An aggregation of our Blog Roll, made up of acmqueue authors.   more

Postings for October 2014:  (90 posts)
Thu, 30 Oct 2014 00:05:52 UTC

Another NBN outage

Posted By Greg Lehey

Into the office this morning to find us off the net again. And this time it had been for over 9 hours. The NTD showed the same display as last time: the ODU LED was red. So I power cycled it, which got rid of the red LED, but I still didn't get any traffic. Called Aussie Broadband support and spoke to Abraham. No outage known, ticket taken. And I had just hung up when the connection came up again, at 09:19:40, an outage of almost exactly 10 hours. Called again, got connected to Vincent, who must be new. He took considerably longer to log the fact that the net was up again than Abraham did to log the fault in the first place.

Wed, 29 Oct 2014 15:00:00 UTC

2015 speaking gigs: Boston, Pennsylvania, Baltimore

Posted By Tom Limoncelli

Three new speaking gigs have been announced. January (BBLISA in Cambridge, MA), February (Bucks County, PA), and March (Baltimore-area). See the "see us live" box at the top of or subscribe to the RSS feed to learn about any new speaking engagements.

Wed, 29 Oct 2014 00:03:36 UTC

More DxO pain

Posted By Greg Lehey

Yesterday's sausage photos required processing to square up the trays. DxO Optics Pro didn't make it easy. The first step is to use the rectangle tool to straighten up the sides: The right-hand image shows the original above and the corrected image below. But it has truncated the top! Went back and tried againand it refused to show me the original image, just the truncated version that I wanted to get rid of.

Wed, 29 Oct 2014 00:01:32 UTC

Preparing ›šŸ—› for return

Posted By Greg Lehey

It has been clear for a while that the ›šŸ—› laptop/tablet wasn't for me, though it also showed that Microsoft can still offer tablet operating systems a run for their money. So time to return it. And my private data? Daniel O'Connor found the solution for me. It's relatively easy to reset a modern Microsoft box to its factory defaults, though cleaning the disk took a couple of hours. But now I'm confident that none of my personal data remains. ACM only downloads articles once.

Tue, 28 Oct 2014 21:18:59 UTC

Apple Pay and CurrentC

Posted By Tom Limoncelli

I predict one year from today CurrentC won't be up and running and, in fact, history will show it was just another attempt to stall and prevent any kind of mobile payment system in the U.S. from being a success. I'm not saying that there won't be NFC payment systems, just that they'll be marginalized and virtually usess as a result.

Tue, 28 Oct 2014 19:00:00 UTC

Security Problems

Posted By Tim Bray

The Internet is a dangerous place. We have tools to make it safer, but they go unloved and unused; by ordinary people I mean, the ones who arent geeks. How can we fix that? Lets look through some recent evidence; The conclusion is pretty obvious. Two-factor More generally, multi-factor: Sign-in with more than one piece of evidence. You may have noticed that pretty well any bank in the world will give you cash money when presented with a piece of plastic and a 4-digit number. OK, these days the plastic has an embedded chip, but still. Two-factor is great! Put yourself in the bad guys shoes; not only does he have to steal or guess your password, hes got to get his hands on something you carry around.

Mon, 27 Oct 2014 19:00:00 UTC

Ten MOA Faces

Posted By Tim Bray

On a recent rainy weekend I took my daughter to MOA, the UBC Museum of Anthropology. I think its maybe Vancouvers single best tourist attraction, and we have plenty of those. The shelves are crowded with objects made by the hands of Homo Sapiens and many of those objects are heads. Here are ten of them. This is in the European Ceramics gallery; not usually my favorite bit of MOA. East-European, 17th-century I think. From the really wonderful Without Masks: Contemporary Afro-Cuban Art exhebition, only running till November 2nd. This is part of the monumental The Raven and the First Men by Bill Reid.

Mon, 27 Oct 2014 15:00:00 UTC

Wait, did you mean Wed the 15th or Thu the 16th?

Posted By Tom Limoncelli

How many times have you seen this happen? Email goes out that mentioned a date like "Wed, Oct 16". Since Oct 16 is a Thursday, not a Wednesday (this year), there is a flurry of email asking, "Did you mean Wed the 15th or Thu the 16th?" A correction goes out but the damage is done. Someone invariantly "misses the update" and shows up a day early or late, or is otherwise inconvenienced. Either way cognitive processing is wasted for anyone involved. The obvious solution is "people should proofread better" but it is a mistake that everyone makes. I see the mistake at least once a month, and sometimes I'm the guilty party.

Fri, 24 Oct 2014 15:00:00 UTC

How to make change when handed a $20... and help democracy

Posted By Tom Limoncelli

If someone owes you $5.35 and hands you a $20 bill, every reader of this blog can easily make change. You have a calculator, a cash register, or you do it in your head. However there is a faster way that I learned when I was 12. Today it is rare to get home delivery of a newspaper, but if you do, you probably pay by credit card directly to the newspaper company. It wasn't always like that. When I was 12 years old I delivered newspapers for The Daily Record. Back then payments were collected by visiting each house every other week.

Thu, 23 Oct 2014 14:52:21 UTC

Interview with The Geekcast

Posted By Cory Doctorow

I sat down at New York Comic-Con with Aaron from The Geekcast podcast for a long, interesting interview (MP3) on a wide variety of subjects about art, computers, games and justice!

Thu, 23 Oct 2014 13:00:00 UTC

Expanding the Cloud  Introducing the AWS EU (Frankfurt) Region

Posted By Werner Vogels

Today, Amazon Web Services is expanding its worldwide coverage with the launch of a new AWS region in Frankfurt, Germany. This is our 11th infrastructure region and was built to support the strong demand we are seeing in Europe and to give our customers the option to run infrastructure located in Germany. The new Frankfurt region provides low millisecond latencies to major cities in continental Europe and is also run with carbon neutral power. With the launch of the new Frankfurt region customers now also have the ability to architect across multiple regions within the European Union. Many prominent German, and European, customers have been using AWS for quite some time already, including start-ups such as 6Wunderkinder, EyeEm, mytaxi, Onefootball, Soundcloud and Wooga, mid-market companies such as Airport Nuremburg, Euroforum, and Kärcher, and Enterprise companies such as Axel Springer, Hubert Burda Media, Kempinski Hotels, RTL, SAP, Software AG, and Talanx.

Thu, 23 Oct 2014 00:18:53 UTC

Zoom lenses and extension tubes

Posted By Greg Lehey

I've located some automatic extension tubes for my Olympus OM-D E-M1. I've had extension tubes for my Pentax for decades, but they're useless for Olympus lenses, because the lenses don't have a manual diaphragm: it has to be set electrically. And that's what these new tubes promise. One problem is that there are only two tubes, 10 mm and 16 mm. My old Pentax tubes were a set of 3, 11 mm, 20 mm and 30 mm, double as much as the new tubes, and with them you can get a 1:1 magnification with a 50 mm lens set on .

Wed, 22 Oct 2014 19:00:00 UTC

Catching Faces

Posted By Tim Bray

Point-and-shoot cameras advertise Face Recognition, a cheap trick that a Serious Photographer using a Real Camera with a Fast Prime Lens would never go near. Oh, wait. What happened was At goto; Aarhus the big first-night party was 007-themed, which gave everyone with flashy duds an excuse to wear them. People were looking good and I wanted to take portraits; it was dim in that room, so I was using a prime lens jammed wide-open. Heres what Fujifilm calls Face detection at work. Kresten Krab Thorup, conference organizer, Erjang guy, smart. Nicky Plant, a beauty therapist with secret desireto be a Bond villainess.

Wed, 22 Oct 2014 15:00:00 UTC

Katherine Daniels (@beerops) interviews Tom Limoncelli

Posted By Tom Limoncelli

Katherine Daniels (known as @beerops on Twitter) interviewed me about the presentations I'll be doing at the upcoming Usenix LISA '14 conference. Check it out: Register soon! Seating in my tutorials is limited!

Tue, 21 Oct 2014 10:48:44 UTC

Im coming to Vancouver, Seattle, Portland, SF/Palo Alto!

Posted By Cory Doctorow

As the tour with my graphic novel In Real Life draws to a close, my next tour, with my nonfiction book Information Doesn't Want to Be Free kicks off with stops down the west coast. I've also got stops coming up in Warsaw, London, Stockholm, Ann Arbor, Baltimore, DC, and Denver -- here's the whole … [Read more]

Mon, 20 Oct 2014 17:00:00 UTC

See you tomorrow evening at the Denver DevOps Meetup!

Posted By Tom Limoncelli

Hey Denver folks! Don't forget that tomorrow evening (Tue, Oct 21) I'll be speaking at the Denver DevOps Meetup. It starts at 6:30pm! Hope to see you there!

Sun, 19 Oct 2014 23:18:09 UTC

Watching videos the easy way

Posted By Greg Lehey

The last issue of Heise's Digitale Fotografie included a DVD with some videos on that I thought would be worth watching. OK, found the DVD, tried to put it in the DVD drive in eureka. Wouldn't open. Why not? Nothing mounted, but before I had to power cycle the machine, decided to put it in lagoon instead. === root@lagoon (/dev/pts/3) ~ 400 -> mount /cdrom mount_cd9660: /dev/cd0: Invalid argument What's wrong there? Tried in dischord, my Microsoft box, and it mounted with no difficulties. And it showed that it was a UDF file system. That might at least explain the problems with lagoon.

Sun, 19 Oct 2014 19:00:00 UTC

Gamergate and Bullying

Posted By Tim Bray

Ive been watching the Gamergate brouhaha with sick fascination. We all know the Internets got ugly corners and suddenly the ugliness came out of the corner. I honor the courage of the women whove been standing up to the creeps. But I was kinda puzzled by who the creeps actually are and why theyre so upset; I know lots of heavy gamers and theyre by and large pleasant well-adjusted people. So I went looking for them. [Disclosure: Im not 100% unbiased: I once spent a couple years in online games. Also, I like Android car-racing games. Also, Im an L11 Ingress agent; L12 soon!]

Sun, 19 Oct 2014 01:19:52 UTC

Another Round of Community Data Science Workshops in Seattle

Posted By Benjamin Mako Hill

I am helping coordinate three and a half day-long workshops in November for anyone interested in learning how to use programming and data science tools to ask and answer questions about online communities like Wikipedia, free and open source software, Twitter, civic media, etc. This will be a new and improved version of the workshops […]

Sun, 19 Oct 2014 01:01:43 UTC

My CppCon talks

Posted By Herb Sutter

Also, my CppCon talks are all up on the CppCon YouTube channel. You can find them here: Back to the Basics! Essentials of Modern C++ Style: Loops, pointers and references, smart pointers, variable declarations, and parameter passing Lock-Free Programming (or, Juggling Razor Blades), Part 1: Lazy initialization with DCL vs. call_once vs. function local statics, […]

Sun, 19 Oct 2014 00:51:51 UTC

New Interview

Posted By Herb Sutter

While we were both at CppCon last month and had cameras around, Brian Overland interviewed me for InformIT. The video just went up a couple of days ago. You can find it here. If you’ve seen my interviews before, the first 14 minutes is stuff you’ve heard before, but I think you’ll find the last […]

Sat, 18 Oct 2014 02:08:40 UTC

Computers anonymous

Posted By Greg Lehey

The lens wasn't the only thing I picked up at Napoleons. There was also a saddle blanket and a small box, also from Queensland. What was it? I wasn't expecting anything like that, and the description on the box just said A GIFT!: Opening it was even more confusing: a Raspberry Pi B+, the latest version, in a plastic enclosure. There was also an SD card with NOOBS on it. And that was all. The only documentation pointed me at, a community site.

Fri, 17 Oct 2014 22:17:51 UTC

Friday Squid Blogging: 1,057 Squid T-Shirts

Posted By Bruce Schneier

That's a lot. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. And commenting was broken for a couple of days. It's fixed now, I hope....

Fri, 17 Oct 2014 19:00:00 UTC

Vancouver Photowalk

Posted By Tim Bray

October 11th was World Photowalk Day. I attended the Vancouver edition, which was in a place Id never go looking for pictures; but I got some anyhow. We started at the Convention Centre and walked to Gastown, which is to say through Vancouvers maximal white-hot tourist density, where you dont need to be on a photowalk to be pointing a camera at everything. Which is why normally I wouldnt take my camera there. But you know, going somewhere to take pictures puts your eyes in looking-for-pictures mode. Which isnt my default; I normally lean back in my skull, waiting for something I see to exhort the camera out of the bag.

Fri, 17 Oct 2014 18:20:31 UTC

Usenix LISA early registration discount expires soon!

Posted By Tom Limoncelli

Register by Mon, October 20 and take advantage of the early bird pricing. I'll be teaching tutorials on managing oncall, team-driven sysadmin tools, upgrading live services and more. Please register soon and save!

Fri, 17 Oct 2014 11:35:45 UTC

Hacking a Video Poker Machine

Posted By Bruce Schneier

Kevin Poulsen has written an interesting story about two people who successfully exploited a bug in a popular video poker machine....

Fri, 17 Oct 2014 01:07:37 UTC

Using Ashampoo optimizer

Posted By Greg Lehey

Since Ashampoo have broken the optimization function of their Photo Commander version 11, and they haven't responded to my error report, it looks like I'll have to move to Photo Optimizer, which has the same functionality, currently not broken. But it works completely differently. The most amazing thing is the display while it's processing photos: The only thing in focus is a completely useless image suggesting printed photos scattered at random on a cork pinboard.

Thu, 16 Oct 2014 15:00:00 UTC

Results of the PuppetConf 2014 Raffle

Posted By Tom Limoncelli

If you recall, the fine folks at Puppet Labs gave me a free ticket to PuppetConf 2014 to give away to a reader of this blog. Here's a report from our lucky winner! Conference Report: PuppetConf 2014 by Anastasiia Zhenevskaia You never know when you will be lucky enough to win a ticket to the PuppetConf, one of the greatest conferences of this year. My "moment" happened just 3 weeks before the conference and let me dive into things I've never thought about. Being a person who worked mostly with the front-end development, I was always a little bit scared and puzzled by more complicated things.

Thu, 16 Oct 2014 11:22:09 UTC

NSA Classification ECI = Exceptionally Controlled Information

Posted By Bruce Schneier

ECI is a classification above Top Secret. It's for things that are so sensitive they're basically not written down, like the names of companies whose cryptography has been deliberately weakened by the NSA, or the names of agents who have infiltrated foreign IT companies. As part of the Intercept story on the NSA's using agents to infiltrate foreign companies and...

Wed, 15 Oct 2014 15:00:00 UTC

Tutorial: Evil Genius 101

Posted By Tom Limoncelli

I'm teaching a tutorial at Usenix LISA called "Evil Genius 101: Subversive Ways to Promote DevOps and Other Big Changes". Whether you are trying to bring "devops culture" to your workplace, or just get approval to purchase a new machine, convincing and influencing people is a big part of a system administrator's time. For the last few years I've been teaching this class called "Evil Genius 101" where I reveal my tricks for understanding people and swaying their opinion. None of these are actually evil, nor do I teach negotiating techniques. I simply list 3-4 techniques I've found successful for each of these situations: talking to executives, talking to managers, talking to coworkers, and talking to users.

Wed, 15 Oct 2014 12:06:52 UTC

DEA Sets Up Fake Facebook Page in Woman's Name

Posted By Bruce Schneier

This is a creepy story. A woman has her phone seized by the Drug Enforcement Agency and gives them permission to look at her phone. Without her knowledge or consent, they steal photos off of the phone (the article says they were "racy") and use it to set up a fake Facebook page in her name. The woman sued the...

Wed, 15 Oct 2014 11:29:19 UTC

FOXACID Operations Manual

Posted By Bruce Schneier

A few days ago, I saw this tweet: "Just a reminder that it is now *a full year* since Schneier cited it, and the FOXACID ops manual remains unpublished." It's true. The citation is this: According to a top-secret operational procedures manual provided by Edward Snowden, an exploit named Validator might be the default, but the NSA has a variety...

Wed, 15 Oct 2014 00:31:49 UTC

Google image search: improvement needed

Posted By Greg Lehey

What are my mystery flowers? I still have some that I can't identify. But Google images have an image search function. How well does it work? Let's look for this relatively recognizable image: It comes up with no less than 5 direct hits, all of them in this diary or my daily photos page. That's reasonable. But apart from that, none of the images it found looks in the least bit like the original. At least for flowers, it's useless. ACM only downloads articles once.

Wed, 15 Oct 2014 00:14:56 UTC

NBN is here!

Posted By Greg Lehey

A flyer in the dead tree mail today with good news: the National Broadband Network is finally available in Dereel! That's more than 10 months since my service was activated. At first I thought it was Telstra, who so far have been the slowest to report, but no, this is a company called Infinity NBN. What do they have to offer to make up for their tardiness? Nothing obvious. They're more expensive than Aussie Broadband, and it seems you have to commit for at least 12 months. Still, I like their concept of how we live and work in the bush.

Tue, 14 Oct 2014 23:31:10 UTC

Multiple network pain

Posted By Greg Lehey

Lately I've been having dropouts with communication between here and my external web server in Raleigh, NC. Occasionally there'll be a few minutes disconnection, but more often it's just high packet loss. traceroute points at Telstra's net infrastructure on the US West Coast: === grog@eureka (/dev/pts/22) ~ 66 -> traceroute www traceroute to (, 64 hops max, 52 byte packets  1 (  33.162 ms  29.931 ms  30.013 ms  2 (  30.991 ms  39.812 ms  29.972 ms  3 (  29.015 ms  29.766 ms  30.009 ms  4 (  31.008 ms  28.842 ms  39.937 ms  5 (  41.012 ms  43.785 ms  39.967 ms  6 (  40.974 ms  39.787 ms  41.014 ms  7 (  38.980 ms  39.800 ms  40.060 ms  8 (  43.898 ms  36.946 ms  52.957 ms  9 (  46.029 ms (  198.774 ...

Tue, 14 Oct 2014 23:24:32 UTC

Ashampoo bug discovered

Posted By Greg Lehey

Yesterday's problems with Ashampoo Photo Commander were clearly worth entering a bug report, so did so today. One of the things they wanted was the build version, sensibly enough. And that was interesting: version 11.1.8 of 10 September 2014. Clearly something they need to fix quickly. ACM only downloads articles once. It's possible that this article has changed since being downloaded, but the only way you can find out is by looking at the original article.

Tue, 14 Oct 2014 17:30:00 UTC

Come hear me speak in Denver next week!

Posted By Tom Limoncelli

On Tuesday, Oct 21st, I'll be speaking at the Denver DevOps Meetup. It is short notice, but if you happen to be in the area, please come! I'll be talking about the new book and how DevOps principles can make the world a better place. I'll have a copy or two to give away, and special discount codes for everyone. The meeting is at the Craftsy Offices, 999 18th St., Suite 240, Denver, CO. For more information and to RSVP, please go to

Tue, 14 Oct 2014 15:00:00 UTC

Tutorial: How To Not Get Paged

Posted By Tom Limoncelli

Step 1: turn off your pager. Step 2: disable the monitoring system. Or.... you can run oncall using modern methodologies that constantly improve the reliability of your system. I'm teaching a tutorial at Usenix LISA called "How To Not Get Paged: Managing Oncall to Reduce Outages". I'm excited about this class because I'm going to explain a lot of the things I learned at Google about how to turn oncall from a PITA to a productive use of time that improves the reliability of the systems you run. Most of the material is from our new book, The Practice of Cloud System Administration, but the Q&A always leads me to say things I couldn't put in print.

Tue, 14 Oct 2014 10:59:32 UTC

Surveillance in Schools

Posted By Bruce Schneier

This essay, "Grooming students for a lifetime of surveillance," talks about the general trends in student surveillance. Related: essay on the need for student privacy in online learning....

Tue, 14 Oct 2014 02:54:23 UTC

Investigating GPS navigators

Posted By Greg Lehey

I've given up hope of finding a usable Android GPS navigation app, so I'll probably buy a new GPS navigator. But why stick with the el cheapo navigators? I can afford a Big Name one. Spent some time looking around the web, and found that Garmin has some that don't look bad. But how easy are they to use? Watched a number of eBay clips, none of which really answered my questions. The biggest is: how accurate are the maps? While I was at JB HiFi, looked for their GPS navigators. Mounted vertically on a column. Yes, there's power to them, and you can try them out if you don't mind kneeling in the aisle to do so.

Mon, 13 Oct 2014 15:21:05 UTC

Interview on Demystifying DevOps with Tom Limoncelli

Posted By Tom Limoncelli

Holly from SpiceWorks interviewed me while I was in Austin for the SpiceWorld '14 conference. We talked about DevOps from the SMB "IT guy" perspective, Lord of the Rings, Chef vs. Puppet, and my secret desire start a podcast what would be "the Stephen Colbert of DevOps." The interview has been published on their community website: Demystifying DevOps: Q&A with Tom Limoncelli Enjoy!

Mon, 13 Oct 2014 15:00:00 UTC

Tutorial: Live Upgrades on Running Systems

Posted By Tom Limoncelli

I'm teaching a tutorial at Usenix LISA called "Live Upgrades on Running Systems: 8 Ways to Upgrade a Running Service With Zero Downtime". Ever notice that Google, Facebook and other website aren't down periodically for software upgrades? That's because they're upgrading software on their service while it is live. As a result, they can push new features continuously. In this tutorial I'll describe 8 techniques they use... and so can you. Oh, and here's a secret: I'll have a 9th way to upgrade software... but it requires down-time. That said, it might not require down-time that is visible to users! I'm excited about this tutorial because it covers a lot of the unique topics we cover in The Practice of Cloud System Administration that I haven't talked about publicly before.

Mon, 13 Oct 2014 11:55:37 UTC

How James Bamford Came to Write The Puzzle Palace

Posted By Bruce Schneier

Interesting essay about James Bamford and his efforts to publish The Puzzle Palace over the NSA's objections. Required reading for those who think the NSA's excesses are somehow new....

Sun, 12 Oct 2014 23:52:48 UTC

Ashampoo problems

Posted By Greg Lehey

I've been postprocessing my photos with Ashampoo Photo Optimizer on a regular basis for over 6 years, and it's good enough that I actually bought another package from them, Photo Commander, which does other stuff as well. Only in the course of time did I discover that the other stuff isn't worth it, and that the GUI makes normal optimization more difficult. But now it seems to be suffering from bit rot. Lately all the optimized images have had a distinctly brown tinge to them. Here before and after. How did that happen? To investigate, downloaded a trial version of the current Optimizer and tried again.

Sun, 12 Oct 2014 19:00:00 UTC

Making Android Crypto-friendly

Posted By Tim Bray

Google could tweak Android, in a pretty simple way, and make it immensely easier for anyone, not just geeks, to do cryptography with a nice user experience. All the pieces are there ready to go. [Note: I posted this first over on Google+ because I was trying to reach the Android group, and theres some useful discussion. But I thought I should replicate it here where I can stretch out a bit and show examples. Some of the material here assumes you know Android-API basics.] If you look at my screencasts showing off sending and receiving an encrypted message using the OpenKeychain Android app, youll notice they share an irritant: The stupid useless-to-humans encrypted text is visible; it looks like this: -----BEGIN PGP MESSAGE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - hQIMAwkuBalYH40qAQ/+J5NzcRNBdhcfipIzDal4cFEgvtfjFLvrEHMaWZn51h5m EceX+ittkZNwOsDcTacyp2dnIzduqjShFN9Um7eLdkc1G1zENyyvasreB5G2IIMn IRBCBxPC0nfnFpk+M/KrUCU3yl3oiBebtSwbIKhXsO9ujcWWp5x8uOfM4NcROKVa HibbtE6YI+t0oZc9+BvidkiCQIZnwbG7Vojg8cNgXQXaFHLYsIS5dXQwVcfG5g4P fI8qTcFtWNe6x4C3gE25Ztt5xim9JGOrYDpP1jy3FOKfVv7kp9qSz3+69cEFZLG3 1J7hznY4HxHiv0J+TtNtZvPNPs1zq4KDwtZxPA7/qCsayFYBGF2ivw6d6kPOuZZV E0kMHfSVSygSIkd2FAeLfVWCdPQaWvJr/diahu0+B1Bg6xmt7uqPccaiZ043Kmf3 q/KLADE5e9FDLVs6rOSfwnR7szDUxCUWQBxCzLTH6aZKQSzf3LG/nJkSUOrWUXiO eHRcujIgjsXDRS8KyVCLMdpcd4za3ndcGxcHbH8eIEik1GjmyoxMYRxIAOw7Cqj0 STLFqHmB0pXKhx23iUrKC0+ivAOVpMEtbjWxeEE1HkV8u5sNkA9d4OHyjuoMLpaW aa0rsD6LTRF2lsEMtSM5WBHbeplMYinv7fPnFGjM19flc5loFX6SuhnfUxOJ5D3S SQFdX9omfQWrmGnI/8zv9/z4zkRswv0pD6qGepFaTrcFTieHnnieYogH7E3/n0eW UIFZkbw/3thlwZ4b6uwDro/26y5ovCayB80= =9CtG -----END PGP ...

Sun, 12 Oct 2014 00:46:23 UTC

Where's my mail?

Posted By Greg Lehey

Yvonne told me today that various people have complained (on Facebook, of course), that they haven't received mail from her. On checking, yes, indeed: after upgrading lagoon I had forgotten to configure postfix, and she had mail backed up for days. Why didn't she notice earlier? And are there other misconfigurations lurking somewhere? ACM only downloads articles once. It's possible that this article has changed since being downloaded, but the only way you can find out is by looking at the original article.

Sat, 11 Oct 2014 19:54:11 UTC

NSA Has Undercover Operatives in Foreign Companies

Posted By Bruce Schneier

The latest Intercept article on the Snowden NSA documents talks about their undercover operatives working in foreign companies. There are no specifics, although the countries China, Germany, and South Korea are mentioned. It's also hard to tell if the NSA has undercover operatives working in companies in those countries, or has undercover contractors visiting those companies. The document is dated...

Sat, 11 Oct 2014 15:00:00 UTC

Tutorial: Work Like a Team, not a group of individuals

Posted By Tom Limoncelli

I'm teaching a tutorial at Usenix LISA called "Work Like a Team: Best Practices for Team Coordination and Collaborations So You Aren't Acting Like a Group of Individuals". I'm excited about this class because I'm going to demo a lot of the Google Apps tricks I've accumulated over the years, and combine them with stories about successes (and failures) related to bringing teams together to work on projects. I also get to explain a lot of DevOps culture in ways that make sense to non-DevOps shops (mostly stuff I've been advocating for since before "devops" was a thing). A lot of the material will overlap with our new book, The Practice of Cloud System Administration.

Fri, 10 Oct 2014 21:13:32 UTC

Friday Squid Blogging: Flash-Fried Squid Recipe

Posted By Bruce Schneier

Recipe from Tom Douglas. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 10 Oct 2014 17:31:14 UTC

Online Activism and the Computer Fraud and Abuse Act

Posted By Bruce Schneier

Good essay by Molly Sauter: basically, there is no legal avenue for activism and protest on the Internet. Also note Sauter's new book, The Coming Swarm....

Fri, 10 Oct 2014 16:00:00 UTC

Is TPOCSA a DevOps book?

Posted By Tom Limoncelli

Quoting from a community forum post on SpiceWorks: It doesn't have "DevOps" in the name, but the new The Practice of Cloud System Administration ... covers a lot of the same concepts, more as "here's some things that have emerged as best practices in the modern world of system administration." Textbook-thick but destined to be a classic like his previous The Practice of System and Network Administration. Thanks to Ernest Mueller for the kind words!

Fri, 10 Oct 2014 15:11:56 UTC

Calling all students and women!

Posted By Tom Limoncelli

Apply now for a grant to attend LISA14. Submissions are due by Monday, October 13. Are you a student? There are grants available for the general conference and the tutorial program. Are you a woman? As part of its ongoing commitment to encourage women to excel in this field, Usenix is pleased to announce the return of the Google Grants for Women to support female computer scientists interested in attending the LISA14 conference. All female computer scientists from academia or industry are encouraged to apply. Applications are due by October 13.

Fri, 10 Oct 2014 08:07:14 UTC

Dynamic Encryption for Voice

Posted By Bruce Schneier

This article reads like snake oil. But the company was founded by Lars Knudsen, so it can't possibly be. I'm curious....

Fri, 10 Oct 2014 01:42:25 UTC

Photo processing problems

Posted By Greg Lehey

Yvonne came to me with a problem processing her photos. The contact print page showed the image names, but not the images themselves. Looking at her screen, I saw: === yvonne@lagoon (/dev/pts/1) ~/Photos/20141004 10 -> make contacts Converting PA042709.jpg to /home/yvonne/public_html/localtmp/contacts/20141004/PA042709.jpg /Photos/Tools/mkcontacts: line 179: [: : integer expression expected Converting PA042710.jpg to /home/yvonne/public_html/localtmp/contacts/20141004/PA042710.jpg /Photos/Tools/mkcontacts: line 179: [: : integer expression expected OK, a bug in my mkcontacts script? Took a look, added some debugging echos, and finally discovered that identify (another of these namespace-polluting programs that come with ImageMagick) was dying with an illegal instruction exception and not even mentioning it on the screen.

Fri, 10 Oct 2014 00:12:01 UTC

Android: Give up?

Posted By Greg Lehey

On IRC today, Peter Jeremy mentioned Google Drive. What's that? To quote: <peter> groggy: It's also the green/gold/blue triangle on your Android tablet. OK, I'll bite. Where? I suppose some Android tablets do display them, but if mine does, it's very discreet about it. Looking around, though, I found a tulip at top left: That proved to be a microphone symbol. Touched it and got a voice non-recognition service that competes with the best of them.

Thu, 09 Oct 2014 23:59:20 UTC

Theres no back door that only works for good guys

Posted By Cory Doctorow

My latest Guardian column, Crypto wars redux: why the FBI's desire to unlock your private life must be resisted, explains why the US government's push to mandate insecure back-doors in all our devices is such a terrible idea -- the antithesis of "cyber-security." As outgoing Attorney General Eric Holder invokes child kidnappers and terrorists, it's … [Read more]

Thu, 09 Oct 2014 23:53:56 UTC

Android GPS: Give up?

Posted By Greg Lehey

My old GPS navigator (only three years old) has worn-out batteries. How do I repair it? No idea. But then, I don't need a dedicated navigator, right? My Android tablet can do that too. Well, it could, and better, if I could find a useful app to do it. Tried again with GPS Navgiation & Maps - light, which is apparently a trial version of GPS Navgiation & Maps, which costs $1. Once again an app that seems to be completely useless. Like OsnAnd, it's based on OpenStreetMap, which is completely inadequate in our area. And once again the functionality appears to be minimal.

Thu, 09 Oct 2014 12:12:09 UTC

USB Cufflinks

Posted By Bruce Schneier

Just the thing for smuggling data out of secure locations....

Wed, 08 Oct 2014 22:00:00 UTC

Concerning PICC

Posted By Tom Limoncelli

Today, Wednesday, October 8, 2014, we, Matt Simmons and Thomas Limoncelli, resigned from the board of Professional IT Community Conferences, Inc. also known as "PICC". PICC is the New Jersey non-profit business entity that has backed LOPSA-East and Cascadia since 2011. Those two conferences should be unaffected as it was already agreed that they would find new organization(s) to work with for their 2015 conferences. As of June 10, 2014, PICC, Inc. had voted to and was in the process of being dissolved. However we feel this process has become impossible due to the remaining board member's foot-dragging and at times outright deceptive actions.

Wed, 08 Oct 2014 20:38:26 UTC

BadUSB Code Has Been Published

Posted By Bruce Schneier

In July, I wrote about an unpatchable USB vulnerability called BadUSB. Code for the vulnerability has been published....

Wed, 08 Oct 2014 11:00:00 UTC

I'm coming to Europe in November!

Posted By Tom Limoncelli

I'm honored to be a keynote at NLUUG's Autumn Conference, 20-Nov-2014, in The Netherlands. I don't get to Europe often, so this may be the last chance to see me there for a while. I'm also trying to arrange a book-signing while I'm there. For more info, visit Register now! Registration is limited! Even though the registration page is in Dutch, the talk will be in English. Google translate is your friend.

Wed, 08 Oct 2014 11:00:00 UTC

Document Model Support in DynamoDB: Flexibility, Availability, Performance, and Scale...Together at last

Posted By Werner Vogels

Today, Im thrilled to announce several major features that significantly enhance the development experience on DynamoDB. We are introducing native support for document model like JSON into DynamoDB, the ability to add / remove global secondary indexes, adding more flexible scaling options, and increasing the item size limit to 400KB. These improvements have been sought by many applications developers, and we are happy to be bringing them to you. The best part is that we are also significantly expanding the free tier many of you already enjoy by increasing the storage to 25 GB and throughput to 200 million requests per month.

Wed, 08 Oct 2014 00:24:50 UTC

Completing the move to Victoria

Posted By Greg Lehey

Seven years ago I moved from South Australia to Victoria, and currently I'm planning the next move. But as Jürgen Lock pointed out, I haven't completely finished the move here: === grog@eureka (/dev/pts/1) ~ 3 -> finger Login: grog                             Name: Greg Lehey Directory: /home/grog                   Shell: /usr/local/bin/bash Office: Echunga South Australia         Office Phone: +61-8-8388-8286 Home Phone: +61-8-8388-8250 Why does finger still show the old address and phone number?

Tue, 07 Oct 2014 13:48:05 UTC

Tom speaking at NYC DevOps meetup Wednesday!

Posted By Tom Limoncelli

I'll be the speaker at the Wed, October 8th meeting of the NYCDEVOPS Meetup which meets (I kid you not) at the office of MeetUp, Inc. in New York City. I'll be talking about our new book, The Practice of Cloud System Administration. For more info:

Tue, 07 Oct 2014 11:36:14 UTC

Data and Goliath Is Finished

Posted By Bruce Schneier

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World is finished. I submitted it to my publisher, Norton, this morning. In a few weeks, I'll get the copyedited manuscript back, and a few weeks after that, it'll go into production. Stacks of printed books will come out the other end in February, and the book...

Mon, 06 Oct 2014 23:08:07 UTC

Reinstalling SML

Posted By Greg Lehey

A few days ago I reinstalled smlnj on lagoon, my (finally!) up-to-date FreeBSD box, for a programming language course I'm doing. And that went much more smoothly than before. But that's not all the software I needed. For Emacs I needed the sml-mode package. That wasn't as smooth: === root@eureka (/dev/pts/15) /usr/ports/lang/sml-mode.el 156 -> make install ===>  sml-mode-3.9.5_5 is marked as broken: Not staged.. *** [install] Error code 1 Stop in /home/src/FreeBSD/svn/ports/lang/sml-mode.el.

Mon, 06 Oct 2014 19:00:00 UTC

Is Encrypting Phones OK?

Posted By Tim Bray

Starting now, more and more phones will have their data encrypted, so nobody but the phones owner can peek. Apple just started and Androids following suit. Now we hear howls of outrage from government officials claiming this will protect criminals, doom victims, and so on. But theyre completely wrong. The pushback A particularly shrill shriek came from former FBI Assistant Director Ronald T. Hosko in the Washington Post. I could disagree with him here, but instead Ill point you at the essential Marcy Wheeler; in Former FBI Assistant Director Makes a Compelling Case to Eliminate the Corporation she pretty well reduces him to quivering blobs of protoplasm.

Mon, 06 Oct 2014 11:50:25 UTC

iPhone Encryption and the Return of the Crypto Wars

Posted By Bruce Schneier

Last week Apple announced that it is closing a serious security vulnerability in the iPhone. It used to be that the phone's encryption only protected a small amount of the data, and Apple had the ability to bypass security on the rest of it. From now on, all the phone's data is protected. It can no longer be accessed by...

Mon, 06 Oct 2014 02:04:16 UTC

Recovering Cryogenic Refrigeration Energy

Posted By James Hamilton

Waste heat reclamation in datacenters has long been viewed as hard because the heat released is low grade. What this means is that rather than having a great concentration of heat, it is instead spread out and, in fact, only warm. The more concentrated the heat, the easier it is to use.  In fact, that is exactly how many power plants work. When the temperature of the cooling medium is several orders of magnitude cooler than burning fuels such LNG, Petroleum, or Coal, extracting useful energy becomes challenging.   However, data center heat reclamation si clearly a problem well worth solving since just about 100% of the power that enters each facility is released as heat into the environment.

Sun, 05 Oct 2014 19:00:00 UTC

Kathys Gone Again

Posted By Tim Bray

I mean Kathy Sierra, on the Web at, in Wikipedia, and formerly on Twitter; but as of now @SeriousPony is gone. Heres why. Over the years shes had loads of smart, eloquent things to say about Java and tech education and community-building and, in general, Life Online. Recently, Ive been entranced by the awesome Icelandic-pony pix that used to be on that tweetstream. So Im sad. There was a kerfuffle on Twitter saying Kathy had been forced offline by misogynist trolls. Which would be shocking, because its happened before, her primary attacker back then being Weev, always a troll, now with a brand-new Swastika tattoo.

Sun, 05 Oct 2014 19:00:00 UTC

Mitchells Marinus Books

Posted By Tim Bray

Mitchell as in David Mitchell who wrote Cloud Atlas. Books as in The Thousand Autumns of Jacob de Zoet and The Bone Clocks, which Ive spent an unreasonable number of hours reading this last month. Marinus is a character in both. They are huge, beautifully written novels that will take you places you never could imagine and introduce you to people youll never forget. Theyre also kind of flawed and sloppy; but youll have a hard time finding a better read among recent publications. Thousand Autumns Its the turn of the nineteenth century in Dejima, the Dutch trading-post in Nagasaki harbor that Imperial Japan just barely tolerated for a couple of hundred years starting in 1643.

Sat, 04 Oct 2014 00:32:55 UTC

Use our software!

Posted By Greg Lehey

Participating in an online survey today, was rejected for a strange reason: OK, I'll bite. If it's not a PC, a Mac, a tablet, a smart phone or a netbook, what is it that they think I'm running? Restarted running Microsoft, and that seemed to be OK, but the survey software was so broken that I had to give up in the end. ACM only downloads articles once.

Sat, 04 Oct 2014 00:32:55 UTC

More tablet thoughts

Posted By Greg Lehey

Somehow I've opened a can of worms with this Medion ›šŸ¥› tablet. It's getting me thinking about issues that hadn't previously interested me. But the more I look at it, the more problems crop up. Andy Snow read my article comparing Microsoft and Android, and came up with a couple of comments. Firstly, he pointed out that I wasn't comparing Microsoft and Android at all, just the specific tablets I had. Correct, and I've changed the article to make that clearer. More interestingly, though, he showed me a way to stop an Android process without going through the force stop procedure: click on the double rectangle icon, which displays all apps except the current one, and swipe the icon to one side.

Fri, 03 Oct 2014 23:19:55 UTC

Friday Squid Blogging: Squid Burger

Posted By Bruce Schneier

McDonald's has a Halloween-themed burger with a squid-ink bun. Only in Japan. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 03 Oct 2014 19:00:00 UTC

Lake Leaves

Posted By Tim Bray

Herewith two pictures of leafy branches dipping into Sankt Jørgens Sø, one of what in English are called The Lakes in Copenhagen. This is at the northeast, near where Vester Søgade crosses Gyldenløvesgade. (OK, I admit it, I love typing Ø even though I cant pronounce it). The two pictures are almost identical, and to be honest werent that interesting the way they came out of the camera. But I decided to try injecting postprocessing drama and enjoyed what I got. You have to look pretty closely to tell which of the leaves and branches are seen in reflection. Heres the other treatment; admittedly a little extreme.

Fri, 03 Oct 2014 15:58:10 UTC

Cleaning Up Stack Exchange's Puppet Environment

Posted By Tom Limoncelli

Shane Madden, a coworker of mine, recently re-engineered our Stack Exchange's Puppet environment. It is now full of win. Read about it here:

Fri, 03 Oct 2014 15:00:00 UTC

Why women leave tech... because they have good taste

Posted By Tom Limoncelli

Fortune Magazine published an article called Why women leave tech: It's the culture, not because 'math is hard' TL;DR version: We treat them like shit and are surprised when they leave. So, basically women leave tech because they have self-respect. Good for them. Shame on our industry. A few weeks ago I suggested that there aren't many women in tech because "women have good taste". Every woman that I've said this to has agreed... or at least laughed. However it is an uncomfortable laugh. A laugh that indicates that it is something we all know, but don't know how to talk about.

Fri, 03 Oct 2014 11:59:40 UTC

William Binney Explains NSA Surveillance Using Snowden's Documents

Posted By Bruce Schneier

Former NSA employee -- not technical director, as the link says -- explains how NSA bulk surveillance works, using some of the Snowden documents. Very interesting....

Fri, 03 Oct 2014 02:11:13 UTC

Upgrading lagoon, day 2

Posted By Greg Lehey

Upgrading lagoon, Yvonne's computer, had the usual hiccups, but things haven't been too bad. The good news is: === root@lagoon (/dev/pts/3) ~ 60 -> pkg install smlnj Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date. The following 1 packages will be affected (of 0 checked): New packages to be INSTALLED:         smlnj: 110.76_1 The process will require 34 MB more space. 7 MB to be downloaded. Proceed with this action? [y/N]: y Fetching smlnj-110.76_1.txz: 100%    7 MB 692.2k/s    00:11 Checking integrity... done (0 conflicting) [1/1] Installing smlnj-110.76_1: 100% === root@lagoon (/dev/pts/3) ~ 61 -> sml Standard ML of New Jersey v110.76 [built: Wed Sep 10 09:31:40 2014] - ^D === root@lagoon (/dev/pts/3) ~ 62 -> That seems normal enough, but this time last year I had ...

Fri, 03 Oct 2014 01:01:15 UTC

Microsoft tablet experience

Posted By Greg Lehey

One of the last things for which I still found Android useful was playing streaming audio from the web. As I have discovered, Android apps can do this, but badly. How about Microsoft? Select in firefox, and it Just Works. Of course, without a connection to my Bluetooth adapter, it plays on the internal tinny loudspeakers (which, however, aren't quite as tinny as on my Android tablet). Still, the thing has Bluetooth support. Just associate it and we should be OK, right? Ah, but this is Microsoft. Go to Control Panel and select Add a device. Off it goes, finds the device, and starts installing a driver.

Thu, 02 Oct 2014 19:00:00 UTC

Mac + Android = Screencast

Posted By Tim Bray

If you want to show off your Android goodies and you have a Mac, its absurdly easy to make a decent-quality screencast; the tooling will cost you $29.99. I made a couple for my recent Open Keychain 3 piece; you can see them on YouTube, Sending a message with OpenKeychain and Receiving a message with OpenKeychain. If you need better production values than that, stop reading now and go elsewhere. Tl;dr (for experts) Buy QuickTime Pro from Apple. Grab the screen with adb shell screenrecord and the audio with QuickTime. Use QuickTime 7s Edit/Add to Movie thing to paste the audio onto the video.

Thu, 02 Oct 2014 11:58:52 UTC

The NSA's Private Cloud

Posted By Bruce Schneier

The NSA is building a private cloud with its own security features: As a result, the agency can now track every instance of every individual accessing what is in some cases a single word or name in a file. This includes when it arrived, who can access it, who did access it, downloaded it, copied it, printed it, forwarded it,...

Thu, 02 Oct 2014 02:00:29 UTC

Microsoft tablet

Posted By Greg Lehey

Yvonne came back from shopping with a Medion ›šŸ¥› tablet (or is that a laptop?) running Microsoft Windows 8.1, that was on special at ALDI today. Physically it's a very big tablet (11.6") with a docking station. That's rather like what I mused about three years ago. But what do I want with a Windows device? I was driven to it by Android. At least with Microsoft you have access to normal software, even if the implementation is dubious. But with Android you don't. I went through the first year's experience with Android a month ago. Here's how things compare: Normal computer functionality, including word processing, web browsing, social networking and all those things you used to need a computer for.

Thu, 02 Oct 2014 00:47:01 UTC

System upgrade: doing it

Posted By Greg Lehey

It's been nearly 10 months since I bought new hardware for eureka and started my upgrade to FreeBSD release 10. And it's still not done! Part of the problem was the migration to pkgng, which was somewhat rocky, but which now seems to work. And then there's my fear of painting myself into a corner and not having a machine to work with. But I'm coming up to my second time round the Coursera course on programming languages, and I need to run smlnj. And I could no longer find that on eureka. eureka is running 9.2-STABLE, and it's impractical to upgrade anything on it any more.

Wed, 01 Oct 2014 19:25:16 UTC


Posted By Bruce Schneier

Firechat is a secure wireless peer-to-peer chat app: Firechat is theoretically resistant to the kind of centralized surveillance that the Chinese government (as well as western states, especially the US and the UK) is infamous for. Phones connect directly to one another, establish encrypted connections, and transact without sending messages to servers where they can be sniffed and possibly decoded....

Wed, 01 Oct 2014 19:00:00 UTC

Nine of Denmark

Posted By Tim Bray

I spent a week in Denmark, doing conferences and of course taking pictures. Its not the most visually dramatic place but you can find good shots anywhere when youre in tourist mode with fresh eyes. Its really hard to arrive in Copenhagen without going through the Central Station, which is very efficient. Its not a standout among Europes steel-and-glass train temples, but theyre all fun to look at. The city is kinda flat and grey and sensible; but theres water everywhere and you gotta love that. The goto; conference ran twice; Thursday-Friday in Copenhagen and then Monday-Tuesday in Aarhus; more or less the same speakers.

Wed, 01 Oct 2014 19:00:00 UTC

OpenKeychain 3

Posted By Tim Bray

Release 3.0 of the OpenKeychain Android app is out today. Im super-proud to have been a (minor) contributor. Its getting pretty slick, if I say so myself; maybe almost civilian-ready. Read on for an explanation, with screencasts and geek notes too! What it does Your mobile device comes with a lot of different ways to exchange messages with other people over the Net. OpenKeychain can do three things: Encrypt the messages, so only the The Right Person can read them. Sign them, so that The Right Person knows who sent them. Decrypt them for The Right Person to read, while checking the signature.

Wed, 01 Oct 2014 17:01:46 UTC

Tom on DevOps Cafe Podcast

Posted By Tom Limoncelli

I'm excited to announce that I'm interviewed on the new episode of DevOps Cafe. We talk about the history of system administration leading up to DevOps, recent changes, how the Usenix LISA conference has changed this year, and more.

Wed, 01 Oct 2014 15:00:00 UTC

Apple's livesteam outage was easily preventable: here's how!

Posted By Tom Limoncelli

The live stream of Apple's announcement of the Apple Watch was marred by technical problems. Users saw messages about "could not load movie" and "you don't have permission to access". As we read Dan Rayburn's excellent technical analysis of what went wrong, we couldn't help but think how easily preventable their problems were. The problem was that Apple introduced a new feature that had unknown resource requirements and (oops!) they didn't have enough resources. For example, suppose a thousand website visitors requires a certain number of computers (resources) to serve the website. Some websites are "heavier" and require the same work to be spread over more computers, others require fewer resources per thousand users.

Wed, 01 Oct 2014 12:19:51 UTC

Security Theater in China

Posted By Bruce Schneier

The Chinese government checked ten thousand pigeons for "dangerous materials." Because fear....