at 16h Eastern/13h Pacific.

Tue, 18 Sep 2012 21:37:55 UTC

Friday Squid Blogging: Octonaut

Posted By Bruce Schneier

A space-traveling squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Tue, 18 Sep 2012 20:53:01 UTC

C&B 2012 panel posted: Ask Us Anything!

Posted By Herb Sutter

The second panel from C++ and Beyond 2012 is now available on Channel 9: Alexandrescu, Meyers and Sutter – Ask Us Anything Here is the Ask Us Anything panel from C++ and Beyond 2012. Andrei Alexandrescu, Scott Meyers and Herb Sutter take questions from attendees. As expected, great questions and answers& Table of contents (click [...]

Tue, 18 Sep 2012 07:42:30 UTC

Research Proposal Becomes Reality

Posted By Diomidis D. Spinellis

Eight years ago I submitted a research proposal for developing a tablet-based game platform for toddlers. Although the proposal was not accepted for funding, it's nice to see the idea becoming a reality through the unveiling of the Toys 'R' Us $150 Tabeo tablet for kids .

Tue, 18 Sep 2012 00:12:09 UTC

Finding a high-definition monitor

Posted By Greg Lehey

So, do I repair my dead Sλmsung SyncMaster 2233SW monitor, or do I replace it? The first time it was replaced under warranty, but now it's way out of warranty. I could replace it with another 1920×1080 high definition monitor, but the writing is on the wall that higher definition is finally on its way. There are a number of surprisingly cheap 2560×1440 27" monitors available from Korea on eBay, and today I spent a lot of time investigating what is available. There's a lot of information available on the web, of course. It seems that all monitors use the same IPS panel from Lucky Goldstar, and most of them have only DVI inputs.

Mon, 17 Sep 2012 15:00:00 UTC

DevOps: "have more outages" Part 2 of 3: The interview

Posted By Tom Limoncelli

I moderated a discussion with Jesse Robbins, Kripa Krishnan, John Allspaw about Learning to Embrace Failure. This is the first time you'll see Google reveal what they've been doing since 2006. Read the entire discussion in the new issue of ACM Queue magazine: Resilience Engineering: Learning to Embrace Failure Participants include Jesse Robbins, the architect of GameDay at Amazon, where he was officially called the Master of Disaster. Robbins used his training as a firefighter in developing GameDay, following similar principles of incident response. He left Amazon in 2006 and founded the Velocity Web Performance and Operations Conference, the annual O'Reilly meeting for people building at Internet scale.

Mon, 17 Sep 2012 13:05:52 UTC

Europe officially runs out of IPv4 addresses

Posted By Tom Limoncelli

Earlier today, the RIPE NCC (Réseaux IP Européens Network Coordination Centre) announced it is down to its last "/8" worth of IPv4 addresses. This means that it is no longer possible to obtain new IPv4 addresses in Europe, the former USSR, or the Middle East, ... I'll be doing my "Convince your boss to deploy IPv6" talk at the New Jersey chapter of LOPSA meeting next month. That's thursday, oct 4th near Princeton, NJ.

Mon, 17 Sep 2012 12:03:54 UTC

Diamond Swallowing as a Ruse

Posted By Bruce Schneier

It's a known theft tactic to swallow what you're stealing. It works for food at the supermarket, and it also can work for diamonds. Here's a twist on that tactic: Police say he could have swallowed the stone in an attempt to distract the diamond's owner, Suresh de Silva, while his accomplice stole the real gem. Mr de Silva told...

Mon, 17 Sep 2012 01:35:29 UTC

ssh POLA violation

Posted By Greg Lehey

One of the problems I had with avidemux2 was that it wasn't installed on lagoon, Yvonne's computer, and it's so down-rev that I can't install it. So we ran it on eureka. But she couldn't connect: eureka refused her ssh keys. Regenerated them, but no luck: Sep 16 14:16:19 eureka sshd[213]: error: Could not load host key: /etc/ssh/ssh_host_ecdsa_key What's that? I've never had that before, and it didn't happen when I tried accessing with my credentials. Searched on the web and found a large number of hits, mainly from Linux.

Mon, 17 Sep 2012 01:17:10 UTC

Joining AVI clips

Posted By Greg Lehey

Yvonne wanted to edit some video clips today for upload to YouTube. They come from the camera in AVI format, and with a bit of pain we were able to extract specific scenes with avidemux2. But why must this software ignore the current working directory and put you into a completely unrelated directory that you used 9 months ago? That was only the first part, of course. We ended up with 11 scenes which we wanted to convert to 2. Some formats, such as MPEG TS, allow simple concatenation, but AVI doesn't. We were in a bit of a hurry, but the stuff I found on the web wasn't very encouraging.

Mon, 17 Sep 2012 01:09:11 UTC

Another dead monitor

Posted By Greg Lehey

My Sλmsung SyncMaster 2233SW monitor died today, not for the first time: it just didn't power on. Given that this was a replacement for a monitor that had a similar failure, it seems that this is a generic problem with the model. Is it worth repairing? I'll find out. But it's now 3½ years old, so in all likelihood it means a new monitor.

Mon, 17 Sep 2012 01:02:37 UTC

Microsoft "Windows" 8 performance and licensing

Posted By Greg Lehey

My experience with Microsoft Windows XP yesterday was painful, more due to DxO Optics "Pro" than to Microsoft. The (virtual) machine only has a single processor, and it took about 130 seconds per image to process. But the Windows 8 installation uses all 4 cores, and DxO has advertised that the 64 bit version is much faster. So I ran that, and indeed VirtualBox showed it was using about 3 CPUs. The result? About 90 seconds per image, an improvement of only 30% with 3 times as much CPU power. Why is that? Virtual machine issues? I'm torn between buying a real, fast box just to run Microsoft, or giving up on DxO.

Sun, 16 Sep 2012 01:58:37 UTC

Slow photo processing

Posted By Greg Lehey

House photo day today, with almost ideal conditionsexcept that braindeath, Chris Yeardley's loaner Microsoft box, appears to have died. I'm not convinced yet, but for today at any rate I had to run DxO Optics "Pro" in a VM. And that takes forever, especially since the latest version of DxO has problems with SMB shares and I had to copy the files physically onto the virtual disk, causing it to overflow. The processing itself was OK, but it took all day, and I still wasn't finished.

Sat, 15 Sep 2012 19:00:00 UTC

Cloud Atlas

Posted By Tim Bray

This, by David Mitchell, came across my radar because of the news around the forthcoming movie. In book form its called Cloud Atlas: A Novel, but thats a bit misleading because its actually six, wrapped up together. I enjoyed it a lot but cant give an unmixed recommendation. Describing the combining structure would be a spoiler, so Ill limit myself to saying that itll be familiar to lovers of the music of Steve Reich (a small group, I bet). Lets just say its clever and well-executed. In fact, thats how Ill badge the whole work: Smart and well-done; perhaps a little too much so for its own good.

Sat, 15 Sep 2012 03:25:38 UTC

NBN fixed wireless: first impressions

Posted By Greg Lehey

Yet another thing that Scott mentioned is that he now lives in Haddon, Victoria, and since a fortnight ago he has network access via NBN fixed wireless. He's described his experience here. The most interesting thing he has discovered is that the relatively low bandwidth of 12/1 Mb/s is per ISP, of which you can have up to 4. He also mentions rumours of a 25/5 Mb/s link coming in the not-too-distant future, which certainly makes things more interesting. Now if only VCAT would hear this complaint.

Sat, 15 Sep 2012 02:05:54 UTC

Where is the radiation tower?

Posted By Greg Lehey

Discussing my planned move of house on IRC today, and Callum Gibson asked whether I'd still be in the range of the radiation tower. The simple answer is yes. But looking at that map (which requires me to enter Dereel manually), I discover that it has changed in the last 6 months. At that time the map showed the tower (the orange marker with C for Commenced) rather inaccurately placed a little to the north-east of the correct place. We also noted that Chris Yeardley's house is covered, but other parts, including the plot of land she wanted to sell us, aren't.

Sat, 15 Sep 2012 01:34:52 UTC

More network pain

Posted By Greg Lehey

Came into the office this morning to discover that we have been off the network since shortly after midnight. Optus had sent a terminate request: Sep 14 00:59:00 nerd-gw ppp[87396]: tun0: LCP: deflink: RecvTerminateReq(13) state = Opened Sep 14 00:59:00 nerd-gw ppp[87396]: tun0: LCP: deflink: LayerDown Sep 14 00:59:00 nerd-gw ppp[87396]: tun0: LCP: deflink: SendTerminateAck(13) state = Opened Sep 14 00:59:00 nerd-gw ppp[87396]: tun0: LCP: deflink: State change Opened --> Stopping For some reason the ppp process didn't even try to reconnect, so we didn't get back on the net until 10:30.

Sat, 15 Sep 2012 00:00:00 UTC

Back-to-the-Future Weekend Reading - CryptDB

Posted By Werner Vogels

This weekend I am not going back in time to fundamentals, but looking forward to the future. Encryption techniques to protect sensitive information such as personal identifiable information are becoming more and more practical, and ubiquitously. Whether in-the-cloud or on-premise there is a shift to a model where individual applications need to protect themselves instead of relying on firewall-like techniques. That goes especially for the interaction between applications and storage engines, and between applications and databases. In last year's SOSP Hari Balakrishnan's group at MIT CSAIL team presented a paper on CryptDB which has a novel SQL-aware encryption approach. "

Fri, 14 Sep 2012 21:15:29 UTC

Friday Squid Blogging: Giant Squid Museum

Posted By Bruce Schneier

In Valdés, Spain. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 14 Sep 2012 19:20:59 UTC

Schneier on Security on Elementary

Posted By Bruce Schneier

Two of my books can be seen in the background in CBS' new Sherlock Holmes drama, Elementary. A copy of Schneier on Security is prominently displayed on Sherlock Holmes' bookshelf. You can see it in the first few minutes of the pilot episode. The show's producers contacted me early on to ask permission to use my books, so it didn't...

Fri, 14 Sep 2012 19:00:00 UTC

Less Pain, More Money

Posted By Tim Bray

Logging in is annoying and slows you down. My job these days is mostly about reducing that pain, ideally to zero by eliminating it. Google really wants this to happen; here are two reasons why, one general and one specific. In general, wed like everyone to spend lots of time online. Less logging in improves the experience, so there you go; not rocket science. But lets be more specific: Suppose we give you a browser and offer you a challenge like Whats a good mountain bike? or Find a doctor for your kid. In this situation, Google really wants you to type things like good mountain bike or Knoxville pediatrician into the search box.

Fri, 14 Sep 2012 16:23:20 UTC

Man-in-the-Middle Bank Fraud Attack

Posted By Bruce Schneier

This sort of attack will become more common as banks require two-factor authentication: Tatanga checks the user account details including the number of accounts, supported currency, balance/limit details. It then chooses the account from which it could steal the highest amount. Next, it initiates a transfer. At this point Tatanga uses a Web Inject to trick the user into believing...

Fri, 14 Sep 2012 16:02:58 UTC

Librarians! Teachers! Sign up for free copies of Rapture of the Nerds!

Posted By Cory Doctorow

Charlie Stross and I have a new book out and I'm about to put up a website were readers can download free, CC-licensed copies of it in ebook form. As with other recent books, I'm going to collect and publish the names of librarians, teachers, and public institutions that would like to get free copies … [Read more]

Fri, 14 Sep 2012 11:47:58 UTC


Posted By Bruce Schneier

Good article on the hacker group UGNazi....

Fri, 14 Sep 2012 00:56:07 UTC

More power pain

Posted By Greg Lehey

Into the office this morning to discover that both eureka and dereel had rebooted last night at 18:16. It appears to have been a power failure, but there was none. But at that time we blew a contact breaker on that circuit, which also supplies the kitchen. How I love underrated Australian power circuits!. Power stayed off for 30 seconds, clearly long enough to kill the UPS. What a pain these things are!

Thu, 13 Sep 2012 18:20:33 UTC

Estimating the Probability of Another 9/11

Posted By Bruce Schneier

This statistical research says once per decade: Abstract: Quantities with right-skewed distributions are ubiquitous in complex social systems, including political conflict, economics and social networks, and these systems sometimes produce extremely large events. For instance, the 9/11 terrorist events produced nearly 3000 fatalities, nearly six times more than the next largest event. But, was this enormous loss of life statistically...

Thu, 13 Sep 2012 11:15:57 UTC

Steganography in the Wild

Posted By Bruce Schneier

Steganographic information is embedded in World of Warcraft screen shots....

Wed, 12 Sep 2012 19:00:39 UTC

VC++ 2012 Desktop Expres (Free)

Posted By Herb Sutter

  Today Microsoft released another free Express version of Visual C++ 2012. In addition to the free Express Visual C++ compiler for building tablet applications, Visual Studio Express 2012 for Windows Desktop directly supports traditional Windows and command-line applications in C++. This a great free C++ compiler on Windows for everything from hobby development to [...]

Wed, 12 Sep 2012 19:00:00 UTC

CL XXII: Blackberries

Posted By Tim Bray

Leta be honest: Cottage Life is pretty soft. Thats the point, I believe, but... There Are Enemies. Chief among them are blackberries, not mobile devices I mean but vicious resourceful adaptive bloodthirsty vegetables. This story has a happy ending: we beat em and we eat em. In this lifetime, anyhow. The enemy fauna are invasive and aggressive and full of slum vigor; given space and sunshine they swarm open space, sending strong slender stems vaulting over anything mineral or vegetable to occupy new ground, digging deep in soft forest loam, launching new roots from any fragment that touches down, crowding out the native flora.

Wed, 12 Sep 2012 17:55:56 UTC

Stopping Terrorism

Posted By Bruce Schneier

Nice essay on the futility of trying to prevent another 9/11: "Never again." It is as simplistic as it is absurd. It is as vague as it is damaging. No two words have provided so little meaning or context; no catchphrase has so warped policy discussions that it has permanently confused the public's understanding of homeland security. It convinced us...

Wed, 12 Sep 2012 11:23:16 UTC

A Real Movie-Plot Threat Contest

Posted By Bruce Schneier

The "Australia's Security Nightmares: The National Security Short Story Competition" is part of Safeguarding Australia 2012. To aid the national security community in imagining contemporary threats, the Australian Security Research Centre (ASRC) is organising Australia's Security Nightmares: The National Security Short Story Competition. The competition aims to produce a set of short stories that will contribute to a better conception...

Wed, 12 Sep 2012 08:00:00 UTC

Expanding Flexibility - Introducing the Reserved Instance Marketplace

Posted By Werner Vogels

Today we launched a new feature that enables you to buy and sell Amazon EC2 Reserved Instances. Reserved Instances are an important pricing option for AWS customers to drive cost down. If you are able to predict the capacity required to run your application, there is likely some combination of Reserved Instance options that will help you drive you costs down significantly (up to 71%) when compared to on-demand pricing. There are three options: heavy-, medium- and low-usage options that allow you to optimize your savings depending on how much you plan to use your Reserved Instance. However, sometimes business and architectures change so that you need to change your mix of Reserved Instances.

Wed, 12 Sep 2012 05:12:26 UTC

Interview with the Singularity Weblog

Posted By Cory Doctorow

I recently sat down for a video interview with the Singularity weblog to talk about about The Rapture of the Nerds, Singularity, science fiction, how fiction works, sf movies, and a lot of varied subjects. Cory Doctorow on Singularity 1 on 1: The Singularity Is A Progressive Apocalypse

Wed, 12 Sep 2012 03:37:37 UTC

X hangs: more insights

Posted By Greg Lehey

One of the positive results of upgrading my computer system is that the new version now recognizes my USB flash card reader, which up to now I have had to use with the old (USB 1.0) Apple. Now I can get much higher speeds without firing up another machine. Well, almost. Today I put it in the machine, it was recognized, but I got the dreaded mouse hang. Nothing else was wrong: after shooting down and restarting X, everything worked. So is this maybe an issue with the FreeBSD USB subsystem?

Wed, 12 Sep 2012 03:21:18 UTC

Navman: improving user experience

Posted By Greg Lehey

Message from David Corkery of Navman today: We are currently undertaking Search Engine Optimisation for the NAVMAN website to make the experience even better. We noticed that you have a link on your site back to on the following URL: It's great that you've done this and we really value the reference you've provided. However, we would like to request a slight change to this existing link, if it's not too much trouble. The current link text is 'Navman' we would like you to change this to 'Navman GPS' OK, not a problem.

Tue, 11 Sep 2012 17:38:40 UTC

New Attack Against Chip-and-Pin Systems

Posted By Bruce Schneier

Well, new to us: You see, an EMV payment card authenticates itself with a MAC of transaction data, for which the freshly generated component is the unpredictable number (UN). If you can predict it, you can record everything you need from momentary access to a chip card to play it back and impersonate the card at a future date and...

Tue, 11 Sep 2012 15:00:00 UTC

DevOps: To increase reliability you need to have more outages

Posted By Tom Limoncelli

Here's a good strategy to improve the reliability of your systems: Buy the most expensive computers, storage, and network equipment you can find. It is the really high-end stuff that has the best "uptime" and "MTBF". Wait... why are you laughing? There are a lot of high-end, fault-tolerant, "never fails" systems out there. Those companies must be in business for a reason! Ok.... if you don't believe that, let me try again. Here's a good strategy to improve the reliability of your systems: Any time you have an outage, find who caused it and fire that person. Eventually you'll have a company that only employs perfect people.

Tue, 11 Sep 2012 11:45:18 UTC

Security at the 9/11 WTC Memorial

Posted By Bruce Schneier

There's a lot: Advance tickets are required to enter this public, outdoor memorial. To book them, youre obliged to provide your home address, email address, and phone number, and the full names of everyone in your party. It is strongly recommended that you print your tickets at home, which is where you must leave explosives, large bags, hand soap, glass...

Tue, 11 Sep 2012 00:00:00 UTC

A Million Miles Away

Posted By Werner Vogels

I just received a note from United Airlines that I had flown 1 million miles on their airline. I didn't start flying United until I moved to Seattle, so all of these have been miles on Amazon business. The folks I was with immediately started cracking some jokes about a million miles of torture, but that was not at all what came to my mind. I thought about all the wonderful things I got to do on those million miles; all the great engineers and CxO's that I have met, all the cool startups that made time for me and shared their passion, and all the amazing enterprises going through major transformations who opened up about the inner workings of their businesses to me.

Mon, 10 Sep 2012 23:28:08 UTC

Lame mouse syndrome returns

Posted By Greg Lehey

Into the office this morning to discover that my mouse was limping again. The web has a number of hits for the problem, but nothing that's obvious. Now that I'm running 2 X servers, I was able to confirm that it hit both of them, and that there's no obvious connection with CPU time, though it's possible that some single process might be sucking it. Today I restarted both servers, not without difficulty: another issue is that the mouse is completely inactive when I start X, and I have to do it yet again. This is anything but reliable.

Mon, 10 Sep 2012 20:17:51 UTC

AT&T Survey

Posted By Tom Limoncelli

I got a survey from AT&T Wireless that asked a lot of questions comparing my experiences between WiFi and 3G on my AT&T mobile phone. If I were to reverse-engineer what they were getting at, either (a) they want to figure out why I dislike WiFi so they can fix those problems and encourage people to move traffic off their over-stressed 3G network, or (b) they need data to back up their coming campaign to bad-mouth WiFi and tell everyone to pay for their over-priced 3G. Based on the tone of the questions, I really think it is "b".

Mon, 10 Sep 2012 11:51:47 UTC

Another Stuxnet Post

Posted By Bruce Schneier

Larry Constantine disputes David Stanger's book about Stuxnet: So, what did he get wrong? First of all, the Stuxnet worm did not escape into the wild. The analysis of initial infections and propagations by Symantec show that, in fact, that it never was widespread, that it affected computers in closely connected clusters, all of which involved collaborators or companies that...

Sat, 08 Sep 2012 13:41:53 UTC

MacTech 2012 session listing is up!

Posted By Tom Limoncelli I'll be speaking on Thursday. Don't miss this great conference, October 17-19, 2012 in Los Angeles.

Sat, 08 Sep 2012 10:04:05 UTC

Video from the Stross and Doctorow show at MakerBot in Brooklyn

Posted By Cory Doctorow

Joly McFie captured video of Charlie Stross's and my tour-stop at Brooklyn's MakerBot this week. We were there in support of our new novel Rapture of the Nerds, and did a talk, reading and Q&A that touched on the Singularity, its precedents, its discontents, and its inherent comedy -- all while 3D printers chattered in … [Read more]

Sat, 08 Sep 2012 00:33:56 UTC

Finding the Emacs screens

Posted By Greg Lehey

It's been over two months since I switched from i386 to amd64 (32 bit to 64 bit) FreeBSD, and there are still a number of irritations that I haven't fixed. One is that Emacs windows are positioned outside the display. I haven't found a solution for that; I suspect it's less a FreeBSD issue than an Emacs or X problem. But at least I've found one way to retrieve them when using fvwm2: select them via the WindowList menu, which will bring them back to top left: I probably knew about this kind of thing decades ago, but I never found much use for it until now.

Sat, 08 Sep 2012 00:30:11 UTC

Rain gauge problems

Posted By Greg Lehey

So I've replaced the rain gauge on my weather station, it has rained and... nothing. What's the problem? This one doesn't seem to have any mechanical issues, and the electronic connection seems to be working: when I mounted it the vibration caused some false rain. So what is it? Do I care? It's very inaccurate anyway. But it would be nice to understand the problem.

Fri, 07 Sep 2012 22:00:00 UTC

Back-to-Basics Weekend Reading - Load Sharing

Posted By Werner Vogels

One of the main reasons for picking some of these older papers as back-to-basics reading is that the first researchers on a topic had to develop the fundamental models and principles from scratch. As such there is much to learn from the descriptions of those first algorithms and models. One area that is tremendously important in todays distributed systems and has a long history is load balancing and load management. In this 1986 paper on load sharing Eager, Lazowska and Zahorjan layout the basics. Even though these early system lack todays scale and complexity the fundamentals are there.

Fri, 07 Sep 2012 21:41:03 UTC

Friday Squid Blogging: Controlling Squid Chromatophores with Music

Posted By Bruce Schneier

Wacky. Other stories about the story. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 07 Sep 2012 19:00:00 UTC

Whats Wrong With Twitter?

Posted By Tim Bray

About fifteen minutes after Twitter came on the scene, alternatives started crowding through the door behind it. So far, none of them have really made a difference. Why the crowd? There are ads And as they say, if the product youre using is free its not the product, youre the product. This seems to be the main driver behind I like, but I dont like this argument, even though I also mostly dont like ads. Youd have to be a moron to ignore the historical success of services which are free, but with (mostly-disliked) ads. The proportion of people reading this who havent used such a service in the preceding 24 hours rounds to zero.

Fri, 07 Sep 2012 15:10:20 UTC

How I would teach a university-level sysadmin degree

Posted By Tom Limoncelli

The coursework would be very focused on understanding the internals of each layer of the stack. To make a comparison to the auto industry: Your training won't result in you being a mechanic that can follow the manufacturer's manual: you will be the person that can write the manual because that's how much you understand how the car works. But the real change I'd like to see is how the labs are done. When you enter the school they give you 12 virtual machines on their VMware cluster (or Ganeti cluster). In phase one you go through a progression that ends with turning those 6 machines into 2 load balancers, 3 web servers, a replicated database, a monitoring host, etc.

Fri, 07 Sep 2012 12:10:06 UTC

Hacking Marathon Races

Posted By Bruce Schneier

Truly bizarre story of someone who seems to have figured out how to successfully cheat at marathons. The evidence of his cheating is overwhelming, but no one knows how he does it....

Fri, 07 Sep 2012 00:35:06 UTC

Another power glitch

Posted By Greg Lehey

Mains power has been relatively reliable lately. The last failure was on 4 April 2012. This evening it looked as if we had another one, but it was the very briefest of fluctuations, and even my bedside clock, usually the first to reset, made it through. But my main machine eureka didn't! And it's on a UPS! What went wrong there? My best bet is that it was a massive power spike, but it didn't hit any of the other UPSs.

Thu, 06 Sep 2012 19:00:00 UTC


Posted By Tim Bray

Here again, decades since it meant back-to-school for me; but now my kids go. It seems a bigger deal than the New Year, and weighs heavier as the number to come grows smaller. I Hate It The green leaves and young women are still worshipping the sun with their flesh, and I havent had to put on socks yet. But those hours of sun are on the steep downslope of the seasonal sine wave, less of them every week and you can feel it, and were gonna have to turn the furnace on at night one of these days. Winter is coming, like they say on BitTorrent oops Game of Thrones, and lets all just not overthink that lest we pick up seasonal-prospective-disorder.

Thu, 06 Sep 2012 19:00:00 UTC

The Big Picture

Posted By Tim Bray

A few weeks ago I was sitting in an airplane with mountains going by outside the window, and idly snapped a few pictures. They werent bad, and I wondered about printing one. I consulted with my neighbor Scott August, who when not being an artist has a high-quality printing business, and asked him how big we could go. Heres how big: Thats a chair behind it, holding it up. To my eye it looks wonderful. Its 40 by 50 inches, more or less. I left all the grain in and Scott printed it on canvas and they sort of cancel each other out.

Thu, 06 Sep 2012 17:31:43 UTC

CSOs/CISOs Wanted: Cloud Security Questions

Posted By Bruce Schneier

I'm trying to separate cloud security hype from reality. To that end, I'd like to talk to a few big corporate CSOs or CISOs about their cloud security worries, requirements, etc. If you're willing to talk, please contact me via e-mail. Eventually I will share the results of this inquiry. Thank you....

Thu, 06 Sep 2012 11:48:48 UTC

Database of 12 Million Apple UDIDs Haked

Posted By Bruce Schneier

In this story, we learn that hackers got their hands on a database of 12 million Apple Apple Unique Device Identifiers (UDIDs) by hacking an FBI laptop. When I first read the story, my questions were not about the hack but about the data. Why does an FBI agent have user identification information about 12 million iPhone users on his...

Thu, 06 Sep 2012 01:13:27 UTC

DxO Optics Pro under Microsoft 8

Posted By Greg Lehey

Back home and set to installing DxO Optics Pro on bigpain, the new Microsoft 8 box. What did I get? 64 bit version or 32 bit version? DxO have been advertising the speed advantages of the 64 bit version at some length, but there was only one image to download. Hopefully it includes both variants. Installation went relatively smoothly, but I couldn't activate it: it seems that there's an activation counter somewhere, and I had used it too much. Still, there's always the 30 day free trial, so tried that. Yes, pretty much the same as before. With 4 CPUs it promised to convert images on average every 30 secondspretty much the same as what I would have got with the 32 bit version.

Thu, 06 Sep 2012 00:54:49 UTC

Enfield radiation tower

Posted By Greg Lehey

On the way home, found somehting that I had been looking for for a while: the Enfield NBN radiation tower: It wasn't quite where I had been expecting it, but yesterday I looked through the area and saw nothing. Today I noticed it from a few kilometres away, so presumably it has only just gone up.

Thu, 06 Sep 2012 00:32:11 UTC

Microsoft 8: first impressions

Posted By Greg Lehey

So it looks like the virtual hardware I use to run DxO Optics "Pro" is too wimpy: they prefer 64 bit machines, and clearly I should have multiprocessor support, which my version of Microsoft Windows XP doesn't have. But there's a prerelease version of Windows 8 available, and I downloaded it a few weeks ago. Time to install. There's always something confusing about Microsoft. Their view of the world, particularly networking, is just plain bizarre. The first thing I had to do was to enter an email addresswhy not a normal ID? I'm not sure, but it seems that it might not have been a user ID at all, but an email for registration.

Wed, 05 Sep 2012 19:20:05 UTC

Why Science Fiction Movies Drive Me Nuts

Posted By Cory Doctorow

Locus Magazine

Wed, 05 Sep 2012 19:19:40 UTC

Why SF movies make me insane

Posted By Cory Doctorow

Why SF movies make me insane My latest Locus column is "Why Science Fiction Movies Drive Me Nuts," in which I propose that the reason the science in sf movies is so awful is that they're essentially operas about technology. The reason that SF movies command such a titanic amount of attention and money from … [Read more]

Wed, 05 Sep 2012 19:04:29 UTC

Wall Street Journal Review of Liars and Outliers

Posted By Bruce Schneier

Liars and Outliers (along with two other books: Kip Hawley's memoir of his time at the TSA and Against Security, by Harvey Molotch) has been reviewed in the Wall Street Journal....

Wed, 05 Sep 2012 15:00:00 UTC

4 unix commands I abuse every day

Posted By Tom Limoncelli

A co-worker watched me type the other day and noticed that I use certain Unix commands for purposes other than they are intended. Yes, I abuse Unix commands.

Wed, 05 Sep 2012 11:06:03 UTC

Hacking Brain-Computer Interfaces

Posted By Bruce Schneier

In this fascinating piece of research, the question is asked: can we surreptitiously collect secret information from the brains of people using brain-computer interface devices? One article: A team of security researchers from Oxford, UC Berkeley, and the University of Geneva say that they were able to deduce digits of PIN numbers, birth months, areas of residence and other personal...

Wed, 05 Sep 2012 00:39:35 UTC

Microsoft world: the pain

Posted By Greg Lehey

While at the Friends of the Ballarat Botanical Gardens, Lorraine Powell showed me the proofs of the new Pictorial History of the Ballarat Botanical Gardens book. She had it on a USB stick, and she wasn't connected to the net, so we moved it to Genevieve's machine and tried to email it to me. Gmail wouldn't come to the party: it was over 25 MB. OK, what's ftp for? But how do you find it? This machine doesn't even offer to give you a Command Prompt: I had to find the Run window and start COMMAND.COM manually. And yes, ftp is still there in Microsoft machines, but the on-system firewall blocks outgoing ftp.

Tue, 04 Sep 2012 15:42:11 UTC

Don't Install Software by Hand

Posted By Diomidis D. Spinellis

An IT systems setup and configuration is a serious affair. It increasingly affects us developers mainly due to the proliferation and complexity of internet-facing systems. Fortunately, we can control and conquer this complexity by adopting IT-system configuration management tools.

Tue, 04 Sep 2012 14:04:49 UTC

Eye Twitch Patterns as a Biometric

Posted By Bruce Schneier

Yet another biometric: eye twitch patterns: ...a person's saccades, their tiny, but rapid, involuntary eye movements, can be measured using a video camera. The pattern of saccades is as unique as an iris or fingerprint scan but easier to record and so could provide an alternative secure biometric identification technology. Probably harder to fool than iris scanners....

Tue, 04 Sep 2012 09:00:00 UTC

Back To School Sale: "Time Management for Sysadmins" for 50% off!

Posted By Tom Limoncelli

I'm proud to announce that TM4SA has been selected to be featured on this year's O'Reilly Back-to-School Special. The special runs this week only, from Sept 4th to the 11th. Save up to 50% on books, videos and courses. To receive the discount start shopping using this link or use discount code "B2S2". Happy savings to all students and non-students alike!

Tue, 04 Sep 2012 00:04:25 UTC

More DxO experimentation

Posted By Greg Lehey

As it happened, I have just received another 4 GB of memory for eureka, meaning I could replace the 1 GB DIMMs with 2 GB and thus increase total RAM to 8 GBjust what I need to increase the memory size of my VirtualBox machines. So after yesterday's suggestion to increase memory, I put smart back up to 4 GB. No difference. And looking at the task manager, it's not surprising: Despite their slowness, the DxO processes aren't that big.

Sun, 02 Sep 2012 23:56:11 UTC

More DxO fun

Posted By Greg Lehey

DxO release frequent updates of their DxO Optics "Pro" software, and I generally install them in the hope that something might speed it up. The latest version is 7.5.4, and I installed it a couple of days ago. Faster? Difficult to say: as soon as I try to process anything, all the images disappear from the image browser window, at least on the version I have running in VirtualBox. No message, just dead in the water. And it's not consistent. In one scenario, the program runs for about a minute, then all files disappear from the Image Browser. The correction preview also disappears.

Sun, 02 Sep 2012 20:44:00 UTC

Open Brands

Posted By Benjamin Mako Hill

In late July, the Awesome Foundations invited me to participate in an interesting conversation about open brands at their conference. Awesome is a young collection of organizations struggling with the idea of if, and how, they want to try to control who gets call themselves Awesome. I was asked to talk about how the free software community approaches the issue. Guidance from free software is surprisingly unclear. I have watched and participated in struggles over issues of branding in every successful free software project I've worked in. Many years ago, Greg Pomerantz and I wrote a draft trademark policy for the Debian distribution over a couple beers.

Sat, 01 Sep 2012 02:05:55 UTC

New business cards

Posted By Greg Lehey

Since retiring, it's clear that I don't have business cards, but from time to time I want to give people something similar, more like what people used to call visiting cards. And from time to time I get a web advertisement with this offer from Vistaprint: 250 business cards, free. They're something like a free lunch. You only pay the postage. Letter postage for up to 500 g should run to about $3 and take between 1 to 4 business days to reach its destination. But this postage costs $7.85 and takes 21 days. You can have it faster, of course, but then it costs (much) more.

Sat, 01 Sep 2012 00:43:58 UTC

Reader Q&A: How to write a CAS loop using std::atomics

Posted By Herb Sutter

The following is not intended to be a complete treatise on atomics, but just an answer to a specific question. A colleague asked: How should one write the following conditional interlocked function in the new C++ atomic<> style? // if (*plValue >= 0) *plValue += lAdd  ; return the original value LONG MpInterlockedAddNonNegative(__inout LONG volatile* [...]