An aggregation of our Blog Roll, made up of acmqueue authors.   more

Postings for July 2015:  (69 posts)
Wed, 29 Jul 2015 01:00:23 UTC

Change of address, bureaucratic style

Posted By Greg Lehey

Since moving house, there are hundreds of people I need to inform about our change of address. It's not overly urgent: mail will be forwarded until the end of May 2016, but gradually we should do something about it. Today we received no less than 4 letters from Centrelink, probably a good candidate to start with. Based on my prior experience with their web site, I asked Google instead. And that took me to this page, explaining that I should go to instead and update addresses with multiple agencies with one fell swoop. It went into extreme detail about what could go wrong and what to do if it did.

Tue, 28 Jul 2015 19:00:00 UTC


Posted By Tim Bray

What happened was, Shane & Ally asked us to a rooftop barbecue with views in every direction. Most of them featured cranes, and I dont mean birds, which is not necessarily bad. Also, it would be unfair to omit the moon. Looming over us was this crane complex, not unattractive at all. If it looks kind of grainy thats because Id fat-fingered the camera into shooting at ISO6400. But the X-T1 is sufficiently resilient that this (like many other of my photo-miscues) came out OK. Which is especially true when you shoot through the stupidly-good Fuji XF35mm. But wait! There are more cranes and theyve got the mountains behind them.

Tue, 28 Jul 2015 01:20:00 UTC

LISA Conversations premieres on Tuesday!

Posted By Tom Limoncelli

Yes, I've started a video podcast that has a homework assignment built-in. Watch a famous talk from a past LISA conference (that's the homework) then watch Tom and Lee interview the speaker. What's new since the talk? Were their predictions validated? Come find out! Watch it live or catch the recorded version later. The first episode will be recorded live Tuesday July 28, 2015 at 1:30pm PDT.

Mon, 27 Jul 2015 22:49:45 UTC

Retail sales in the Internet age

Posted By Greg Lehey

To Masters today to pick up an eBay purchase. Huh? Masters is a normal Home Improvement shop, part of the Woolworths conglomerate. What do they have to do with eBay? They have a shop on eBay where they sell things that aren't in their normal catalogue, and they'll either send it to you normally, at a normal price, or you can opt to save money and pick them up at a shop of your choice. That's what I did today: I had bought a sprinkler controller for $55, while the closest comparable one in their catalogue cost $108. I suspect that mine is last year's model, but that's OK; that applies to a number of things on eBay.

Sun, 26 Jul 2015 23:43:31 UTC

Getting information from Microsoft

Posted By Greg Lehey

People discussed yesterday's Microsoft adventures on IRC. Jamie Fraser came up with some information that I'll keep for next time: <fwaggle> grog needs pci ids under windows? i solved this problem ages ago. C+P from my  notes: right-click My Computer and choose properties. Then, go to the Hardware  tab, and pick Device Manager.  Navigate to your unknown device, double-click it  and then pick the Details tab. Find the Hardware Ids entry, and look for the  most detailed entry. My shitty SiS network adaptors is PCI\VEN_1039&DEV_0900. ACM only downloads articles once.

Sun, 26 Jul 2015 00:03:38 UTC

Installing Microsoft again

Posted By Greg Lehey

After yesterday's fun came the immense fun of installing Microsoft again. It started off badly: when it got to choosing the disk, once again it claimed that there were no disks. But I discovered that it works better if you plug it in, and after that it went off and did its installation. And of course I had to enter this license key thing. As instructed on the OEM box, the sticker was to be removed and attached to the computer somewhere, in this case on top of the case. How do you read that? It was in the shade, on its side, and in a small enough font (about 6 pt) that not only old fogeys like myself can't read it, especially when the font makes it difficult to distinguish between B and 8: ...

Sat, 25 Jul 2015 01:45:11 UTC

Recovering the Microsoft box

Posted By Greg Lehey

As Juha Kupiainen had suggested, took a look at Shaun O'Connor's computer today to see if it understood RAID. Yes! But as I had feared, that was just the first half of the problem: How do I bring the member back online? The menu offers Recovery Volume Options, but that just gives the option to create a backup. Once it's down, there seems to be nothing in the BIOS that can recover it.

Fri, 24 Jul 2015 15:40:10 UTC

Save on The Practice of Cloud System Administration

Posted By Tom Limoncelli

Pearson / is running a promotion through August 11th on many open-source related books, including Volume 2, The Practice of Cloud System Administration. Use discount code OPEN2015 during checkout and received 35% off any one book, or 45% off 2 or more books. See the website for details.

Thu, 23 Jul 2015 23:05:03 UTC

BigPond: Go away!

Posted By Greg Lehey

Got a message from Warren Ure today, reporting discrepancies in traffic measurement between his mother and her (unspecified) ISP. Not surprisingly, the ISP claimed more traffic. I thought it might be something like my experience last year, where the router was compromised and used to relay traffic. But no, it seems not: she's on satellite, and the traffic is measured even when the modem is turned off. That doesn't make sense. Neither does the response of the ISP, claiming that there can still be traffic. Sent him a reply. <>: host[] said: 552     5.2.0 vj8v1q02L1sUVRc01j8wYc Suspected spam message rejected.

Thu, 23 Jul 2015 15:03:17 UTC

SysAdmin Appreciation Day in New York City

Posted By Tom Limoncelli

If you are in NYC, there is a SysAdmin Appreciation day event at The Gingerman, 11 E 36th Ave, New York City, NY, on Friday, July 31, 2015, 6:00 PM. This event usually has a big turn-out and is a great way to meet and network with local admins. RSVP here: Thanks to Digital Ocean for sponsoring this event, and Justin, Jay, Nathan and the other organizers for putting this together every year. Hope to see you there!

Thu, 23 Jul 2015 15:00:00 UTC

Schyntax: A DSL for specifying recurring events

Posted By Tom Limoncelli

There are many ways to specify scheduled items. Cron has 10 8,20 * 8 1-5 and iCalendar has RRULE and Roaring Penguin brings us REMIND. There's a new cross-platform DSL called Schyntax, created by my Stack Overflow coworker Bret Copeland. The goal of Schyntax is to be human readable, easy to pick up, and intuitive. For example, to specify every hour from 900 UTC until 1700 UTC, one writes hours(9..17) What if you want to run every five minutes during the week, and every half hour on weekends? Group the sub-conditions in curly braces: { days(mon..fri) min(*%5) } { days(sat..sun) min(*%30) } It is case-insensitive, whitespace-insensitive, and always UTC.

Thu, 23 Jul 2015 11:17:43 UTC

Remotely Hacking a Car While It's Driving

Posted By Bruce Schneier

This is a big deal. Hackers can remotely hack the Uconnect system in cars just by knowing the car's IP address. They can disable the brakes, turn on the AC, blast music, and disable the transmission: The attack tools Miller and Valasek developed can remotely trigger more than the dashboard and transmission tricks they used against me on the highway....

Thu, 23 Jul 2015 08:26:18 UTC

Understanding bad language

Posted By Greg Lehey

It's nothing new that Microsoft has obfuscated understanding file systems by referring to directories as folders, but today, while trying to find out how to work around Microsoft blockages and move a file from one directory to another, I got the message: Leave the file in the destination directory? Surely they mean the source directory. Have they reversed normal meaning, or is it typical of the quality of their messages?

Thu, 23 Jul 2015 08:20:32 UTC

Understanding the boot problems

Posted By Greg Lehey

While looking at the information I had about Shaun O'Connor's computer, I checked about the disks he had. WD1002FAEX. And they're 1 TB disks. So why did the fdisk output show 2 TB? Did Shaun accidentally overwrite the partition table? Juha Kupiainen came up with the most likely answer: the two disks are combined as RAID-0. That explains a lot of things, in particular why he couldn't boot after resetting the BIOS to default values (and yes, it does offer some kind of RAID). Of course, for every complex problem there's a solution which is simple, elegant and wrong. I didn't have time today, and I won't have time tomorrow, but hopefully we'll see a result on Friday.

Wed, 22 Jul 2015 12:11:32 UTC

Preventing Book Theft in the Middle Ages

Posted By Bruce Schneier

Interesting article....

Wed, 22 Jul 2015 01:14:57 UTC

Neighbourhood computer help

Posted By Greg Lehey

Shaun O'Connor, whom I don't know, sent out a request on Facebook today, looking for a PC repairman. Not quite my line of business, but in the interests of neighbourly help, I offered to take a look. He had had error messages relating to the first disk, which he couldn't interpret, and somebody online had suggested that he reset the BIOS to default values. That made a big difference: he could no longer boot at all: Can't load operating system; doesn't that help pinpoint things? The machine wasn't your run-of-the-mill system: big tower, 4 nVidia video cards (more than I have!)

Tue, 21 Jul 2015 19:00:00 UTC

Sitting down with Trudeau on C-51

Posted By Tim Bray

A couple of months ago, ten people spent an hour sitting down with Justin Trudeau, Liberal Party leader and potentially Canadas next Prime Minister, to talk about Bill C-51, anti-terrorist legislation from Canadas Conservative government. I was one of those people, and perhaps readers might be interested in hearing about it. Sidebar: Why now? After the meeting I decided not to blog it, because I was worried about ethics; nobody had said the meeting was private but nobodyd said it was public either. Recently I mentioned this to a Liberal insider I know whod helped organize and he looked shocked: Why not?!

Tue, 21 Jul 2015 11:51:47 UTC

Malcom Gladwell on Competing Security Models

Posted By Bruce Schneier

In this essay/review of a book on UK intelligence officer and Soviet spy Kim Philby, Malcom Gladwell makes this interesting observation: Here we have two very different security models. The Philby-era model erred on the side of trust. I was asked about him, and I said I knew his people. The "cost" of the high-trust model was Burgess, Maclean, and...

Tue, 21 Jul 2015 11:51:47 UTC

Malcolm Gladwell on Competing Security Models

Posted By Bruce Schneier

In this essay/review of a book on UK intelligence officer and Soviet spy Kim Philby, Malcolm Gladwell makes this interesting observation: Here we have two very different security models. The Philby-era model erred on the side of trust. I was asked about him, and I said I knew his people. The "cost" of the high-trust model was Burgess, Maclean, and...

Mon, 20 Jul 2015 23:33:30 UTC

Air conditioners in sub-zero environments

Posted By Greg Lehey

We normally turn the air conditioner (heating) off at night. But yesterday morning it took several hours for the house to get warm. Last night we left it running overnight, and that was just as well. The temperature dropped to a measured -2.3°, only 0.1° warmer than the previous night, and the air conditioner had difficulty keeping the temperature. One clear reason is that it took forever to de-ice. De-icing is essential for air conditioners heating: ice collects on the coil and needs to be removed again by reversing the coolant flow and passing hot coolant through the coil. In my experience, it takes a few seconds to melt the ice, and a little while to blow the resulting water off the coil.

Mon, 20 Jul 2015 20:15:22 UTC

Organizational Doxing of Ashley Madison

Posted By Bruce Schneier

The -- depending on who is doing the reporting -- cheating, affair, adultery, or infidelity site Ashley Madison has been hacked. The hackers are threatening to expose all of the company's documents, including internal e-mails and details of its 37 million customers. Brian Krebs writes about the hackers' demands. According to the hackers, although the "full delete" feature that Ashley...

Mon, 20 Jul 2015 13:00:00 UTC

Under the Hood of Amazon EC2 Container Service

Posted By Werner Vogels

In my last post about Amazon EC2 Container Service (Amazon ECS), I discussed the two key components of running modern distributed applications on a cluster: reliable state management and flexible scheduling. Amazon ECS makes building and running containerized applications simple, but how that happens is what makes Amazon ECS interesting. Today, I want to explore the Amazon ECS architecture and what this architecture enables. Below is a diagram of the basic components of Amazon ECS: How we coordinate the cluster Lets talk about what Amazon ECS is actually doing. The core of Amazon ECS is the cluster manager, a backend service that handles the tasks of cluster coordination and state management.

Mon, 20 Jul 2015 10:25:16 UTC

Google's Unguessable URLs

Posted By Bruce Schneier

Google secures photos using public but unguessable URLs: So why is that public URL more secure than it looks? The short answer is that the URL is working as a password. Photos URLs are typically around 40 characters long, so if you wanted to scan all the possible combinations, you'd have to work through 1070 different combinations to get the...

Sun, 19 Jul 2015 23:50:04 UTC

Fully tested toner

Posted By Greg Lehey

My cheap (premium) toner cartridge for my laser printer has arrived: Good that it's 100% tested, but does that mean that it's now empty? I'm reminded of a Monty Python (I think) sketch from about 1972, taking off the fuel economy TV advertisements of the time (how far can I drive with 1 gallon of petrol?). In this case, the car carried on for 110,000 miles. Great enthusiasm on the part of the petrol company, but the driver said But look at my car!

Fri, 17 Jul 2015 21:09:27 UTC

Friday Squid Blogging: Squid Giving Birth

Posted By Bruce Schneier

I may have posted this short video before, but if I did, I can't find it. It's four years old, but still pretty to watch. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 17 Jul 2015 17:00:00 UTC

Back-to-Basics Weekend Reading - Data Compression

Posted By Werner Vogels

Data compression today is still as important as it was in the early days of computing. Although in those days all computer and storage resources were very limited, the objects in use were much smaller than today. We have seen a shift from generic compression to compression for specific file types, especially those in images, audio and video. In this weekend's back to basic reading we go back in time, 1987 to be specific, when Leweler and Hirschberg wrote a survey paper that covers the 40 years of data compression research. It covers all the areas that we like in a back to basics paper, it does not present the most modern results but it gives you a great understanding of the fundamentals.

Fri, 17 Jul 2015 11:35:52 UTC

Using Secure Chat

Posted By Bruce Schneier

Micah Lee has a good tutorial on installing and using secure chat. To recap: We have installed Orbot and connected to the Tor network on Android, and we have installed ChatSecure and created an anonymous secret identity Jabber account. We have added a contact to this account, started an encrypted session, and verified that their OTR fingerprint is correct. And...

Fri, 17 Jul 2015 00:44:41 UTC

FreeBSD code of conduct

Posted By Greg Lehey

Recently the current FreeBSD core team announced a (new?) code of conduct. On the one hand, it's good to make it clear that people are expected to behave, and the wording is mildly amusing: We do not believe anyone should be treated any differently based on who they are, where they are from, where their ancestors were from, what they look like, what gender they identify as, who they choose to sleep with, how old they are, their physical capabilities or what sort of religious beliefs they may hold.

Thu, 16 Jul 2015 16:00:43 UTC

ProxyHam Canceled

Posted By Bruce Schneier

The ProxyHam project (and associated Def Con talk) has been canceled under mysterious circumstances. No one seems to know anything, and conspiracy theories abound....

Wed, 15 Jul 2015 19:00:00 UTC

Meet Jude and Raziel

Posted By Tim Bray

I recently read When Everything Feels like the Movies by Raziel Reid (A.K.A. @razielreid) and enjoyed the hell out of it. Then Raziel came to our book club meeting, which was weird but good. Sidebar: On Book Clubs I can feel the eye-rolling coming back through the Internet at me. The book-club notion had been opaque, but then I found myself exposed to my wifes because it was at our house sometimes. Seemed to center around wine and munchies and argument, with a lot of laughing. And Ive always been a bookworm, so now Ive been going for years. Anyhow, I recommend the book-club thing.

Wed, 15 Jul 2015 07:15:22 UTC

Crypto-Gram Is Moving

Posted By Bruce Schneier

If you subscribe to my monthly e-mail newsletter, Crypto-Gram, you need to read this. Sometime between now and the August issue, the Crypto-Gram mailing list will be moving to a new host. When the move happens, you'll get an e-mail asking you to confirm your subscription. In the e-mail will be a link that you will have to click in...

Tue, 14 Jul 2015 17:00:00 UTC

Embrace event-driven computing: Amazon expands DynamoDB with streams, cross-region replication, and database triggers

Posted By Werner Vogels

In just three short years, Amazon DynamoDB has emerged as the backbone for many powerful Internet applications such as AdRoll, Druva, DeviceScape, and Battlecamp. Many happy developers are using DynamoDB to handle trillions of requests every day. I am excited to share with you that today we are expanding DynamoDB with streams, cross-region replication, and database triggers. In this blog post, I will explain how these three new capabilities empower you to build applications with distributed systems architecture and create responsive, reliable, and high-performance applications using DynamoDB that work at any scale. DynamoDB Streams enables your application to get real-time notifications of your tables item-level changes.

Tue, 14 Jul 2015 10:53:58 UTC

Human and Technology Failures in Nuclear Facilities

Posted By Bruce Schneier

This is interesting: We can learn a lot about the potential for safety failures at US nuclear plants from the July 29, 2012, incident in which three religious activists broke into the supposedly impregnable Y-12 facility at Oak Ridge, Tennessee, the Fort Knox of uranium. Once there, they spilled blood and spray painted "work for peace not war" on the...

Tue, 14 Jul 2015 00:30:55 UTC

Tidying the garage

Posted By Greg Lehey

Continued working on the garage in Kleins Road today, and got close to finishing it. At least we have the skip full, so the immediate pressure is off. It's still immensely painful throwing all this stuff out. I salvaged the Tandem LXN some time back, but I still have a Microvax II, a MIPS-2000 and a Control Data Cyber 910 (really a rebadged SGI IRIS). Here are the first two: As computers, any smart phone would run rings round them.

Mon, 13 Jul 2015 22:47:59 UTC

Usenix Container Management Summit Announced!

Posted By Tom Limoncelli

The Call for Participation for the new 2015 USENIX Container Management Summit is now online.UCMS '15 will take place November 9, 2015, during LISA15 in Washington, D.C.ÿ

Mon, 13 Jul 2015 20:00:31 UTC

NSA Antennas

Posted By Bruce Schneier

Interesting article on the NSA's use of multi-beam antennas for surveillance. Certainly smart technology; it can eavesdrop on multiple targets per antenna. I'm surprised by how behind the NSA was on this technology. It's from at least 1973, and there was some commercialization as far back as 1981. Why did it take the NSA/GCHQ until 2010 to install this? Here's...

Mon, 13 Jul 2015 00:23:17 UTC

Web browsing with FreeBSD

Posted By Greg Lehey

Since upgrading her system, Yvonne has been complaining that Facebook videos don't work. Finally they've ventured to say that the flash plugin needed upgrading. It was wrong, of course: none was installed. OK, we've been through that before. But now we have PKGng to do it all for us. Simply: === root@lagoon (/dev/pts/2) ~ 2 -> pkg search flash dummyflash-1.0_5 ems-flasher-0.03_3 flash-0.9.5 flasher-1.3 flashrom-0.9.7_2 get_flash_videos-1.24.20120610 kipi-plugin-flashexport-4.2.0 py27-WebFlash-0.1a9_1 vrflash-0.20 xpi-flashblock-1.5.18 xpi-flashgot-1.3.7 Which of those is the flash plugin? None of them! For some reason, pkg doesn't supply it, and you have to install it the old way, from the Ports Collection.

Sun, 12 Jul 2015 19:00:00 UTC

CL XXXIII: Fire and Water

Posted By Tim Bray

Weve had week after week of blue skies and warm air; which in the green/grey Pacific Northwest begins to feel oppressive, you can almost hear the plants, great and small, whimpering for water. After a while every mornings news told of new forest fires marching up one tinder-dry mountain or another. Which lent visual drama to the July 4th weekend but I have to admit soured the Cottage-Life ambience. The fires turned from up-country news story to local color; extremely local and very colorful. Heres the night before and the July-4th morning. A variation of the next shot was picked up by multiple media including the CBC and ABC; did anyone reading this see it on any ABC outlets?

Sun, 12 Jul 2015 00:05:45 UTC

Understanding DxO bugs

Posted By Greg Lehey

House photo day today, and lots of photos to process. One of them had an error while reading it in from the camera (why does this happen so often?) : only 2 MB of 18 MB got read. Not surprisingly, DxO Optics Pro complained. But I couldn't get it to forget, even after reading the correct image again. Finally something persuaded itmaybe it was just a timeout. And when I started processing, I got the message: Huh? Nothing obvious in the directory. Let it run, and at the end found: But there were only 69 images!

Sat, 11 Jul 2015 21:37:00 UTC

Bronze Fittings for Wolf's Tooth Dagger

Posted By Niels Provos

Sat, 11 Jul 2015 00:21:03 UTC

Avoid BigPond mail!

Posted By Greg Lehey

I've had several mail messages bounce recently, with messages like: <>: host[] said:     552 5.2.0 qWBp1q02u1sUVRc01WBr8n Suspected spam message rejected. IB704 (in     reply to end of DATA command) Why suspected spam? I've seen this before: their mail filters are so stupid that they don't recognize digital signatures when they see them. Their customers are typical non-technical, so they don't even give them the chance to choose for themselves. What advantage is the service? They would be much better off using gmail. More rants here.

Fri, 10 Jul 2015 22:51:57 UTC

Introducing: LISA Conversations

Posted By Tom Limoncelli

Step 1: Watch a video from a past Usenix LISA conference. Step 2: Join the Hangout On Air and watch Lee Damon and Tom Limoncelli interview the speaker. Send Q&A during the show. Step 3: Watch and enjoy! Our first 4 are scheduled for the last Tuesday of July/Aug/Sept/Oct. The first one is July 28, 2015 at 1:30pm PDT. We'll be interviewing Todd Underwood about his LISA 2013 talk Post-Ops, A Non-Surgical tale of Software, Fragility, and Reliability. Watch the presentation head of time then join the the Google Hangout On Air. (Want a reminder? RSVP for the event)

Fri, 10 Jul 2015 21:29:38 UTC

Friday Squid Blogging: My Little Cephalopod

Posted By Bruce Schneier

A cute series of knitted plushies. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 10 Jul 2015 17:44:45 UTC

High-tech Cheating on Exams

Posted By Bruce Schneier

India is cracking down on people who use technology to cheat on exams: Candidates have been told to wear light clothes with half-sleeves, and shirts that do not have big buttons. They cannot wear earrings and carry calculators, pens, handbags and wallets. Shoes have also been discarded in favour of open slippers. In India students cheating in exams have been...

Fri, 10 Jul 2015 09:32:21 UTC

Organizational Doxing

Posted By Bruce Schneier

Recently, WikiLeaks began publishing over half a million previously secret cables and other documents from the Foreign Ministry of Saudi Arabia. It's a huge trove, and already reporters are writing stories about the highly secretive government. What Saudi Arabia is experiencing isn't common but part of a growing trend. Just last week, unknown hackers broke into the network of the...

Thu, 09 Jul 2015 17:58:58 UTC

My upcoming events in Seattle

Posted By Cory Doctorow

I’m teaching the Clarion West writing workshop in Seattle in late July, and you can come see me at two events, one on July 25, the other on July 28. Postcyberpunk and Paella: An intimate evening with Cory Doctorow and Peter Biddle to benefit Clarion West. July 25, 2015 at 7 p.m. Cory Doctorow in... more

Thu, 09 Jul 2015 11:31:59 UTC

The Risks of Mandating Back Doors in Encryption Products

Posted By Bruce Schneier

Monday a group of cryptographers and security experts released a major paper outlining the risks of government-mandated back-doors in encryption products: Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications, by Hal Abelson, Ross Anderson, Steve Bellovin, Josh Behaloh, Matt Blaze, Whitfield Diffie, John Gilmore, Matthew Green, Susan Landau, Peter Neumann, Ron Rivest, Jeff Schiller,...

Wed, 08 Jul 2015 23:32:21 UTC

eBay: your postage charges or ours?

Posted By Greg Lehey

My camera is sold again, for the third time, this time to a legitimate buyer in Australia. But he didn't pay immediately, so I decided to send him an invoice. And that offered only some express option for about $27. I had offered standard shipping, which eBay calculated at $16.20. Yes, I could change the shipping option, but it didn't get applied. Went through the maze of twisty little menus and found another page, print postage label, which also offered a comparison of postage charges. But they didn't match the Australia Post prices. Some were higher, some were lower. And then I found an indication that the buyer had specified express shipping.

Wed, 08 Jul 2015 11:36:38 UTC

Amazon Is Analyzing the Personal Relationships of Its Reviewers

Posted By Bruce Schneier

This is an interesting story of a reviewer who had her reviewer deleted because Amazon believed she knew the author personally. Leaving completely aside the ethics of friends reviewing friends' books, what is Amazon doing conducting this kind of investigative surveillance? Do reviewers know that Amazon is keeping tabs on who their friends are?...

Tue, 07 Jul 2015 22:30:47 UTC

More on Hacking Team

Posted By Bruce Schneier

Read this: Hacking Team asked its customers to shut down operations, but according to one of the leaked files, as part of Hacking Team's "crisis procedure," it could have killed their operations remotely. The company, in fact, has "a backdoor" into every customer's software, giving it ability to suspend it or shut it down­ -- something that even customers aren't...

Tue, 07 Jul 2015 19:00:00 UTC

Destroyer of Sleep

Posted By Tim Bray

I was less than 100% effective at work today, because I foolishly bought Ghost Fleet by P.W. Singer and August Cole, and read till 2:30AM. I just now finished it. Is it a great book? No. But its a ripping naval yarn, an old-fashioned war story. Also: Rail gun! Warning: Spoilers! But I read a few spoilers in advance and found they didnt take the edge off, much. Tl;dr A near-future China with a government somewhat different from its current regime launches a war of aggression against the U.S.A. and scores big early wins, based in part on technological excellence and also plenty of back-dooring and root-kitting.

Tue, 07 Jul 2015 11:38:00 UTC

More about the NSA's XKEYSCORE

Posted By Bruce Schneier

I've been reading through the 48 classified documents about the NSA's XKEYSCORE system released by the Intercept last week. From the article: The NSA's XKEYSCORE program, first revealed by The Guardian, sweeps up countless people's Internet searches, emails, documents, usernames and passwords, and other private communications. XKEYSCORE is fed a constant flow of Internet traffic from fiber optic cables that...

Mon, 06 Jul 2015 23:38:31 UTC

Copying sparse files

Posted By Greg Lehey

I made the probably incorrect decision to copy my /home file system across the net, using a combination of tar to move large quantities of data and rsync to fill in the gaps. Speed was not a significant issue with tarI got up to 50 MB/sbut it was an issue with rsync, where speeds were closer to 3 MB/s. But it seems that rsync filled in the gaps too well: this morning I came in and found that the copied file system was 20% larger than the original. How could that happen? I have a number of files that are being loaded at a trickle by the BitTorrent protocol, which copies blocks at random.

Mon, 06 Jul 2015 17:53:56 UTC

Hacking Team Is Hacked

Posted By Bruce Schneier

Someone hacked the cyberweapons arms manufacturer Hacking Team and posted 400 GB of internal company data. Hacking Team is a pretty sleazy company, selling surveillance software to all sorts of authoritarian governments around the world. Reporters Without Borders calls it one of the enemies of the Internet. Citizen Lab has published many reports about their activities. It's a huge trove...

Mon, 06 Jul 2015 10:13:54 UTC

NSA German Intercepts

Posted By Bruce Schneier

On Friday, WikiLeaks published three summaries of NSA intercepts of German government communications. To me, the most interesting thing is not the intercept analyses, but this spreadsheet of intelligence targets. Here we learn the specific telephone numbers being targeted, who owns those phone numbers, the office within the NSA that processes the raw communications received, why the target is being...

Sat, 04 Jul 2015 05:15:28 UTC

Why were still talking about Terminator and the Matrix

Posted By Cory Doctorow

My July 2015 Locus column, Skynet Ascendant, suggests that the enduring popularity of images of homicidal, humanity-hating AIs has more to do with our present-day politics than computer science. As a class, science fiction writers imagine some huge slice of all possible futures, and then readers and publishers select from among these futures based on... more

Sat, 04 Jul 2015 00:37:06 UTC

Default UFS parameters

Posted By Greg Lehey

Every time I create a new UFS file system, I go through lots of RTFM. What are the optimal parameters? UFS is now over 30 years old. When it was written, a big disk was 300 MB in size. Now a small disk is about 1 TB. But the default inode count bases on the assumption that the average file is 4 fragmentsin this case, 16 kB. And there are these two parameters which seem to duplicate each other: -g avgfilesize specifies the average file size.

Fri, 03 Jul 2015 23:25:00 UTC

System upgrade: success

Posted By Greg Lehey

I've been meaning to upgrade our main systems for a year and a half. In that time I've maintained a development system, stable, that has been getting closer to its name as time went on. Today I finally finished preparing the new disk for lagoon, Yvonne's system. The steps were: Create a new disk on stable with five partitions: boot, two root file systems (each 40 GB in size), swap, and the rest as the /home file system.

Fri, 03 Jul 2015 21:39:42 UTC

Friday Squid Blogging: Squid Fishing in the Gulf of Thailand

Posted By Bruce Schneier

Long article about a very lucrative squid-fishing industry that involves bribing the Cambodian Navy. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 03 Jul 2015 17:13:08 UTC

Rabbit Beating Up Snake

Posted By Bruce Schneier

It's the Internet, which means there must be cute animal videos on this blog. But this one is different. Watch a mother rabbit beat up a snake to protect her children. It's impressive the way she keeps attacking the snake until it is far away from her nest, but I worry that she doesn't know enough to grab the snake...

Fri, 03 Jul 2015 11:38:42 UTC

Clever System of Secure Distributed Computation

Posted By Bruce Schneier

This is really clever: Enigma's technique -- what cryptographers call "secure multiparty computation" -- works by mimicking a few of the features of bitcoin's decentralized network architecture: It encrypts data by splitting it up into pieces and randomly distributing indecipherable chunks of it to hundreds of computers in the Enigma network known as "nodes." Each node performs calculations on its...

Thu, 02 Jul 2015 23:36:33 UTC

More upgrade woes

Posted By Greg Lehey

I've been dragging my heelsagainwith updating Yvonne's computer, but it has to be done. I now have a disk I can put in there, containing a not quite up to date version of her /home file system, but it needs a system on it. Problem: the partition with the system I want to copy is on stable, which only has connections for one disk. I've been building the other disk images on swamp, but I can't easily copy partition contents from one system to another. OK, I have a SATA to USB adapterin fact, the one that came with the disk.

Thu, 02 Jul 2015 16:16:57 UTC

Details of the NSA's XKEYSCORE

Posted By Bruce Schneier

The Intercept has published a highly detailed two-part article on how the NSA's XKEYSCORE works, including a huge number of related documents from the Snowden archive. So much to digest. Please post anything interesting you notice in the comments....

Thu, 02 Jul 2015 13:14:50 UTC

Google's "Labs" features are DevOps Third Way

Posted By Tom Limoncelli

Someone on Quora recently asked, Why did Google include the 'undo send' feature on Gmail?. They felt that adding the 30-second delay to email delivery was inefficient. However rather than answering the direct question, I explained the deeper issue. My (slightly edited) answer is below. NOTE: While I previously worked at Google, I was never part of the Gmail team, nor do I even know any of their developers or the product manager(s). What I wrote here is true for any software company. Why did Google include this feature? Because the "Gmail Labs" system permits developers to override the decisions of product managers.

Wed, 01 Jul 2015 19:00:00 UTC

Highlife Rocks, iTunes Sucks

Posted By Tim Bray

I have the good fortune to live near a good record store, where I shop often. One of my best scores this year was Highlife on the Move: Selected Nigerian & Ghanaian Recordings from London & Lagos  1954-66. On Record Stores So, there are two things you find in record stores. The first, what with vinyls resurgence, are lots of foot-square packages advertising the music they contain, often with eye-grabbing visuals. The second, almost every time, is some pretty fucking cool music on the sound system. Record stores, theyre a good thing, and lets hope we have em with us for a while.

Wed, 01 Jul 2015 13:46:27 UTC

Summer reading lists!

Posted By Cory Doctorow

Canada’s public institutions were very good to me today! The CBC included Little Brother on its list of 100 Great YA Novels that make you proud to be Canadian. Not to be outdone, the Toronto Public Library put the book on its Fight The Power: Books For Youth Activists. As if that wasn’t enough, TPL... more

Wed, 01 Jul 2015 11:32:06 UTC

Office of Personnel Management Data Hack

Posted By Bruce Schneier

I don't have much to say about the recent hack of the US Office of Personnel Management, which has been attributed to China (and seems to be getting worse all the time). We know that government networks aren't any more secure than corporate networks, and might even be less secure. I agree with Ben Wittes here (although not the imaginary...

Wed, 01 Jul 2015 06:03:22 UTC

Interview with Slashdot

Posted By Cory Doctorow

From Slashdot:

Wed, 01 Jul 2015 02:20:17 UTC


Posted By Tom Limoncelli

[This is still only draft quality but I think it is worth publishing at this point.] Internally at Stack Exchange, Inc. we've been debating the value of certain file formats: YAML, JSON, INI and the new TOML format just to name a few. [If you are unfamiliar with TOML, it is Tom's Obvious, Minimal Language. " Tom", in this case, is Tom Preston-Werner, founder and former CEO of GitHub. The file format is still not reached version 1.0 and is still changing. However I do like it a lot. Also, the name of the format IS MY FREAKIN' NAME which is totally awesome.