Blogs December 2013

Thu, 12 Dec 2013 22:51:04 UTC

NBN performance

Posted By Greg Lehey

So now I have a network link with 25 Mb/s down and 5 Mb/s up. How much of this am I really getting? Not very much, it seems. Repeated test with speedtest suggest about 8Mb/s down and 4 Mb/s up. Is that NBN or Exetel? To be observed. ACM only downloads articles once. It's possible that this article has changed since being downloaded, but the only way you can find out is by looking at the original article.

Thu, 12 Dec 2013 21:42:00 UTC

Configuring for NBN

Posted By Greg Lehey

That wasn't the end of the story, of course. I really wanted to run PPPoE from eureka, my main FreeBSD machine. And that didn't go as smoothly. Reading the logs didn't make much sense to me, so I put if off until later. And now we can use VoIP normally! Turned the adapter (a NetComm V210p) back on, but it didn't register. Why? While messing around, realized that I was still connected via the Internode link, so whatever the problem was, it had nothing to do with the NBN. Played around with various settings, at one point setting NAT to on.

Thu, 12 Dec 2013 20:58:01 UTC

NBNFinally!

Posted By Greg Lehey

Today was the day scheduled for the installation of my connection to the National Broadband Network. They had given a time window between 8:00 and 12:00 to perform the installation, so I was up and about by 7:30, walking around like a tiger in a cage. No sign of them at 8:00, of course. That's to be expected. No sign at 9:00. Well, they could be late. No sign at 10:00. How long are they going to be? Were they given the wrong phone number? As Andy Snow put it: PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 612 nbnco 44 0 98268K 44424K zombie 0 1367:16 99.95% install --location dereel Round 10:30 I finally said Where's the bloody NBN?.

Thu, 12 Dec 2013 18:55:48 UTC

How the NSA Tracks Mobile Phone Data

Posted By Bruce Schneier

Last week the Washington Post reported on how the NSA tracks mobile phones world-wide, and this week they followed up with source documents and more detail. Barton Gellman and Ashkan Soltani are doing some fantastic reporting on the Snowden NSA documents. I hope to be able to do the same again, once Pierre Omidyar's media venture gets up and running....

Thu, 12 Dec 2013 12:21:27 UTC

NSA Tracks People Using Google Cookies

Posted By Bruce Schneier

The Washington Post has a detailed article on how the NSA uses cookie data to track individuals. The EFF also has a good post on this. I have been writing and saying that government surveillance largely piggy backs on corporate capabilities, and this is an example of that. The NSA doesn't need the cooperation of any Internet company to use...

Thu, 12 Dec 2013 08:00:00 UTC

Taking DynamoDB beyond Key-Value: Now with Faster, More Flexible, More Powerful Query Capabilities

Posted By Werner Vogels

We launched DynamoDB last year to address the need for a cloud database that provides seamless scalability, irrespective of whether you are doing ten transactions or ten million transactions, while providing rock solid durability and availability. Our vision from the day we conceived DynamoDB was to fulfil this need without limiting the query functionality that people have come to expect from a database. However, we also knew that building a distributed database that has unlimited scale and maintains predictably high performance while providing rich and flexible query capabilities, is one of the hardest problems in database development, and will take a lot of effort and invention from our team of distributed database engineers to solve.

Wed, 11 Dec 2013 23:08:58 UTC

NBN installation failures

Posted By Greg Lehey

Tomorrow's the Big Day when I get connected to the National Broadband Networkmaybe. It seems that the coverage maps are a best-case scenario. Spent a while setting up a Google Map showing installation locations. Now I just need to get people to add their locations and state whether it was a success or a failure. ACM only downloads articles once.

Wed, 11 Dec 2013 13:45:05 UTC

The Birth of Standard Error

Posted By Diomidis D. Spinellis

Earlier today Stephen Johnson, in a mailing list run by the The Unix Heritage Society , described the birth of the standard error concept: the idea that a program's error output is sent on a channel different from that of its normal output. Over the past forty years, all major operating systems and language libraries have embraced this concept.

Tue, 10 Dec 2013 22:41:12 UTC

Preparing for NBN

Posted By Greg Lehey

The first NBN installations took place in Dereel today. There were reportsas expectedof superb throughput, but not all were successful: two installations, in Browns Road and Golden Reef Road, had to be aborted because of lack of signal. Browns Road I can understand, but Golden Reef Road is almost in the middle of Dereel. If they have problems there, some designer hasn't done his homework properly. My installation is on Thursday. What do I need to do to make things work? One is to find a place to put the network termination device (officially NTD, but which they call a connection box in their end-user documentation).

Tue, 10 Dec 2013 17:03:39 UTC

Little Brother stageplay now available for local performances

Posted By Cory Doctorow

Josh Costello is the playwright who created the award-winning, sold-out stage adaptation of my novel Little Brother. Now, he writes, "The stage adaptation of Cory's novel Little Brother was a big hit in San Francisco in 2012, and the script is now available for licensing. Want to see Little Brother on stage in your city? … [Read more]

Tue, 10 Dec 2013 15:08:34 UTC

NSA Spying on Online Gaming Worlds

Posted By Bruce Schneier

The NSA is spying on chats in World of Warcraft and other games. There's lots of information -- and a good source document. While it's fun to joke about the NSA and elves and dwarves from World of Warcraft, this kind of surveillance makes perfect sense. If, as Dan Geer has pointed out, your assigned mission is to ensure that...

Tue, 10 Dec 2013 12:34:34 UTC

Coming to Edinburgh tomorrow night

Posted By Cory Doctorow

Tomorrow night, I'll be at Edinburgh's Pulp Fiction Books for a talk and signing! It's free to attend (but ticketed, due to limited space), and runs from 7PM to 8:30. Hope to see you!

Tue, 10 Dec 2013 07:59:17 UTC

Peak indifference to surveillance

Posted By Cory Doctorow

In my latest Guardian column, I suggest that we have reached "peak indifference to spying," the turning point at which the number of people alarmed by surveillance will only grow. It's not the end of surveillance, it's not even the beginning of the end of surveillance, but it's the beginning of the beginning of the … [Read more]

Tue, 10 Dec 2013 00:42:50 UTC

Networking in the new house

Posted By Greg Lehey

It's only 3 days until the NBN installer arrives and hopefully connects me up. And in only a few months we will move home. What happens to my NBN connection? Called up the NBN and spoke to Chloë, who didn't quite seem to understand the issue. But yes, there is enough bandwidth available to service everybody in the rollout area (marked in purple), currently very much including Stones Road: ACM only downloads articles once.

Mon, 09 Dec 2013 20:00:00 UTC

Feuerzangenbowle

Posted By Tim Bray

I looked it up: A traditional German alcoholic drink for which a rum-soaked sugarloaf is set on fire and drips into mulled wine. It was a tasty treat, on offer at Vancouvers Christmas Market, which was a treat for the eyes, so I took pictures. There were little kids singing carols: Cute overload! There were Croatian dancers and an old-fashioned merry-go-round, and lots of booths selling bright things. Some of the decorations were worth zooming in on. Ive been to real Christmas Markets, in Würzburg and Antwerp, and theyre good fun.

Mon, 09 Dec 2013 20:00:00 UTC

Surveillance and the Media

Posted By Tim Bray

As I write this Im angry at the CBC, Canadas national broadcaster, for their shoddy, shallow coverage of reformgovernmentsurveillance.com (lets say RGS for short). But the trap they fell into is probably attractive to many flavors of media. The 6PM news report opened with a few seconds of Zuckerberg saying he thought the government was blowing it in this space, then another few words from Zoe Lofgren talking about the NSA putting American business at a disadvantage. (Do ya think?!) Then there was a sudden 180° shift into hard polemics, with a snotty British professor opining that it was all the companies fault because they were sucking up the information, and the NSA wouldnt come after it if the companies werent collecting it, would they?

Mon, 09 Dec 2013 19:37:30 UTC

Lawful Interception 02

Posted By Cory Doctorow

Here's part two of a reading of my novella Lawful Interception, a sequel, of sorts, to Little Brother and Homeland. In addition to the free online read, you can buy this as an ebook single (DRM-free, of course!) (Image: Yuko Shimizu) Mastering by John Taylor Williams: wryneckstudio@gmail.com John Taylor Williams is a audiovisual and multimedia … [Read more]

Mon, 09 Dec 2013 19:13:55 UTC

Grace Hopper on Letterman, 1986

Posted By Herb Sutter

Google’s doodle today reminded me of Grace Hopper’s amazing contributions. I enjoyed this 10-minute video, and you might as well: Grace Hopper on Letterman in 1986 on the occasion of her (final) retirement. It’s not deep, but especially in the second half Amazing Grace demonstrates how to talk to a non-specialist audience. Good reminders for all of us who […]

Mon, 09 Dec 2013 17:33:41 UTC

Bitcoin Explanation

Posted By Bruce Schneier

This is the best explanation of the Bitcoin protocol that I have read....

Mon, 09 Dec 2013 17:00:00 UTC

Today I applied to get my LOPSA LPR

Posted By Tom Limoncelli

https://lopsa.org/LPR You should too. The LOPSA Professional Recognition Program (LPR) is not a certification. It is a recognition that the person in question met or exceeded the standards for professional practice. In particular, it certifies that the person has agreed to abide by the LOPSA Code of Ethics and works to keep their skills current in the last year. I've always been an advocate for some kind of program that would raise the bar among system administrators, encourage professionalism, and spread the word about the Code of Ethics. I'm glad to see LOPSA giving this a try and I think everyone should support it.

Mon, 09 Dec 2013 00:39:54 UTC

Microsoft photo software doesn't like me

Posted By Greg Lehey

I've already commented on the fact that DxO Optics Pro Elite doesn't recognize the Olympus E-M1. But it seems it just doesn't want to do it for me. It works fine for others. Why? There are lots of bugs in DxO, but the likeliest one I can think of is that it recognizes my email address as licensee for the standard edition, and even the trial version won't work properly in Elite mode. And then there's Olympus Viewer 3, which comes without documentation. But only for me, it seems. Others have a file OLYMPUSViewer3.chm with some kind of help text.

Fri, 06 Dec 2013 22:48:53 UTC

Still more E-M1 experience

Posted By Greg Lehey

More playing around with the Olympus OM-D E-M1 today. I was particularly concerned with the quality of the photos that I took yesterday, which seemed far too dark as processed by Olympus Viewer 3. Spent some time looking for documentation, but I've come to the conclusion that here, too, there is none: This was immediately after a fresh install. Searching the web found nothing. Searching the file system found only a README written one line per paragraph, something that even the Microsoft tools don't seem to be able to handle: It's hardly believable that people can provide software with no documentation at ...

Fri, 06 Dec 2013 22:33:23 UTC

Friday Squid Blogging: Hoax Squid-Like Creature

Posted By Bruce Schneier

The weird squid-like creature floating around Bristol Harbour is a hoax. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 06 Dec 2013 20:47:02 UTC

New Book: Carry On

Posted By Bruce Schneier

I have a new book. It's Carry On: Sound Advice from Schneier on Security, and it's my second collection of essays. This book covers my writings from March 2008 to June 2013. (My first collection of essays, Schneier on Security, covered my writings from April 2002 to February 2008.) There's nothing in this book that hasn't been published before, and...

Fri, 06 Dec 2013 20:33:35 UTC

How to Ice the Testing BackBlob

Posted By Robert V. Binder

How Agile development is being eaten by the Testing BackBlob and what to do about it

Fri, 06 Dec 2013 20:16:03 UTC

Bruce Schneier Facts T-Shirts

Posted By Bruce Schneier

0-Day Clothing has taken 25 Bruce Schneier Facts and turned them into T-shirts just in time for Christmas....

Fri, 06 Dec 2013 12:49:37 UTC

The Frictionless Development Environment Scorecard

Posted By Diomidis D. Spinellis

The environment we work in as developers can make a tremendous difference on our productivity and well-being. Ive often seen myself get trapped in an unproductive setup through a combination of inertia, sloth, and entropy. Sometimes I put-off investing in new, better tools, at other times I avoid the work required to automate a time-consuming process, and, also, as time goes by, changes in my environment blunt the edge of my setup. I thus occasionally enter into a state where my productivity suffers death by a thousand cuts.

Fri, 06 Dec 2013 12:19:52 UTC

Telepathwords: A New Password Strength Estimator

Posted By Bruce Schneier

Telepathwords is a pretty clever research project that tries to evaluate password strength. It's different from normal strength meters, and I think better. Telepathwords tries to predict the next character of your passwords by using knowledge of: common passwords, such as those made public as a result of security breaches common phrases, such as those that appear frequently on web...

Thu, 05 Dec 2013 23:31:01 UTC

Reader Q&A: Book recommendations

Posted By Herb Sutter

Vigen Isayan emailed me today to ask: What book(s) you would recommend for learning 1. design patterns, and 2. concurrency programming. Off the top of my head: 1. For Design Patterns, the greatest is still the original “Gang of Four” Design Patterns book. The design patterns are mostly universal, and the implementations happen to focus on […]

Thu, 05 Dec 2013 19:16:13 UTC

Heartwave Biometric

Posted By Bruce Schneier

Here's a new biometric I know nothing about: The wristband relies on authenticating identity by matching the overall shape of the user's heartwave (captured via an electrocardiogram sensor). Unlike other biotech authentication methods -- like fingerprint scanning and iris-/facial-recognition tech -- the system doesn't require the user to authenticate every time they want to unlock something. Because it's a wearable...

Thu, 05 Dec 2013 15:00:00 UTC

Ask Slashdot: Application Security Non-existent, Boss Doesn't Care. What To Do?

Posted By Tom Limoncelli

I'm really sick and tired of Slashdot doing posts like this, but it isn't slashdots fault. It's our industry's fault. Here's the question: "I am a senior engineer and software architect at a fortune 500 company and manage a brand (website + mobile apps) that is a household name for anyone with kids. This year we migrated to a new technology platform including server hosting and application framework. I was brought in towards the end of the migration and overall it's been a smooth transition from the users' perspective. However it's a security nightmare for sysadmins (which is all outsourced) and a ripe target for any hacker with minimal skills.

Thu, 05 Dec 2013 12:58:15 UTC

The Problem with EULAs

Posted By Bruce Schneier

Some apps are being distributed with secret Bitcoin-mining software embedded in them. Coins found are sent back to the app owners, of course. And to make it legal, it's part of the end-user license agreement (EULA): COMPUTER CALCULATIONS, SECURITY: as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and...

Thu, 05 Dec 2013 10:54:55 UTC

Posted By Diomidis D. Spinellis

Paragraph for the RSS feed

Wed, 04 Dec 2013 15:00:00 UTC

LOPSA-East 2014: Call for Participation

Posted By Tom Limoncelli

[forwarded from Evan Pettrey, this year's LOPSA-East chair] Greetings! LOPSA-East is pleased to announce that we have released our Call for Participation for our 2014 conference. Everybody with a passion for technology and a willingness to share with others in our industry are encouraged to submit! Full details of the CFP can be found on our website at: http://lopsa-east.org/2014/ Important Dates: Deadline for all Submissions - Wednesday, January 22nd, 2014 (midnight EST) Decisions Sent to All Submitters - Monday, February 3rd, 2014 Schedule Published - Monday, February 10th, 2014 Registration Opens - Friday, February 14th, 2014 LOPSA-East '14 Conference - Friday, May 2nd - Saturday, May 3rd We look forward to seeing your submissions!

Wed, 04 Dec 2013 12:28:05 UTC

Evading Airport Security

Posted By Bruce Schneier

The news is reporting about Evan Booth, who builds weaponry out of items you can buy after airport security. It's clever stuff. It's not new, though. People have been explaining how to evade airport security for years. Back in 2006, I -- and others -- explained how to print your own boarding pass and evade the photo-ID check, a trick...

Tue, 03 Dec 2013 12:14:05 UTC

Keeping Track of All the Snowden Documents

Posted By Bruce Schneier

As more and more media outlets from all over the world continue to report on the Snowden documents, it's harder and harder to keep track of what has been released. The EFF, ACLU, and Cryptome are all trying. None of them is complete, I believe. Please post additions in the comments, and I will do my best to feed the...

Tue, 03 Dec 2013 11:27:52 UTC

Lawful Interception 01

Posted By Cory Doctorow

In this week's installment of my podcast, I break my long hiatus with the first part of a reading of my novella Lawful Interception, a sequel, of sorts, to Little Brother and Homeland. In addition to the free online read, you can buy this as an ebook single (DRM-free, of course!). If you grow up … [Read more]

Mon, 02 Dec 2013 23:18:39 UTC

Suddenly summer

Posted By Greg Lehey

It's summer! And the weather shows it: That's a big difference from the last two months, which were far cooler than the seasonal average: mysql> SELECT year(date), avg(outside_temp) FROM observations WHERE month(date) > 9 AND month(date) < 12 GROUP BY year(date); +------------+-------------------+ | year(date) | avg(outside_temp) | +------------+-------------------+ | 2009 | 17.5731496596709 | | 2010 | 14.36821202979 | | 2011 | 15.1622464410373 | | 2012 | 14.9027108163907 | | 2013 | 13.4479453197917 | +------------+-------------------+ And for some reason, weather station readings were very erraticat times over 30 minutes passed without a reading coming through.

Mon, 02 Dec 2013 20:00:00 UTC

Browser Safety Details

Posted By Tim Bray

Privacy on the Net isnt a binary on/off thing, its a continuum. Anything we can do to increase it is good; which includes handling corner cases. What happened was, during the last IETF, Paul Hoffman, an IETF veteran and friend, was staying in our spare room. We were sitting up talking about privacy, looking at a WordPress blog, and this weird thing happened: We typed in its address with https: at the front, and it showed up as locked/HTTPS in some browsers but not others. It took quite a bit of poking around to figure out. Whats actually happening First, wordpress.com is perfectly happy to accept secure HTTPS connections.

Mon, 02 Dec 2013 19:00:00 UTC

Tomorrow is Giving Tuesday: Here are the organizations I support (and you should too)

Posted By Tom Limoncelli

You know Black Friday and Cyber Monday... did you know that tomorrow (Dec 3) is "Giving Tuesday"? Many charities receive most of their donations in December as people rush to donate before the tax year is over. These donations determine if in 2014 they'll be able to grow or will they have to cut back. I'd like to highlight three charities that I think are having a huge impact on our world and encourage you to donate too: USENIX Annual Fund. You probably think of USENIX as the organization that hosts the LISA conference. It is so much more. However what I'd like to point out is that they are on the cutting edge of keeping academic publications "open access".

Mon, 02 Dec 2013 18:48:37 UTC

The TQP Patent

Posted By Bruce Schneier

One of the things I do is expert witness work in patent litigations. Often, it's defending companies against patent trolls. One of the patents I have worked on for several defendants is owned by a company called TQP Development. The patent owner claims that it covers SSL and RC4, which is does not. The patent owner claims that the patent...

Mon, 02 Dec 2013 17:36:39 UTC

Lawful Interception 01

Posted By Cory Doctorow

In this week's installment of my podcast, I break my long hiatus with the first part of a reading of my novella Lawful Interception, a sequel, of sorts, to Little Brother and Homeland. In addition to the free online read, you can buy this as an ebook single (DRM-free, of course!). If you grow up … [Read more]

Mon, 02 Dec 2013 12:05:31 UTC

How Antivirus Companies Handle State-Sponsored Malware

Posted By Bruce Schneier

Since we learned that the NSA has surreptitiously weakened Internet security so it could more easily eavesdrop, we've been wondering if it's done anything to antivirus products. Given that it engages in offensive cyberattacks -- and launches cyberweapons like Stuxnet and Flame -- it's reasonable to assume that it's asked antivirus companies to ignore its malware. (We know that antivirus...

Sun, 01 Dec 2013 23:11:32 UTC

Keeping EXIF data in a database

Posted By Greg Lehey

I have something like 100,000 distinct photos on my system, and with all copies in different sizes, data formats and qualities, it's over 500,000. How do I keep track of the EXIF data? Specifically at the moment I'm wondering which lenses I use the most, and at what focal lengths. Clearly l need to store the information in a database. That's so clear, in fact, that there must be software out there that does it. But a Google search didn't come up with anything very promising.

Sun, 01 Dec 2013 22:16:23 UTC

NBN installation, bad language and survey

Posted By Greg Lehey

Where do I put the network termination box for my NBN service? It's designed to be mounted on a wall inside the house, preferably close to a power point. We're going to be moving house in the foreseeable future, so it makes sense to consider where the new owner of the house would like to have it. Clearly it should be somewhere near the existing network infrastructure. That's mainly the south half of the house; my powerline network adapters that connect to the north are so flaky that they may not be as fast as the NBN downlink.

Browse Topics

Columns

Discussions

Latest Comments

Tech Packs

Archive

other acm Links

Sign up for QueueNews

Sign up for Queue-Updates

Blogs