Blog Archive: February 2014

Fri, 28 Feb 2014 22:38:25 UTC

Friday Squid Blogging: Bobtail Squid Photos

Posted By Bruce Schneier

Pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 28 Feb 2014 20:16:24 UTC

NEBULA: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: NEBULA (S//SI//FVEY) Multi-Protocol macro-class Network-In-a-Box (NIB) system. Leverages the existing Typhon GUI and supports GSM, UMTS, CDMA2000 applications. LTE capability currently under development. (S//SI//REL) Operational Restrictions exist for equipment deployment. (S//SI//REL) Features: Dual Carrier System EGSM 900MHz UMTS 2100MHz CDMA2000 1900MHz Macro-class Base station 32+Km Range Optional Battery...

Fri, 28 Feb 2014 12:25:43 UTC

Decoding the Voynich Manuscript

Posted By Bruce Schneier

The Voynich Manuscript has been partially decoded. This seems not to be a hoax. And the manuscript seems not to be a hoax, either. Here's the paper....

Fri, 28 Feb 2014 00:20:26 UTC

Honest CPU cycles

Posted By Greg Lehey

Decades ago at Tandem, our CEO Jimmy Treybig told us that we should find ways to use CPU cycles honestly. What he meant, of course, was to find applications that justifiably used lots of CPU time and thus sold processors. He would have been proud of modern web browsers:   PID USERNAME      THR PRI NICE   SIZE    RES STATE   C   TIME   WCPU COMMAND   400 grog            1 103    0   197M 60304K CPU7    7  19.9H 100.00% chrome   387 grog            1 103    0   197M 60304K CPU6    6  19.9H 100.00% chrome 16418 grog           35  20    0  1188M   815M uwait   3 138:43 100.00% firefox-bin It's difficult to compare the speed of ...

Fri, 28 Feb 2014 00:15:26 UTC

Yet Another Broken Photography Package

Posted By Greg Lehey

C't digitale Fotographie arrived today, along with a DVD with various things on it. One was Studioline Photo Classic SE 3, which promises lots of useful base functions: Professional photographic processing and photo database with hierarchical categories and evaluation system. Allows importing raw photos and can read and process IPTC and EXIF data. Maybe that reference to databases and import should have warned me. But I installed it, and found at least voluminous documentation: 305 pages of it. That's almost too much.

Thu, 27 Feb 2014 23:54:48 UTC

Watching H.264

Posted By Greg Lehey

Yesterday's download of Downton Abbey had one problem: it's 1080p in MPEG-4/H.264 coding, and my TV computer couldn't handle it. Discussing the matter, though, Jürgen Lock mentioned VDPAU. Yes, of course I'm using it. Look... Oh. Modified the baroque script I use to launch mplayer and all was well: CPU usage down from 70% to 3%. === grog@teevee (/dev/pts/4) /spool/Images 6 -> mmp Downton-Abbey-4-1 /usr/local/bin/mplayer-old -alang en -cache 16384 -osdlevel 3 -subfont-osd-scale 1 -vo vdpau -vc ffh264vdpau -calctime -savetime Downton-Abbey-4-1 -framedrop -fs -really-quiet 2> /var/tmp/mmp-errors And in passing it's interesting to note that the definition of this recording is really much better than what we see on TV.

Thu, 27 Feb 2014 23:41:26 UTC

Improving signal to noise ratio

Posted By Greg Lehey

This diary has always been my personal diary, though I share. But much of I write must be deathly boring to most people. In particular, for the past 5 years it has been aggregated into the ACM queue web site. Early on I introduced categories so that ACM could select only computer-related topics. But as time goes on, I'm writing more and more, and little of it can be interesting to the average ACMQ reader. This month, out of a total of 132 entries in ACMQ, I wrote 53. Yes, they're all somehow related to computers, but that doesn't make them interesting to anybody except myself.

Thu, 27 Feb 2014 20:08:44 UTC

GENESIS: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: GENESIS (S//SI//REL) Commercial GSM handset that has been modified to include a Software Defined Radio (SDR) and additional system memory. The internal SDR allows a witting user to covertly perform network surveys, record RF spectrum, or perform handset location in hostile environments. (S//SI//REL) The GENESIS systems are designed...

Thu, 27 Feb 2014 20:00:00 UTC

N5-cam V: Barcelona Subway

Posted By Tim Bray

I offer further research on the hypothesis that a decent modern phonecam (in this case a Nexus 5) means you dont need a good pocket cam any more. In particular, how about street photography? Where by street I mean under the street not on it and color not B&W. Street is said to require discretion, responsiveness, and subtle tonal variations. Heres the evidence. Worth enlarging, if only for the hands. A few things need saying: First, they werent together; the younger was traveling with a young man sporting a guitar and flowing curls. And although shes smiling once, she wasnt a happy woman, clearly troubled; mind you, it was early and cold.

Thu, 27 Feb 2014 12:03:56 UTC

Was the iOS SSL Flaw Deliberate?

Posted By Bruce Schneier

Last October, I speculated on the best ways to go about designing and implementing a software backdoor. I suggested three characteristics of a good backdoor: low chance of discovery, high deniability if discovered, and minimal conspiracy to implement. The critical iOS vulnerability that Apple patched last week is an excellent example. Look at the code. What caused the vulnerability is...

Wed, 26 Feb 2014 20:38:21 UTC

ENTOURAGE: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: ENTOURAGE (S//SI//REL) Direction Finding application operating on the HOLLOWPOINT platform. The system is capable of providing line of bearing for GSM/UMTS/CDMA2000/FRS signals. A band-specific antenna and laptop controller is needed to compliment the HOLLOWPOINT system and completes the ground based system. (S//SI) The ENTOURAGE application leverages the 4...

Wed, 26 Feb 2014 15:33:30 UTC

Guest review: my daughter reviews Ariol

Posted By Cory Doctorow

I love reading with my daughter, Poesy, who has just turned six. We agree on almost all of her favorites, and re-reading them is one of our best-loved activities, and how we pass the time on boring bus-rides and so forth. However, there are a few books that Poesy loves, but which leave me cold. … [Read more]

Wed, 26 Feb 2014 13:32:51 UTC

Research Assistants and Associates in OS, Compiler and CPU Security

Posted By Robert N. M. Watson

We are pleased to announce a job ad for two new research assistants or post-doctoral research associates working on our CTSRD Project, whose target research areas include OS, compiler, and CPU security. This is a joint project between the University of Cambridge’s Security, NetOS, and Computer Architecture research groups, as well as the Computer Science [...]

Wed, 26 Feb 2014 12:55:46 UTC

DDoSing a Cell Phone Network

Posted By Bruce Schneier

Interesting research: Abstract: The HLR/AuC is considered to be one of the most important network elements of a 3G network. It can serve up to five million subscribers and at least one transaction with HLR/AuC is required for every single phone call or data session. This paper presents experimental results and observations that can be exploited to perform a novel...

Wed, 26 Feb 2014 01:22:00 UTC

An Arduino-Based Sump Monitor (Part 1: Hardware) [Version 2]

Posted By Eric Allman

Several months ago I did another post on this, but it turns out it had significant problems due to galvanic corrosion. The solution seems to have been to switch from a DC circuit to an AC circuit. I've left that post around for reference, but this posting otherwise replaces it. We have a below-grade basement. We have a sump, but we've had problems with the pumps, or more precisely, the pump switches. Note the use of the plural: several years ago we installed a second pump on a separate switch, but we have still had both of them fail. So, I decided to build a monitor for the sump to measure both the height of the water in the sump and when (and if!)

Tue, 25 Feb 2014 20:11:40 UTC

EBSR: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: EBSR (S//SI//REL) Multi-purpose, Pico class, tri-band active GSM base station with internal 802.11/GPS/handset capability. (S//SI//REL) Operational Restrictions exist for equipment deployment. (S//SI//REL) Features: LxT Model: 900/1800/1900MHz LxU Model: 850/1800/1900MHz Pico-class (1Watt) Base station Optional Battery Kits Highly Mobile and Deployable Integrated GPS, MS, & 802.11 Voice & High-speed...

Tue, 25 Feb 2014 15:00:00 UTC

LOPSA-East 2014: Full of DevOps and other great stuff!

Posted By Tom Limoncelli

The LOPSA-East talks schedule was published yesterday. It is broken into 4 tracks: DevOps, Infrastructure, Career Development and "General". I'm impressed! The DevOps Track has a lot of good culture talks, best practices, and big names like Mandi Walls. The Infrastructure Track has case studies as well as talks about how to do it yourself. The Professional/Career Talks Track has a mix of sessions for both junior and senior people. The "General" Track has a huge diversity: network (the hardware kind), networking (the community kind), "lightning talks" and more. There's also a lot of excellent training classes, which I'll write about in another post.

Tue, 25 Feb 2014 12:43:23 UTC

Breaking Up the NSA

Posted By Bruce Schneier

The NSA has become too big and too powerful. What was supposed to be a single agency with a dual mission -- protecting the security of U.S. communications and eavesdropping on the communications of our enemies -- has become unbalanced in the post-Cold War, all-terrorism-all-the-time era. Putting the U.S. Cyber Command, the military's cyberwar wing, in the same location and...

Mon, 24 Feb 2014 22:52:31 UTC

More E-M1 network experiences

Posted By Greg Lehey

So how do I download photos from my camera to a computer without the help of OI.Share? Yes, I have a web page, but I need the individual images. Maybe it's as simple as appending the image name, like http://192.168.0.10/DCIM/100OLYMP/P2244123.ORF. Tried that with a browser on my Android, and it seems that it might be right; only of course the browser doesn't know what to do with the image. Tried a JPEG image with OI.Share, and sure enough, it downloaded it. Almost. It changed the name to hide the origin, and seems to have done some kind of reformatting: -r----x--x  1 grog  lemis   2,903,504 24 Feb 11:22 OI000001.jpg -rw-rw-r--  2 grog  lemis   2,887,042 23 Feb 12:12 P2234068.JPG That's the same image, firstly downloaded via OI.Share and then directly from the card.

Mon, 24 Feb 2014 22:33:01 UTC

Understanding Android, next attempt

Posted By Greg Lehey

When I came into the lounge room this morning, my Android tablet had the display illuminated, and it didn't respond correctly to swiping. Some software hang? Found the reset hole and reset the thing, which didn't seem to improve matters greatly. Not until another reboot did it respond normally. Why? It was trying, with apparent lack of success, to update the Zoiper app. Running out of space? For some obscure reason, the tablet has divided its 16 GB SD card into a 1.9 GB partition and a 14 GB partition, and it only uses the former, now nearly full. Will it overflow into the second?

Mon, 24 Feb 2014 20:44:34 UTC

CYCLONE Hx9: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: CYCLONE Hx9 (S//SI//FVEY) EGSM (900MGz) macro-class Network-In-a-Box (NIB) system. Uses the existing Typhon GUI and supports the full Typhon feature base and applications. (S//SI//REL) Operational Restrictions exist for equipment deployment. (S//SI//REL) Features: EGSM 900MHz Macro-class (+43dBm) 32+Km Range Optional Battery Kits Highly Mobile and Deployable Integrated GPS, MS,...

Mon, 24 Feb 2014 12:35:46 UTC

New Results in Software Obfuscation

Posted By Bruce Schneier

Amit Sahai and others have some new results in software obfuscation. The papers are here. An over-the top Wired.com story on the research is here. And Matthew Green has a great blog post explaining what's real and what's hype....

Mon, 24 Feb 2014 06:25:45 UTC

Text of Little Brother on an art-litho, tee, or tote

Posted By Cory Doctorow

As you may have noticed, I think Litographs are really cool: the company turns the text of various books into a piece of appropriately themed text-art and makes lithographs, tees and tote-bags out of it. Now, I'm delighted to announce that the company has produced a line of Litographs based on my novel Little Brother, … [Read more]

Mon, 24 Feb 2014 00:06:36 UTC

How to scan QR codes

Posted By Greg Lehey

My discussion about the Olympus OM-D E-M1 wireless link support continues. It seems that there are two users, User and Admin. But the documentation speaks, probably more correctly, of a private and a one-time connection. The documented difference is that in the latter case the password changes every time you set up a connection. In fact, not even that is correct: you get the chance to change it every time you set up a connection. The undocumented difference is that you can only control the camera in private mode. And that's what Reinhard was talking about. In fact, the one-time connection mode makes sense in many scenarios.

Mon, 24 Feb 2014 00:02:06 UTC

More computer pain

Posted By Greg Lehey

Spent much of the day processing photos, not helped by various X bugs that came to bite me. Got server 1 stuck in a loop again, and this time on restarting I was back to this strange behaviour where I had to move the cursor after input. And then I got the dreaded mouse jump hang not once, but twice. No doubt about it: it's related to USB. Now if I could only get enblend to work on release 10, I'd finally be able to upgrade. ACM only downloads articles once.

Sun, 23 Feb 2014 20:00:00 UTC

The Bay Area

Posted By Tim Bray

Last week I announced that I was leaving Google and said in passing that I found the Bay Area congested, racist, incestuous, and overpriced. Those four adjectives were apparently more newsworthy than my career moves; fair enough. The reaction (and there was a lot of it) ranged from giggly agreement to sincere anger. So I should follow up. I think congested and overpriced hardly seem worth elaborating on. Yes, my own hometown is overpriced too so I grant a certain unfairness in my bandying that word. Id bypass incestuous too, but I cant noting that in a private discussion someone suggested I meant the startup/VC/tech-press Human Centipede.

Sun, 23 Feb 2014 00:20:03 UTC

More E-M1 networking

Posted By Greg Lehey

More investigation of the Olympus OM-D E-M1 wireless networking today. Reinhard Wagner had told me that there are two different users defined in the camera: one could control the camera, the other just access the images. By chance I had got hold of a second Android tablet, a Bauhn (i.e. ALDI) AT-HK97. Under the circumstances it proved to be a poor choice: OI.Share doesn't support it. But I was able to connect to the camera using the standard settings page: the camera shows up as an access point, and it allows setup with WPS, just like a normal access point. Unfortunately, I was not able to connect a second tablet.

Sat, 22 Feb 2014 05:51:24 UTC

Completing XP SP3 install

Posted By Greg Lehey

Into the office this morning to find pain, my Microsoft XP box, telling me that it couldn't install Service Pack 3 because there wasn't enough space. OK, that can be fixed. But then I couldn't find the download! Internet Explorer had put it somewhere that I couldn't find, and it doesn't seem to have a downloads page. Fortunately I had the name of the file from yesterday's security issues, and was able to search for it with a recursive DIR invocation. It was in C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\WindowsXP-KB936929-SP3-x86-ENU.exe. Clearly they didn't want me to find it. Installation ran for hours! But it succeeded. And when it did, of course, I was waiting for many more software updates, but it still wanted to install updates for SP2.

Fri, 21 Feb 2014 22:33:17 UTC

Friday Squid Blogging: Squid vs. Owlfish

Posted By Bruce Schneier

This video is pretty fantastic: The narrator does a great job at explaining what's going on here, blow by gross blow, but here are the highlights: Black-eyed squid snares owlfish with its two tentacles, which are tipped with hooks and suckers, and reels it in. Black-eyed squid gnaws away at the owlfish's spinal cord using its very sharp beak. Owlfish...

Fri, 21 Feb 2014 20:41:27 UTC

CROSSBEAM: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: CROSSBEAM (TS//SI//REL) CROSSBEAM is a GSM module that mates a modified commercial cellular product with a WAGONBED controller board. (TS//SI//REL) CROSSBEAM is a reusable CHIMNEYPOOL-compliant GSM communications module capable of collecting and compressing voice data. CROSSBEAM can receive GSM voice, record voice data, and transmit the received information...

Fri, 21 Feb 2014 20:06:00 UTC

Co3 Systems at the RSA Conference

Posted By Bruce Schneier

Co3 Systems is going to be at the RSA Conference. We don't have our own booth on the show floor, but there are four ways you can find us. Monday, we're at the Innovation Sandbox: 1:005:00 in Moscone North. At the conference, we're in the RSA Security booth. Go to the SecOps section of the booth and ask about us....

Fri, 21 Feb 2014 17:18:58 UTC

10% off Cascadia IT registration

Posted By Tom Limoncelli

If you are taking any of my classes (or not) you can use the discount code "CasIT14-Presenter-guest" to get an additional 10% discount on a 2-day registration for the conference. The code expires at midnight, the evening of Saturday, 1 MAR, 2014. You don't have to be taking any of my classes to use the code.

Fri, 21 Feb 2014 14:34:52 UTC

Building an Online Lie Detector

Posted By Bruce Schneier

There's an interesting project to detect false rumors on the Internet. The EU-funded project aims to classify online rumours into four types: speculation -- such as whether interest rates might rise; controversy -- as over the MMR vaccine; misinformation, where something untrue is spread unwittingly; and disinformation, where it's done with malicious intent. The system will also automatically categorise sources...

Fri, 21 Feb 2014 00:25:04 UTC

Installing Windows XP Service Pack 3

Posted By Greg Lehey

Installing Windows XP service pack 3 sounded like a good idea. My old Dell Inspiron 5100 has only 512 MB of memory (or, as I said at the time Microsoft must be getting really memory hungry if a laptop can use that much memory), so there's no point in trying to upgrade to a newer version of Microsoft. And since support for XP is about to cease, it looked like time to install the latest version. How do you do that? The control panel, which hasn't really changed since those days, doesn't have a Windows Update function. It seems that you must use Internet Explorer to do that.

Fri, 21 Feb 2014 00:04:31 UTC

Networking an E-M1

Posted By Greg Lehey

Yesterday's revelations about the nature of the network support of the Olympus OM-D E-M1 got me thinking. Can't I do that too? The problem is that the camera has its own SSID and generates its own password. Those are basically access point functions. The thing doesn't know its place in the network. So I need a device that can associate with it. I have one, of course: my Android tablet. But that means disconnecting from any other network. Apart from that, I don't use wireless networking. But I do have an old PCMCIA wireless card, one of the many that Rasmus bought for us over 12 years ago.

Thu, 20 Feb 2014 22:09:56 UTC

Brian Krebs

Posted By Bruce Schneier

Nice profile of Brian Krebs, cybersecurity journalist: Russian criminals routinely feed Mr. Krebs information about their rivals that they obtained through hacks. After one such episode, he began receiving daily calls from a major Russian cybercriminal seeking his files back. Mr. Krebs is writing a book about the ordeal, called "Spam Nation," to be published by Sourcebooks this year. In...

Thu, 20 Feb 2014 20:11:11 UTC

CANDYGRAM: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: CANDYGRAM (S//SI//REL) Mimics GSM cell tower of a target network. Capable of operations at 900, 1800, or 1900 MHz. Whenever a target handset enters the CANDYGRAM base station's area of influence, the system sends out an SMS through the external network to registered watch phones. (S//SI//REL) Typical use...

Thu, 20 Feb 2014 15:19:17 UTC

RCS Spyware and Citizen Lab

Posted By Bruce Schneier

Remote-Controlled System (RCS) is a piece of spyware sold exclusively to governments by a Milan company called Hacking Team. Recently, Citizen Lab found this spyware being used by the Ethiopian government against journalists, including American journalists. More recently, Citizen Lab mapped the software and who's using it: Hacking Team advertises that their RCS spyware is "untraceable" to a specific government...

Thu, 20 Feb 2014 08:18:14 UTC

Museums and the free world: keynote from the Museums and the Web conference in Florence

Posted By Cory Doctorow

Yesterday, I delivered a keynote address for the 2014 Museums and the Web Conference in Florence, speaking in the audience chamber of the Palazzo Vecchio, which is pretty much the definition of working the big room at the palace. The organizers will be uploading video shortly, but in the meantime, they've been kind enough to … [Read more]

Thu, 20 Feb 2014 02:28:00 UTC

Thinking and Software Development

Posted By Terry Coatta

Those of us who have been developing software for more years than we might care to admit, are sometimes inclined to fret about the skills that junion programmers lack -- particularly those fresh out of university or college. And as is typical with software developers, if you have N of them in the room, you'll have at least N+1 opinions about just what skills are most important and the least well prepared for by our educational institutions. Naturally I have my own opinions and I'd like to argue about why they're important not just for a computer science education, but any type of education.

Wed, 19 Feb 2014 23:57:52 UTC

Olympus E-M1 networking

Posted By Greg Lehey

One of the big disappointments about my new Olympus OM-D E-M1 is the abysmal networking support. According to the instructions, it can only interface to a tablet or smart phone, and to do so the device must completely disconnect from any other network. Network indeed! It's a point-to-point connection. There was a discussion of the matter on the German Olympus Forum today, in the course of which Oliver Musch pointed me at this thread in another forum, where somebody had actually managed to talk to the camera from a PC. He describes it here: the problem is that the camera generates its own SSID, of the form E-M1-P<serial-number>; it's as if it wants to be its own access point.

Wed, 19 Feb 2014 23:47:43 UTC

Microsoft hibernation, next pain

Posted By Greg Lehey

I still haven't found a way to get dischord, my Microsoft 7 box, to hibernate correctly. What I'm trying now is to power cycle it after hibernation. It then will still react to a magic packet across the network, so the only real issue is the physical access to power cycle it. But today, though it came up, I couldn't access it via rdesktop. Why not? Took at look with tcpdump and discovered dischord trying to access the Internet via sky-gw, the now-removed gateway to the SkyMesh network. That needed fixing, of course. And for some reason, Microsoft decided that I was now on a new network, Network 3.

Wed, 19 Feb 2014 23:33:15 UTC

Net download speeds revisited

Posted By Greg Lehey

A couple of days ago I had significant problems downloading videos from Coursera, getting under 100 kB/s aggregate. That appeared to be at least in part because I was using a different download server. Today I had more videos to download from the same server. This time, though, things were fine: That's an aggregate speed of 3.221 MB/s, or 25.678 Mb/s payload. You certainly can't complain about that. ACM only downloads articles once.

Wed, 19 Feb 2014 20:18:58 UTC

TOTEGHOSTLY 2.0: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: TOTEGHOSTLY 2.0 (TS//SI//REL) TOTEGHOSTLY 2.0 is STRAITBIZARRE based implant for the Windows Mobile embedded operating system and uses the CHIMNEYPOOL framework. TOTEGHOSTLY 2.0 is compliant with the FREEFLOW project, therefore it is supported in the TURBULENCE architecture. (TS//SI//REL) TOTEGHOSTLY 2.0 is a software implant for the Windows Mobile...

Wed, 19 Feb 2014 20:00:00 UTC

Leaving Google

Posted By Tim Bray

As of March 17th Ill be an ex-employee. Its an amicable separation in the face of irreconcilable differences: I wouldnt move to California and Google wouldnt open a Vancouver office. I havent decided what to do next. Lets go with Q&A format. Seriously, about remote work? Yep. Both before and after being hired, I had been asked to consider moving south. I didnt want to and politely declined. Eventually, the group Im in politely informed me that staying remote wasnt an option. I talked to a couple of other groups but my heart wasnt really in it, because I decided Googles position was correct.

Wed, 19 Feb 2014 18:31:51 UTC

Reader Q&A: Is std::atomic_compare_exchange_* implementable?

Posted By Herb Sutter

Quick answer: Yes. I see there was also a thread about this on StackOverflow, so I’ll echo this Q&A publicly for others’ benefit and hopefully to dispel confusion. Duncan Forster asked: I’m quite alarmed the C++ committee chose such a bad interface for std::atomic compare_exchange, i.e.:     bool compare_exchange_???(T& expected, T desired, …);I notice you […]

Wed, 19 Feb 2014 15:00:00 UTC

Jumpy, nervous, jittery user interfaces reduce "user trust"

Posted By Tom Limoncelli

What's with the trend of making user interfaces that hide until you mouse over them and then they spring out at you? How did every darn company hop on this trend at the same time? Is there a name for this school of design? Was there a trendy book that I missed? Is there some UI blog encouraging this? For example look at the new Gmail editor. To find half the functions you need to be smart enough or lucky enough to move the mouse over the right part of the editor for those functions to appear. Microsoft, Facebook, and all the big names are just as guilty.

Wed, 19 Feb 2014 12:47:42 UTC

Debating Snowden's Actions

Posted By Bruce Schneier

It's the season. Here are two....

Tue, 18 Feb 2014 23:54:08 UTC

Continued enblend pain

Posted By Greg Lehey

Another attempt at compiling enblend with clang. It's like pulling teeth. At Jürgen Lock's suggestion, tried telling it to use different C++ standards. That made a difference: things died in different places. I'm reminded of Andy Tanenbaum's quote: The nice thing about standards is that you have so many to choose from. More seriously, this whole thing is a catastrophe. I have two large, not-very-well written packages that are so compiler-sensitive that I can't find a way through the jungle. Is this what C++ was meant to be? In the end, I put it back on the too hard queue, at least for the time being.

Tue, 18 Feb 2014 20:17:26 UTC

TOTECHASER: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: TOTECHASER (TS//SI//REL) TOTECHASER is a Windows CE implant targeting the Thuraya 2520 handset. The Thuraya is a dual mode phone that can operate either in SAT or GSM modes. The phone also supports a GPRS data connection for Web browsing, e-mail, and MMS messages. The initial software implant...

Tue, 18 Feb 2014 20:00:00 UTC

Ingress in 2014

Posted By Tim Bray

It was stormy at dusk last Sunday; Shoekey and I hunched shoulder-to-shoulder in a waterfront park, 90 km/h of swirling wind driving a mix of fresh rain and salt spray at us from every direction, zip-loc-bagged Androids in hand. Because in a big Ingress op, you gotta do what you gotta do. Yeah, Im playing again. Back Story (You can get the full-length version in Ingress, Things About Ingress, Ingress, Month 3, Ingress Weekly, Ingress Tourism, Advanced Ingress, Ingress Chase Scene, Ingress Ebb and Flow, and The Ingress Social Network): I got interested in late 2012, played off and on through last May, then faded away, bored.

Tue, 18 Feb 2014 15:00:00 UTC

The FreeBSD Journal: Read it even if you don't use FreeBSD

Posted By Tom Limoncelli

The first issue of The FreeBSD Journal has finally shipped! I got to read an early draft of the first issue and I was quite impressed by the content. It was a great way to learn what's new and interesting with FreeBSD plus read extended articles about specific FreeBSD technologies such as ZFS, DTrace and more. Even if you don't use FreeBSD, this is a great way to learn about Unix in general and expand your knowledge of advanced computing technologies. The Journal is a brand new, professionally produced, on-line magazine available from the various app stores, including Apple iTunes, Google Play, and Amazon Kindle.

Tue, 18 Feb 2014 14:30:30 UTC

What Information Are Stun Guns Recording?

Posted By Bruce Schneier

In a story about a stolen Stradivarius violin, there's this: Information from a stun gun company, an anonymous tip and hours of surveillance paved the way for authorities to find a stolen 300-year-old Stradivarius violin in the attic of a Milwaukee home, police said Thursday. [...] Taser International, the maker of the stun gun used in the attack, "provided invaluable...

Tue, 18 Feb 2014 00:52:43 UTC

Trip report: Winter ISO C++ meeting

Posted By Herb Sutter

I just posted my trip report from last week’s ISO C++ meeting over on isocpp.org. The meeting just wrapped up about 48 hours ago, on Saturday afternoon. This is a real milestone for C++. Not only did we finish C++14 (we think, assuming this coming ballot comes back clean so that we can skip the […]

Tue, 18 Feb 2014 00:44:59 UTC

Enblend port, next try

Posted By Greg Lehey

Finally got round to looking at the enblend port, which has been broken for months since changing compilers. Applied all the patches that people have sent to me, but it still fails with undefined references like this one: enfuse.cc:(.text._ZN5vigra6detail11exportImageIN9vigra_ext28ConstCachedFileImageIteratorINS_8RGBValueIhLj0ELj1ELj2EEEEENS_11RGBAccessorIS5_EEEEvT_S9_T0_RKNS_15ImageExportInfoENS_14VigraFalseTypeE[_ZN5vigra6detail11exportImageIN9vigra_ext28ConstCachedFileImageIteratorINS_8RGBValueIhLj0ELj1ELj2EEEEENS_11RGBAccessorIS5_EEEEvT_S9_T0_RKNS_15ImageExportInfoENS_14VigraFalseTypeE]+0x116): undefined reference to `vigra::isBandNumberSupported(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int)' What's causing that? Both enblend and vigra are unduly sensitive to the compiler in use, and the change to clang has completely broken them.

Tue, 18 Feb 2014 00:24:20 UTC

Goodbye SkyMesh

Posted By Greg Lehey

My two month trial with SkyMesh started either on 19 December, when I got the equipment, or on 21 December, when they finally sorted out their configuration. Time to give notice of termination. Sent a message to Paul Rees, summarizing the reasons: Parts of it were excellent. Good things: Reliable connection.

Tue, 18 Feb 2014 00:17:10 UTC

Aussie Broadband support

Posted By Greg Lehey

Another round of Coursera videos today, 184 MB of them. Not a worry any more since my connection to the National Broadband Network: that corresponds to a download time of a little over a minute. But today that didn't happen; instead of the expected 2.5 MB/s download speeds, I ended up with about 20 kB/s. What went wrong? Tried again from my external server in Maryland. 8 MB/s. Even copying from there came over with 450 kB/s. So what was wrong?

Mon, 17 Feb 2014 20:20:04 UTC

PICASSO: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: PICASSO (S//SI//REL) Modified GSM (target) handset that collects user data, location information and room audio. Command and data exfil is done from a laptop and regular phone via SMS (Short Messaging Service), without alerting the target. (S//SI) Target Data via SMS: Incoming call numbers Outgoing call numbers Recently...

Mon, 17 Feb 2014 18:13:49 UTC

US Infosec Researchers Against NSA Surveillance

Posted By Bruce Schneier

I signed an open letter from US researchers in cryptography and information security on NSA surveillance. It has received a lot of media coverage....

Mon, 17 Feb 2014 15:00:00 UTC

Anti-Pattern: "The big project" that never ships

Posted By Tom Limoncelli

I was reminded of this excellent blog post by Leon Fayer of OmniTI. As software developers, we often think our job is to develop software, but, really, that is just the means to an end, and the end is to empower business to reach their goals. Your code may be elegant, but if it doesn't meet the objectives (be they time or business) it doesn't f*ing work. Likewise I've seen sysadmin projects that spent so much time in the planning stage that they never were going to ship unless someone stood up and said, "we've planned enough. I'm going to start coding whether you like it or not".

Mon, 17 Feb 2014 13:20:00 UTC

LOPSA-East schedule published!

Posted By Tom Limoncelli

The schedule of talks and tutorials has been published! Talks: http://lopsa-east.org/2014/lopsa-east-14-talks/ Tutorials: http://lopsa-east.org/2014/lopsa-east-14-training-schedule/ I'm glad to announce that I'll be teaching 2 tutorials and giving 2 talks: "Tom's Top 5 Time Management Tips" and "Book Preview: The Practice of Cloud Administration". My tutorials include "Evil Genius 101", which was standing-room only last year plus "Intro to Time Management for System Administrators" which hasn't been taught at LOPSA-East in quite a few years. Registration opens soon. I look forward to seeing you at this year's conference! Tom

Mon, 17 Feb 2014 11:23:20 UTC

Who Should Store NSA Surveillance Data

Posted By Bruce Schneier

One of the recommendations by the president's Review Group on Intelligence and Communications Technologies on reforming the National Security Agency—No. 5, if you're counting—is that the government should not collect and store telephone metadata. Instead, a private company -- either the phone companies themselves or some other third party -- should store the metadata and provide it to the government...

Mon, 17 Feb 2014 01:58:37 UTC

Seattle: CascadiaIT'14 keynote: Æleen Frisch

Posted By Tom Limoncelli

I'm excited to see that long-time sysadmin and author Æleen Frisch will be the keynote of this year's Cascadia IT conference, Seattle, March 7-8! If you don't recognize her name, check your bookshelf. You probably have a few of her books! http://casitconf.org/ There is still time to register. There are still a few seats left in the tutorials "Evil Genius 101" and "Team Time Management & Collaboration". Don't wait, register today! There are also a dozens other excellent tutorials and talks. Plus, there are a lot of networking opportunities. Hope to see you there! http://casitconf.org/

Sun, 16 Feb 2014 20:00:00 UTC

Hockey Publishing

Posted By Tim Bray

I just enjoyed watching the first-round Finland-Canada hockey game from Sochi; the Finnish defense is awesome, and Tuukka Rask just about beat Canada single-handed. Also, they gotta do something about the ice quality. But this isnt about that, its about Wikipedia, once again beating the world. After the game was over, CBC TV showed a helpful grid of the rest of the tournament and how the playoffs worked. It went by a little too fast so I went to pull it up on the Internet. The Sochi14 site is horribly organized, but eventually, after much thrashing around, I tracked down the hockey playoff page, but nobody had bothered to fill it in.

Sun, 16 Feb 2014 01:33:18 UTC

MySQL table editor: finished!

Posted By Greg Lehey

More work on MySQL Edit Table today. Now it works, I think. I can add, modify and delete records, and search for them. For the time being it's enough. There are still many rough edges and other things I'd like to do, but since I have (re)written much of the code, I'm in a better position to do that kind of thing. ACM only downloads articles once.

Sun, 16 Feb 2014 01:13:56 UTC

Still more backup disk isssues

Posted By Greg Lehey

My issues with the backup disk are still not over. Even after reading data from the disk, mount claims that the device is not configured: === root@eureka (/dev/pts/26) /var/log 202 -> dd if=/dev/da0s1d of=/dev/null count=1 1+0 records in 1+0 records out 512 bytes transferred in 0.000490 secs (1045004 bytes/sec) === root@eureka (/dev/pts/26) /var/log 203 -> mount /dev/da0s1d /backups mount: /backups: Device not configured What now? It almost looks like a kernel debugging session, but first I'll complete my migration to FreeBSD release 10. ACM only downloads articles once.

Sun, 16 Feb 2014 00:13:06 UTC

X pain

Posted By Greg Lehey

Since moving to my new computer, I've had more strange problems with X: server 1, which had previously never given me any trouble, started hanging. Today I managed to provoke it again, but after restarting I couldn't get my mouse to respond. I've had that issue before. In fact, every time I start server 0, the first time round the mouse is dead. I have to immediately stop it and restart it. But that no longer worked. Time to look in the log files. In /var/log/Xorg.1.log I found: (WW) product 0x05d8: No Device specified, looking for one...

Sun, 16 Feb 2014 00:10:14 UTC

Network speed comparisons

Posted By Greg Lehey

I was very impressed by my 26 ms ping time to ozlabs.org yesterday. But today things weren't nearly as good. Ran mtr for a while and discovered that the bottleneck was at the other end, in the TransACT network, and that in fact my link is capable of very fast speeds, down as low as 17 ms. I'm impressed. ACM only downloads articles once.

Sat, 15 Feb 2014 02:50:57 UTC

More database editor pain

Posted By Greg Lehey

I'm making progress on fixing MySQL Edit Table, but it's slow. The lack of comments and the emetic HTML output make it very difficult to understand, and today I spent much of my time reformatting the HTML output so that I could understand it. I hate ugly indentation at the best of times, but now is not the best of times: it was absolutely necessary to get anything done. Finally I had the Add record functionality almost working. But it seems the code makes assumptions about the primary key:         if (!$edit && $key == $this->primary_key)           $field = "<input type='hidden' name='$key' value='>[auto increment]"; And no, there's no check to see if that's the case or not.

Sat, 15 Feb 2014 02:37:17 UTC

Energy Efficiency of Cloud Computing

Posted By James Hamilton

Most agree that cloud computing is inherently more efficient that on premise computing in each of several dimensions. Last November, I went after two of the easiest to argue gains: utilization and the ability to sell excess capacity (Datacenter Renewable Power Done Right):   Cloud computing is a fundamentally more efficiently way to operate compute infrastructure. The increases in efficiency driven by the cloud are many but a strong primary driver is increased utilization. All companies have to provision their compute infrastructure for peak usage. But, they only monetize the actual usage which goes up and down over time.

Sat, 15 Feb 2014 02:37:17 UTC

Energy Efficiency of Cloud Computing

Posted By James Hamilton

Most agree that cloud computing is inherently more efficient that on premise computing in each of several dimensions. Last November, I went after two of the easiest to argue gains: utilization and the ability to sell excess capacity (Datacenter Renewable Power Done Right): Cloud computing is a fundamentally more efficiently way to operate compute infrastructure....

Sat, 15 Feb 2014 01:46:39 UTC

Networking: faster?

Posted By Greg Lehey

Still no technical message from Aussie Broadband today, but I did receive an invoice, which also indicated that I would get double the data allowance (in other words, 100 GB) for the first 6 months. That's not on their web site, but it was on the advertising I got a few months ago. So: I'm on the net. How is it? Ran some speed tests and got some quite good results: latency (ping) of 36 ms, downlink 26.2 Mb/s, uplink 4.2 Mb/s. That's about as good as I've had.

Fri, 14 Feb 2014 22:02:09 UTC

Friday Squid Blogging: Giant Squid TED Talk

Posted By Bruce Schneier

Interesting. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 14 Feb 2014 21:19:37 UTC

MONKEYCALENDAR: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: MONKEYCALENDAR (TS//SI//REL) MONKEYCALENDAR is a software implant for GSM (Global System for Mobile communication) subscriber identity module (SIM) cards. This implant pulls geolocation information from a target handset and exfiltrates it to a user-defined phone number via short message service (SMS). (TS//SI//REL) Modern SIM cards (Phase 2+) have...

Fri, 14 Feb 2014 20:50:28 UTC

My Talk on the NSA

Posted By Bruce Schneier

Earlier this month, I gave a talk about the NSA at MIT. The video is available. ETA: The video doesn't display on some Firefox browsers. If you have trouble, try a different browser....

Fri, 14 Feb 2014 12:50:29 UTC

The Insecurity of Secret IT Systems

Posted By Bruce Schneier

We now know a lot about the security of the Rapiscan 522 B x-ray system used to scan carry-on baggage in airports worldwide. Billy Rios, director of threat intelligence at Qualys, got himself one and analyzed it. And he presented his results at the Kaspersky Security Analyst Summit this week. Its worse than you might have expected: It runs on...

Fri, 14 Feb 2014 01:08:21 UTC

Still more USB pain

Posted By Greg Lehey

Somehow the USB connection for my new system is more than a slight problem: Feb 13 02:05:19 eureka kernel: (da0:umass-sim0:0:0:0): READ(10). CDB: 28 00 00 01 61 1f 00 00 04 00 Feb 13 02:05:19 eureka kernel: (da0:umass-sim0:0:0:0): CAM status: SCSI Status Error Feb 13 02:05:19 eureka kernel: (da0:umass-sim0:0:0:0): SCSI status: Check Condition Feb 13 02:05:19 eureka kernel: (da0:umass-sim0:0:0:0): SCSI sense: UNIT ATTENTION asc:28,0 (Not ready to ready change, medium may have changed) Feb 13 02:05:19 eureka kernel: (da0:umass-sim0:0:0:0): Retrying command (per sense data) Feb 13 02:05:25 eureka kernel: g_vfs_done():da0s1d[READ(offset=806802456576, length=16384)]error = 6 ...

Fri, 14 Feb 2014 00:51:57 UTC

Electric fence equipment

Posted By Greg Lehey

We've provisionally fenced our property in Stones Road so that we can put horses on it. Problem: no power yet. So we bought a solar-powered electric fence actuator, which should deliver 8 kV and a charge of 0.3 J. Not according to our voltmeter: Who's right? Is it possible that the voltmeter is wrong? We've seen relatively low voltages from our main electric fence too. More checking needed. ACM only downloads articles once.

Thu, 13 Feb 2014 23:46:53 UTC

Where's my network?

Posted By Greg Lehey

It's been two days since I signed up for a National Broadband Network service with Aussie Broadband. I've received documentation including user name and password that looked surprisingly like I had created themand discovered that I had. I was with Aussie until nearly 4 years ago, and they still have my details on file. But that's all I've heard of them, and after 2 days the link still hasn't been provisioned. The documentation suggested that I should have received contact details, but I haven't had any email from them whatsoever. Called up (why do they, as a VoIP supplier, only have a more-expensive number 1 300 880 905?

Thu, 13 Feb 2014 20:05:20 UTC

GOPHERSET: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: GOPHERSET (TS//SI//REL) GOPHERSET is a software implant for GSM (Global System for Mobile communication) subscriber identity module (SIM) cards. This implant pulls Phonebook, SMS, and call log information from a target handset and exfiltrates it to a user-defined phone number via short message service (SMS). (TS//SI//REL) Modern SIM...

Thu, 13 Feb 2014 12:03:23 UTC

Finding People's Location Based on Their Activities in Cyberspace

Posted By Bruce Schneier

Glenn Greenwald is back reporting about the NSA, now with Pierre Omidyar's news organization FirstLook and its introductory publication, The Intercept. Writing with national security reporter Jeremy Scahill, his first article covers how the NSA helps target individuals for assassination by drone. Leaving aside the extensive political implications of the story, the article and the NSA source documents reveal additional...

Wed, 12 Feb 2014 23:42:21 UTC

My first network contact

Posted By Greg Lehey

I'm participating in the Coursera course Internet History, Technology, and Security, mainly, it seems, because I read only History. So far there have been two weeks of seven, in which we have covered practically all of Internet history up to the opening up to the general public. And now I have an assignment: Write an essay about how your first encountered the Internet or an earlier networking technology. [sic] I suspect that my history is a little atypical, so I'll keep it online as well. Like Unix, my first encounter with the Internet was relatively late.

Wed, 12 Feb 2014 20:06:33 UTC

DROPOUTJEEP: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: DROPOUTJEEP (TS//SI//REL) DROPOUTJEEP is a STRAITBIZARRE based software implant for the Apple iPhone operating system and uses the CHIMNEYPOOL framework. DROPOUTJEEP is compliant with the FREEFLOW project, therefore it is supported in the TURBULENCE architecture. (TS//SI//REL) DROPOUTJEEP is a software implant for the Apple iPhone that utilizes modular...

Tue, 11 Feb 2014 22:46:49 UTC

Next table editor: MySQL table edit

Posted By Greg Lehey

Continued looking at table editors today. The next on the list was MySQL Edit Table (or MySQL table edit, depending on where you look: the author doesn't seem to have decided). Yesterday I noted that MySQL Ajax Table Editor had very brief installation instructions. You can't say that about MySQL table edit. It has none whatsoever, just UTSL. Once again you have to edit an example and bend it to your table. So I did thatno easier or more difficult than with MySQL Ajax Table Editorand found a screen full of error messages about undefined variables.

Tue, 11 Feb 2014 22:40:49 UTC

More new system problems

Posted By Greg Lehey

Somehow my issues with the system upgrade aren't over. As I feared, yesterday's fixworkaround for Microsoft's hibernation issues didn't work. In fact, it didn't make any difference at all, and once again I had a dirty reboot. Why can't Microsoft get it right, or at least report the errors in a sensible way? FreeBSD is a completely different matter, of course. It's been years since I had any suspend working. But I have other issues there too: I discovered that the nightly backup jobs had been failing, and I hadn't noticed for over a week: mount: /dev/da0s1d: Device not configured That looks like one of these issues I've been contending with for years.

Tue, 11 Feb 2014 20:55:55 UTC

SURLYSPAWN: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: SURLYSPAWN (TS//SI//REL TO USA,FVEY) Data RF retro-reflector. Provides return modulated with target data (keyboard, low data rate digital device) when illuminated with radar. (U) Capabilities(TS//SI//REL TO USA,FVEY) SURLYSPAWN has the capability to gather keystrokes without requiring any software running on the targeted system. It also only requires that...

Tue, 11 Feb 2014 20:00:00 UTC

Why Flappy Bird is Brilliant

Posted By Tim Bray

I heard the buzz and snagged it and played for the best part of an hour on a cross-Canada flight, never managed to get past level 10. The fact that the game is so addictive despite being so pathetically lame is trying to teach everyone a great big honking lesson. Pathetically lame? Well yeah, the graphics. And the birds. And the stupid extreme difficulty; with just a little bit of tuning (thinner pipes, bigger gaps) it could be a whole lot more playable. And the lesson is? Never be boring. When your bird goes phut! and youre done swearing, it takes one tap and maybe 3 seconds before the pathetic little 8-bit avian goober is back in flight.

Tue, 11 Feb 2014 13:15:04 UTC

DRM and the Law

Posted By Bruce Schneier

Cory Doctorow gives a good history of the intersection of Digital Rights Management (DRM) software and the law, describes how DRM software is antithetical to end-user security, and speculates how we might convince the law to recognize that. Every security system relies on reports of newly discovered vulnerabilities as a means of continuously improving. The forces that work against security...

Tue, 11 Feb 2014 12:57:22 UTC

"The Mask" Espionage Malware

Posted By Bruce Schneier

Weve got a new nation-state espionage malware. "The Mask" was discovered by Kaspersky Labs: The primary targets are government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organizations and activists. Victims of this targeted attack have been found in 31 countries around the world -- from the Middle East and Europe to Africa and the Americas. The...

Tue, 11 Feb 2014 00:09:11 UTC

MySQL table editors

Posted By Greg Lehey

One of the software packages that has atrophied over the course of time is phpMyEdit, which we (mainly Yvonne) use for maintaining tables like household expenditure and the contents of the deep freeze. But two years ago the maintainers of PHP, in their infinite wisdom, brokedeprecated the interfaces it relies on, and the only solution I could find was to run a separate web server in a virtual machine with the old version. That's seriously suboptimal, of course, and now that VirtualBox no longer runs (until I rebuild the port), did some consideration about what I could replace it with.

Mon, 10 Feb 2014 23:46:50 UTC

Power line Ethernet throughput

Posted By Greg Lehey

I've been complaining about the poor throughput of my power line Ethernet adapters since I got them. But recent thoughts about network throughput led me to the thought that maybe once again we're running into TCP window issues. And sure enough, teevee had the sysctl net.inet.tcp.rfc1323 set to 0, which in particular turns off window scaling. Why? I didn't change anything, and the default should be 1. But after setting it to 1 and setting big buffer sizes, things sped up considerably.

Mon, 10 Feb 2014 23:22:07 UTC

Hello ISP

Posted By Greg Lehey

As planned, called up Aussie Broadband and signed up for a 50 GB service. First spoke to Will in technical support, who apparently thought I was signing up for fibre and told me that I could expect effectively the full 100 Mb/s download speed. Once again, I'm not sure if he understood the term TCP, but we'll see. The service is direct Ethernet with DHCP, and he was surprised to hear that Exetel still use PPPoE. But he wasn't much help with more technical details, like link configuration; clearly they have other people for that.

Mon, 10 Feb 2014 23:11:44 UTC

Goodbye ISP

Posted By Greg Lehey

Call early this morning from Angelo Senaratne of Exetel, the Level 1 Support Engineer who sent me the we won't fix message last week. No, they hadn't reconsidered, though he rejected my claim that they were not prepared to offer the same level of service as Internode. But he made it abundantly clear that he didn't know what TCP isinstead he talked of client/server relationships, which of course are normally TCP. So maybe they just don't understand that their performance is sub-par.

Mon, 10 Feb 2014 20:58:24 UTC

WISTFULTOLL: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: WISTFULTOLL (TS//SI//REL) WISTFULTOLL is a UNITEDRAKE and STRAITBIZZARE plug-in used for harvesting and returning forensic information from a target using Windows Management Instrumentation (WMI) calls and Registry extractions. (TS//SI//REL) This plug-in supports systems running Microsoft Windows 2000, 2003, and XP. (TS//SI//REL) Through remote access or interdiction, WISTFULLTOLL is...

Mon, 10 Feb 2014 20:00:00 UTC

Good Writing, Twice

Posted By Tim Bray

I almost never use this space any more just for links but damn it this is my blog and I can if I want to. Here are two exceptional pieces of writing and you should go read them both: First, John Grubers Microsoft, Past and Future is by a huge margin the best thing Ive read on that transition, and Microsoft still matters, really a lot. Second, William Burroughs Doing Easy is unlike anything Ive read this year or last year either, will make you smile and is full of big important life lessons.

Mon, 10 Feb 2014 16:55:00 UTC

How not to use Cron

Posted By Tom Limoncelli

A friend of mine told me of a situation where a cron job took longer to run than usual. As a result the next instance of the job started running and now they had two cronjobs running at once. The result was garbled data and an outage. The problem is that they were using the wrong tool. Cron is good for simple tasks that run rarely. It isn't even good at that. It has no console, no dashboard, no dependency system, no API, no built-in way to have machines run at random times, and its a pain to monitor. All of these issues are solved by CI systems like Jenkins (free), TeamCity (commercial), or any of a zillion other similar systems.

Mon, 10 Feb 2014 12:57:22 UTC

NSA/GCHQ Accused of Hacking Belgian Cryptographer

Posted By Bruce Schneier

There has been a lot of news about Bengian cryptographer Jean-Jacques Quisquater having his computer hacked, and whether the NSA or GCHQ is to blame. It's a lot of assumptions and hyperbole, mostly related to the GCHQ attack against the Belgian telcom operator Belgicom. I'm skeptical. Not about the attack, but about the NSA's or GCHQ's involvement. I don't think...

Sun, 09 Feb 2014 23:55:42 UTC

Fixing Microsoft hibernation problem

Posted By Greg Lehey

One great thing about Microsoft is that almost everybody uses it, so if I run into a problem, the web will have an answerwon't it? This search led me to a number of things, including this thread with an answer from a Microsoft engineer that almost worked, though clearly it's a workaround, not a fix. Now I need to see how well it recovers, but given the time it takes, I'll postpone until I need it. ACM only downloads articles once.

Sun, 09 Feb 2014 23:22:19 UTC

Stitching a huge panorama

Posted By Greg Lehey

Nine months ago I took a set of photos of the verandah in autumn, this time at 24 mm focal length. Processing the image proved to be impossible with the hardware I had at the time. But now I have a machine that is 4 times as fast, and more importantly with 4 times the memory, so set to to reprocess the images. It workedeventually. Last May I spent over a day waiting for the machine to swap its way through the files before finally giving up. Today it was much faster. cpfind ran for 150 CPU minutes (a little under 20 minutes elapsed time) and used 3.2 GB memory.

Sun, 09 Feb 2014 01:14:34 UTC

Looking for an ISP again

Posted By Greg Lehey

So after Exetel's refusal to address their throughput problems, I'm in the market for a new ISP. Whom should I take? Internode sound like an obvious choice, especially since I've been a customer for years, but their accounting department greatly get on my nerves with things like undocumented deduction of two months' fees in advance, non-responsiveness to my email, and a completely unjustified further deduction of 2 months' fees on the day I terminated my last service. As of the moment they owe me about 3 months' fees, assuming that they didn't do something similar years ago with my ADSL service.

Sat, 08 Feb 2014 23:40:31 UTC

Photo processing strangenesses

Posted By Greg Lehey

Got my house photos done today before heading in to Ballarat for dog training. Managed to get the first level of processing started so that it could run while I was away. To my surprise, when I got back it was still running. But that didn't matter: when it was finished I discovered I had converted the raw images into JPEG instead of TIFF, so I had to start all over again. This time I put the intermediate TIFF images on local (Microsoft) disk instead of the net, in the hope that things might run faster. I was disappointed. The whole processing was marred by irritating problems: I have set up dischord to connect to my leftmost monitor, and for some reason during the changeover to the new machine I changed the connection to DVI; for reasons related to the hardware configuration on eureka, that monitor is normally connected by ...

Sat, 08 Feb 2014 20:00:00 UTC

N5-cam IV: Lying Flowers

Posted By Tim Bray

Its traditional at this time of year that I run close-ups of the first few crocuses, earliest harbingers of spring. Hah! Another chance to test out the proposition that mobile-device cams mean you dont need a serious camera any more. Well, what do you think? Two points to be made here: First, these crocuses are lying bastards because Spring isnt anywhere near, its been brutally cold, with highs around 0°C and nighttime lows way below that. The forecast is for snow. Second, Ive decided that my single biggest gripe with the N5-cam is its extreme wide-angle-ness; somehow or other, it needs a zoom.

Sat, 08 Feb 2014 03:44:01 UTC

Exetel: good enough for us

Posted By Greg Lehey

Sent a message to Exetel this morning, essentially repeating the contents of yesterday's article, and suggesting running packet traces on their mirror, on the leaf node interfacing to the National Broadband Network, and on my system. I got a somewhat unexpected reply: Date: Fri, 07 Feb 2014 17:22:41 +1100 From: Exetel Residential Support  <[email protected]> Subject: Re: [Exetel Residential Support  #7460458] Poor throughput on NBN  fixed wireless 0301244975      NBN As the speed tests are providing results within specification we will no longer be able to carry out further investigations on the matter.

Sat, 08 Feb 2014 02:46:07 UTC

Trying Lightroom

Posted By Greg Lehey

So in the end I did download the Lightroom free trial. Typically enough, it's for 30 days. The first impression is that it looks just like DxO Optics Pro, which obviously says more about DxO than about Lightroom. The second look was less positive: We want to take over your life, or, as they put it, please create a catalog, and then import the images. To quote the manual: You must import photos into the Lightroom catalog to begin working with them. Importing tells Lightroom what photos are in the catalog, and whether they are imported directly from a camera, hard drive, memory card reader, or other storage device.

Fri, 07 Feb 2014 22:54:10 UTC

Friday Squid Blogging: Radioactive Giant Squid Washes Ashore in California

Posted By Bruce Schneier

Uh oh. And the real story. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 07 Feb 2014 20:53:50 UTC

TRINITY: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: TRINITY (TS//SI//REL) TRINITY is a miniaturized digital core packaged in a Multi-Chip Module (MCM) to be used in implants with size constraining concealments. (TS//SI//REL) TRINITY uses the TAO standard implant architecture. The architecture provides a robust, reconfigurable, standard digital platform resulting in a dramatic performance improvement over the...

Fri, 07 Feb 2014 20:23:19 UTC

Another Fake NSA Codename Generator

Posted By Bruce Schneier

Generate your own fake TAO implant. This is even more fun than the fake NSA program generator. Sadly, the NSA will probably use these to help develop their R&D roadmap....

Fri, 07 Feb 2014 00:41:48 UTC

NBN network speeds

Posted By Greg Lehey

My network speed tests are now looking quite good. ftp access isn't: I'm still getting a maximum of round 800 kB/s to 1 MB/s. Sent a message to Scott Weston, who confirmed the speeds he gets from activ8me and Internode. In summary, with Exetel and SkyMesh for comparison. The files in question are http://mirror.internode.on.net/pub/test/100meg.test and http://speedtest.dodo.com.au/Download/100Mb.txt. ISP       Internode file       dodo file       (kB/s)       (kB/s) activ8me       ...

Fri, 07 Feb 2014 00:37:36 UTC

NBN problems, or Powercor?

Posted By Greg Lehey

Message on the DEREEL OUTPOST Facebook page today: Carol Moyse had difficulties with her National Broadband Network connection. As a neighbourly gesture, over to take a look. It seems they had a power outage last night, and it killed the ADSL2 modem that they had specially bought to run as a wireless AP and router. That's Powercor's responsibility, of course, but it brought home to me how little help normal users get in setting up their networks. ACM only downloads articles once.

Fri, 07 Feb 2014 00:17:21 UTC

ALDI video camera

Posted By Greg Lehey

Yesterday Yvonne brought back a special buy from ALDI: a set of HD action camera glasses, basically sunglasses with a video camera between the eyes. That sounded like fun, so I tried it out, after fighting my way through the excuse for instructions: this one really did consist of more than 50% safety and warranty information. It recorded normally, but when I tried to read the data into a computer, it refused: Feb  6 09:08:02 eureka kernel: da2 at umass-sim2 bus 2 scbus6 target 0 lun 0 Feb  6 09:08:02 eureka kernel: da2: <Anyka SD card 1.00> Removable Direct Access SCSI-2 device Feb  6 09:08:02 eureka kernel: da2: Serial Number USBDEVICE Feb  6 09:08:02 eureka kernel: da2: 40.000MB/s transfers Feb  6 09:08:02 eureka kernel: da2: Attempt to query device size failed: NOT READY, Medium not present ...

Thu, 06 Feb 2014 23:07:59 UTC

Lightroom after all?

Posted By Greg Lehey

Jamie Fraser's wife Sabriena uses Lightroom for photo processing. Why don't I? It's not as if I haven't looked at these products before. I rejected them for various reasons, including difficulty of use, price and lack of features. But since then I've been forced to lower my standards to match what's on the market. After all, Ashampoo Photo Commander 11 doesn't really have very much to recommend it, but at least it was cheap. So, back to looking at Lightroom. Lens profiles? Yes or no? Yes, or no. It does have lens profiles, and this page explains how they work. They look quite similar to what DxO Optics Pro does.

Thu, 06 Feb 2014 20:07:54 UTC

SWAP: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: SWAP (TS//SI//REL) SWAP provides software application persistence by exploiting the motherboard BIOS and the hard drive's Host Protected Area to gain periodic execution before the Operating System loads. (TS//SI//REL) This technique supports single or multi-processor systems running Windows, Linux, FreeBSD, or Solaris with the following file systems: FAT32,...

Thu, 06 Feb 2014 12:05:58 UTC

Dispute Resolution Systems for Security Protocols

Posted By Bruce Schneier

Interesting paper by Steven J. Murdoch and Ross Anderson in this year's Financial Cryptography conference: "Security Protocols and Evidence: Where Many Payment Systems Fail." Abstract: As security protocols are used to authenticate more transactions, they end up being relied on in legal proceedings. Designers often fail to anticipate this. Here we show how the EMV protocol -- the dominant card...

Wed, 05 Feb 2014 23:53:12 UTC

Which photos processing software?

Posted By Greg Lehey

Talking with Jamie Fraser on IRC about photo processing software today. He's thinking of buying Lightroom, which I had rejected because of its limited correction for lens distortion and chromatic aberration. I got him to send me a sample image and processed it myself. Here the comparisons. From left to right, the original JPEG from the camera, image as processed by Lightroom, image as processed by DxO with default settings, and image as processed by DxO with Artistic HDR profile. These images are best compared in enlargements (click on the image). The HTML version of this page shows direct comparisons. It's clear that the Lightroom processing made no changes to the shape of the image.

Wed, 05 Feb 2014 23:30:25 UTC

Microsoft: problems

Posted By Greg Lehey

My recent experience with Microsoft software hasn't been as bad as it used to be. In particular, reliability seems to have improved over the years, and in general things have worked. But since my installation on the old eureka, many problems have occurred. In particular, wakeup from sleep/hibernate seems to be very unreliable. On occasion the disk light goes on and stays on for several minutes, during which not even the NumLock light on the keyboard responds to the key. On one occasion it came back without the network interface. Why? This is the same version that I ran on the old dxo with few issues.

Wed, 05 Feb 2014 20:04:12 UTC

SOMBERKNAVE: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: SOMBERKNAVE (TS//SI//REL) SOMBERKNAVE is Windows XP wireless software implant that provides covert internet connectivity for isolated targets. (TS//SI//REL) SOMBEKNAVE is a software implant that surreptitiously routes TCP traffic from a designated process to a secondary network via an unused embedded 802.11 network device. If an Internet-connected wireless Access...

Wed, 05 Feb 2014 19:10:04 UTC

Why DRM is the root of all evil

Posted By Cory Doctorow

Why DRM is the root of all evil In my latest Guardian column, What happens with digital rights management in the real world?, I explain why the most important fact about DRM is how it relates to security and disclosure, and not how it relates to fair use and copyright. Most importantly, I propose a … [Read more]

Wed, 05 Feb 2014 14:20:00 UTC

Tool Building Versus Automation

Posted By Tom Limoncelli

I make a distinction between tool building and automation. Tool building improves a manual task so that it can be done better. Automation eliminates the task. A process is automated when a person does not have to do it any more. Once a process is automated a system administrator's role changes from doing the task to maintaining the automation. There is a discussion on Snopes about this photo. It looks like the machine magically picks and places bricks. Sadly it does not. If you watch this video, you see that it requires people to select and place the bricks. It is a better tool.

Wed, 05 Feb 2014 12:02:38 UTC

1971 Social Engineering Attack

Posted By Bruce Schneier

From Betty Medsger's book on the 1971 FBI burglary (page 22): As burglars, they used some unusual techniques, ones Davidon enjoyed recalling years later, such as what some of them did in 1970 at a draft board office in Delaware. During their casing, they had noticed that the interior door that opened to the draft board office was always locked....

Wed, 05 Feb 2014 00:14:38 UTC

Reinstalling Microsoft, yet again

Posted By Greg Lehey

So now I have installed Microsoft Windows 7 Once Again, and I had to apply all the fixes all over again. Time to write things down to make it easier next time. ACM only downloads articles once. It's possible that this article has changed since being downloaded, but the only way you can find out is by looking at the original article.

Tue, 04 Feb 2014 20:09:42 UTC

MAESTRO-II: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: MAESTRO-II (TS//SI//REL) MAESTRO-II is a miniaturized digital core packaged in a Multi-Chip Module (MCM) to be used in implants with size constraining concealments. (TS//SI//REL) MAESTRO-II uses the TAO standard implant architecture. The architecture provides a robust, reconfigurable, standard digital platform resulting in a dramatic performance improvement over the...

Tue, 04 Feb 2014 20:00:00 UTC

Parading

Posted By Tim Bray

The nations that matter are those that export culture; China is one of those. Particularly this time of year and around the Pacific Rim; because its Chinese New Year. On Sunday, I marched in the big Vancouver parade. There arent that many pictures of me on this blog, but heres one. Photo credit: Tom Magliery wielding his Nikkor 70-300mm Christmas present. I was there because my 7-year-old is in a Mandarin-bilingual program with a couple of wonderful super-high-energy teachers who organize this sort of thing, and I recklessly checked the will volunteer box. They told us paraders that we ought to smile for the (many) cameras and in fact that was easy; at every moment of the hour-and-a-half or so, the crowds by the street were smiling and waving and taking pics and generally having a blast, so how could you not smile back at them?

Tue, 04 Feb 2014 17:10:54 UTC

Sysadmins that can't script have a choice.

Posted By Tom Limoncelli

Scripting is becoming more and more important. With everything from computers to networks going virtual, installation is becoming an API call, not a "walk to a rack/desk/whatever and plug it in" call. If you know how to script, you can automate those things. In a few years I can't imagine a system administrator being able to keep their job and/or compete with others if they can't script. There is an exception, of course: People that do desktop/laptop system administration and general in-office IT service. However those jobs are turning more and more into the equivalent of working at a mobile phone store: helping people is basic equipment problems and customer support.

Tue, 04 Feb 2014 12:45:34 UTC

Hacking Airline Lounges for Free Meals

Posted By Bruce Schneier

I think this is a great hack: A man bought a first-class ticket and used it to have free meals and drinks at the airport's VIP lounge almost every day for nearly a year, Kwong Wah Yit Poh reported. The itinerary for the ticket was found to have been changed more than 300 times within a year, and the owner...

Tue, 04 Feb 2014 07:00:00 UTC

Customer Centricity at Amazon Web Services

Posted By Werner Vogels

In the 2013 Amazon Shareholder letter, Jeff Bezos spent time explaining the decision to pursue a customer-centric way in our business. As regular readers of this letter will know, our energy at Amazon comes from the desire to impress customers rather than the zeal to best competitors. We don?t take a view on which of these approaches is more likely to maximize business success.

Tue, 04 Feb 2014 07:00:00 UTC

Customer Centricity at Amazon Web Services

Posted By Werner Vogels

In the 2013 Amazon Shareholder letter, Jeff Bezos spent time explaining the decision to pursue a customer-centric way in our business. As regular readers of this letter will know, our energy at Amazon comes from the desire to impress customers rather than the zeal to best competitors. We dont take a view on which of these approaches is more likely to maximize business success. There are pros and cons to both and many examples of highly successful competitor-focused companies. We do work to pay attention to competitors and be inspired by them, but it is a fact that the customer-centric way is at this point a defining element of our culture.

Mon, 03 Feb 2014 23:55:48 UTC

Upgrading Microsoft

Posted By Greg Lehey

Now that I have the new eureka, the old machine is available for other purposes. I had planned to use it to replace the relatively weak machine on which I run Microsoft. Is it as simple as FreeBSD, just move the disk to the new machine? I got off to a bad start. I thought I had shut down the old machine, but the gyroscopic effect when moving the disk showed me that I had removed it while spinning. Fortunately it didn't do any harm, as replacing it in the machine showed. Putting it in the new machine was a completely different matter.

Mon, 03 Feb 2014 23:45:43 UTC

Admiral Ackbar on Persian Governors

Posted By Benjamin Mako Hill

Q: The title for a governor in ancient Persia? A: It’s satrap!

Mon, 03 Feb 2014 23:43:14 UTC

First photo processing with new machine

Posted By Greg Lehey

So now I have a fast machine with lots of memory, just what I needed for my panorama photography processing. And yesterday was the day of the month where I took the most photos, a total of 366 of them. I had started initial processing on Microsoft yesterday, but it still took another 3½ hours this morning. Moving to FreeBSD and eureka was completely different. The first thing to do was the HDR processing, which I do in parallel. Previously it was 5 images in parallel, really too much for the memory of the system, and it took forever. Now I'm doing 12 at a time, and it really races through.

Mon, 03 Feb 2014 20:13:21 UTC

Podcast: What does David Camerons Great Firewall look like?

Posted By Cory Doctorow

Here's a reading of a recent Guardian column, What does David Cameron's Great Firewall look like? which debunks the UK government's stupid arguments for its national anti-porn firewall: David Cameron's attempt to create a Made-in-Britain version of Iran's "Halal Internet" is the worst of both worlds for parents like me. Kids are prevented from seeing … [Read more]

Mon, 03 Feb 2014 20:09:22 UTC

JUNIORMINT: NSA Exploit of the Day

Posted By Bruce Schneier

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: JUNIORMINT (TS//SI//REL) JUNIORMINT is a digital core packaged in both a mini Printed circuit Board (PCB), to be used in typical concealments, and a miniaturized Flip Chip Module (FCM), to be used in implants with size constraining concealments. (TS//SI//REL) JUNIORMINT uses the TAO standard implant architecture. The architecture...

Mon, 03 Feb 2014 11:09:27 UTC

CSEC Surveillance Analysis of IP and User Data

Posted By Bruce Schneier

The most recent story from the Snowden documents is from Canada: it claims the CSEC (Communications Security Establishment Canada) used airport Wi-Fi information to track travelers. That's not really true. What the top-secret presentation shows is a proof-of-concept project to identify different IP networks, using a database of user IDs found on those networks over time, and then potentially using...

Mon, 03 Feb 2014 00:30:03 UTC

New computer, next attempt

Posted By Greg Lehey

I've got lots of things to do at the moment. As I said on IRC yesterday, gr0Ogle: I think I'll proceed in the following manner: gr0Ogle: 1.  Take house photos tomorrow morning. gr0Ogle: 2.  Complete Bushfire Management Statement. gr0Ogle: 3.  Complete application for Planning Permit. gr0Ogle: 4.  Go to Bannockburn and hand it in. gr0Ogle: 5.  Move current eureka disk to stable-amd64 and get X running. gr0Ogle: 6.  Try to fix enblend breakage and other riddles. jashank: For some reason, I expect 1, 2, 3, 4 to take as much time as 5.

Sun, 02 Feb 2014 15:00:00 UTC

Time Management Tip: The Oscars

Posted By Tom Limoncelli

Do you marathon through entire seasons of TV shows in a weekend? You might want to check this out. AMC has an event where you can watch all the "best picture" nominations. It is pretty intense but awesome. On the first Saturday you watch 4 of them in a row in a 10-hour session. On the second Saturday you watch the other 5 in a 12-hour session. The following say is the award show. Watching the awards when you've seen 9 of the most nominated films is a different experience. Some of the benefits: If you've been too busy to get to the theaters all year, this is a great way to consolidate a lot of what you missed into 2 days.

Sun, 02 Feb 2014 00:26:41 UTC

Bad language explained

Posted By Greg Lehey

Talking to Chris Bahlo after dinner. Like many, she doesn't understand my strong aversion to the use of the word folder to mean directory. The real issue is the all-too-common use of misleading words in computer terminology, and folder is misleading for a number of reasons. The results are a lessened understanding of the concepts. In addition, in this particular case, there are linguistic subtleties that make the terms hard to translateeven between American and other English. Looking at the linguistic issues first: apart from the term folder, there's also the term file. In American usage it seems that there's also the even more confusing term file folder.

Sun, 02 Feb 2014 00:16:41 UTC

Connecting Garry to the NBN

Posted By Greg Lehey

Garry Marriott, our neighbour-to-be in Stones Road, came over today to take a look at the National Broadband Network installation. While I was showing him the equipment, the NTD lights started flashing red, something I have never seen before. Closer examination showed that it was the signal strength lights: they alternated between all three green and the two left red, in about half-second intervals. No idea what that means; I didn't lose connection, though there was some packet loss: 986 packets transmitted, 977 packets received, 0.9% packet loss round-trip min/avg/max/stddev = 40.514/85.363/381.775/45.183 ms I'll have to follow up during the week.

Sat, 01 Feb 2014 15:09:38 UTC

Locus recommended reading list for best science fiction and fantasy of 2013

Posted By Cory Doctorow

Locus Magazine has published its annual Recommended Reading list, which is my favorite annual guide to the best that science fiction and fantasy have to offer. The 2013 roundup includes several of the books I've reviewed on Boing Boing this year, including Paolo Bacigalupi's Zombie Baseball Beatdown, Charlie Stross's Neptune's Brood, Lauren Beukes's The Shining … [Read more]

Sat, 01 Feb 2014 03:50:57 UTC

Disk space wastage: where?

Posted By Greg Lehey

A few days ago I built a file system on my new 4 TB photo drive and copied the old one to it. The results weren't quite what I expected: Filesystem     1048576-blocks      Used     Avail Capacity  Mounted on eureka:/Photos      1,907,196 1,851,986    36,137    98%    /Photos /dev/ada1p1         3,814,654 1,925,782 1,850,725    51%    /mnt That's nearly 75 GB difference in used space. Where did it go? Compared the output of dumpfs -m and found: # newfs command for /Photos/ (/dev/ada1p1) newfs -L Photos -O 2 -U -a 64 -b 16384 -d 16384 -e 2048 -f 2048 -g 2097152 -h 64 -m 1 -o space -s 3907029100 /dev/ada1p1 # newfs command for /dev/ada1p1 (/dev/ada1p1) newfs ...

Sat, 01 Feb 2014 03:28:26 UTC

Photo processing with the new machine

Posted By Greg Lehey

One of the main reasons I upgraded my machine was to process my photos better. So that was pretty much the first thing I tried. Tried with last week's verandah panorama. The control point detector crashed! That was autopano-sift-C, which I don't use, so set panomatic instead. I don't have much in the way of comparison timing, but it seemed to run much faster. The first part of stitching is running nona, which is single-threaded. On an 8 CPU machine it barely made a difference, and there were noticeable periods where it was idle, apparently transferring to disk. But the disk was the photo disk /dev/ada1, not the SSD /dev/ada0.

Sat, 01 Feb 2014 03:20:33 UTC

Dassaulted

Posted By Greg Lehey

Call on the phone today from Max somebody, who was calling because I had downloaded the free DraftSight CAD program from Dassault Systèmes last week. It's not clear what he wanted: as he confirmed, it's free. Maybe he just wanted to help, but I didn't have time, and asked him to send mail. I received none. ACM only downloads articles once. It's possible that this article has changed since being downloaded, but the only way you can find out is by looking at the original article.

Sat, 01 Feb 2014 02:22:58 UTC

New computer, finally

Posted By Greg Lehey

Spent much of the morning putting together my new computer. The CPU is an Intel Core" i7-4771, my first Intel machine for nearly 14 years. It has 32 GB of aggressive Corsair memory. I'm using an SSD (128 GB) for the first time, and after some consideration decided to partition it with a 35 GB root file system, 16 GB of swap, and the remaining 68 GB (don't you love storage systems manufacturers' arithmetic?) will be scratch space for photo processing: many of the panoramas I do have up to 90 components, each of which can expand to a TIFF image of 70 MB or so.