Blog Archive: February 2016
Lightroom, Mobile, Nexus
In which I report on using the Nexus 5X in RAW mode, with the help of Adobe Lightroom, and on workflows for mobile photogs. With illustrations from Vancouvers Lighthouse Park. Backgrounder on RAW (Skip to the next section if you know all this stuff.) A RAW picture is supposed to be a bit-for-bit reproduction of exactly what the sensor in your camera saw. RAW pictures usually take up lots of memory, and doing a good job of presenting them on your screen often requires inside knowledge of the quirks of the camera and its sensor. There are a bunch of different RAW formats, but the industry seems to be converging on DNG, which is proprietary but still reasonably open and apparently technically sound.
eBay studio flash puzzles
Somehow product searches on eBay are non-deterministic. A couple of days ago I found a 150 J studio flash for about $65. Then yesterday I couldn't find it any more. Today I went looking and found it againnot a new one, but the same one I saw 2 days ago. And now, writing up this article, I can't find it again. Then, of course, there's the pricing, which seems completely random. The seller estores_au offers two Godox units: a 160 J Mini Pioneer for $89.99, or a 120 J Mini Pioneer for $90.88. What's the difference? If you look at the photos they provide, nothing.
Volkswagen Emissions Fiasco
Im an avid reader of engineering disasters since one of my primary roles in my day job is to avoid them. And, away from work, we are taking a small boat around the world with only two people on board and that too needs to be done with care where an engineering or operational mistake...
Reminder: WebCast on how to "Fail Better": TODAY (Friday, Feb 26)
I'll be giving a talk "Fail Better: Radical Ideas from the Practice of Cloud Computing" as part of the ACM Learning Series at at 2pm EST on Friday, February 26, 2016. The webcast is free. Pre-registration is required. In this talk I explain 3 of the most important points from our newest book, The Practice of Cloud System Administration. The talk applies to everyone, whether or not you are "in the cloud". "See" you there!
South Korean lawmakers stage filibuster to protest anti-terror bill, read from Little Brother
Since 2001, authoritarians in the South Korean government have been attempting to pass mass surveillance legislation, and they have seized upon the latest North Korean saber-rattling as the perfect excuse for ramming it through the SK Parliament. Members of the opposition Minjoo Party have vowed to block the legislation by staging the first Korean parliamentary... more
Spam: Blödmann!
More malicious spam today, with a twist: From: Fermin Lynn <[email protected]> To: bloedmann <[email protected]> Subject: Invoice 26885012 Dear bloedmann, Please review theattached copy of your Invoice (number: IN26885012) for an amount of $549.42. [-- Attachment #2: invoice_copy_26885012.zip --] [-- Type: application/zip, Encoding: base64, Size: 3.0K --] Blödmann is a German term of abuse which http://dict.leo.org/ende/ translates as buffoon, imbecile, goon, twerp, wally, dimwit, git, dweeb or dumbass. How did I get it? My choice of email address. In my virtual file I find: # www.serif.com [email protected] [email protected] I don't recall why I used that particular name, but it probably reflects on the company web site.
Test post for people using RSS readers
We've made some changes to the website. If you read this blog via an RSS reader (or any "feed reader") posts should appear better now. In particular, the author of the post should show up better.
More rechargeable battery issues
The batteries in Yvonne's mouse are discharged, as indicated by a warning light (!) . No problem. That's why we have rechargeables (NiMH). But lately, mainly out of interest, I've been measuring the voltages after discharge. In this case it was 2 AAA batteries. One was down to 1.062 V, which was really low. But the other was reading -0.062V! OK, it's clear that unbalanced batteries can cause the weakest to fail, but a negative voltage? In addition, these were almost new. But you can't return rechargeable batteries, even if they don't meet ALDI's stringent quality standards. More generally, though, my measurements show that a battery pair never discharges equally.
20 years of CFBSD
Diary entry for today: Feb 24 "Installing and running FreeBSD" submitted for publication, 1996 That was the first edition of what was to become The Complete FreeBSD. Twenty years! Time flies when you're having fun. I tried to find a machine-readable version, but it seems that it's gone. I have everything in RCS, but the build system was baroque and fragile, and the likelihood of being able to build it now is pretty remote. ACM only downloads articles once.
Dell U3415W
34", 21:9, 3440x1440. Which is to say, pretty big and pretty sharp. Full name: Dell UltraSharp 34 Curved Monitor. Its curved. I like it a lot. Thats a 13" MacBook Pro off to the left. To avoid revealing AWSsecrets, I filled the screen with the Ingress map and parked a browser window over it for scale, and another on the laptop. What happened was, Amazons got an engineering hardware refresh rolling around, which included a choice between either this beast or dual 27" monitors. The guys who deal them out tell me the choice is breaking more or less fifty-fifty.
Eavesdropping by the Foscam Security Camera
Brian Krebs has a really weird story about the build-in eavesdropping by the Chinese-made Foscam security camera: Imagine buying an internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a vast peer-to-peer (P2P) network run by the Chinese manufacturer of the hardware. Now imagine that the geek...
Math denialism: crypto backdoors and DRM are the alternative medicine of computer science
My latest Guardian column, The FBI wants a backdoor only it can use but wanting it doesnt make it possible, draws a connection between vaccine denial, climate denial, and the demand for backdoors in secure systems, as well as the call for technologies that prevent copyright infringement, like DRM. The thing all these issues... more
Research on Balancing Privacy with Surveillance
Interesting research: Michael Kearns, Aaron Roth, Zhiewi Steven Wu, and Grigory Yaroslavtsev, "Private algorithms for the protected in social network search," PNAS, Jan 2016: Abstract: Motivated by tensions between data privacy for individual citizens and societal priorities such as counterterrorism and the containment of infectious disease, we introduce a computational model that distinguishes between parties for whom privacy is explicitly...
The Ads vs. Ad Blockers Arms Race
For the past month or so, Forbes has been blocking browsers with ad blockers. Today, I tried to access a Wired article and the site blocked me for the same reason. I see this as another battle in this continuing arms race, and hope/expect that the ad blockers will update themselves to fool the ad blocker detectors. But in a...
Practical TEMPEST Attack
Four researchers have demonstrated a TEMPEST attack against a laptop, recovering its keys by listening to its electrical emanations. The cost for the attack hardware was about $3,000. News article: To test the hack, the researchers first sent the target a specific ciphertext -- in other words, an encrypted message. "During the decryption of the chosen ciphertext, we measure the...
Next on LISA Conversations: Kris Buytaert on "DevOps: The past and future are here. It's just not evenly distributed (yet)"
Our next conversation will be with Kris Buytaert, who presented "DevOps: The past and future are here. It's just not evenly distributed (yet)" at LISA '11. Watch his talk beforehand, and then join us at 11:30 am PST/2:30 pm EST on Tuesday, February 23, 2016, at the Google Hangout On Air. Watch his talk from LISA '15: DevOps: The past and future are here. It's just not evenly distributed (yet) YouTube Slides/Audio/Video ...then watch us interview him live... Tuesday, February 23, 2016 at 11:30 am PST/2:30 pm EST (convert) Watch Live! ...or watch the recorded show shortly after!
Decrypting an iPhone for the FBI
Earlier this week, a federal magistrate ordered Apple to assist the FBI in hacking into the iPhone used by one of the San Bernardino shooters. Apple will fight this order in court. The policy implications are complicated. The FBI wants to set a precedent that tech companies will assist law enforcement in breaking their users' security, and the technology community...
What price an IP address?
IPv6 has been around for nearly 20 years, and in the early days we thought that it would quickly displace IPv4. But it hasn't. Most ISPs still don't support it, and though I could use it in my house network, I don't, mainly because of an overly pedantic concern about efficiency (IPv6 headers are considerably larger than IPv4 headers). Now that the IPv4 address space is depleted, a market has arisen for IP addresses. Today I received a mail message offering to buy my excess IP addresses for the princely sum of $3 each, independent of quantity. I'm not interested, but it got me thinking: how much is an IPv4 address worth?
Build problems
Ran a fairly normal system build on stable today. Or at least, I thought so. And then things began to hang, repeatedly. Looking at the ps output on a repeat attempt, I saw: === grog@stable (/dev/pts/2) ~ 20 -> ps wlt1 UID PID PPID CPU PRI NI VSZ RSS MWCHAN STAT TT TIME COMMAND 0 55691 36392 0 20 0 12368 1944 piperd I+ 1 0:00.10 tee -a Make.log 0 55694 55690 0 26 0 12372 1948 wait I+ 1 0:00.00 /usr/bin/time -l make kernel -DNOCLEAN 0 55695 55694 0 52 0 9116 888 wait I+ 1 0:00.00 make kernel -DNOCLEAN 0 55700 55695 0 52 0 9116 1468 wait I+ 1 0:00.01 make -m ...
Modern Corporate English
The clients ask is simple, he said, but Im not convicted thats a good criteria; anyhow, there are important learnings for us. How much of that do you hate? Whatever; living languages dont care what you think. The awful truth English, among languages, is a shiftless tramp, equally at home in the alleys behind mansions and hovels. Its always ready to pilfer a scrumptious linguistic pie left to cool on a metaphorical windowsill, or fetid food-waste from the metaphorical gutter. These growths on Englishs not-so-fair face are harvested from the hallways and meeting rooms of North American high-tech, which is after all renowned for its creativity.
Friday Squid Blogging: Up Close and Personal with a Giant Squid
Fascinating story. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Security Implications of Cash
I saw two related stories today. The first is about high-denomination currency. The EU is considering dropping its 500-euro note, on the grounds that only criminals need to move around that much cash. In response, Switzerland said that it is not dropping its 1,000-Swiss franc note. Of course, the US leads the way in small money here; its biggest banknote...
Underage Hacker Is behind Attacks against US Government
It's a teenager: British police have arrested a teenager who allegedly was behind a series of audacious -- and, for senior U.S. national security officials, embarrassing -- hacks targeting personal accounts or top brass at the CIA, FBI, Homeland Security Department, the White House and other federal agencies, according to U.S. officials briefed on the investigation. [...] The prominent victims...
Judge Demands that Apple Backdoor an iPhone
A judge has ordered that Apple bypass iPhone security in order for the FBI to attempt a brute-force password attack on an iPhone 5c used by one of the San Bernardino killers. Apple is refusing. The order is pretty specific technically. This implies to me that what the FBI is asking for is technically possible, and even that Apple assisted...
The Eleventh HOPE: NYC, Jul 22-24 (Im keynoting!)
After literally decades of trying to make it to one of 2600 Magazine’s legendary HOPE (Hackers on Planet Earth) events, held every two years in NYC, I will be coming to town this year for it — and giving one of the keynotes. HOPE is in the pantheon of great information security, electronic privacy and... more
Enabling Trust by Consensus
Trust is a complex social phenomenon, captured very poorly by the binary nature of Internet trust systems. This paper proposes a social consensus system of trust: "Do You Believe in Tinker Bell? The Social Externalities of Trust," by Khaled Baqer and Ross Anderson. From the abstract: Inspired by Tinker Bell, we propose a new approach: a trust service whose power...
Salvaging a Broken Wolf's Tooth Spear into a Beautiful Knife
Using Eagles to Intercept Drones
Both Dutch and UK police are training eagles to attack drones....
Fear and Anxiety
More psychological research on our reaction to terrorism and mass violence: The researchers collected posts on Twitter made in response to the 2012 shooting attack at Sandy Hook Elementary School in Newtown, Connecticut. They looked at tweets about the school shooting over a five-and-a-half-month period to see whether people used different language in connection with the event depending on how...
Understanding XCompose
One of the lesser-known features of X is the Compose key. Press it and then enter specific key combinations, and it will generate characters not directly available on the keyboard. For example, with my US-style keyboard I can generate the Greek letter with the combination *L, or ¦ with the combination X06a7. In general all UTF-8 characters can be generated by entering X and the 4 digit hex code, though clearly the other method is easierif you know the combination. But how do I know the combinations? Five years ago, a certain Pmarin sent me details, along with a link to a table which proved to be not completely accurate.
Bushfire, day 3
Mail from Daniel Nebdal today, pointing out that there is an explanation for the symbols on the emergency services web site. What I saw was only the tip of the iceberg: there are a total of 50 of them! Some, like Aircraft Accident, Animal Plague and Plant Health, are unlikely, but Advice and All Clear are notand they use the same symbol for both: height="41" width="50" />, which I had thought meant Information. And what's an animal plague, anyway? There's already a separate symbol for Animal Health.
Survey of the Dark Web
Interesting paper on the dark web: Daniel Moore & Thomas Rid, "Cryptopolitik and the Darknet," Survival, 2016. (Technical annex here -- requires the Tor browser.) They conclude that it's mostly used for illegal activity. No surprise, really, but it's good to have actual research to back it up. Press coverage....
Bushfire, day 2
The bushfire may have been relatively harmless, but it took the crews a long time to contain it. How long? That depends. 24 hours after the fire was reported, the CFA and the Department of Environment, Land, Water & Planning still had different views of what was going on: None of the details match! Not even whether the fire is under control or not! The status was like that for most of the day.
Another bushfire
Another bushfire reported this afternoon, about 5 km ESE of here. The good news: nobody in Dereel was in danger. How did I find out? From Facebook, of course. If I had a SIM in my tablet and mobile phone coverage, I could run an App on the tablet. But what a way to communicate! The emergency services explicitly do not offer an email notification service. OK, we know the URL for the bushfire web site. It's http://www.cfa.vic.gov.au/incidents/incident_summary.htm or maybe http://www.dse.vic.gov.au/DSE/nrenfoe.nsf/LinkView/519C51D981DAE41FCA257257000A5163DC25C965BDA0CAF5CA2573B400013504, and I ranted about it 7 years ago. Oh. No. It's gone, and it's clearly not important enough for them to include a redirect.
Windows 93%
Andy Farkas posted this link. Somehow it addresses some of my prejudices. ACM only downloads articles once. It's possible that this article has changed since being downloaded, but the only way you can find out is by looking at the original article.
CL XXXVI: Island Ingress
On a wet grey February Saturday we combined two of our amusements on a boat trip to Keats Island: Cottage Life and Ingress. Some of this will be comprehensible only to Ingress players, but there are a couple of fairly groovy pix. What happened was, right near our cabin theres North Keats Crosspath, an Ingress portal (that link will only work if youre a player) which I had owned for an awesome 449 consecutive days, until one of the opposition made a fairly heroic night-time boat trip and captured it a week ago. This was Not To Be Tolerated, so I and my wife (and fellow-player) arranged child-care, broke out the boat, and put to sea in adverse conditions.
I was a Jeopardy! clue
I got quite a treat yesterday afternoon when my email and Twitter filled up with people letting me know that I was mentioned in a Jeopardy! clue! I was joined in a category about science fiction novels with John Redshirts Scalzi, Jeff Annihilation VanderMeer, and Ernest Ready Player One Cline. Presumably, there was a fifth... more
Friday Squid Blogging : Pajama Squid
The Monterey Bay Aquarium has a pajama squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Fitbit Data Reveals Pregnancy
A man learned his wife was pregnant from her Fitbit data. The details of the story are weird. The man posted the data to Reddit and asked for analysis help. But the point is that the data can reveal pregnancy, and this might not be something a person wants to tell a company who can sell that information for profit....
WebCast on how to "Fail Better": Friday, Feb 26
I'll be giving a talk "Fail Better: Radical Ideas from the Practice of Cloud Computing" as part of the ACM Learning Series at at 2pm EST on Friday, February 26, 2016. Pre-registration is required. In this talk I explain 3 of the most important points from our newest book, The Practice of Cloud System Administration. The talk applies to everyone, whether or not you are "in the cloud". "See" you there!
Determining Physical Location on the Internet
Interesting research: "CPV: Delay-based Location Verification for the Internet": Abstract: The number of location-aware services over the Internet continues growing. Some of these require the client's geographic location for security-sensitive applications. Examples include location-aware authentication, location-aware access policies, fraud prevention, complying with media licensing, and regulating online gambling/voting. An adversary can evade existing geolocation techniques, e.g., by faking GPS coordinates...
Air conditioner bugs
Our air conditioner works relatively well, especially compared to our last installation. In particular, the temperature regulation is good. But the control unit has a number of strangenesses that lead to the conclusion that the programmers didn't really consider all possibilities: You can set the temperature in up to 8 zones (effectively rooms), each with its own control unit. We have installed all 8. But the temperature setting range is limited to 4°.
HTML authentication revisited
Discussion on IRC today about yesterday's HTML authentication system. Andy Snow commented: selective htaccess probably wouldn't have been any more lines of code, but probably would have needd more reading of docs :) Well, yes, guilty as charged. I shouldn't be reinventing the wheel. So I (later) read the documentation. As I feared, it doesn't really address my issue. I want to allow access to multiple images without authentication; I only want to enable access to the others for certain people, and I don't want to advertise the fact.
Worldwide Encryption Products Survey
Today I released my worldwide survey of encryption products. The findings of this survey identified 619 entities that sell encryption products. Of those 412, or two-thirds, are outside the U.S.-calling into question the efficacy of any US mandates forcing backdoors for law-enforcement access. It also showed that anyone who wants to avoid US surveillance has over 567 competing products to...
How SysAdmins Devalue Themselves
I write a 3-times-a-year column in ACM Queue Magazine. This issue I cover 2 unrelated topics. " How Sysadmins Devalue Themselves" and "And how to track on-call coverage". Enjoy! Q: Dear Tom, How can I devalue my work? Lately I've felt like everyone appreciates me, and, in fact, I'm overpaid and underutilized. Could you help me devalue myself at work? A: Dear Reader, Absolutely! I know what a pain it is to lug home those big paychecks. It's so distracting to have people constantly patting you on the back. Ouch! Plus, popularity leads to dates with famous musicians and movie stars.
Make Privacy a 2016 Election Issue
EPIC has just launched "Data Protection 2016" to try to make privacy an issue in this year's elections. You can buy swag....
Hacking security
Over the years I have written my own scripts to display my photos on the web. Compared to commercially available scripts, they have the advantage that I can modify them to suit my tastes, including displaying with more images and less clutter. They also allow me to include photos on other web pages, such as this diary, using the same interface. But now Yvonne had a dilemma: she has been training a horse who shall be not only nameless, but also invisible. And of course she has taken a lot of photos, which she wants to share with Chris Bahlo and the owner, but nobody else.
Tracing the ATA issue
My traces of the communication between ATA and eureka showed perfectly normal traffic followed by a reboot. But that was based on the IP address, and the reboot reason was specified was Using last good known IP and reboot after 30 minutes, that might not be enough. The dropouts continued, so I started another trace, this time looking for traffic related to the MAC address. And sure enough, that showed more information: 08:55:53.018742 bc:5f:f4:c9:9b:bf (oui Unknown) > 00:25:9b:6e:34:36 (oui Unknown), ethertype IPv4 (0x0800), length 495: sip.hostedphonesystem.net.au.sip > officephone.lemis.com.sip: SIP, length: 453 08:55:53.046585 bc:5f:f4:c9:9b:bf (oui Unknown) > 00:25:9b:6e:34:36 (oui Unknown), ethertype IPv4 (0x0800), length 495: sip.hostedphonesystem.net.au.sip > officephone.lemis.com.sip-tls: SIP, length: 453 08:56:04.211877 00:25:9b:6e:34:36 (oui Unknown) > Broadcast, ethertype IPv4 (0x0800), length 342: 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:25:9b:6e:34:36 (oui Unknown), length 300 (9 more omitted) 09:00:10.489436 00:25:9b:6e:34:36 (oui Unknown) > Broadcast, ...
AT&T Does Not Care about Your Privacy
AT&T's CEO believes that the company should not offer robust security to its customers: But tech company leaders aren't all joining the fight against the deliberate weakening of encryption. AT&T CEO Randall Stephenson said this week that AT&T, Apple, and other tech companies shouldn't have any say in the debate. "I don't think it is Silicon Valley's decision to make...
A feast of analogies
A few years ago a coworker noticed that all my analogies seemed to involve food. He asked if this was intentional. I explained to him that my analogies contain many unique layers, but if you pay attention you'll see a lot of repetition... like a lasagna. By the way... I've scheduled this blog post to appear on the morning of Wednesday, Feb 10. At that time I'll be getting gum surgery. As part of recovery I won't be able to bite into any food for 4-6 months. I'll have to chew with my back teeth only. Remember, folks, brushing and flossing is important.
10,000-Year-Old Warfare
Evidence of primitive warfare from Kenya's Rift Valley....
Fixing the audio issues
Another problem with tiwi's audio today, this time playing a video. Again the message Audio device got stuck!, and couldn't get rid of it. Did a bit of googling and found this page, which suggests: === root@tiwi (/dev/pts/5) /home/grog 6 -> sysctl dev.hdac.0.polling=1 dev.hdac.0.polling: 0 -> 1 That works. But it's not a solution. It's a workaround, and the real issue seems to be that the device stops interrupting. Why? Do I care? ACM only downloads articles once.
NBN reception towers
Had a chat with Kevin of Aussie Broadband today about erecting towers to connect to the National Broadband Network wireless service. He wasn't able to do anything himself, but he had a couple of good idea. It seems that the NBN will accept a tower, but to get to the people who handle that you need some persistence. The big issue remains the height of the tower, of course. Make it 300 m high and you won't have a problem, except with the cost and the appearance. Clearly you don't want it any higher than necessary, and to find out what's necessary you need to measure signal strength.
The 2016 National Threat Assessment
It's National Threat Assessment Day. Published annually by the Director of National Intelligence, the "Worldwide Threat Assessment of the US Intelligence Community" is the US intelligence community's one time to publicly talk about the threats in general. The document is the results of weeks of work and input from lots of people. For Clapper, it's his chance to shape the...
Large-Scale FBI Hacking
As part of a child pornography investigation, the FBI hacked into over 1,300 computers. But after Playpen was seized, it wasn't immediately closed down, unlike previous dark web sites that have been shuttered" by law enforcement. Instead, the FBI ran Playpen from its own servers in Newington, Virginia, from February 20 to March 4, reads a complaint filed against a...
More multimedia pain
In the evening, listening to radio on tiwi, with the screen powered down, when suddenly there was a loud hum and then nothing. Turned the screen on and saw: Audio device got stuck! Audio device got stuck! Audio device got stuck! Exit before end: file position -1 MPlayer interrupted by signal 11 in module: key_events ... I've seen the crash before, but what's the Audio device got stuck!? In particular, it stayed stuck. Didn't have time to investigate then, and simply rebooted the machine, after which it worked again. But why are all these problems occurring now?
Yet another hardware failure
When I went to Ballarat I took my Android tablet with me to try once again to get a sensible navigation application. In vain: the choice of route is still terrible. Going north along Peel St to the destination a few hundred metres ahead, it turned me right along Curtis St, past Bakery Hill, left into Humffray St and left again into Mair St: And of course I can no longer link to a Google Map, because my software isn't leet enough for them.
More hardware failure?
While preparing Yvonne's camera for shipment, noted a couple of LEDs that were out when they should be on: Line 1 and Line 2 on my ATA. Discovered I couldn't communicate with it at all: it seemed to have failed. They're not expensiveunder $30but where do I get an ATA in a hurry? Most are supplied, at elevated prices, by VoIP providers. MyNetFone offers an SPA122 for $69.95 and another $12.95 for postage, for example. And they seem to be remarkably unreliable. So quickly ordered another PAP2T. Power cycled the box, started a trace and found, after a lot of failed ARP requests: 10:30:21.839411 ARP, Request who-has officephone.lemis.com tell eureka.lemis.com, length 28 10:30:22.841399 ARP, Request who-has officephone.lemis.com tell eureka.lemis.com, length 28 10:32:37.089384 ARP, Request who-has officephone.lemis.com tell officephone.lemis.com, length 46 10:32:37.340780 ARP, Request who-has officephone.lemis.com tell officephone.lemis.com, length 46 10:32:37.343440 ARP, ...
Data and Goliath Published in Paperback
Today, Data and Goliath is being published in paperback. Everyone tells me that the paperback version sells better than the hardcover, even though it's a year later. I can't really imagine that there are tens of thousands of people who wouldn't spend $28 on a hardcover but are happy to spend $18 on the paperback, but we'll see. (Amazon has...
ACM Interviews: Thomas Limoncelli
I'm excited to announce that I've been interviewed as part of the ACM Interviews series. Listen to the 1-hour interview or read the summary via this link ACM Interviews are part of the ACM Learning Center (click on Podcasts). Over the last 20+ years Stephen Ibaraki's interviews have included famous computer scientists and innovators like Vint Cerf, Eric Schmidt, Leslie Lamport, and more. (Complete list here.) Stephen is involved in many professional organizations, he frequently addresses the United Nations, and has received numerous honors including being the first and only recipient of the Computing Canada IT Leadership Lifetime Achievement Award. I was quite honored to be asked.
Exploiting Google Maps for Fraud
The New York Times has a long article on fraudulent locksmiths. The scam is a basic one: quote a low price on the phone, but charge much more once you show up and do the work. But the method by which the scammers get victims is new. They exploit Google's crowdsourced system for identifying businesses on their maps. The scammers...
NBN for the depressed
Anita Maynard asked on Facebook today about getting NBN in her location, which is in a depression. Ended up going over to take a look there, and discovered that her husband Ken is the bloke who bought our pizza oven last year. Fortunately he's happy with it. It seems that the National Broadband Network has been there a couple of times and established that he could get a signal if they found a way to mount the antenna about 10 m higher. Not really an issue, especially since Ken is good at that sort of thing, so he would build his own tower.
Still more TV pain
Checking last night's recordings, discovered that cvr2 hung again. It was recording at the time, so I have an exact time when it happened: 2016-02-06 21:14:23.703343663. Unfortunately I don't have as good a time for the say before, but it was also some time after 21:00. About the only thing in /var/log/messages at least gives me a rough idea: Feb 5 20:58:57 cvr2 -- MARK -- Feb 5 21:18:57 cvr2 -- MARK -- Feb 6 10:12:31 cvr2 syslogd 1.5.0#2ubuntu6: restart. So it must have been some time between 21:18 and 21;29. What's causing it?
Wolf's Tooth Spear Update
TV computer issues
Checking on yesterday's TV recording, discovered that cvr2, the recording machine, was down. It seems that it just hung some time after 21:00. And it seems that Linux machines are particularly laconic when it comes to logging. Why did it die? No idea. It came back up again with no difficulties. Hopefully a one-off occurrence. As if that wasn't enough, had more trouble with tiwi. X came up in 1024×768 mode again. Why? An examination of the Xorg.0.log file was interesting: it didn't find any EDID data at all.
LISA Conversations Episode 6: Alice Goldfuss on Scalable Meatfrastructure (LISA15)
In this episode we talked with Alice Goldfuss about the changes you need to make when growing a DevOps or sysadmin team. Alice also talked about dealing with remote workers, her experience at film school, plus she shares insights about giving your first presentation at a conference. LISA Conversations Episode 6: https://www.youtube.com/watch?v=8bxOstI2r8A Topic: Alice Goldfuss discusses her LISA '15 talk: Scalable Meatfrastructure: Building Stable DevOps Teams You don't want to miss this! For the complete list of LISA Conversations, visit our homepage.
Intel graphics: not the solution
Left tiwi running overnight, mainly by accident. And today the display of a firefox browser was corrupted, apparently a font issue that I couldn't fix by changing tabs back and forth. Somehow the on-chip graphics just aren't up to an HD display. Maybe I should put the disk back in the old teevee machine until I can sort things out. ACM only downloads articles once.
Configuring aspell
Since a recent upgrade to Emacs my spell corrector hasn't been working, claiming that no dictionary was selected. If I tried to select one (ispell-change-directory), it claimed that the selected dictionary (british) didn't exist. Googling didn't help: this otherwise helpful article told me to do exactly what I was doing. Exceptionally, the normal documentation didn't go into intimate details of installation. Why couldn't I select a dictionary? Finally I tried pkg: === grog@eureka (/dev/pts/27) ~ 165 -> pkg info | grep spell aspell-0.60.6.1_5 Spelling checker with better suggestion logic than ispell de-aspell-20030222.1_1 Aspell German dictionary hunspell-1.3.3 Improved spell-checker for Hungarian and other languages ispell-3.3.02_5 An interactive spelling checker for multiple languages ...
Friday Squid Blogging: Squid Knitting Pattern
Surprisingly realistic for a knitted stuffed animal....
NSA Reorganizing
The NSA is undergoing a major reorganization, combining its attack and defense sides into a single organization: In place of the Signals Intelligence and Information Assurance directorates the organizations that historically have spied on foreign targets and defended classified networks against spying, respectively the NSA is creating a Directorate of Operations that combines the operational elements of each....
Low-light Phone cam
Regular readers will know that I have a thing about low-light photography. My new photo-toy is the Nexus 5X and Ive the urge to push it further into the dark than it really wants to go. Yes, the wide-angle is bending the building a bit; but its getting help from the architect. #Bike2WorkPix. 1/35sec at ISO 725. I remember, all those years ago, when the original Nikon D3 came out, the first digital camera that could see just as well as you in the dark. They more or less all can, these days. Thats a little corner of the mighty Pacific.
Tracking Anonymous Web Users
This research shows how to track e-commerce users better across multiple sessions, even when they do not provide unique identifiers such as user IDs or cookies. Abstract: Targeting individual consumers has become a hallmark of direct and digital marketing, particularly as it has become easier to identify customers as they interact repeatedly with a company. However, across a wide variety...
tiwi: done!
More work on tiwi today. Yesterday it was mainly working, but I had to check audio, ensure that it boots up cleanly, and move it to the lounge room. And clearly I needed to move the videos on teevee across to tiwi. Nothing very complicated, but lots of non-obvious details. Syncing the videos was the most time-consuming. I had already done so last month, but since then new videos have arrived, of course. I used rsync last time, but didn't mention it in my diary. That's a mistake: every time I use rsync for something like this, I have a couple of false starts while I sort out options and whether path names should end in a /.
The Internet of Things Will Be the World's Biggest Robot
The Internet of Things is the name given to the computerization of everything in our lives. Already you can buy Internet-enabled thermostats, light bulbs, refrigerators, and cars. Soon everything will be on the Internet: the things we own, the things we interact with in public, autonomous things that interact with each other. These "things" will have two separate parts. One...
mplayer: Finally!
I finished yesterday with the recognition that my issues with mplayer were related either to specific hardware or specific software. Which? Today I started by putting the disk from stable into the new tiwi machine and trying in that configuration. It worked. So it's not the hardware. Which software? I guessed something in /usr/local. The base systems are the same, so after replacing the original disks in their machines, I copied the entire /usr hierarchy from stable to tiwi (as /spool/usr), then rebooted and symlinked /spool/usr to /usr. And sure enough, that worked too. So all I needed was to put the hierarchy in the correct place and I was done.
Security vs. Surveillance
Both the "going dark" metaphor of FBI Director James Comey and the contrasting "golden age of surveillance" metaphor of privacy law professor Peter Swire focus on the value of data to law enforcement. As framed in the media, encryption debates are about whether law enforcement should have surreptitious access to data, or whether companies should be allowed to provide strong...
More fun with telemarketeers
Eighteen months ago I described a trick to upset telemarketeers. What I've heard since then is that it had an immediate reaction from telemarketeer management. The drones have been instructed to never, never change the configuration of their phones on instruction over the phone. Today I heard of another hack: a robot that recognizes spam calls and automatically handles them. This story in particular amused me. How do you recognize spam calls in advance? The caller ID may give some clue, as the link describes. That's applicable to the USA, but here we get different things. Today I got a call from 0380801590, which, however, appears to be a valid number.
Fixing video issues
By the end of yesterday I had at least three remaining issues with tiwi: display resolution, lack of video with mplayer, and lack of lirc support. Spent today addressing them. The resolution issue was straightforward enough, just a mode line in the xorg.conf file. But the lack of display kept me going all day. First question: is this a problem with mplayer or X? That's easy to check: display the output of a known good mplayer on tiwi:0, and display the output of my new mplayer, running on tiwi, on a display on eureka. But the first part didn't work. The X server wasn't listening on TCP port x11.
Paper on the Going Dark Debate
I am pleased to have been a part of this report, part of the Berkman Center's Berklett Cybersecurity project: Don't Panic: Making Progress on the "Going Dark" Debate From the report: In this report, we question whether the "going dark" metaphor accurately describes the state of affairs. Are we really headed to a future in which our ability to effectively...
Marlowe, RIP
Our big male cat, announced in this space in 2005, died suddenly. Bloggers cats get obituaries. Looking irritated, probably being tickled. Marlowe always had a great coat and there was a lot of cat under it; in mid-life he became obese, but when we put him on a diet and his waist re-appeared he was one damn fine-looking cat. He wasnt terribly smart or terribly affectionate. He liked the outdoors and was a pretty good rat-catcher. Hey, we live near the middle of a port city and thats a big plus. His greatest joy in life was a warm stationary lap, so he greatly approved of long TV shows.
Watch us live today: LISA Conversations: Alice Goldfuss on Scalable Meatfrastructure
Today (Feb 2) at 3:30PM PST we'll be recording this month's episode of LISA Conversations. Our guest will be Alice Goldfuss. We'll be discussing her LISA '15 talk about growing a devops team: Scalable Meatfrastructure: Building Stable DevOps Teams Watch her talk from LISA '15... Scalable Meatfrastructure: Building Stable DevOps Teams ...then watch us interview her live... January 26, 2016 at 3:30 pm-4:30 pm PDT (convert) Watch Live! ...or watch the recorded show shortly after! You won't want to miss this! (NOTE: This recording was rescheduled; our usual time/date is the last Tuesday of the month.)
More Details on the NSA Switching to Quantum-Resistant Cryptography
The NSA is publicly moving away from cryptographic algorithms vulnerable to cryptanalysis using a quantum computer. It just published a FAQ about the process: Q: Is there a quantum resistant public-key algorithm that commercial vendors should adopt? A: While a number of interesting quantum resistant public key algorithms have been proposed external to NSA, nothing has been standardized by NIST,...
Finishing the mplayer mods
I've been procrastinating in applying my patches to mplayer, but it's gradually time to do something. And once I had found what looked like the most recent patches, actually applying them wasn't that bad. And it worked! About the only modification I needed to make was to remove a rather unsuccessful attempt to measure time in files captured from an MPEG Transport Stream: /* * grog, 2008/10/16 07:15:42 * Calculate the elapsed time for a file. We need this if we have * copied transport streams with nonsensical elapsed time values. */ double demuxer_calc_elapsed_time (demuxer_t *demuxer) { double get_time_ans; sh_video_t *sh_video = demuxer->video->sh; sh_audio_t *sh_audio = demuxer->audio->sh; if (sh_video && sh_video->i_bps) get_time_ans = (double) (demuxer->filepos - demuxer->movi_start) / sh_video->i_bps; else if (sh_audio && sh_audio->i_bps) get_time_ans = (double) (demuxer->filepos - demuxer->movi_start) / sh_audio->i_bps; else get_time_ans=0; return get_time_ans; } ...
Online concert bookings
So we've decided to go to the Kammerphilarmonie Köln concert on Friday. How do we get tickets? There are plenty of sites that sell them at different prices, or I can call up Her Majesty's Theatre and book them over the phone. The price is the same as on their web site. My prejudices against broken web sites suggest that the phone is the better choice. But that's chickening out, so I braved the web site. My prejudices were confirmed. I had to register with the site with full address, email and password, and it didn't want to acccept my address: If these sites insist on checking the address, they should at least have the most up-to-date list of addresses.
NSA and GCHQ Hacked Israeli Drone Feeds
The NSA and GCHQ have successfully hacked Israel's drones, according to the Snowden documents. The story is being reported by the Intercept and Der Spiegel. The Times of Israel has more....
NSA's TAO Head on Internet Offense and Defense
Rob Joyce, the head of the NSA's Tailored Access Operations (TAO) group -- basically the country's chief hacker -- spoke in public earlier this week. He talked both about how the NSA hacks into networks, and what network defenders can do to protect themselves. Here's a video of the talk, and here are two good summaries. Intrusion Phases Reconnaissance Initial...