Blog Archive: April 2013

Tue, 30 Apr 2013 23:51:44 UTC

Ports pain

Posted By Greg Lehey

My ports build still isn't finished. The latest error, while building vlc,, was one that I've seen before: (CDPATH="${ZSH_VERSION+.} :" && cd .. && /bin/sh /src/FreeBSD/svn/ports/graphics/frei0r/work/frei0r-1.3/missing --run autoheader) autom4te-2.69: cannot lock autom4te.cache/requests with mode 2: Operation not supported autom4te-2.69: forgo "make -j" or use a file system that supports locks autoheader-2.69: '/usr/local/bin/autom4te-2.69' failed with exit status: 1 *** [./config.h.in] Error code 1 This is the result of using NFS without locking. In the past I've chickened out and installed the ports tree locally. But the real answer is to set up locking on NFS.

Tue, 30 Apr 2013 23:29:58 UTC

Microsoft network pain

Posted By Greg Lehey

Things didn't stop there, though. I still had to get dxo back and running. But I hadn't been able to shut it down: the power key just hibernates it, and when I replaced the disk, it came back up again as before, still with scrambled display and unpingable. Somehow managed to get it into safe mode and to display correctlyand the network interface worked! Further investigation showed that the machine was now blocking ICMP, something it didn't do before. And that was presumably due to the firewall, which was enabled. I can't even recall whether it was before or not, but I'm sure I was once able to ping it.

Tue, 30 Apr 2013 22:49:50 UTC

Throughput of alternative networks

Posted By Greg Lehey

I had really wrapped up my investigation of the network equipment I bought last week: the wireless adapters worked, but not fast enough to justify using them. I'll return them. The powerline adapters work too, also not fast enough. But they're both cheaper and marginally faster, and if I were to return them too, the alternative would be to run CAT6 along the hallway again. So I'll keep one pair. And that would have been that, except that Edwin Groothuis was interested in more testing. He wanted to know what the performance was like if both adapters were next to each other on the same board.

Tue, 30 Apr 2013 22:48:47 UTC

Women in Science and Engineering (WISE) Computing Skills Boot Camp

Posted By Tom Limoncelli

https://blog.mozilla.org/it/2013/04/30/women-in-science-and-engineering-wise-computing-skills-boot-camp/ Software Carpentry is running a 2-day software skills boot camp in Boston, June 24-25th 2013, for women in science, engineering, medicine, and related research areas. Registration is $20. Boot camps alternate short tutorials with hands-on practical exercises. You are taught tools and concepts you can use immediately to increase your productivity and improve confidence in your results. Topics covered include the Unix shell, version control, basic Python programming, testing, and debugging -- the core skills needed to write, test and manage research software. This boot camp is open to women at all stages of their research careers, from graduate students, post-docs, and faculty to staff scientists at hospitals and in the public, private, and non-profit sectors.

Tue, 30 Apr 2013 20:42:55 UTC

Free as in Fortune Cookies

Posted By Joel Spolsky

Trello has been out for less than two years and its been growing like wildfire. We recently hit 1.5 million members, of whom about 1/3 perform some action every month, and our MongoDB database now contains more than 70 million cards on 3.7 million boards. So the obvious question I get all the time is, How exactly are you supposed to make money with that? You may have noticed that Trello is free. Not free trial, not freemium, but just plain old free. Some people have justifiably wondered if it really makes sense to pay a dozen people, nestled in fancy offices with free lunch and espresso, to develop software that we have to pay Amazon cash money to host, while not actually charging for said software.

Tue, 30 Apr 2013 18:29:38 UTC

The Importance of Backups

Posted By Bruce Schneier

I've already written about the guy who got a new trial because a virus ate his court records. Here's someone who will have to redo his thesis research because someone stole his only copy of the data. Remember the rule: no one ever wants backups, but everyone always wants restores. I have no idea if that image is real or...

Tue, 30 Apr 2013 15:00:00 UTC

Two questions for LOPSA Board Candidates

Posted By Tom Limoncelli

The slate of candidates for LOPSA board is up. At "candidate night" here are the questions I'll be asking: Question 1: "I'd like to know about your experience with community-based projects. Please tell us about a project that you took responsibility for seeing through to completion. Please, only projects that are "done" or have reached a self-sustaining mode only. One or two sentences is fine. It doesn't have to be a project where you thought of the idea or even did all the work: just one where you assured it reached the finish line." Question 2: "Surprise!

Tue, 30 Apr 2013 11:11:44 UTC

Pinging the Entire Internet

Posted By Bruce Schneier

Turns out there's a lot of vulnerable systems out there: Many of the two terabytes (2,000 gigabytes) worth of replies Moore received from 310 million IPs indicated that they came from devices vulnerable to well-known flaws, or configured in a way that could to let anyone take control of them. On Tuesday, Moore published results on a particularly troubling segment...

Tue, 30 Apr 2013 00:14:22 UTC

Free as in Fortune Cookies

Posted By Joel Spolsky

Trello has been out for less than two years and its been growing like wildfire. We recently hit 1.5 million members, of whom about 1/3 perform some… Read more "Free as in Fortune Cookies"

Mon, 29 Apr 2013 22:50:49 UTC

Computatational photography revisited

Posted By Greg Lehey

I've been making slow progress with the computational photography course. Not that slow, roughly the speed that it's supposed to be taken at, but I started something like 3 weeks after the course started, and it finishes in a week. As a result spent most of the day going through the videos; there are still three assignments with a total of 11 programs to go, so it'll keep me busy.

Mon, 29 Apr 2013 22:44:47 UTC

Still more ports pain

Posted By Greg Lehey

Finally my ports-try has completed,    122813.19 real     60857.07 user     18081.91 sys That's a total of 34 hours, and 370 MB of build logs. Did things work? No, not even remotely. X didn't get built, and so many dependent ports didn't either: checking whether to rebuild gperf header files... checking for POLKIT... no configure: error: PolicyKit not explicitly disabled and no PolicyKit found ===>  Script "configure" failed unexpectedly. Please run the gnomelogalyzer, available from "http://www.freebsd.org/gnome/gnomelogalyzer.sh", which will diagnose the problem and suggest a solution.

Mon, 29 Apr 2013 22:39:27 UTC

Power line Ethernet: slow

Posted By Greg Lehey

One potential reason for my slow transmissions with the power line Ethernet adapters was that the interface at one end was only 100 Mb/s. As planned, today I put a 1 Gb/s adapter in that machine, not without difficulty: it is a PCIe card, and the motherboard had only one PCIe slot, already occupied by the graphics card. But for a test I removed the graphics card. The results? No improvement; in fact it was marginally slower. So much for that. Up to speeds seem to require amazingly good conditions.

Mon, 29 Apr 2013 19:51:14 UTC

Down and Out in the Magic Kingdom read-aloud part 05

Posted By Cory Doctorow

As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by planning a prequel volume. As part of that planning, I'm going to read aloud the entire text of that first book into the podcast, making notes on the book as I go. Here's … [Read more]

Mon, 29 Apr 2013 19:00:00 UTC

Who Owns Your Pictures?

Posted By Tim Bray

People are claiming that a new British law is going to allow anyone to steal your online pictures and sell them and keep the money. I think theyre mostly wrong about that law, but in the process of checking it out I ran across some bad behavior by social-media companies. OMG theyre stealing my pretties! Someone linked, with a gasp of horror, to UK.Gov passes Instagram Act: All your pics belong to everyone now by Andrew Orlowski. I was prepared to blow it off because Orlowski is generally wrong about everything. This is the man who, back in 2004, referred to Wikipedians as Khmer Rouge in nappies and has continued to get attention with lurid Internet contrarianism; which has also worked for Jaron Lanier, Andrew Keen, and lately Evgeny Morozov.

Mon, 29 Apr 2013 16:35:34 UTC

Trademarks: the good, the bad and the ugly

Posted By Cory Doctorow

The Guardian

Mon, 29 Apr 2013 16:35:15 UTC

When trademark becomes a tool for stealing our language

Posted By Cory Doctorow

My latest Guardian column is "Trademarks: the good, the bad and the ugly," and it looks at why trademark, at its best, does something vital -- but how trademark can be abused to steal common words from our language and turn them into a twisted kind of pseudo-property. Trademark lawyers have convinced their clients that … [Read more]

Mon, 29 Apr 2013 15:27:24 UTC

More Links on the Boston Terrorist Attacks

Posted By Bruce Schneier

Max Abrahms has two sensible essays. Probably the ultimate in security theater: Williams-Sonoma stops selling pressure cookers "out of respect." They say it's temporary. (I bought a Williams-Sonoma pressure cooker last Christmas; I wonder if I'm now on a list.) A tragedy: Sunil Tripathi, whom Reddit and other sites wrongly identified as one of the bombers, was found dead in...

Sun, 28 Apr 2013 23:08:41 UTC

TP-Link setup, the real way

Posted By Greg Lehey

I couldn't really be bothered to work my way through the web links about WDS that I had found yesterday, so today I put the other router where I wanted it, at teevee, and used the powerline Ethernet connection to access it. As I suspected, the stupid installation instructions aren't just plain wrong some of the time, they're much more complicated than the real thing. To configure a TP-Link TL-WR841N 802.11n wireless router, do this: Ensure that you have an address in the 192.168.0.0/24 address range.

Sun, 28 Apr 2013 22:25:00 UTC

LOPSA-East is less than a week away!

Posted By Tom Limoncelli

If you haven't signed up for LOPSA-East, it is this coming Friday and Saturday, May 3-4, 2013 in New Brunswick, NJ. I've finally finished my slides for my "Evil Genius 101" class. I'm very excited about this new class. I hear there are still seats left, but it is filling up fast. To my NYC friends: you can take the train there. The station is 2 blocks away. To my Linux friends: the Linux content is most excellent this eyar. To my Windows friends: Steven Murawski himself is teaching PowerShell classes. Steven FREAKING Murawski! How can you NOT sign up for this?

Sun, 28 Apr 2013 19:58:26 UTC

Guru of the Week and the Exceptional C++ Series

Posted By Herb Sutter

Its time for me to pick up Guru of the Week (GotW) again in earnest, as part of work on revising my three Exceptional C++ books for todays C++. Most Exceptional C++ Items are enhanced versions of GotW issues, after all, so the simplest and best place to start is with GotW. Its also much [...]

Sun, 28 Apr 2013 02:12:02 UTC

Build: one done, one continues

Posted By Greg Lehey

I had to shut down stable-amd64 virtual machine today while processing panoramas, which need all available memory, and I shut down eucla (the laptop) while trying to configure the wireless router, but after that I continued and finally got FreeBSD 9-STABLE running on it. Time to try a wireless cardI have an ancient Lucent/Orinoco PCMCIA card that fits. And of course it didn't associate. Powered down the router, and it took notice: it panicked out of wi_intr. And then I noted that I had forgotten to build a kernel with debugger, so there wasn't much I could do about it. Things didn't stop there, of course: I could no longer log in: login: in openpam_dispatch(): pam_nologin.so: no pam_sm_autheticate().

Sun, 28 Apr 2013 00:42:38 UTC

ALDI Networking Gear

Posted By Greg Lehey

Into Sebastopol this morning to pick up some of ALDI's weekly specials: 4 TP-Link TL-PA411 powerline Ethernet adapters and two TP-Link TL-WR841N 802.11n wireless routers. The main reason was to replace the Ethernet cable between cvr2 (the TV recording computer) and teevee (the playback computer) that has been lying in the hallway for two years. Getting the goods was difficult in itself. They weren't with the other specials; instead I had to find then up the front by the cashiers, and even then they wouldn't give them to me! Instead they brought the goods to the cash register when I was about to pay.

Sat, 27 Apr 2013 16:37:06 UTC

Pirate Cinema up for Canadas Aurora Award

Posted By Cory Doctorow

The 2013 Prix Aurora Award ballot has been announced, and I'm delighted to see that my novel Pirate Cinema is up for the prize in the Young Adult category. The Auroras are a people's choice award given for Canadian science fiction and fantasy, and I'm delighted to be recognised in the land of my birth! … [Read more]

Sat, 27 Apr 2013 07:59:50 UTC

Down and Out in the Magic Kingdom read-aloud part 03

Posted By Cory Doctorow

[NB: Some indeterminate screwup, which was nevertheless definitely caused by me being a stoop, caused this episode not to make it into my feed. I are a dum.] As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by planning a prequel volume. As … [Read more]

Sat, 27 Apr 2013 02:12:40 UTC

Still more ports and network pain

Posted By Greg Lehey

My ports build is still not done. This morning I once again had a build breakage of gcc. Started trying to download the binary package from http://ftp.freebsd.org/, which came across at a snail's paceit took 8 hours to get it here. And when it did, it wanted a second package, which I didn't have time to download. Once again I noticed that the uplink speed seems to be relatively unaffected by the problems. While downloading gcc at about 3 kB/s, I uploaded some photos: sent 1062018 bytes  received 144 bytes  28324.32 bytes/sec total size is 1332763  speedup is 1.25 I'm not sure how rsync calculates the speed; presumably it's total data transferred divided by time.

Fri, 26 Apr 2013 21:05:44 UTC

Friday Squid Blogging: Lego Giant Squid Model

Posted By Bruce Schneier

This is a fantastic Lego model of a space kraken attacking a Star Wars Super Star Destroyer. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 26 Apr 2013 17:21:46 UTC

xkcd on a Bad Threat Model

Posted By Bruce Schneier

Funny, and true....

Fri, 26 Apr 2013 12:19:58 UTC

Tor Needs Bridges

Posted By Bruce Schneier

The Internet anonymity service Tor needs people who are willing to run bridges. It's a goodness for the world; do it if you can....

Fri, 26 Apr 2013 10:41:48 UTC

Tangible assets

Posted By Cory Doctorow

The Bookseller

Fri, 26 Apr 2013 10:41:22 UTC

Publishing should fight ebook retailers for more data

Posted By Cory Doctorow

I've got a guest column in the new edition of The Bookseller, the trade magazine for the UK publishing industry. It's called "Tangible Assets," and it points out that of all the fights that publishing has had with the ebook sector -- DRM, pricing, promotion -- the one they've missed is access to data. Whatever … [Read more]

Fri, 26 Apr 2013 00:25:27 UTC

Internode: we give up

Posted By Greg Lehey

My ongoing network issues have received some strange responses from Internode support. Yesterday I received a message telling me to change my settings to limit the frequency range to 900 MHz (in other words, eliminate 2100 MHz). That makes no sense for a number of reasons: there is no 2100 MHz service in this area, I have an antenna that only does 900 MHz, there's no way in the software to limit the frequency to 900 MHz, and it's fairly clear that it's not a connection problem anyway. Today I got a message from another person, which didn't exactly give me the feeling that he knew what he was talking about: It seems there is continued correspondence ongoing relating to the latency issues you are experiencing.

Fri, 26 Apr 2013 00:18:40 UTC

Building ports, continued

Posted By Greg Lehey

Yesterday my build of gcc 4.9 failed. That's a beta or similar version, I think, so today I tried gcc 4.8. It, too, failed. I had already previously built gcc 4.7, so decided to fall back to that. And it, too, failed! There's something basically flawed here. This was a fresh install of a virgin system. Why did it fail? Had I somehow managed to make a mess of other ports? One thing I did do wrong was not to make a snapshot of a recent version of FreeBSD STABLE without ports, so went back to do that. Then I can install the ports freshly on something that hopefully doesn't have any inconsistencies.

Thu, 25 Apr 2013 23:24:40 UTC

VCAT followup

Posted By Greg Lehey

Spent much of today writing up yesterday's VCAT hearing. One thing in particular interested me: are the limits in Australia so much higher than elsewhere? Wendy claimed that the limits in Austria are 1/4000 of the Australian limits, and later that they were 1/4000 of the actual expected emission of the tower. It's not easy to find this kind of information. Wikipedia took me round in circles, and even on the ARPANSA web site I had my difficulties. And of course they said nothing about Austria. Finally, though, I found some information: The ARPANSA limits depend on frequency.

Thu, 25 Apr 2013 19:37:05 UTC

Cryptanalyst on British Postage Stamps

Posted By Bruce Schneier

A 92-year-old World War II Bletchley Park codebreaker has had a set of commemorative stamps issued in his honor....

Thu, 25 Apr 2013 19:00:00 UTC

Johannesburg Noir

Posted By Tim Bray

Zoo City is by Lauren Beukes, published in 2010; shes written another since then and Ill make a point of reading it; which should be indicative. [Background: I was looking at the bookshelf screens on my tablet and realized Ive read quite a few recently without sharing anything, even though while none of them have been life-changing, a few are well worth the price of an e-book. This is bad behavior in a blogger, so Ill try to run a few short reviews and get caught up.] This book is seriously nasty, and I mean that in the nicest possible way.

Thu, 25 Apr 2013 11:42:54 UTC

Random Links on the Boston Terrorist Attack

Posted By Bruce Schneier

Encouraging poll data says that maybe Americans are starting to have realistic fears about terrorism, or at least are refusing to be terrorized. Good essay by Scott Atran on terrorism and our reaction. Reddit apologizes. I think this is a big story. The Internet is going to help in everything, including trying to identify terrorists. This will happen whether or...

Thu, 25 Apr 2013 02:44:39 UTC

Still more ports pain

Posted By Greg Lehey

Continued with my ports build today. I have Makefile targets to fetch all tarballs and configure them, so did that. Configuration (hitting Return most of the time) took 1½ hours. And since so many ports depend on more recent versions of gcc, I decided to build it first. A good thing too: it died on me. Why am I having so much trouble with ports built on a clean install?

Thu, 25 Apr 2013 01:17:03 UTC

VCAT hears Radiation Tower complaint

Posted By Greg Lehey

Into Ballarat this morning to the VCAT hearing of Wendy McClelland's objection to the Dereel radiation tower. They had set aside 3 hours (10:0013:00) for the hearing. I had left early, and that's a good thing too: it took me over 20 minutes from arriving in front of the Magistrate's court to getting into the correct court room. The parking place across the road is only good for 2 hours, so I had to go to Central Square and park there. And for that I needed coins, which I didn't have, and when I got back to the courts I was sent round the corner: VCAT has its own part of the building.

Wed, 24 Apr 2013 18:06:27 UTC

Ellen on Protecting Passwords

Posted By Bruce Schneier

Pretty good video. Ellen makes fun of the "Internet Password Minder," which is -- if you think about it -- only slightly different than Password Safe....

Wed, 24 Apr 2013 11:51:07 UTC

More Plant Security Countermeasures

Posted By Bruce Schneier

I've talked about plant security systems, both here and in Beyond Fear. Specifically, I've talked about tobacco plants that call air strikes against insects that eat them, by releasing a scent that attracts predators to those insects. Here's another defense: the plants also tag caterpillars for predators by feeding them a sweet snack (full episode here) that makes them give...

Tue, 23 Apr 2013 22:10:14 UTC

Computational photography: finally

Posted By Greg Lehey

Despite severe ongoing network problems, I've managed to download enough of the computational photography course to finally do something. It's more difficult than I expected: the course leaves a number of issues to the student, such as learning the software libraries that it uses (notably numpy and opencv), not to mention the python on which the whole thing builds. Somehow it's an island in a large and for me uncharted sea of new software. Still, once I found my way round the island, it was quite interesting.

Tue, 23 Apr 2013 17:34:27 UTC

The Police Now Like Amateur Photography

Posted By Bruce Schneier

PhotographyIsNotACrime.com points out the obvious: after years of warning us that photography is suspicious, the police were happy to accept all of those amateur photographs and videos at the Boston Marathon. Adding to the hypocrisy is that these same authorities will most likely start clamping down on citizens with cameras more than ever once the smoke clears and we once...

Tue, 23 Apr 2013 12:10:50 UTC

Securing Members of Congress from Transparency

Posted By Bruce Schneier

I commented in this article on the repeal of the transparency provisions of the STOCK Act: Passed in 2012 after a 60 Minutes report on insider trading practices in Congress, the STOCK Act banned members of Congress and senior executive and legislative branch officials from trading based on government knowledge. To give the ban teeth, the law directed that many...

Tue, 23 Apr 2013 00:01:01 UTC

More network hell

Posted By Greg Lehey

Returned to the computational photography course today. Started watching a lecture, but the connection was so bad that I couldn't watch it at all. Discovered, though, that there are MPEG-4 versions of the lectures for download, so started that. What a catastrophe! My packet loss rates are as bad as I've seen them, and some of the downloads came over at about 1.5 kB/s, slower than a steam modem. And after an hour, they timed out. Used the same workaround as yesterday: load the files on my external server and rsync them here.

Mon, 22 Apr 2013 23:32:10 UTC

Ports hell

Posted By Greg Lehey

It's been nearly 2 weeks since I started upgrading my ports on my build machine. They were only 3 months out of date, but it took forever, what with slow downloads, ports waiting for configuration input, trips to Adelaide and conflicts. Today, finally, I got a shortlist of still-failed ports: ** Listing the failed packages (-:ignored / *:skipped / !:failed)         - multimedia/ffmpeg-011 (port deleted)         - lang/tcl-modules (port deleted)         * bsdpan-Image-Magick-6.83 (bsdpan-Image-Magick-6.83)         ! ftp/wget (wget-1.13.4_1)      (unknown build error)         * lang/tcl85 (tcl-8.5.12_2)         * x11-toolkits/tk85 (tk-8.5.12)         * x11-toolkits/py-tkinter (py27-tkinter-2.7.3_3)         * graphics/py-imaging (py27-imaging-1.1.7_1)         * multimedia/mlt (mlt-0.8.2_1)         !

Mon, 22 Apr 2013 19:00:00 UTC

HP7  Draperies

Posted By Tim Bray

My Hawaii Problem is solved, or anyhow Im out of Big-Island pictures I feel compelled to share. These last two have absolutely nothing specific to the geography. This appeared by the pool at our resort in Keahou. What you cant see is the banner; it featured the triskelion which thought was for the Isle of Man; but it turned out to be the Flag of Sicily. And sure enough, a bunch of Sicilians showed up to eat and drink by the pool by the ocean. Someone played guitar and they sang rousing Sicilian songs. It was an afternoon thing, over by suppertime.

Mon, 22 Apr 2013 13:52:25 UTC

Down and Out in the Magic Kingdom read-aloud part 03

Posted By Cory Doctorow

As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by planning a prequel volume. As part of that planning, I'm going to read aloud the entire text of that first book into the podcast, making notes on the book as I go. Here's … [Read more]

Mon, 22 Apr 2013 05:58:17 UTC

Fox sends fraudulent takedown notices for my novel Homeland

Posted By Cory Doctorow

My Creative Commons licensed, 2013 novel Homeland, the sequel to my 2008 novel Little Brother, spent four weeks on the New York Times bestseller list, and got great reviews around the country. But Fox apparently hasn't heard of it -- or doesn't care. They've been sending takedown notices to Google (and possibly other sites), demanding … [Read more]

Mon, 22 Apr 2013 00:10:32 UTC

More computational photography

Posted By Greg Lehey

Finally got round to looking at the computational photography course again today, in particular the software needed for it. I had reinstalled graphics/opencv, but it didn't seem to make any difference. In particular, the file cv2.py didn't get installed. I was wrong, though. Reinstalling opencv did have an effect: it installed a new version of perl, with the result that most of my perl modules disappeared. In particular, spamassassin had died. And it wouldn't reinstall: REQUIRED module missing: HTML::Parser REQUIRED module missing: Net::DNS REQUIRED module missing: NetAddr::IP optional module missing: Digest::SHA1 ...

Sun, 21 Apr 2013 19:00:00 UTC

Advanced Ingress

Posted By Tim Bray

Wherever you go these days there are Level-8 players, and even the occasional L8 portal. Its a different game at that level. What may be my last piece on the subject; with a side-trip into BioShock Infinite. Previously in this series: Ingress, Things About Ingress, Ingress, Month 3, Ingress Weekly, and Ingress Tourism. A couple of our local enthusiasts got to L8 in less than 30 days play. It took me well over four months, and thats with a few road-trips to places oozing with portals; I confess that when I got real close to L8, I did put in a lengthy weekend afternoon driving around to places in Vancouver to find juicy green fields to smash and relink.

Sun, 21 Apr 2013 15:48:08 UTC

About Police Shoot Outs and Spectators

Posted By Bruce Schneier

Hopefully this advice is superfluous for my audience, but it's so well written it's worth reading nonetheless: 7. SO, the bottom line is this: If you are in a place where you hear steady, and sustained, and nearby (lets call that, for some technical reasons, anything less than 800 meters) gunfire, do these things: Go to your basement. You are...

Sun, 21 Apr 2013 11:36:17 UTC

A Discussion of Redaction

Posted By Bruce Schneier

Interesting....

Sat, 20 Apr 2013 19:40:30 UTC

Trip Report: ISO C++ Spring 2013 Meeting

Posted By Herb Sutter

The Bristol meeting concluded a few hours ago, and I just posted my trip report on isocpp.org: This afternoon in Bristol, UK, the ISO C++ standards committee adopted generic lambdas, dynamic arrays (an improved version of C99 VLAs), variable templates, reader/writer locks, make_unique, optional<T>, standard library user-defined literals, and a number of other language and [...]

Sat, 20 Apr 2013 13:19:32 UTC

The Boston Marathon Bomber Manhunt

Posted By Bruce Schneier

I generally give the police a lot of tactical leeway in times like this. The very armed and very dangerous suspects warranted extraordinary treatment. They were perfectly capable of killing again, taking hostages, planting more bombs -- and we didn't know the extent of the plot or the group. That's why I didn't object to the massive police dragnet, the...

Sat, 20 Apr 2013 02:42:16 UTC

Time zones interpreted correctly

Posted By Greg Lehey

I've complained about my GPS navigator on frequent occasions, but yesterday I noticed something interesting: South Australian time is half an hour behind Victorian time, and it seemed to have adapted automatically. On the way back, I checked. It really did switch time zones exactly at the border: This image was somewhat spoilt both by the difficulty of getting a good photo of the navigator in position, and the fact that I had to turn back into the rest area, so the second image shows us pointing in the wrong ...

Sat, 20 Apr 2013 00:48:31 UTC

Tablets: practical example

Posted By Greg Lehey

Yana has invited us to dinner at the Red Ochre Grill to celebrate her graduation. That's another place without an address suitable for a GPS navigator. I had been there before (well, same building), but the address War Memorial Drive doesn't really help: War Memorial Drive is about 5 km long. How do I tell my GPS that? Enter the coordinates, of course. How do I find them? Under the circumstances they should be on their web page, but they're not.

Fri, 19 Apr 2013 19:00:00 UTC

News Fail

Posted By Tim Bray

So yeah, I sat up till 2AM (Pacific, 5AM in Boston), fascinated by the situation in Cambridge and Watertown. I listened to the police radio online, watched a few live Twitter feeds, and had a couple Google Maps windows zoomed in on streets that Id never heard of but now know where they are: Hazel, Dexter, Laurel. The professional news media knew less than I (3 timezones away) did, but said more; somewhere between nauseating and just silly. I tried a few live-TV streams but the inconsequential arm-waving and flow of bloviation-with-good-hair-on-top was unbearable. And clearly they werent listening to the scanner or watching the right Twitterers.

Fri, 19 Apr 2013 18:40:57 UTC

Me at the Berkman Center

Posted By Bruce Schneier

Earlier this month I spent a week at the Berkman Center for Internet and Society, talking to people about power, security, technology, and threats (details here). As part of that week, I gave a public talk at Harvard. Because my thoughts are so diffuse and disjoint, I didn't think I could pull it all together into a coherent talk. Instead,...

Fri, 19 Apr 2013 18:35:01 UTC

Friday Squid Blogging: Giant Squid Bike Rack

Posted By Bruce Schneier

It's the first on this page. Apparently this is the finished version of the design I blogged about last year. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 19 Apr 2013 15:00:00 UTC

Balancing Todos and Tickets

Posted By Tom Limoncelli

A reader asked me: What’s your opinion on merging “to-do” lists with issue trackers in The Cycle? I have a pile of To Do items which aren’t properly “issues”, and a pile of issues. I don’t want to duplicate tickets in the to-do list, but I’d like to look at one place to figure out what to work on next. You are correct in that copying items from your ticket system to your to-do list leads to trouble. They aren’t synced and bad things happen. I have a n-hour to-do item each day called “work on tickets” (where “n” is 1 to 8 hours depending on the requirements of my job).

Fri, 19 Apr 2013 11:47:21 UTC

NSA Cryptography Course

Posted By Bruce Schneier

This article, from some internal NSA publication, is about Lambros Callimahos, who taught an intensive 18-week course on cryptology for many years and died in 1977. Be sure to notice the great redacted photo of him and his students on page 17....

Fri, 19 Apr 2013 04:48:38 UTC

Down and Out in the Magic Kingdom read-aloud part 03  fixed

Posted By Cory Doctorow

As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by planning a prequel volume. As part of that planning, I'm going to read aloud the entire text of that first book into the podcast, making notes on the book as I go. Here's … [Read more]

Thu, 18 Apr 2013 19:00:00 UTC

HP6  Greens

Posted By Tim Bray

This, I promise, is the second-last outburst consequent upon the Hawaii Problem where my Lightroom is all bulgy with nifty Big-Island photos. Today, shades of green at Akaka Falls State Park. Its a nice park at the end of nice drive north from Hilo, with a worthwhile side-trip to that botanical garden then through the pleasant village of Honomu. The park itself is an unchallenging half-hour ramble along causeways through pretty dense rainforest up to where theres a nice view of the falls. Except for the green stuff was more interesting that the long twisting white stream of water. Like this: Oh, and the waterfall.

Thu, 18 Apr 2013 16:36:56 UTC

The Nemim.gen Trojan

Posted By Bruce Schneier

This clever piece of malware evades forensic examination by deleting its own components....

Wed, 17 Apr 2013 23:27:48 UTC

Entering the digital generation

Posted By Greg Lehey

Di Saunders isn't what you'd call a tech-head. She's more interested in horses, and she only uses computers for communication. But she has an ADSL connection, something we can't get, and in recent times she has acquired an iPhone and a Samsung Galaxy Tab 2, the latter for the express purpose of reading eBooks. I've looked at that option 20 months ago and came to the conclusion that it wasn't for me. One of the reasons was the low resolution of the tablet, which didn't seem to be the case for the Samsung, though on comparison the Samsung has only 1024×600, in fact lower than the 1024×768 of the ALDI tablet.

Wed, 17 Apr 2013 22:45:09 UTC

Computational photography comprehended

Posted By Greg Lehey

After some searching, discovered that there was a good reason why I couldn't find yesterday's zip archive for the computational photography course: it doesn't exist. Somehow the layout of this course is not what I expected. Downloaded the archive for the first assignment and took a look at it. The most obvious thing is that I needed software that I didn't have: numpy and cv2. Are they in the Ports Collection? Maybe. Went looking for graphics/numpy and found that Thomas Gellekum had removed it without further comment about 11 years ago.

Wed, 17 Apr 2013 22:37:20 UTC

Monitor display scrambled again

Posted By Greg Lehey

I've been very happy with my new monitor, but there's one issue that is somewhat disconcerting: when I turn it on in the morning, sometimes the display is scrambled, just a row of random vertical lines. Usually power cycling helps, but on a couple of occasions I needed to do it twice. Today, though, it repeated 4 times. Discovered that switching to a vty solved it, without power cycling.

Wed, 17 Apr 2013 17:30:00 UTC

Expanding the Cloud: Faster, More Flexible Queries with DynamoDB

Posted By Werner Vogels

Today, Im thrilled to announce that we have expanded the query capabilities of DynamoDB. We call the newest capability Local Secondary Indexes (LSI). While DynamoDB already allows you to perform low-latency queries based on your tables primary key, even at tremendous scale, LSI will now give you the ability to perform fast queries against other attributes (or columns) in your table. This gives you the ability to perform richer queries while still meeting the low-latency demands of responsive, scalable applications. Our customers have been asking us to expand the query capabilities of DynamoDB and were excited to see how they use LSI.

Wed, 17 Apr 2013 10:30:00 UTC

Expanding the Cloud: Faster, More Flexible Queries with DynamoDB

Posted By Werner Vogels

Today, I?m thrilled to announce that we have expanded the query capabilities of DynamoDB. We call the newest capability Local Secondary Indexes (LSI). While DynamoDB already allows you to perform low-latency queries based on your table?s primary key, even at tremendous scale, LSI will now give you the ability to perform fast queries against other attributes (or columns) in your table.

Tue, 16 Apr 2013 21:20:50 UTC

Today in history: Letter from a Birmingham Jail

Posted By Tom Limoncelli

50 years ago today Martin Luther King, Jr published "Letter from a Birmingham Jail". It is a beautiful, moving, letter. Everyone should take a moment to read it. (Search for a copy of the letter online here) Many people read it without realizing the joke he put in the first paragraph. Seldom do I pause to answer criticism of my work and ideas. If I sought to answer all the criticisms that cross my desk, my secretaries would have little time for anything other than such correspondence in the course of the day, and I would have no time for constructive work.

Tue, 16 Apr 2013 19:00:00 UTC

Measure the Pain

Posted By Tim Bray

Learning isnt free; re-learning is paying the price twice. Many of the people who use what we geeks make would like to re-learn less. One of them is Patric King, interviewed in The Setup, an instructive and enjoyable publication. Im excerpting his whole last paragraph but the rest is good too: I would love to see a return to a longer turnaround between software packages. Theres an artificial churn happening in how quickly we need to re-learn tools, because companies are learning to move their software products to a subscription basis. I am seriously tempted to jump off that bandwagon, if I were confident I could find a workflow and OS that wouldnt be painful to re-learn on a bi-annual basis, rather than every six months.

Tue, 16 Apr 2013 15:29:17 UTC

Utilizando python para programadores Perl

Posted By Tom Limoncelli

Mi "Python para programadores de Perl" el artículo está disponible en español gracias a Maria Ramos y Webhostinghub.com: http://www.webhostinghub.com/support/es/misc/python (My Python for Perl Programmers article is now available in Spanish thanks to Maria Ramos and Webhostinghub.com.)

Tue, 16 Apr 2013 15:26:46 UTC

Review: Instant Puppet 3

Posted By Tom Limoncelli

Instance Puppet 3 by Jo Rhett is 50 pages long and a delight to read. The ebook is available for $9.99 from Packt (pronounced "packed") at http://www.packtpub.com/puppet-3-starter/book For those of you that are unfamiliar with Puppet: Puppet is a system for describing what the configuration of a machine should be and then the "puppet agent" will update a machine to have that configuration. If there is no work to be done, the agent does nothing. If you need to make a change globally you could, in theory, make one change to the description and soon every machine will be updated with the Puppet agent doing the right thing on each machine depending on what operating system it is running.

Tue, 16 Apr 2013 14:19:09 UTC

Initial Thoughts on the Boston Bombings

Posted By Bruce Schneier

I rewrote my "refuse to be terrorized" essay for the Atlantic. David Rothkoph (author of the great book Power, Inc.) wrote something similar, and so did John Cole. It's interesting to see how much more resonance this idea has today than it did a dozen years ago. If other people have written similar essays, please post links in the comments....

Tue, 16 Apr 2013 11:37:40 UTC

FBI and Cell Phone Surveillance

Posted By Bruce Schneier

We're learning a lot about how the FBI eavesdrops on cell phones from a recent court battle....

Tue, 16 Apr 2013 02:12:59 UTC

Computational photography

Posted By Greg Lehey

Carlos Cartola Carvalho sent out a message about an online course in computational photography today. It's free, so I took a look. It requires real work, but it could be worth it. But how do you get started? There are lots of online tutorials, but they start by telling you how to install some unidentified tarball^W zip archive that so far I haven't been able to find anywhere on their site.

Tue, 16 Apr 2013 00:16:37 UTC

More network troubleshooting

Posted By Greg Lehey

My network connectivity hadn't improved today. It's clear that my initial suspicion of the link between Melbourne and Sydney was wide of the mark, but one result was that I didn't go back to the beginning and consider the other alternatives. One was packet loss. Under those circumstances you're not filling the pipe, so concurrent transfers, such as the one I tried yesterday afternoon, can improve the total throughput. Fired up wireshark to take a look. Yes, indeed: wireshark's highlighting makes it very clear what's going on on the screen, but I find tcpdump easier to understand.

Mon, 15 Apr 2013 19:00:00 UTC

HP5  Lava Context

Posted By Tim Bray

Having bombarded you with lava pix while dealing with my need-to-overshare Hawaii Problem, I thought itd be nice to show the story of where the hot rock came from. Lets take that literally; all those glowing-lava pix were part of what the Hawaiian Volcano Observatory calls the Peace Day flow from Pu`u `O`o vent (check out the nifty Recent Kilauea Status page). Heres its path down Kilaueas side to the sea. You might have to enlarge the photo to see the line of plumes: volcanic smoke, steam, and burning vegetation. The black-and-white version of that photo is remarkably dramatic, but Im storytelling here and this one has more truth.

Mon, 15 Apr 2013 18:06:42 UTC

Down and Out in the Magic Kingdom read-aloud part 03

Posted By Cory Doctorow

As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by planning a prequel volume. As part of that planning, I'm going to read aloud the entire text of that first book into the podcast, making notes on the book as I go. Here's … [Read more]

Mon, 15 Apr 2013 14:09:32 UTC

Today's time management tip

Posted By Tom Limoncelli

is brought to you by The Joy of Tech: http://tapastic.com/episode/3845

Mon, 15 Apr 2013 09:29:45 UTC

Google Glass Enables New Forms of Cheating

Posted By Bruce Schneier

It's mentioned here: Mr. Doerr said he had been wearing the glasses and uses them especially for taking pictures and looking up words while playing Scattergories with his family, though it is questionable whether that follows the game's rules. Questionable? Questionable? It just like using a computer's dictionary while playing Scrabble, or a computer odds program while playing poker, or...

Sun, 14 Apr 2013 23:29:10 UTC

More network debugging

Posted By Greg Lehey

Yesterday's network problems haven't gone away: my file download speeds remain round 10 kB/s. Finally got round to ringing up Internode Support, where I had to explain to Dan that the problem was networking and not remote file access. Pointed him at the traceroutes that I had done; coincidentally Daniel O'Connor had also done one from Adelaide, which showed a similar step in response time when accessing the Sydney node. [ur 21:26] ~ >traceroute ftp.mutt.org traceroute to ftp.mutt.org (82.165.34.161), 64 hops max, 52 byte packets  1  ns (10.0.2.1)  5.671 ms  2.706 ms  3.740 ms  2  lns20.adl6.on.ii.net (203.16.215.174)  68.297 ms  70.227 ms  41.383 ms  3  te3-3.cor1.adl6.on.ii.net (150.101.134.209)  45.237 ms  40.820 ms  54.298 ms  4  xe-11-0-0.cr1.adl6.on.ii.net (150.101.225.229)  40.998 ms  47.384 ms  69.414 ms  5  ae4.br1.syd7.on.ii.net (150.101.33.34)  549.616 ms  408.192 ms  357.494 ms  6  te0-2-0-3.br2.sjc2.on.ii.net (203.16.213.158)  356.865 ms  484.262 ms  358.881 ms Finally he managed to see ...

Sun, 14 Apr 2013 19:00:00 UTC

HP4  Botanicals

Posted By Tim Bray

Botanical gardens are A Good Thing. If you havent been to any, you should rectify that soonest. If you get to Hawaiis Big Island, you should definitely drive north from Hilo and visit the Hawaii Tropical Botanical Garden. In this entry, the Hawaii-Problem you-gotta-see-these-pix monotony is relieved by sex. Even if youre not a botanical-garden sort of person, you might want to take Route 19 north from Hilo anyhow, because its beautiful, lush, country. Along the way, its worth stopping at Alae cemetery, which has one of the most remarkable trees anywhere. Then you turn off on Old Mamalahoa Highway, and the scenery suddenly gets even more intense.

Sun, 14 Apr 2013 00:24:41 UTC

Let's fake a nadir

Posted By Greg Lehey

My spherical panoramas are gradually maturingexcept for the nadirs. A couple of months ago I took some panoramas in the Great Otway National Park which would have been almost perfect if I had been able to get a nadir. It's almost impossible to represent a spherical panorama on a flat surface: The flash version looks much better, but the hole at the bottom is unpleasant. But the floor is simply wooden planks, and I have enough images of that. Today tried an experiment: take part of the floor of an adjacent image and replicate it, then manually place control points to put the new image under the tripod: There are a number of issues with this approach.

Sun, 14 Apr 2013 00:22:06 UTC

Danish food and pronunciation

Posted By Greg Lehey

Watching the Danish Food Safari on SBS Television today. Like the Polish Safari a couple of weeks ago, it's interesting because it has things in common with German food. I had a second interest: understanding how the Danes pronounce things. It's different from Swedish, which in the past I've tried to learn, but like the Swedes they tend to drop sounds. Of course, an Australian commentator doesn't help: is the dish gravlax or gravad lax? The presenter used the former, the Danish person doing the preparation the latterI thought. It seems that in Danish it's either, but the latter is spelt gravad laks.

Sun, 14 Apr 2013 00:20:21 UTC

Finally: the Dereel mobile phone tower

Posted By Greg Lehey

Jeffrey Kirsten has saved Dereel! He has erected his own mobile phone tower: I'm trying to get him to publish another one with him underneath wearing a tinfoil hat.

Sun, 14 Apr 2013 00:00:18 UTC

Network problems of a different kind

Posted By Greg Lehey

I've been moaning for months about the terrible quality of my Internet connection, in particular the wireless linkI've seen ping times of over 6 minutes! Lately things have been better there, and I've typically had ping times of under 200 ms, which I consider acceptable (a good ping time for this link is 60-80 ms). But for the past few days I've been trying to upgrade my FreeBSD ports. The last time was in January, but it seems that since then just about everything has changed, and I'm continually downloading new tarballs and having (dependent) ports that I've never heard of hang, asking me what options I want.

Sat, 13 Apr 2013 19:00:00 UTC

HP3  More Hot Lava!

Posted By Tim Bray

I wrote about hiking across hard lava to poke a stick into hot lava, and the pictures were groovy, but I had more than I could squeeze in there, so here are the rest that are worthwhile. Those who dont sympathize with my Hawaii Problem (the urge to force recent-vacation pictures down the worlds throat) will be happy to hear that there are only a couple more instalments after today. Here are the pictures. I really have nothing to add to what I wrote before. Well, once again: Go see this if you get a chance.

Sat, 13 Apr 2013 00:01:57 UTC

Backing up the Microsoft box

Posted By Greg Lehey

In the past my approach to Microsoft systems has been very much hands off: the thing's there, I don't understand it, so don't try. Backing up is simple like that: boot FreeBSD on the box and copy the disk partition. But now that the machine is running all the time (usually hibernated), that's no longer appropriate. And surely there's some kind of backup software for it. Yes, indeed, though only because this operating system is Business; it seems that Home systems don't need backups. I fired it up and was thoroughly confused. It offered to back up either files or my entire computer (what, hardware too?)

Fri, 12 Apr 2013 21:34:41 UTC

Friday Squid Blogging: Illegal Squid Fishing

Posted By Bruce Schneier

While we we're on the subject of squid fishing in Argentina, the country is dealing with foreign boats illegally fishing for squid inside its territorial waters. So yet again, squid and security collide. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Fri, 12 Apr 2013 19:00:00 UTC

HP2  The Last Palms

Posted By Tim Bray

The Hawaii Problem is when you come back from there with an irresistible urge to show off your pictures. Today, some lonely palm trees. Highway 130 heads south and west across the bottom right corner of the Big Island, then along the south coast. Chain of Craters Road heads down from Volcano National Park to the south coast and eventually meets 130. Except for starting in 1986, the lava flowed down the mountain and broke the link. The eastern end of the breakage is where you park your car and start hiking if you want to poke a stick into live flowing lava.

Fri, 12 Apr 2013 15:50:14 UTC

Remotely Hijacking an Aircraft

Posted By Bruce Schneier

There is a lot of buzz on the the Internet about a talk at the Hack-in-the Box conference by Hugo Teso, who claims he can hack in to remotely control an airplane's avionics. He even wrote an Android app to do it. I honestly can't tell how real this is, and how much of it is the unique configuration of...

Fri, 12 Apr 2013 11:00:00 UTC

Back-to-Basics Weekend Reading - Join Processing in Relational Databases

Posted By Werner Vogels

Joins are one of the fundamental relational database query operations. It is very hard to implement the join operation efficiently as there any many unknowns in the execution of the operation. In the early days much relation database research was done in understanding the complexity of performing joins, what exactly impacted their performance and which approach performed better under which conditions. In 1992 Priti Mishra and Margaret Eich conducted a survey on what was achieved until then in Join Processing and described in details the algorithms, the implementation complexity and the performance. Which make it a good back-to-basics paper to read this weekend.

Fri, 12 Apr 2013 04:00:00 UTC

Back-to-Basics Weekend Reading - Join Processing in Relational Databases

Posted By Werner Vogels

Joins are one of the fundamental relational database query operations. It is very hard to implement the join operation efficiently as there any many unknowns in the execution of the operation. In the early days much relation database research was done in understanding the complexity of performing joins, what exactly impacted their performance and which approach performed better under which conditions.

Fri, 12 Apr 2013 00:39:59 UTC

More opinions on LiberalNBN

Posted By Greg Lehey

Not surprisingly, there's been a lot of talk about the Coalition plans for the National Broadband Network. I'm surprised how negative they all are. This one is a little extreme, but it gives a good feel for what people are thinking. And how fast will 25 Mb/s or 50 Mb/s be in 3 or 6 years' time? Did some searching and came up with this document from the OECD, obnoxiously only available in Microsoft Excel format. It's 18 months old, and at that time it states that the average advertised download speeds exceeded 50 Mb/s in 8 countries, and they exceeded 25 Mb/s in 24 countries, paradoxically including Australia (with a claimed 34.64 Mb/s).

Thu, 11 Apr 2013 15:00:00 UTC

LOPSA-East (formerly PICC) registration time!

Posted By Tom Limoncelli

If you haven’t registered for LOPSA-East yet, what are you waiting for? LOPSA-East (May 3-4, 2013) is the best regional conference for sysadmins this side of the Mississippi. It is much less expensive than national conferences because you can probably drive instead of fly. The same nationally known speakers you find at the big conferences travel to us instead of the other way around. If you are signing up for my tutorials please remember that space is limited so please register soon! I was thinking about why I like going to conferences the other day and it dawned on me that the answer is simple: I can ask the questions I can’t ask anywhere else.

Thu, 11 Apr 2013 13:47:00 UTC

Get starting with Puppet in 50 pages

Posted By Tom Limoncelli

My friend Jo Rhett's new book is called "Instant Puppet 3 Starter". In 50 pages he gets you up and running with Puppet3. I haven't read it yet, but if it isn't good let me know and I'll kick his ass. http://www.packtpub.com/puppet-3-starter/book P.S. Just kidding. Jo could kick my ass any day. I'd find some other punishment. Luckily I won't need to because I'm sure it is a great book.

Thu, 11 Apr 2013 11:42:43 UTC

Thieves Use Video Camera to Stake Out Properties

Posted By Bruce Schneier

If the police can use cameras, so can the burglars....

Thu, 11 Apr 2013 00:23:11 UTC

Upgrading ports, Yet Again

Posted By Greg Lehey

Years ago I discovered phpMyEdit, which allows you to edit MySQL tables. It hasn't weathered well: PHP changes have removed the functions it uses, and I have to keep a separate down-rev web server in a VM to be able to use it at all. Clearly I need a replacement. Recently Anthony Curtis has been showing up on IRC, so I asked him. He didn't know of anything either. But Andy Snow came up with a suggestion to use adminer, which does much more, but also claims to be able to edit tables. So: how about installing it? The first thing the port did was to try to upgrade PHP.

Wed, 10 Apr 2013 19:00:00 UTC

HP1  Sea Turtles

Posted By Tim Bray

HP stands for Hawaii Problem, which is what happens when your friends come back from it and insist on showing you their pictures. Except for since this is the Internet, nobody can insist you look at anything. Anyhow, I have a few more I feel the urge to share, starting with sea turtles. Theyre easy to see on the Big Island and my favorite thing thats not an erupting volcano. This guy was grazing the tidal pools at Pu`uhonua O HMnaunau National Park, also known as City of Refuge, a really nice spot to visit. Our next sea-turtle is at the famous Punaluu black-sand beach, where they often swim and rest.

Wed, 10 Apr 2013 17:46:44 UTC

Security Externalities and DDOS Attacks

Posted By Bruce Schneier

Ed Felten has a really good blog post about the externalities that the recent Spamhaus DDOS attack exploited: The attackers' goal was to flood Spamhaus or its network providers with Internet traffic, to overwhelm their capacity to handle incoming network packets. The main technical problem faced by a DoS attacker is how to amplify the attacker's traffic-sending capacity, so that...

Wed, 10 Apr 2013 15:00:00 UTC

Reminder: LISA '13 Call for Participation deadline (and a request)

Posted By Tom Limoncelli

Remember that the submission deadline is Tuesday, April 30. Get those proposals in now! If you are submitting a paper, it can be the full (draft) paper or it can be an extended abstract, 4-8 pages in length. See the CFP page for more details. Speaking of which... I have not yet submitted a proposal for an Invited Talk. What would you like to hear me talk about? Invited talks are usually 90 minutes (or 45 minutes for a half-session). What would you like to hear me talk about? (Post a comment)

Wed, 10 Apr 2013 11:40:46 UTC

Last Battle of Midway Cryptanalyst

Posted By Bruce Schneier

The last cryptanalyst at the Battle of Midway, Rear Admiral Donald "Mac" Showers, USN-Ret, passed away 19 October 2012. His interment at Arlington National Cemetery at Arlington, Virginia, will be Monday, April 15, at 3:00. The family made this a public event to celebrate his life and contributions to the cryptologic community....

Wed, 10 Apr 2013 00:54:26 UTC

NBN plans: the other side

Posted By Greg Lehey

We had a lot of discussion of the matter on IRC, of course. And there are lots of reactions. I like this one: More interestingly, though, somebody came up with slides from a presentation that Simon Hackett made. It's fascinating: FTTN would cost money that would be wasted when moving to FTTH, it uses more power, is less reliable, and just changing the infrastructure plans could take years. And the final link, currently VDSL-2, is already stretching technology to its reasonable limits: Another point that came out of these slides is why the current NBN is so far behind schedule: your friend, Simon's friend and mine, Telstra.

Wed, 10 Apr 2013 00:09:36 UTC

"Coalition" NBN plans

Posted By Greg Lehey

The Australian Federal Opposition parties (Liberal (in my mind really conservative) and National, who have been in a coalition so long that they're generally referred to simply as The Coalition) look increasingly likely to win the next Federal election on 13 September 2013, despite their leader. While I don't have much love for the incumbent Labor Party, they did one thing right by initiating the National Broadband Network. The Coalition consider it unnecessary and had previously stated that they would cancel it if they came to power.

Tue, 09 Apr 2013 19:00:00 UTC

Polyglot

Posted By Tim Bray

Or in full, the Vancouver Polyglot {un} Conference. I saw it coming, thought it looked cool and that Id go, then I got copied on an internal conversation where someone suggested we should sponsor it. Doh, good idea, why didnt I think of it? So we are. So Ill not only go, Ill suggest an unconference session on my current Identity obsessions. Its a cool location and they look like cool people; come on down!

Tue, 09 Apr 2013 19:00:00 UTC

I Bought Some BitCoins

Posted By Tim Bray

On Tuesday evening I gave an envelope full of hundred-dollar bills to a friendly long-haired young man Id never met in an undistinguished coffee-shop in an undistinguished neighborhood. By the time I got home, the BitCoins Id bought were worth noticeably less than I paid. Why I Did This Two reasons; both seem good to me. First, Ive been working for a long time and have built up some savings. Like they say, diversify your portfolio. Second, its a new (where by new I mean four years old) thing on the Internet. I feel both desire and duty to experience such things.

Tue, 09 Apr 2013 18:49:51 UTC

Nice Security Mindset Example

Posted By Bruce Schneier

A real-world one-way function: Alice and Bob procure the same edition of the white pages book for a particular town, say Cambridge. For each letter Alice wants to encrypt, she finds a person in the book whose last name starts with this letter and uses his/her phone number as the encryption of that letter. To decrypt the message Bob has...

Tue, 09 Apr 2013 15:00:00 UTC

The mental model mismatch

Posted By Tom Limoncelli

Humans think in terms of mental models. In IT it is our responsibility to help them form accurate models as well as deal with inaccurate models that exist. Humans use mental models of how things work to fill in context. If we are not given the model, we make one up. This made-up model may be unrelated to how things actually work, but if it is sufficient for us to get our job done then that's "good enough". I think this is evolutionary: we didn't know why the sun rose and fell, but we made up a model that included a god riding across the sky...

Tue, 09 Apr 2013 11:57:32 UTC

Job ad: pre- and post-doctoral posts in processor, operating system, and compiler security

Posted By Robert N. M. Watson

The CTSRD Project is advertising two posts in processor, operating system, and compiler security. The first is a research assistant position, suitable for candidates who may not have a research background, and the second is a post-doctoral research associate position suitable for candidates who have completed (or will shortly complete) a PhD in computer science [...]

Tue, 09 Apr 2013 11:05:25 UTC

Bitcoins in the Mainstream Media

Posted By Bruce Schneier

Interesting article from the New Yorker. I'm often asked what I think about bitcoins. I haven't analyzed the security, but what I have seen looks good. The real issues are economic and political, and I don't have the expertise to have an opinion on that. BTW, here's a recent criticism of BitCoins....

Tue, 09 Apr 2013 01:43:49 UTC

For-profit universities are a scam

Posted By Tom Limoncelli

I’m frustrated with DeVry University, Kaplan University, Walden University, Ashford University, Colorado Technical University, Strayer University, University of Phoenix, Capella University, American Intercontinental University and other businesses. I do not encourage anyone to enroll in these “schools”. Here’s how for-profit “schools” make money: They get students to enroll and help them get government-funded financial aide. The thing about financial aide is that the check gets sent directly to the “school”. The “school” deposits the check. There are no refunds. The student only has to attend one day of classes for this to be legit. So, after the first class students are worked hard in hopes they quit.

Tue, 09 Apr 2013 01:00:00 UTC

Bad Tech Job Interview Questions (and How To Answer Them)

Posted By Tom Limoncelli

Andy Lester, author of "Land the Tech Job You Love", has an excellent blog post up called Bad Tech Job Interview Questions (and How To Answer Them). It is a good read whether or not you are interviewing. It has good advice if you are on either side of the interview table.

Mon, 08 Apr 2013 22:58:39 UTC

Pirate Cinema nominated for the Prometheus Award

Posted By Cory Doctorow

I was absolutely delighted today to discover that my novel Pirate Cinema had been nominated for the Libertarian Futurist Society's annual Prometheus Award, amid a slate of absolutely wonderful books: Arctic Rising, Tobias Buckell (Tor) The Unincorporated Future, Dani & Eytan Kollin (Tor) Pirate Cinema, Cory Doctorow (Tor) Darkship Renegades, Sarah Hoyt (Baen) Kill Decision, … [Read more]

Mon, 08 Apr 2013 18:30:08 UTC

Elite Panic

Posted By Bruce Schneier

I hadn't heard of this term before, but it's an interesting one. The excerpt below is from an interview with Rebecca Solnit, author of A Paradise Built in Hell: The Extraordinary Communities That Arise in Disaster: The term "elite panic" was coined by Caron Chess and Lee Clarke of Rutgers. From the beginning of the field in the 1950s to...

Mon, 08 Apr 2013 11:34:49 UTC

Government Use of Hackers as an Object of Fear

Posted By Bruce Schneier

Interesting article about the perception of hackers in popular culture, and how the government uses the general fear of them to push for more power: But these more serious threats don't seem to loom as large as hackers in the minds of those who make the laws and regulations that shape the Internet. It is the hacker -- a sort...

Mon, 08 Apr 2013 00:32:21 UTC

Olympus Viewer 3

Posted By Greg Lehey

Now that I have the new Microsoft box I can more or less come to terms with photo processing with DxO Optics Pro. But there's one thing that doesn't work: it doesn't know the characteristics of my Olympus Zuiko Digital 18-180mm F3.5-6.3 lens, so it can't correct distortion and chromatic aberration. That's a particular problem because that lens probably has the most distortion and CA of all my lenses. Today I heard that Olympus has released version 3 of Olympus Viewer. I've tried the previous version before and was irritated by the interface, so it seemed a good idea to try it out and see if they have improved it.

Sat, 06 Apr 2013 19:00:00 UTC

Card Update Degree of Difficulty

Posted By Tim Bray

In Hawaii I left my credit card behind where we ate lunch on the way to the airport. Called em from the departure lounge and told em to cut it up and throw it out. Called Visa and told em to send me a new one. Really pretty easy. Then theres switching over all the pre-authorized payments. I have seven; how many do you have? Here is a list, in decreasing order of degree of difficulty, of the difficulty of upgrading your credit card details. Stupid Website  Extreme Pain Example: My cable/Internet provider. Various kinds of obstacles and roadblocks, just generally horribly bad UX.

Fri, 05 Apr 2013 21:08:43 UTC

Friday Squid Blogging: Nighttime Squid Fishing Seen from Space

Posted By Bruce Schneier

Page 18 of this thesis explains that squid fishing is done at night, and the lighting is so bright shows up in the satellite surveys of planetary lighting. This video shows the phenomenon off the coast line of Argentina. As usual, you can also use this squid post to talk about the security stories in the news that I haven't...

Fri, 05 Apr 2013 18:12:28 UTC

Complex initialization for a const variable

Posted By Herb Sutter

On std-discussion, Shakti Misra asked: I have seen in a lot of places code like int i; if(someConditionIstrue) { Do some operations and calculate the value of i; i = some calculated value; } use i; //Note this value is only used not changed. It should not be changed. But unfortunately in this case there [...]

Fri, 05 Apr 2013 18:05:36 UTC

Apple's iMessage Encryption Seems to Be Pretty Good

Posted By Bruce Schneier

The U.S. Drug Enforcement Agency has complained (in a classified report, not publicly) that Apple's iMessage end-to-end encryption scheme can't be broken. On the one hand, I'm not surprised; end-to-end encryption of a messaging system is a fairly easy cryptographic problem, and it should be unbreakable. On the other hand, it's nice to have some confirmation that Apple is looking...

Fri, 05 Apr 2013 15:30:00 UTC

Back-to-Basics Weekend Reading - Practical Applications of Triggers and Constraints: Successes and Lingering Issues

Posted By Werner Vogels

At the end of the 80's Ceri and Widom were researching the fundamentals of integrity constraints in databases. In 2000 they were invited by the VLDB conference to review 10 years of work around Constraints and Triggers with an eye on the practical application of both abstractions. The resulting paper gives a good overview of the fundamentals of both concepts. Practical Applications of Triggers and Constraints: Success Stories and Lingering Issues, Stefano Ceri, Roberta Cochrane, and Jennifer. Widom, In 26th Very Large Data Bases Conference Proceedings, Cairo, September 2000, Pages 254-262

Fri, 05 Apr 2013 15:13:36 UTC

Students for Free Culture Conference FCX2013

Posted By Benjamin Mako Hill

On the weekend of April 20-21, Students for Free Culture is going to be holding its annual conference, FCX2013, at New York Law School in New York City. As a long-time SFC supporter and member, I am enormously proud to be giving the opening keynote address. Although the program for Sunday is still shaping up, [...]

Fri, 05 Apr 2013 11:35:45 UTC

Skein Collision Competition

Posted By Bruce Schneier

Xkcd had a Skein collision competition. The contest is over -- Carnegie Mellon University won, with 384 (out of 1024) mismatched bits -- but it's explained here....

Fri, 05 Apr 2013 08:30:00 UTC

Back-to-Basics Weekend Reading - Practical Applications of Triggers and Constraints: Successes and Lingering Issues

Posted By Werner Vogels

At the end of the 80’s Ceri and Widom were researching the fundamentals of integrity constraints in databases. In 2000 they were invited by the VLDB conference to review 10 years of work around Constraints and Triggers with an eye on the practical application of both abstractions. The resulting paper gives a good overview of the fundamentals of both concepts.

Thu, 04 Apr 2013 22:45:28 UTC

ABC reception problems: why?

Posted By Greg Lehey

More investigations of my interference problems (if that's what they are) today. Here's the output of femon -l (log format), starting when tuned to a commercial channel, and continuing with ABC. 2013-04-04 10:19:40 Adapter 0: status SCVYL     signal 197, S/N 218, noise -22 2013-04-04 10:19:42 Adapter 0: status SCVYL     signal 198, S/N 218, noise -21 2013-04-04 10:19:43 Adapter 0: status SCVYL     signal 196, S/N 219, noise -23 2013-04-04 10:19:44 Adapter 0: status SCVYL     signal 197, S/N 217, noise -21 2013-04-04 10:19:45 Adapter 0: status SCVYL     signal 197, S/N 217, noise -21 2013-04-04 10:19:46 Adapter 0: status SCVYL     signal 165, S/N 188, noise -23 2013-04-04 10:19:47 Adapter 0: status SCVYL     signal 167, S/N 190, noise -24, 1234 block errors 2013-04-04 10:19:48 Adapter 0: status SCVYL     signal 165, S/N 191, noise -27, 1234 block errors 2013-04-04 ...

Thu, 04 Apr 2013 20:50:15 UTC

Interview with Chris St. Pierre, UCMS '13 Program Chair

Posted By Tom Limoncelli

The 2013 USENIX Configuration Management Summit (UCMS '13) call for participation closes Friday, April 5, at 11:59p.m. PDT. In this interview, Chris St. Pierre, UCMS '13 Program Chair, answers questions about the CFP and what to expect at the event, which will take place during USENIX Federated Conferences Week, June 24-28, 2013. https://www.usenix.org/blog/interview-chris-st-pierre-ucms-13-program-chair

Thu, 04 Apr 2013 19:00:00 UTC

On ID Tokens

Posted By Tim Bray

These are a product of the OpenID Connect work, and I think theyre going be super-useful; in fact I keep getting ideas for nifty things you could do with them. So heres a walk-through on what they are and how they work; maybe youll have some ideas too. What They Are ID Tokens are little chunks of text which claim that some particular person wants to tell some particular party out there that theyre signed in and authenticated by the Identity Provider that issued the token. There are some more goodies in there, but thats the big deal. ID Tokens are easy to understand and cheap for programmers to process.

Thu, 04 Apr 2013 16:56:46 UTC

Locus Poll is open  tell them about your favorite sf/f of 2012

Posted By Cory Doctorow

The 43d Locus Poll and Survey is open for your picks of the best science fiction and fantasy of the past year, as well as your survey answers (Locus has been collecting detailed statistical information about science fiction readers for, well, 43 years now). You needn't be a subscriber to fill in the survey, though … [Read more]

Thu, 04 Apr 2013 11:28:42 UTC

NSA Crossword Puzzles

Posted By Bruce Schneier

Two puzzles from a 1977 issue of Cryptolog....

Wed, 03 Apr 2013 21:54:22 UTC

My HOW I WORK interview

Posted By Cory Doctorow

I did a How I Work interview for Lifehacker, where I talked about the tools I use, and how I use them: What apps/software/tools can't you live without? Ubuntu and the suite of GNU tools in any robust Unix system. A good text editor (currently Gedit)I keep all of my working files at .txts. A … [Read more]

Wed, 03 Apr 2013 12:29:39 UTC

IT for Oppression

Posted By Bruce Schneier

Whether it's Syria using Facebook to help identify and arrest dissidents or China using its "Great Firewall" to limit access to international news throughout the country, repressive regimes all over the world are using the Internet to more efficiently implement surveillance, censorship, propaganda, and control. They're getting really good at it, and the IT industry is helping. We're helping by...

Wed, 03 Apr 2013 00:09:36 UTC

Too stupid for Facebook

Posted By Greg Lehey

I almost never get up on my hind legs and proclaim that I'm a computer expert. I've been using computers for 45 years, and networks and email for over 30, so I suppose I should qualify. Now there's this Facebook thing, with which I really can't identify. But it can't be difficultafter all, every man and his dog uses it. And a number of them have asked after our welfare after the bushfire last week. If I had had any sense, I would have posted a status on Facebook. Well, it's not too late, so today I did it, along with a link to my diary.

Tue, 02 Apr 2013 22:30:19 UTC

Faster than light: it works

Posted By Greg Lehey

Finally the specifications for Faster-Than-Light Communication have been published. They work, as I reported over 22 years ago.

Tue, 02 Apr 2013 19:00:00 UTC

Hem

Posted By Tim Bray

Currently listening to: Departure and Farewell by Hem; there was a plug in the New Yorker with a nice video sample so I checked out the site and there was the album for sale, lossless format, fair price; why wouldnt I just buy it instantly? Now, not every band is gonna get noticed in the New Yorker; but if you get noticed somewhere, and you have a nice sample, and your site will sell me the music, uncompressed, with a couple of clicks, Im probably gonna buy it right there. And I dont think Im that eccentric. The songs are very pretty and Sally Ellysons singing has got to touch your heart if you have one.

Tue, 02 Apr 2013 18:31:45 UTC

The Patent Protection Racket

Posted By Joel Spolsky

The fastest growing industry in the US right now, even during this time of slow economic growth, is probably the patent troll protection racket industry. Lawsuits surrounding software patents have more than tripled since 1999. Its a great business model. Step one: buy a software patent. There are millions of them, and theyre all quite vague and impossible to understand. Step two: FedEx a carefully crafted letter to a few thousand small software companies, iPhone app developers, and Internet startups. This is where it gets a tiny bit tricky, because the recipients of the letter need to think that its a threat to sue if they dont pay up, but in court, the letter has to look like an invitation to license some exciting new technology.

Tue, 02 Apr 2013 15:00:00 UTC

Running ChromeOS District Wide

Posted By Tom Limoncelli

[ This is a guest post from Dan O’Boyle, who I met at a LOPSA-NJ meeting. I asked him to do a guest post about this subject because I thought the project was something other schools would find useful ] I’m a systems engineer for a moderately sized school district in NJ.  We own a number of different devices, but this article is specifically about the AcerOne line of netbooks.  I was recently tasked with finding a way to breath new life into about 500 of these devices.  The user complaints on using these models ranged from “constant loss of wireless connectivity” to the ever descriptive “slow”.

Tue, 02 Apr 2013 13:36:38 UTC

Design Considerations for Faster-Than-Light (FTL) Communication

Posted By Tom Limoncelli

RFC 6921 has been published today: Abstract We are approaching the time when we will be able to communicate faster than the speed of light. It is well known that as we approach the speed of light, time slows down. Logically, it is reasonable to assume that as we go faster than the speed of light, time will reverse. The major consequence of this for Internet protocols is that packets will arrive before they are sent. This will have a major impact on the way we design Internet protocols. This paper outlines some of the issues and suggests some directions for additional analysis of these issues.

Tue, 02 Apr 2013 11:02:06 UTC

Narratives of Secrecy

Posted By Bruce Schneier

How people talked about the secrecy surrounding the Manhattan project....

Tue, 02 Apr 2013 00:14:21 UTC

The Patent Protection Racket

Posted By Joel Spolsky

The fastest growing industry in the US right now, even during this time of slow economic growth, is probably the patent troll protection racket industry. Lawsuits surrounding… Read more "The Patent Protection Racket"

Mon, 01 Apr 2013 23:49:28 UTC

FreeBSD to drop support for i386 architecture

Posted By Greg Lehey

Mail from Eitan Adler in the FreeBSD mailing lists today: a proposal to drop full support for the 32 bit Intel i386 architecture (the one others call ia32). His reasoning: Computers are getting faster, but also more memory intensive. I can not find a laptop with less than 4 or 8 GB of RAM. Modern browsers, such as Firefox, require a 64bit architecture and 8GB of RAM. A 32 bit platform is not enough now a days on systems with more than 4 GB of RAM. A 32 bit core now is like 640K of RAM in the 1990s.

Mon, 01 Apr 2013 17:38:25 UTC

Sixth Movie-Plot Threat Contest

Posted By Bruce Schneier

It's back, after a two-year hiatus. Terrorism is boring; cyberwar is in. Cyberwar, and its kin: cyber Pearl Harbor, cyber 9/11, cyber Armageddon. (Or make up your own: a cyber Black Plague, cyber Ragnarok, cyber comet-hits-the-earth.) This is how we get budget and power for militaries. This is how we convince people to give up their freedoms and liberties. This...

Mon, 01 Apr 2013 17:00:46 UTC

Mystery Hunt 2013

Posted By Benjamin Mako Hill

A few months late, perhaps, but I wanted to mention that my team (Codex) competed, once again, in the MIT Mystery Hunt. The prize for winning is the responsibility of writing the hunt next year. After being on the 2012 writing team I have mixed feelings about the fact that we did not win again. [...]

Mon, 01 Apr 2013 14:45:00 UTC

My LOPSA-East tutorial: Evil Genius 101

Posted By Tom Limoncelli

You want to innovate: deploy new technologies such as configuration management (CfEngine, Puppet, Chef), a wiki, or standardized configurations. Your coworkers don't want change. They like it the way things are. Therefore, they consider you evil. However you aren't evil, you just want to make things better. Learn how to: Brainwash your coworkers into thinking the big change was "their idea". Program people like you program computers: a flowchart for every personality type. How to fix that your "Stormtroopers can't shoot straight". Help your coworkers understand and agree to your awesome ideas. Convince your manager about anything. Really. Turn the most stubborn user into your biggest fan.

Mon, 01 Apr 2013 14:19:10 UTC

Tesla accidentally leaks their secret business plan

Posted By Tom Limoncelli

Read it before they realize what they've done and take it off their website.

Mon, 01 Apr 2013 11:07:15 UTC

What I've Been Thinking About

Posted By Bruce Schneier

I'm starting to think about my next book, which will be about power and the Internet -- from the perspective of security. My objective will be to describe current trends, explain where those trends are leading us, and discuss alternatives for avoiding that outcome. Many of my recent essays have touched on various facets of this, although Im still looking...

Mon, 01 Apr 2013 01:49:15 UTC

Find your Unicode symbol

Posted By Greg Lehey

Found this site somewhere today. Nice idea: you draw in a symbol and it tries to find a matching Unicode character.

Mon, 01 Apr 2013 01:04:16 UTC

SBS: We can do worse!

Posted By Greg Lehey

I've complained about the SBS web site on numerous occasions, for example here. Most of it, though, has been related to markup breakage, and nine years ago I even gave it slight praise for presenting programme information where the other channels were content with presenting titles. Now, though, they've succumbed to the modern appearance over content syndrome. Here's the old and the new information for the evening of 27 March 2013: Here's a single programme description: Yes, the old one is far plainer than the new one.

Mon, 01 Apr 2013 00:44:24 UTC

Xinerama for Hugin

Posted By Greg Lehey

Hugin uses two separate windows, each capable of showing images. In one case, masking, it's useful to correlate the image in the mask window (left images) with the image in the fast preview window (right) to see the effects of the mask. In the following example I'm masking out my hand and checking that there are no gaps (shown in reddish-brown in the fast preview window): But although I have four monitors on my desk, Hugin can only display on one X display.