Blog Archive: January 2015
House photos in TIFF again
My weekly house photos require a lot of processing. To make a panorama I take multiple views of a scene and stitch them together. To get the requisite dynamic range I take multiple images of each view, with exposure bracketed in intervals of 3 EV. First I use align_image_stack and enfuse. to create blended photos, and then I use Hugin to create a panorama from the views. That's a lot of processing, and I'm still producing JPEG intermediate results. Why? I have the space, and I have the processing power. So today I tried using TIFF intermediate files. That's not for the first time, but last time I didn't have very good results, at least because of the performance of the machines I had at the time.
17 minute documentary about Grace Hopper
The Queen of Code is a 17-minute documentary about Grace Hopper. It just came out today and I assure you that if you watch it, you'll be glad you did. http://fivethirtyeight.com/features/the-queen-of-code/ On a personal note, Grace Hopper was going to be the graduation speaker when I graduated from Drew University in 1991 but she was ill. She passed away about 6 months later. I wish I could have met her.
Tools!
Im in the unaccustomed position of spending all my work time either writing software or in meetings about it. The current project is conventional big-system server-side Java. Thats not a landscape that anyones gonna wax lyrical over, but boy, have the tools ever come along while I was off Androiding and Go-ing and Rubying. IntelliJ and Git work together smooth as silk; I reflexively drop into a shell now & then to reassure myself with a git status but near as I can tell the IDE is just Doing The Right Thing. Also, YourKit shreds through sluggish code, shining the ruthless light of truth on that bad method.
Australian sysadmins cop brunt of data-retention burden
SAGE-AU is doing some great media work, making the case that the proposed data-retention law in Australia would create a nightmare for businesses that use computers. They point out that every ill-defined or vague point in the law creates more and more problems. "It's very immature legislation proposal. It's more holes than cheese. There's more questions around it than there are answers," he said. Read the full article here: Australian sysadmins cop brunt of data-retention burden Every country should have an organize that speaks for the IT workers. Go SAGE-AU!
How to document a process?
Dear Tom, I've been asked to document our company's System Integration process. Do you have any advice? Sincerely,A reader. Dear Reader, I get this question a lot whether it is system integration, setting up new computers, handling customer support calls, or just about anything. Documenting a process is an important first step to clarifying what the process is. It is a prerequisite to improving it, automating it, or both. My general advice is to find the process that exists and document exactly how it is done now. Only after that can you evaluate what steps work well and which need to be improved.
Dumb phones: not dumb enough?
Three weeks ago I bought a very cheap dumb phone, one that runs neither Android nor iOS, but which has a real keyboard. It was attractive enough that Yvonne bought one too to get away from the pain of scraping glass to do anything useful. But it's still a relatively modern device, with an illuminated colour display. And there's the problem: in bright sunshine it's illegible, while old-fashioned unilluminated displays have no difficulty. So we're thinking of returning them. While in town today, went to Dick We can't be bothered to serve you Smiths and JB HiFi to see what they had. Nothing as cheap as the $18 that we paid, of course, but also nothing that could be demonstrated.
Holden Commodore diagnostics
I have already established that our Holden VZ Commodore can display error codes on the dashboard. Here's what I found at the time: But now we have a real live error condition. What do they display now? The same! I have no idea what they're there for, but they don't help with out Check Powertrain condition. So there's nothing for it but to call up Ballarat Central Auto Electrics and get them to read the information out, for which they charge the princely (or is that knightly?)
Overclocked is now a DRM-free audiobook
My multi-award-winning short story collection Overclocked is now a DRM-free audiobook, courtesy of Downpour.com. And no, it’s not on Audible, because they refuse to carry my books unless I let them put DRM on them. Have you ever wondered what its like to live through a bioweapon attack or to have every aspect of your... more
Overclocked is now a DRM-free audiobook
My multi-award-winning short story collection Overclocked is now a DRM-free audiobook, courtesy of Downpour.com. And no, it’s not on Audible, because they refuse to carry my books unless I let them put DRM on them. Have you ever wondered what its like to live through a bioweapon attack or to have every aspect of your... more
Rites of Passage for a modern sysadmin?
Dear readers: I need your help. I feel like I've lost touch with what new sysadmins go through. I learned system administration 20+ years ago. I can't imagine what new sysadmins go through now. In particular, I'd like to hear from new sysadmins about what their "rite of passage" was that made them feel like a "real sysadmin". When I was first learning system administration, there was a rite of passage called "setting up an email server". Everyone did it. This was an important project because it touches on so many different aspects of system administration: DNS, SMTP, Sendmail configuration, POP3/IMAP4, setting up a DNS server, debugging clients, and so on and so on.
Comparing GPS navigators
At least for the first 1½ hours I had both GPS navigators running to compare them. One thing's clear: the new one is so much easier to read. We were in bright sunshine, and the display of the old one was almost unrecognizable. So if I can get used to the interface of the new one, it might be worth keeping. ACM only downloads articles once.
The Crocuses of 2015
Theyre traditional in this space this time of year, representing the first day Im at home and its not too cold and theres some light. Nobodys ever complained about me running more or less the same pictures early every late winter. As always, theyre lovely in purple and gold. This year they carry along stories about old books and global warming. Weve had a couple of dim weeks; its not the lashings of rain that hurt, its the low grim grey ceiling and the photon shortage. But suddenly this weekend the air is mild, the car claiming 16°C outside. Casting my eyes back at previous years crocuses, I note the (kind of funny) 2011 piece is dated in early March not late January.
How to move PCs to a corporate standard?
Someone asked me in email for advice about how to move many machines to a new corporate standard. I haven't dealt with desktop/laptop PC administration ("fleet management") in a while, but I explained this experience and thought I'd share it on my blog: I favor using "the carrot" over "the stick". The carrot is making the new environment better for the users so they want to adopt it, rather than using management fiat or threats to motivate people. Each has its place. The more people feel involved in the project the more likely they are to go along with it. If you start by involving typical users by letting them try out the new configuration in a test lab or even loaning them a machine for a week, they'll feel like they are being listened to and will be your partner instead of a roadblock.
How to fix copyright in two easy steps (and one hard one)
My new Locus column, A New Deal for Copyright, summarizes the argument in my book Information Doesn’t Want to Be Free, and proposes a set of policy changes we could make that would help artists make money in the Internet age while decoupling copyright from Internet surveillance and censorship. There are two small policy interventions... more
How to fix copyright in two easy steps (and one hard one)
My new Locus column, A New Deal for Copyright, summarizes the argument in my book Information Doesn’t Want to Be Free, and proposes a set of policy changes we could make that would help artists make money in the Internet age while decoupling copyright from Internet surveillance and censorship. There are two small policy interventions... more
Consumerist on Information Doesnt Want to Be Free
Consumerist’s Kate Cox has turned in a long, excellent, in-depth review of my book Information Doesn’t Want to Be Free, really nailing the book’s thesis. Namely, that extremist copyright laws don’t just mess up artists, but actually endanger all our privacy, freedom and whole digital lives. Doctorow draws two bright lines connecting copyright law to... more
Consumerist on Information Doesnt Want to Be Free
Consumerist’s Kate Cox has turned in a long, excellent, in-depth review of my book Information Doesn’t Want to Be Free, really nailing the book’s thesis. Namely, that extremist copyright laws don’t just mess up artists, but actually endanger all our privacy, freedom and whole digital lives. Doctorow draws two bright lines connecting copyright law to... more
GPS navigator woes
I've been bitching and moaning about GPS navigators since I first got one, and somehow the problem isn't going away. When I went into Ballarat today, I took my old one and my new one with me. I still can't work out how to do some simple things with the new one, like muting the sound. But then the display on the new navigator went crazy, like an old analogue TV with bad horizontal sync. And I couldn't turn it off. In the end, I had to reset it. OK, I still have the old navigator. But it wouldn't charge. Are the batteries that bad?
Stack Exchange Raises $40m
Today Stack Exchange is pleased to announce that we have raised $40 million, mostly from Andreessen Horowitz. Everybody wants to know what were going to do with all that money. First of all, of course were going to gold-plate the Aeron chairs in the office. Then were going to upgrade the game room, and were already sending lox platters to our highest-rep users. But Ill get into that in a minute. First, let me catch everyone up on whats happening at Stack Exchange. In 2008, Jeff Atwood and I set out to fix a problem for programmers. At the time, getting answers to programming questions online was super annoying.
Stack Exchange Raises $40m
Today Stack Exchange is pleased to announce that we have raised $40 million, mostly from Andreessen Horowitz. Everybody wants to know what were going to do with… Read more "Stack Exchange Raises $40m"
Network transfer rates
My Internet link has an uplink speed of 5 Mb/s, so theoretically I should be able to upload data at about 600 kB/s. In practice, window size and latency limit it to about 125 kB/s. Yes, of course I could increase the window size, but that requires rebooting, and I'm an uptime fanatic. So I put up with only 125 kB/s. But today I got much worse transfer rates, over an extended period of time: 20150117/big/Canna-3.jpeg 2469245 100% 28.23kB/s 0:01:25 (xfer#103, to-check=281/394) 20150117/big/Cistus.jpeg 3522116 100% 24.99kB/s 0:02:17 (xfer#104, to-check=280/394) 20150117/big/Cockatoos-1.jpeg 3101098 100% 26.08kB/s 0:01:56 (xfer#105, to-check=279/394) That's only 20% of the normal rate.
Tablet photos
I didn't think to bring my camera to the Emergency Room yesterday, but of course I had my Android tablet, which I use as a glorified eBook reader. And it has a camera, so I used it to take some photos of my hand. Today I moved them to eureka for processing. This is a pure Linux base, right, no Microsoft in sight. So why do I get this? -r----x--x 1 grog lemis 1,279,950 15 Jan 11:33 IMG_20150115_113355.jpg -r----x--x 1 grog lemis 1,194,553 15 Jan 11:34 IMG_20150115_113405.jpg Apart from that, of course, the photos confirm my prejudices against smart phone and tablet cameras.
My talk on the Internet of Things, wealth disparity, surveillance, evidence-based policy and the future of the world
Here’s the audio from last night’s talk on the Internet of Things at Central European University in Budapest! It was recorded by the Mindenki Joga Radio Show.
My talk on the Internet of Things, wealth disparity, surveillance, evidence-based policy and the future of the world
Here's the audio from last night's talk on the Internet of Things at Central European University in Budapest! It was recorded by the Mindenki Joga Radio Show.
My talk on the Internet of Things, wealth disparity, surveillance, evidence-based policy and the future of the world
Here’s the audio from last night’s talk on the Internet of Things at Central European University in Budapest! It was recorded by the Mindenki Joga Radio Show.
Images of Tektronix 555
Mail from David Casler today, wanting to use a photo of my Tektronix 555 oscilloscope that I took 13 years ago: That was taken with a Nikon “Coolpix” 880, with 3 only megapixels, not really enough for him. But I still have the scope (and it's up for grabs!) . Now I have a decent camera, so why not take new photos? Along with the wound to my hand, this is why: They'll have to come out soon, but David needs the images by tomorrow, and there's no way that's going to ...
Children in Combat
Theres strife in every family. The kids faction is at a terrible disadvantage in strength and wisdom, so they have to fight sneaky. The analogy with guerrilla war is obvious, which gives me a chance to mix up family life and a book review. Its like this A lot of what parents say to kids is unwelcome, whether positive (Do your homework, Eat your salad) or negative (Dont hit your brother, Stop throwing the noodles). So, for a kid who doesnt want to eat the salad and does want to throw the noodles, theres really no upside in listening to grown-ups.
New GPS navigator, old problems
I've bought a new GPS navigator, not because the old one is more defective than it was when I bought it, but because the battery is as good as dead, and the maps are out of date. I had looked at some expensive models three months ago, and come to the conclusion that they weren't worth the additional price. So in the end I bought an el-cheapo one, 7" for only $69.96 (isn't that an inaccurate way of saying $70?) . I couldn't replace the battery and the maps for that. It arrived today. Yes, it uses iGO software, with which I'm familiar.
Reader Q&A: auto and for loop index variables
[Edit: I really like the ‘range of values’ several commenters proposed. We do need something like that in the standard library, and it may well come in with ranges, but as you can see there are several simple ways to roll your own in the meantime, and some third-party libraries have similar features already.] Today […]
Reader Q&A: auto and for loop index variables
Today a reader asked the following question: So Ive been reading all I can about c++11/c++14 and beyond when time permits. I like auto, I really do, I believe in it. I have a small problem Im trying to decide what to do about. So in old legacy code we have things like this: for […]
What's the Best Time and Day to Tweet?
I've seen big variations in interactions of similarly interesting (to me at least) tweets that I send, and I think that a deciding factor is the day or the hour I send them. Although there's plenty of material on the web on this topic , as you will see below, personalized results can capture important factors associated with the realities of global interactions.
ACM's new Applicative conf, Feb. 25-27, NYC!
Are you a software developer that is facing rapidly changing markets, technologies and platforms? This new conference is for you. ACM's new Applicative conference, Feb. 25-27, 2015 in Midtown Manhattan, is for software developers who work in rapidly changing environments. Technical tracks will focus on emerging technologies in system-level programming and application development. The list of speakers is very impressive. I'd also recommend sysadmins attend as a way to stay in touch with the hot technologies that your developers will be using (and demanding) soon. Early bird rates through Jan. 28 at http://applicative.acm.org
More throwaways
It looks as if Craig is so upset about what Michael did to his ute that he won't even communicate with us, and Leah didn't come to clean the house today either. That's sad. And it means that I have to do more work myself, which is even sadder. Out today to the shed to throw away some stuff. I'm getting better: threw away a whole lot of old floppy disks, mainly with old Microsoft-based software. But then there are other things I can't throw away, like my home-made Z-80-based CP/M machine, old listings, and a number of ancient copies of AUUGN.
The CAPTCHA to end all CAPTCHAS
At some time in the past I must have joined the FreeBSD forum site, though it's not really my thing. But what's the password? No worries, I can get it reset. But first I had to go through a CAPTCHA like I've never seen before: Yes, of course I knew the answer. But does every forum participant? ACM only downloads articles once.
At Work
No, Im not going to become an Amazon Blogger (that territory is well-covered) but I have at-work stories, neither leaks nor marketing. Point form: My first job out of school was with Digital, the worlds then-second-biggest computer vendor. Now Im back in the biz. Yes, I think of AWS as, effectively, a computer vendor; my third such employer, including Sun. (I remember vividly, in that first job, the convoluted, high-contact process, back then, of speccing and selling and delivering computers; quotes could run to hundreds of pages and invoices to a dozen.) The groups around me where I sit include SQS, SWF, and Autoscaling.
Raspberry Pi and Scratch Control Lego Power Functions
Lego Power Functions is a system of motors, receivers, and remote control units, which can be used with Lego blocks. Scratch is a free programming environment aimed at children. The Raspberry Pi is credit card sized low cost computer with the ability to interact with the outside world. Wouldn't it be neat to use the three together to control Lego toys with Scratch?
FreeBSD Package update, try 2
So I've been getting this message from attempts to update FreeBSD packages on stable, my test machine: Fetching zsh-5.0.7_1.txz... done pkg: cached package zsh-5.0.7_1: size mismatch, cannot continue What does that imply? Does Google know? Of course. This page discusses the matter, and SirDice comes up with a suggestion: pkg clean # cleans /var/cache/pkg/ rm -rf /var/cache/pkg/* # just remove it all pkg update -f # forces update of repository catalog rm /var/db/pkg/repo-*.sqlite # removes all remote repository catalogs pkg bootstrap -f # forces reinstall of pkg ...
Friday Squid Blogging: Dumpling Squid and Sex
This just in: the threat of being eaten doesn't deter dumpling squid from having sex. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Further Evidence Pointing to North Korea as Sony Hacker
The FBI has provided more evidence: Speaking at a Fordham Law School cybersecurity conference Wednesday, Comey said that he has "very high confidence" in the FBI's attribution of the attack to North Korea. And he named several of the sources of his evidence, including a "behavioral analysis unit" of FBI experts trained to psychologically analyze foes based on their writings...
User interface pain
Yvonne uses a smart phone. That in itself isn't an issue, but she has real problems using it. I have a tablet with phone function, along with Bluetooth headphones, but I use it so seldom that I still have issues. In particular, the user interface is really bad. I've been using touch screens for years now, and I still find them one of the most obnoxious developments I've had the displeasure to experience. Answer a phone? Not so long ago you used to pull it out of your pocket, feel for the Talk button, and press it. Now you pull it out of your pocket, look at it to locate the green flashing area on the screen, and swipe it to one side (why?)
Hacking Attack Causes Physical Damage at German Steel Mill
This sort of thing is still very rare, but I fear it will become more common: ...hackers had struck an unnamed steel mill in Germany. They did so by manipulating and disrupting control systems to such a degree that a blast furnace could not be properly shut down, resulting in "massive" -- though unspecified -- damage....
Attack Attribution in Cyberspace
When you're attacked by a missile, you can follow its trajectory back to where it was launched from. When you're attacked in cyberspace, figuring out who did it is much harder. The reality of international aggression in cyberspace will change how we approach defense. Many of us in the computer-security field are skeptical of the US government's claim that it...
FreeBSD package upgrade: still not there
As I feared, updating my packages wasn't all plain sailing. In fact, it was almost impossible. Started on my stable machine (that's the name) with the disk cloned from lagoon. Away it ran, then: The process will require 210 MB more space. 2 GB to be downloaded. Proceed with this action? [y/N]: y Fetching zziplib-0.13.62_2.txz... done Fetching zsh-5.0.7_1.txz... done pkg: cached package zsh-5.0.7_1: size mismatch, fetching from remote Fetching zsh-5.0.7_1.txz... done pkg: cached package zsh-5.0.7_1: size mismatch, cannot continue What went wrong there? The cached package information is not very relevant, since the package had just been downloaded from the net, twice.
OnePlus One
What happened was, the teenager smashed his phone, so we did the usual shuffle-and-hand-me-down. My only real constraint was No Nexus; been doing that long enough. I was pretty interested in the waterproof Sony Z3, or maybe a small phone since I usually carry an N7 too, or maybe one of those lovely silken-metal HTC thingies. But neither the carrier nor Google had any very good deals, and the O+1 is a very good deal. So now Im carrying one. Size matters I think I can claim a leading-edge voice on this subject, as an early adopter and fan of the original Samsung Galaxy Tab.
Attributing the Sony Attack
No one has admitted taking down North Korea's Internet. It could have been an act of retaliation by the US government, but it could just as well have been an ordinary DDoS attack. The follow-on attack against Sony PlayStation definitely seems to be the work of hackers unaffiliated with a government. Not knowing who did what isn't new. It's called...
Finally updating my machines?
When I first started using computers at home, it was normal that it was difficult. In the course of time, though, things have generally got better. 16 years ago I gave a whole day tutorial on installing FreeBSD at the AUUG 1998 conference. I didn't finish. In the meantime, things have got easier. I can do the same installation in about 30 minutes. But what do I have? A base system. How do I configure it? How do I install useful programs (ports)? How do I keep it up to date? Commercial systems like Microsoft and Apple have solved that problem long ago.
Fidgeting as Lie Detection
Sophie Van Der Zee and colleagues have a new paper on using body movement as a lie detector: Abstract: We present a new robust signal for detecting deception: full body motion. Previous work on detecting deception from body movement has relied either on human judges or on specific gestures (such as fidgeting or gaze aversion) that are coded or rated...
See you at Bay Bay LISA next week!
Hi Boston-area friends! I'll be giving my "Radical ideas from The Practice of Cloud System Administration" talk at the Back Bay LISA user group meeting on Wednesday, January 14, 2015. Visit bblisa.org for more info.
Attributing Cyberattacks
New paper: "Attributing Cyber Attacks," by Thomas Rid and Ben Buchanan: Abstract: Who did it? Attribution is fundamental. Human lives and the security of the state may depend on ascribing agency to an agent. In the context of computer network intrusions, attribution is commonly seen as one of the most intractable technical problems, as either solvable or not solvable, and...
Fighting Spam Backscatter
Short version: My mailing list server no longer generates bounce messages for unknown accounts, thus eliminating the email backscatter is generates. Longer version: I have a host set up exclusively for running mailing lists using Mailman and battling spam has been quite a burden. I finally 'gave up' and made all the lists "member's only". Luckily that is possible with the email lists being run there. If I had any open mailing lists, I wouldn't have been so luck. The result of this change was that it eliminated all spam and I was able to disable SpamAssassin and other measures put in place.
Loitering as a Security System
In Kyoto, taxi drivers are encouraged to loiter around convenience stores late at night. Their presence reduces crime. In Kyoto about half of the convenience stores had signed on for the Midnight Defender Strategy. These 500 or so shops hung posters with slogans such as "vigilance strengthening" written on them in their windows. These signs are indicators to taxi drivers...
Restarting eureka
The power came back after about 2¼ hours, and that's about the time I needed to get eureka back up and running again. I really must save my config files and check that the machine can start up without so much manual intervention. But then, that's part of the plan for the new machine. ACM only downloads articles once. It's possible that this article has changed since being downloaded, but the only way you can find out is by looking at the original article.
Monitor pain
It's high time I got round to upgrading eureka, my main machine. It's still running FreeBSD 9.2, and I've been meaning to upgrade it for nearly a year. Today I got as far as connecting my spare BenQ monitor to two test machines. It wasn't easy. BenQ monitors say No cable connected when in fact they mean no signal. But there was a signal, as other monitors confirmed. Was the thing set up to only accept input from one source? The menu would tell me that. But the menu didn't display. After much cursing and monitor swapping, discovered that it was set for HDMI input, and that for some reason the menu wouldn't display under these circumstances.
How Browsers Store Passwords
Good information on how Internet Explorer, Chrome, and Firefox store user passwords....
Tracing the ssh issues
So it's fairly clear where the blame lies with my DHCP problems, though I still need to trace the other connection. I'll do that when the temperature has cooled down a bit. But there's another issue, and potentially it's related: from time to time ssh setup fails. More tracing, with very little to show for it: No. Time Source Source Destination Destination Protocol Length Info 45 10:52:04.502503 aussie-gw.lemis.com 00:19:07:77:9e:00 www.lemis.com 00:16:3e:06:34:53 SSHv2 113 Client Protocol: SSH-2.0-OpenSSH_6.2_hpn13v11 FreeBSD-20130515 Frame 45: 113 bytes on wire (904 bits), 113 bytes captured (904 bits) Ethernet II, Src: Cisco_77:9e:00 (00:19:07:77:9e:00), Dst: Xensourc_06:34:53 (00:16:3e:06:34:53) Internet Protocol Version 4, Src: aussie-gw.lemis.com (180.150.4.128), Dst: www.lemis.com (208.86.226.86) Transmission Control Protocol, ...
Friday Squid Blogging: Easy Squid Recipes
Stewed squid with tomatoes, sauteed squid with parsley and garlic, and braised squid with garlic and herbs. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Doxing as an Attack
Those of you unfamiliar with hacker culture might need an explanation of "doxing." The word refers to the practice of publishing personal information about people without their consent. Usually it's things like an address and phone number, but it can also be credit card details, medical information, private e-mails -- pretty much anything an assailant can get his hands on....