Blog Archive: May 2013

Friday Squid Blogging: Squid Pronouns

Posted By Bruce Schneier

The translated version of a Spanish menu contains the entry "squids in his (her, your) ink." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

The Rise of Amateurs Recording Events

Posted By Bruce Schneier

Interesting article on a greatly increased aspect of surveillance: "the ordinary citizen who by chance finds himself in a position to record events of great public import, and to share the results with the rest of us."...

Firefox debugging continued

Posted By Greg Lehey

Started with building firefox on the i386 architecture this morning, to the disapproval of people on IRC. The problem has only been reported against the amd64 architecture; what use is it to try on i386? That made sense; so the next attempt was to build under amd64 with clang and symbols. Building firefox takes hours at the best of times. This was not the best of times:     INPUT("../../media/webrtc/signaling/signaling_sipcc/src/sipcc/cpr/darwin/cpr_darwin_threads.o")     INPUT("../../media/webrtc/signaling/signaling_sipcc/src/sipcc/cpr/darwin/cpr_darwin_timers_using_select.o") clang++: error: unable to execute command: Killed: 9 clang++: error: linker command failed due to signal (use -v to see invocation) gmake[3]: *** [libxul.so] Error 254 gmake[3]: Leaving directory `/src/FreeBSD/svn/ports/www/firefox/work/mozilla-release/obj-x86_64-portbld-freebsd9.1/toolkit/library' gmake[2]: *** [libs_tier_platform] Error 2 gmake[2]: Leaving directory `/src/FreeBSD/svn/ports/www/firefox/work/mozilla-release/obj-x86_64-portbld-freebsd9.1' gmake[1]: *** [tier_platform] Error 2 gmake[1]: Leaving directory `/src/FreeBSD/svn/ports/www/firefox/work/mozilla-release/obj-x86_64-portbld-freebsd9.1' gmake: *** [default] Error 2 *** [do-build] Error code 1 Stop in /src/FreeBSD/svn/ports/www/firefox.

GotW #91: Smart Pointer Parameters

Posted By Herb Sutter

NOTE: Last year, I posted three new GotWs numbered #103-105. I decided leaving a gap in the numbers wasn’t best after all, so I am renumbering them to #89-91 to continue the sequence. Here is the updated version of what was GotW #105.   How should you prefer to pass smart pointers, and why?   […]

GotW #90 Solution: Factories

Posted By Herb Sutter

NOTE: Last year, I posted three new GotWs numbered #103-105. I decided leaving a gap in the numbers wasn’t best after all, so I am renumbering them to #89-91 to continue the sequence. Here is the updated version of what was GotW #104.   What should factory functions return, and why?   Problem While spelunking […]

Why We Lie

Posted By Bruce Schneier

This, by Judge Kozinski, is from a Federal court ruling about false statements and First Amendment protection Saints may always tell the truth, but for mortals living means lying. We lie to protect our privacy ("No, I don't live around here"); to avoid hurt feelings ("Friday is my study night"); to make others feel better ("Gee you've gotten skinny"); to...

Chasing the firefox problem

Posted By Greg Lehey

After a day without ports pain, back to investigating the problem today. It seems that some people, but not all, can reproduce it. Callum Gibson can't, and he sent me a packageunfortunately in pkgng format, which I can't install. I could upgrade to pkgng again, but that seemed counterproductive. Jürgen Lock suggested looking at the core dump. I had deliberately put that alternative at the bottom of the list, but just pointing gdb at it doesn't cost much. To my surprise, the stack trace was short: (gdb) bt #0  0x00000008010045ac in ??

GotW #90: Factories

Posted By Herb Sutter

NOTE: Last year, I posted three new GotWs numbered #103-105. I decided leaving a gap in the numbers wasn’t best after all, so I am renumbering them to #89-91 to continue the sequence. Here is the updated version of what was GotW #104.   What should factory functions return, and why?   Problem While spelunking […]

GotW #89 Solution: Smart Pointers

Posted By Herb Sutter

NOTE: Last year, I posted three new GotWs numbered #103-105. I decided leaving a gap in the numbers wasn’t best after all, so I am renumbering them to #89-91 to continue the sequence. Here is the updated version of what was GotW #103.   There’s a lot to love about standard smart pointers in general, […]

Are We Finally Thinking Sensibly About Terrorism?

Posted By Bruce Schneier

This article wonders if we are: Yet for pretty much the first time there has been a considerable amount of media commentary seeking to put terrorism in context -- commentary that concludes, as a Doyle McManus article in the Los Angeles Times put it a day after the attack, "Were safer than we think." Similar tunes were sung by Tom...

Starting my next chapter

Posted By Tom Limoncelli

Last week I started my new job at StackExchange.com. You may know SE as the company that runs great Q&A websites like ServerFault.com and StackOverflow.com plus their amazing job site Careers 2.0. I know the company as Joel Spolsky's startup that has been hiring a lot of great people that I know through conferences such as like LOPSA-East, the Cascadia IT Conference, and USENIX LISA. I just joined yet I already feel like everyone is an old friend. StackExchange encourages its employees to be active in the sysadmin community. You'll be seeing me at more events and having more time to write.

Speeding up DxO

Posted By Greg Lehey

Talking on IRC about photography this afternoon: gr00gle: It's interesting that the speed of DxO Optics "Pro" doesn't seem to vary much whether you perform CA and distortion correction or not. gr00gle: It's glacial at all times. Andys: hehe Andys: have you tried GPU acceleration? GPU acceleration? I hadn't heard of DxO Optics Pro offering that. Took a look at the preferences menu, and sure enough, found: The fact that the selection is greyed out is understandable: this machine only has on-chip graphics.

Day's port pain

Posted By Greg Lehey

Into the office this morning and found that yes, indeed, not only had firefox compiled, but it had also installed. It compiles! Ship it! The truth was more sobering: === root@stable-amd64 (/dev/pts/2) /usr/ports/www/firefox 10 -> firefox Segmentation fault: 11 (core dumped) Sigh. That's where I was last week. What do I do now? I'm thoroughly fed up, so I didn't do anything more today. But there are a number of possibilities: Wait a bit and try again.

GotW #89: Smart Pointers

Posted By Herb Sutter

NOTE: Last year, I posted three new GotWs numbered #103-105. I decided leaving a gap in the numbers wasn’t best after all, so I am renumbering them to #89-91 to continue the sequence. Here is the updated version of what was GotW #103.   There’s a lot to love about standard smart pointers in general, […]

GotW #6b Solution: Const-Correctness, Part 2

Posted By Herb Sutter

const and mutable are powerful tools for writing safer code. Use them consistently. Problem Guru Question In the following code, add or remove const (including minor variants and related keywords) wherever appropriate. Note: Don’t comment on or change the structure of this program. It’s contrived and condensed for illustration only. For bonus points: In what […]

Nassim Nicholas Taleb on Risk Perception

Posted By Bruce Schneier

From his Facebook page: An illustration of how the news are largely created, bloated and magnified by journalists. I have been in Lebanon for the past 24h, and there were shells falling on a suburb of Beirut. Yet the news did not pass the local *social filter* and did [not] reach me from social sources.... The shelling is the kind...

The Politics of Security in a Democracy

Posted By Bruce Schneier

Terrorism causes fear, and we overreact to that fear. Our brains aren't very good at probability and risk analysis. We tend to exaggerate spectacular, strange and rare events, and downplay ordinary, familiar and common ones. We think rare risks are more common than they are, and we fear them more than probability indicates we should. Our leaders are just as...

Down and Out in the Magic Kingdom read-aloud part 09

Posted By Cory Doctorow

As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by m planning a prequel. volume As part of that, planning'I going to read aloud the entire text of that first book into the podcast, making notes on the book as I go. Here's … [Read more]

Hugin stitching methods

Posted By Greg Lehey

I noted a couple of days ago that Hugin has changed its default stitching methods, and that it now offers Exposure fused from any arrangement for many of my panoramas, to the exclusion of the default Exposure corrected, low dynamic range. It seems to choose that when the exposure of the component images differs by more than a specific amount. In the case of the NBN site, the component images had exposures that differed by 4 EV, so that seemed reasonable, and I stitched the panorama like that. Here for comparison the fused and the corrected panoramas: Which looks better?

More NBN tower stuff

Posted By Greg Lehey

VCAT have released the decision about the radiation tower, which makes interesting reading. I've read similar decisions before, and this one is different: it takes Wendy McClelland's behaviour to task in no uncertain manner: At a Practice Day Hearing in January 2013 to consider the validity of certain statements of grounds, Deputy President Gibson stated that a number of issues raised in the statements were not planning grounds to be relied upon at the hearing.

Still more build pain

Posted By Greg Lehey

After rebuilding my kernel yesterday, tried once again to build firefox 21. It took all day, but it worked! So a little later I tried installing the image on teevee: gmake[1]: Entering directory `/src/FreeBSD/svn/ports/www/firefox/work/mozilla-release/obj-x86_64-portbld-freebsd9.1/browser/installer' /src/FreeBSD/svn/ports/www/firefox/work/mozilla-release/obj-x86_64-portbld-freebsd9.1/_virtualenv/bin/python ../../../toolkit/mozapps/installer/packager.py -DMOZ_GLUE_IN_PROGRAM -DNO_NSPR_10_SUPPORT -DAB_CD=en-US -DMOZ_APP_NAME=firefox -DPREF_DIR=defaults/preferences -DMOZ_ENABLE_GNOME_COMPONENT=1 -DMOZ_GTK2=1 -DMOZ_NATIVE_NSPR=1 -DMOZ_NATIVE_NSS=1 -DJAREXT= -DMOZ_CHILD_PROCESS_NAME=plugin-container -DMOZ_JSDEBUGGER -DNECKO_WIFI -DDLL_PREFIX=lib -DDLL_SUFFIX=.so -DBIN_SUFFIX= -DBINPATH=bin \         --format omni \         --removals ../../../browser/installer/removed-files.in \          \          \          \         --optimizejars \          \         package-manifest ../../dist ../../dist/firefox \ Executing /src/FreeBSD/svn/ports/www/firefox/work/mozilla-release/obj-x86_64-portbld-freebsd9.1/dist/bin/xpcshell -g /src/FreeBSD/svn/ports/www/firefox/work/mozilla-release/obj-x86_64-portbld-freebsd9.1/dist/bin/ -a /src/FreeBSD/svn/ports/www/firefox/work/mozilla-release/obj-x86_64-portbld-freebsd9.1/dist/bin/ -f ../../../toolkit/mozapps/installer/precompile_cache.js -e precompile_startupcache("resource://gre/"); Traceback (most recent call last):   File "../../../toolkit/mozapps/installer/packager.py", line 366, in <module>     main()   File "../../../toolkit/mozapps/installer/packager.py", line 358, in main     args.source, gre_path, base)   File "../../../toolkit/mozapps/installer/packager.py", line 140, in precompile_cache     errors.fatal('Error while running ...

NBN tower interest

Posted By Greg Lehey

Now that the radiation tower has been approved, the press is getting interested. Had a call from Tom Cowie of the Ballarat Courier with some questions which he paraphrased in an article later in the evening.

Still more build failures

Posted By Greg Lehey

I'm still trying to find out why clang got a repeatable SIGSEGV while trying to compile firefox. Discussion with Dimitry Andric showed that he had no such problems. It's not hardware, because it happens both in a VM on eureka, and also on teevee. Maybe a transient issue has since been fixed? No harm in building the latest world. But on installation I got: ===> sys/boot/i386/boot2 (install) ld -static -N --gc-sections -nostdlib -m elf_i386_fbsd -Ttext 0x2000 -o boot2.out /src/FreeBSD/obj/src/FreeBSD/svn/stable/9/sys/boot/i386/boot2/../btx/lib/crt0.o boot2.o sio.o objcopy -S -O binary boot2.out boot2.bin btxld -v -E 0x2000 -f bin -b /src/FreeBSD/obj/src/FreeBSD/svn/stable/9/sys/boot/i386/boot2/../btx/btx/btx -l boot2.ldr  -o boot2.ld -P 1 boot2.bin btxld: No such file or directory *** [boot2.ld] Error code 1 How did that happen?

Powerline Ethernet puzzles

Posted By Greg Lehey

My TP-Link TL-PA411 powerline Ethernet adapters continue to transfer even more slowly than initially. One reason might really be interference from electric motors. When the dishwasher was running, I got only 2.8 MB/s. But the best I could get was still round 5.2 MB/s. But today I tried two transfers at a time, and discovered surprising things: Number of       Individual       Aggregate transfers       Speed       Speed ...

C++ and Beyond: My material for December, and early-bird registration (through June 9)

Posted By Herb Sutter

If you’re thinking of coming to C++ and Beyond this December, consider registering in the next two weeks to get the $300 discount. I’ve just announced that much (and possibly all) of my material will be in heavily interactive sessions about modern C++11/C++14 style and idioms, covering the “complete C++11 package” that we’re calling C++14. […]

The new Hugin

Posted By Greg Lehey

Part of my work last week was polishing the port for Hugin beta, which resulted in my leaving it installed. I still have serious objections to the layout, in particular the bleeding of status text into the top left of the panorama preview: Still, it looks like I'll have to put up with it, so carried on and processed a couple of panoramas. Or so I thought.

Powerline Ethernet speed

Posted By Greg Lehey

I've come to terms with the fact that my TP-Link TL-PA411 powerline Ethernet adapters will only give me a transfer rate of about 7 to 7.5 MB/s in real world applications, despite the claim of 500 Mb/s. Even under ideal conditions I haven't got more than 100 Mb/s out of them. But today, for some reason, the transfer speed dropped from 7 to 5 MB/s. Why? Nothing else had changed. Suggestions were made that it might be due to electrical motors, which is plausible, given that it's now colder and the air conditioners are running almost constantly. To be observed.

More installation refinement

Posted By Greg Lehey

More work on the new teevee today. Most of it was mundane, but I finally solved my lirc problems. The most obvious recognition is that running irw with ktrace is not useful: it just talks to lircd via a socket, and it's lircd that decides what to send. Running lircd with ktrace proved that yes, indeed, it was reading from /dev/uhid0, not surprisingly exactly what I saw two years ago. So it looks like a configuration issue after all. Went looking at the configuration file, and discovered that I hadn't installed the correct version after all: no reference to the dvico keycodes at all.

Friday Squid Blogging: Eating Giant Squid

Posted By Bruce Schneier

How does he know this? Chris Cosentino, the Bay Areas "Offal Chef" at Incanto in San Francisco and PIGG at Umamicatessen in Los Angeles, opted for the most intimidating choice of all -- giant squid. "When it comes to underutilized fish, I wish the public wasn't so afraid of different shapes and sizes outside of the standard fillet," he said....

Lost two comments

Posted By Herb Sutter

As mentioned in my GotW kickoff post, I’m experimenting with software and a workflow that lets me maintain a single source document and use it to produce the work in multiple targets, in particular to post to the blog here, to produce print books, and to produce e-books. However, there have been kinks. In particular, […]

Hotel Token

Posted By Tim Bray

An OAuth 2 access token is like a hotel-room key card. It gives access, all by itself without further checking, to a particular resource (in this case, room 238 at the Omni Interlocken in Denver.) Check. Its issued to a particular person, who has to be authenticated first (like by showing my drivers license at the check-in.) Check. Nothing on the outside tells you who its been issued to or what its for. Check. Its not obscured or encrypted, so you have to take good care of it (if a bad guy got it and knew what it was for, he could get into my hotel room and rob me blind.)

Training Baggage Screeners

Posted By Bruce Schneier

The research in G. Giguère and B.C. Love, "Limits in decision making arise from limits in memory retrieval," Proceedings of the National Academy of Sciences v. 19 (2013) has applications in training airport baggage screeners. Abstract: Some decisions, such as predicting the winner of a baseball game, are challenging in part because outcomes are probabilistic. When making such decisions, one...

GotW #6a: Const-Correctness, Part 1

Posted By Herb Sutter

const and mutable have been in C++ for many years. How well do you know what they mean today?   Problem JG Question 1. What is a “shared variable”? Guru Questions 2. What do const and mutable mean on shared variables? 3. How are const and mutable different in C++98 and C++11?   Solution 1. […]

GotW #6a: Const-Correctness, Part 1

Posted By Herb Sutter

const and mutable have been in C++ for many years. How well do you know what they mean today?   Problem JG Question 1. What is meant by a “shared variable”? Guru Questions 2. What do const and mutable mean on shared variables? 3. How are const and mutable different in C++98 and C++11?   […]

GotW #6b: Const-Correctness, Part 2

Posted By Herb Sutter

const and mutable are powerful tools for writing safer code. Use them consistently. Problem Guru Question In the following code, add or remove const (including minor variants and related keywords) wherever appropriate. Note: Don’t comment on or change the structure of this program. It’s contrived and condensed for illustration only. For bonus points: In what […]

GotW #6a: Const-Correctness, Part 1

Posted By Herb Sutter

const and mutable have been in C++ for many years. How well do you know what they mean today?   Problem JG Question 1. What is a “shared variable”? Guru Questions 2. What do const and mutable mean on shared variables? 3. How are const and mutable different in C++98 and C++11?   Solution 1. […]

New Report on Teens, Social Media, and Privacy

Posted By Bruce Schneier

Interesting report from the From the Pew Internet and American Life Project: Teens are sharing more information about themselves on their social media profiles than they did when we last surveyed in 2006: 91% post a photo of themselves, up from 79% in 2006. 71% post their school name, up from 49%. 71% post the city or town where they...

Interview with The Pod Delusion

Posted By Cory Doctorow

I did an interview (MP3) this week with The Pod Delusion, following on from my Sense About Science lecture.

The joys of a fresh installation

Posted By Greg Lehey

It seems that yesterday's boot problems were related to an older version of /boot/loader that didn't properly understand GPT partitioned disks, so it seemed reasonable to install the newer version from the fresh installation instead. Care! The kernel is in the same directory hierarchyand somehow I had finger trouble and blew my complete kernel directories of the old installation away! Spent some time looking for a backup, which proved to be incomplete. I'm not as religious about backing up teevee and cvr2 as I am with other machines, in particular because almost the entire disk contents are video recordings, but clearly I should improve.

First Google Ganeti Conference: GanetiCon 2013

Posted By Tom Limoncelli

Synnefo has announced the first Google Ganeti Conference: GanetiCon 2013.  They will be co-organizers.  The announcement was first made on the Synnefo blog. The conference will take place between 3-5 September 2013 in Athens, Greece. The venue and program will be announced soon. Most developers of the Ganeti and Synnefo team will be attending. The first GanetiCon will be a developer oriented conference. Sessions will be a mix of design talks and discussions about new features and future plans. It will also probably feature an advanced Ganeti workshop, depending on user demand. The conference is geared towards people interested in: learning how other companies/institutions use Ganeti checking out how large scale Ganeti deployments look like glimpsing the product roadmap of Ganeti contributing to future design of Ganeti obtaining help with specific Ganeti issues The organizers do not yet have a website.

One-Shot vs. Iterated Prisoner's Dilemma

Posted By Bruce Schneier

This post by Aleatha Parker-Wood is very applicable to the things I wrote in Liars & Outliers: A lot of fundamental social problems can be modeled as a disconnection between people who believe (correctly or incorrectly) that they are playing a non-iterated game (in the game theory sense of the word), and people who believe that (correctly or incorrectly) that...

Installing the latest FreeBSD stable

Posted By Greg Lehey

So finally I have a relatively up-to-date installation of FreeBSD and ports on a virtual machine. Now I should be able to copy it to other machines to upgrade them. For some years now I've maintained two root file systems, including /usr: the one I'm using and the one that I can use to upgrade, which I mount on /destdir. The file systems look like this, and you simply boot from the appropriate partition: Filesystem     1048576-blocks    Used  Avail Capacity  Mounted on /dev/ad4p2              19832   16325   1920    89%    / /dev/ad4p4              19832    8351   9894    46%    /destdir /dev/ad4p5            1856010 1699357 138092    92%    /home So yesterday I copied the new ...

Subversion: solution

Posted By Greg Lehey

So it seems that my problems with subversion were due initially to my misinterpretation of the -r switch: the form -r242743:r243202 excludes revision 242743. Does it work correctly if I write -r242742:r243202? Potentially not, since revision 242742 doesn't relate to these files. Spent another hour checking out the source tree and tried it. Success! === grog@freefall (/dev/pts/8) ~ 15 -> svn merge   -r242742:r243202  svn://svn.freebsd.org/base/head/usr.bin/locale 9/usr.bin/locale --- Merging r242743 through r243202 into '9/usr.bin/locale': U    9/usr.bin/locale/locale.1 U    9/usr.bin/locale/locale.c --- Recording mergeinfo for merge of r242743 through r243202 into '9/usr.bin/locale':  U   9/usr.bin/locale So far, anyway.

GotW #6a: Const-Correctness, Part 1

Posted By Herb Sutter

const and mutable have been in C++ for many years. How well do you know what they mean today?   Problem JG Question 1. What is a “shared variable”? Guru Questions 2. What do const and mutable mean on shared variables? 3. How are const and mutable different in C++98 and C++11? Filed under: GotW

GotW #5 Solution: Overriding Virtual Functions

Posted By Herb Sutter

Virtual functions are a pretty basic feature, but they occasionally harbor subtleties that trap the unwary. If you can answer questions like this one, then you know virtual functions cold, and you’re less likely to waste a lot of time debugging problems like the ones illustrated below.   Problem JG Question 1. What do the […]

Glass Questions

Posted By Tim Bray

At Google in general and IO in particular, there are a whole lot of Glasswearers, and theres a smattering here at Gluecon where Im writing this. I dont own a pair (its tough to give them to Canadians for legal reasons) but have had a few looks, and am used to being in a room with them. So, a few things seem obvious. Are They Obtrusive? No. The novelty wears off and since theyre not flashing (unless you look real close) or moving, and they tend to neutral colors, they just become part of the visual landscape, right away. Also, they dont obscure the essentials of peoples faces, so pretty quick you dont see people-wearing-Glass, you just see people.

"The Global Cyber Game"

Posted By Bruce Schneier

This 127-page report was just published by the UK Defence Academy. I have not read it yet, but it looks really interesting. Executive Summary: This report presents a systematic way of thinking about cyberpower and its use by a variety of global players. The urgency of addressing cyberpower in this way is a consequence of the very high value of...

Interview on the New Disruptors podcast

Posted By Cory Doctorow

Glenn Fleishman had me on his New Disruptors podcast and we had a great conversation! (MP3)

Amazon Redshift and Designing for Security

Posted By Werner Vogels

Its been a few months since I last wrote about Amazon Redshift and I thought Id update you on some of the things we are hearing from customers. Since we launched, weve been adding over a hundred customers a week and are well over a thousand today. Thats pretty stunning. As far as I know, its unprecedented for this space. Weve enabled our customers to save tens of millions of dollars in up front capital expenses by using Amazon Redshift. Its clear that Amazon Redshifts message of price, performance and simplicity has resonated with our customers. Thats no surprise  these are core principles for every AWS service.

DDOS as Civil Disobedience

Posted By Bruce Schneier

For a while now, I have been thinking about what civil disobedience looks like in the Internet Age. Certainly DDOS attacks, and politically motivated hacking in general, is a part of that. This is one of the reasons I found Molly Sauter's recent thesis, "Distributed Denial of Service Actions and the Challenge of Civil Disobedience on the Internet," so interesting:...

Amazon Redshift and Designing for Security

Posted By Werner Vogels

It?s been a few months since I last wrote about Amazon Redshift and I thought I?d update you on some of the things we are hearing from customers. Since we launched, we?ve been adding over a hundred customers a week and are well over a thousand today. That?s pretty stunning. As far as I know, it?s unprecedented for this space.

Subversion POLA

Posted By Greg Lehey

I'm still puzzled by my problems merging fixes with subversion. Started again by checking out a complete source tree on one of the FreeBSD project machines, not helped by the flaky network, and then trying the merge the way it's supposed to be. First, which revisions do I need? === grog@freefall (/dev/pts/1) ~/9/usr.bin/locale 5 -> svn mergeinfo --show-revs=eligible svn://svn.freebsd.org/base/head/usr.bin/locale r242743 r242808 r242851 r243201 r243202 OK, then the merge command should be: === grog@freefall (/dev/pts/1) ~ 21 -> svn merge   -r242743:r243202  svn://svn.freebsd.org/base/head/usr.bin/locale 9/usr.bin/locale Conflict discovered in '/home/grog/9/usr.bin/locale/locale.1'.

Network problems solved?

Posted By Greg Lehey

I can't say that my network connection has been good at any time this year, but the last 5 days were better than average, and the link stayed up the whole time. That was too good to last: round midday today things got worse again, including a lot of this kind of message, which I don't see very often: May 21 14:05:21 eureka ppp[2657]: tun0: Warning: nat_LayerPull: Problem with IP header length (33563) May 21 14:05:21 eureka ppp[2657]: tun0: Warning: nat_LayerPull: Problem with IP header length (13160) My best bet is that this is an indication of poor reception, but the reported signal strength was better than average.

TodoPro available for Android (beta)

Posted By Tom Limoncelli

The todo list program that I use on my iPhone is now available on Android. It is a beta. I've been using the earlier betas on my Android tablet and it is looking very good. Previously I hadn't found todo list software for Android that worked well for me, and I had tried many. I'd been doing all my time management on my iPhone because TodoPro worked so well for me. I'm very excited that an Android release is now available. I don't endorse products but I do let people know what I personally use. I think todo list software is very personal...

Surveillance and the Internet of Things

Posted By Bruce Schneier

The Internet has turned into a massive surveillance tool. We're constantly monitored on the Internet by hundreds of companies -- both familiar and unfamiliar. Everything we do there is recorded, collected, and collated -- sometimes by corporations wanting to sell us stuff and sometimes by governments wanting to keep an eye on us. Ephemeral conversation is over. Wholesale surveillance is...

Privacy, public health and the moral hazard of surveillance

Posted By Cory Doctorow

The Guardian

More subversion pain

Posted By Greg Lehey

OK, now I have learnt not to talk to files when using subversionor so I thought. The list goes on (my interpretation of the last one): Never merge directly to a file. Never, ever merge directly to a file. Never, ever, ever merge directly to a file. ... OK, sometimes you can merge to a file.

Computing for non-techies

Posted By Greg Lehey

Our neighbour Jenny Bartlett, whom I only met 9 days ago, has been on a shopping spree and bought herself a digital (personal) video recorder and a Samsung Galaxy tablet, which she calls an iPad, possibly because that's what the salesperson called it. And she had difficulty installing it, so Yvonne persuaded me (No, I will not repair your computer) to go along and help. The thing's wireless, of course, so apart from the pad she also had a wireless router to connect to her existing installation (laptop connected to IPStar satellite), and her real issue was how to connect things up.

Down and Out in the Magic Kingdom read-aloud part 08

Posted By Cory Doctorow

As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by m planning a prequel. volume As part of that, planning'I going to read aloud the entire text of that first book into the podcast, making notes on the book as I go. Here's … [Read more]

GotW #5: Overriding Virtual Functions

Posted By Herb Sutter

Virtual functions are a pretty basic feature, but they occasionally harbor subtleties that trap the unwary. If you can answer questions like this one, then you know virtual functions cold, and you’re less likely to waste a lot of time debugging problems like the ones illustrated below.   Problem JG Question 1. What do the […]

GotW #4 Solution: Class Mechanics

Posted By Herb Sutter

How good are you at the details of writing classes? This item focuses not only on blatant errors, but even more so on professional style. Understanding these principles will help you to design classes that are easier to use and easier to maintain.   Problem JG Question 1. What makes interfaces “easy to use correctly, […]

Security Risks of Too Much Security

Posted By Bruce Schneier

All of the anti-counterfeiting features of the new Canadian $100 bill are resulting in people not bothering to verify them. The fanfare about the security features on the bills, may be part of the problem, said RCMP Sgt. Duncan Pound. "Because the polymer series' notes are so secure ... there's almost an overconfidence among retailers and the public in terms...

Sense About Science lecture

Posted By Cory Doctorow

I gave the annual Sense About Science lecture last week in London, and The Guardian recorded and podcasted it (MP3). It's based on the Waffle Iron Connected to a Fax Machine talk I gave at Re:publica in Berlin the week before.

Pkgng: first impressions

Posted By Greg Lehey

So now my ports are roughly up to date. Can I use Pkgng to keep them up to date? Read the instructions, which are still a little preliminary. The best entry point seems to be the Pkg Primer, though there's also a Handbook section. First you need to run pkg2ng, which takes quite a while, and produced about 4,500 lines of output, not all of it pleasant: pkg_info: can't find package 'damageproto-1.2.1' installed or in a file! pkg_info: can't find package 'compositeproto-0.4.2' installed or in a file! pkg_info: can't find package 'ca_root_nss-3.14.3' installed or in a file!

Getting my head around Subversion

Posted By Greg Lehey

I've been using revision control systems, notably RCS, for over 20 years, and for all sorts of things, including this diary: $Id: diary-may2013.php,v 1.27 2013/05/20 01:22:41 grog Exp $ It's been 5 years since the FreeBSD project moved from CVS to subversion, but I haven't really done any merging until yesterday. That worked fine, but today's didn't. Followed the instructions and discovered that my source file (/usr/src/lib/libc/stdio/printf.3) didn't have any mergedata at all: === grog@eureka (/dev/pts/3) /src/FreeBSD/svn/head/lib/libc/stdio 5 -> svn propget svn:mergeinfo -R printf.3 === grog@eureka (/dev/pts/3) /src/FreeBSD/svn/head/lib/libc/stdio 6 -> Is this the first time that anything has been merged to this file?

The Cost of Inaccessibility at the Margins of Relevance

Posted By Benjamin Mako Hill

I use RSS feeds to keep up with academic journals. Because of an undocumented and unexpected feature (bug?) in my (otherwise wonderful) free software newsreader NewBlur, many articles published over the last year were marked as having been read before I saw them. Over the last week, I caught up. I spent hours going through [...]

IO in the Rearview

Posted By Tim Bray

I enjoyed it more than any other so far. More APIs, less hardware. More sessions, each shorter. One keynote. Scale IO has been at Moscone West, its attendance thus capped at five-thousand-and-change people, for a while now. I predict it stays that way. Yeah, it sells out instantly and we could probably draw five times that number. All this is true of Apples WWDC too; In Unknowable, Rands says smart things about the advantages of smaller size. Moscone West, about as crowded as its legally possible for it to be, and its still a pretty decent space. But theres another factor; its really hard to grow much over 5-6K because then you dont fit in Moscone West, which is a reasonably light, airy, pleasant space; see above.

How to make cyberspace safe for human habitation

Posted By Cory Doctorow

The Globe and Mail

Black Code: how spies, cops and crims are making cyberspace unfit for human habitation

Posted By Cory Doctorow

I reviewed Ronald Diebert's new book Black Code in this weekend's edition of the Globe and Mail. Diebert runs the Citizen Lab at the University of Toronto and has been instrumental in several high-profile reports that outed government spying (like Chinese hackers who compromised the Dalai Lama's computer and turned it into a covert CCTV) … [Read more]

Back to committing

Posted By Greg Lehey

This ports build has seriously held up other work I've had waiting. Today started on the backlog: merging changes in head back into the stable branch. In the Good Old Days with CVS, it was all manual, but now we're using subversion, and there's a merge command. Spent some time learning how to use that.

Friday Squid Blogging: Striped Pyjama Squid Pet Sculpture

Posted By Bruce Schneier

Technically, it's a cuttlefish and not a squid. But it's still nice art. I posted a photo of a real striped pyjama squid way back in 2006. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Applied Cryptography on Elementary

Posted By Bruce Schneier

In the episode that aired on May 9th, about eight or nine minutes in, there's a scene with a copy of Applied Cryptography prominently displayed on the coffee table. This isn't the first time that my books have appeared on that TV show....

Ingress Chase Scene

Posted By Tim Bray

I hadnt been out to play in a long time, but I heard of a cross-faction event at IO, and Id never done one of those. It got way out into crazy-space; Even non-players might enjoy the story. Previously in this series: Ingress, Things About Ingress, Ingress, Month 3, Ingress Weekly, Ingress Tourism, and Advanced Ingress. Steve at the Diamond My Tuesday plane to San Fran was late so I missed the geek dinners. Restless, I checked the Ingress map and discovered there was a major level-8-portal farm down around the ballpark. Thus a late-evening walk round the diamond by the bay, admiring the waves twinkles.

Ports: done!

Posted By Greg Lehey

I've been working on a complete build of those FreeBSD ports that I use for over 5 weeks. I can't say I haven't made progress, but it was very slow, and all of this should have happened without any problems. Still, it was a little surprising when I read today: install  -o root -g wheel -m 444 /src/FreeBSD/svn/ports/graphics/feh/work/feh-2.9.2/AUTHORS /src/FreeBSD/svn/ports/graphics/feh/work/feh-2.9.2/ChangeLog /src/FreeBSD/svn/ports/graphics/feh/work/feh-2.9.2/README /src/FreeBSD/svn/ports/graphics/feh/work/feh-2.9.2/TODO /usr/local/share/doc/feh ===>   Compressing manual pages for feh-2.9.2_1 ===>   Registering installation for feh-2.9.2_1       124.86 real        73.52 user        24.97 sys I'm done!

GotW #4: Class Mechanics (7/10)

Posted By Herb Sutter

How good are you at the details of writing classes? This item focuses not only on blatant errors, but even more so on professional style. Understanding these principles will help you to design classes that are easier to use and easier to maintain.   Problem JG Question 1. What makes interfaces “easy to use correctly, […]

GotW #3 Solution: Using the Standard Library (or, Temporaries Revisited)

Posted By Herb Sutter

Effective reuse is an important part of good software engineering. To demonstrate how much better off you can be by using standard library algorithms instead of handcrafting your own, let’s reconsider the previous question to demonstrate how many of the problems could have been avoided by simply reusing what’s already available in the standard library. […]

Fun at IO

Posted By Tim Bray

There is a conscious effort to make Google IO not just an information-dense environment, but a party. I joined in the fun for all three evenings I was free in San Fran. This included one photo-walk, one rock & roll performance, and one cross-faction Ingress event. Here are words and pictures. Photo Walk As in, the Google+ San Francisco PhotoWalk with Thomas and Trey, where T&T are short for Thomas Hawk and Trey Ratcliff, two photogs of renown at least on G+. Over a thousand people signed up and a few hundred actually turned up. I heard 400-ish which, if true, means that each uploaded ten photos, more or less.

Bluetooth-Controlled Door Lock

Posted By Bruce Schneier

Here is a new lock that you can control via Bluetooth and an iPhone app. That's pretty cool, and I can imagine all sorts of reasons to get one of those. But I'm sure there are all sorts of unforeseen security vulnerabilities in this system. And even worse, a single vulnerability can affect all the locks. Remember that vulnerability found...

Hacking Politics: name-your-price ebook on the history of the SOPA fight

Posted By Cory Doctorow

Hacking Politics is a new book recounting the history of the fight against SOPA, when geeks, hackers and activists turned Washington politics upside-down and changed how Congress thinks about the Internet. It collects essays by many people (including me): Aaron Swartz, Larry Lessig, Zoe Lofgren, Mike Masnick, Kim Dotcom, Nicole Powers, Tiffiny Cheng, Alexis Ohanian, … [Read more]

Ports build: resolved?

Posted By Greg Lehey

The good news about ports is that the port build cluster has now recovered from the security incident, though it doesn't seem to have made it to the newsflash page yet. Up-to-date packages are now available, so theoretically I can stop my attempts at building from source. One problem: I need to generate Makefile targets to install only those ports in the list that aren't already installed. So for today I carried on as before, using the packages only when I had trouble with the ports. The first was in a dependency for enblend, though not my fault this time. The documentation didn't build: restore=: && backupdir=".am$$" &&  am__cwd=`pwd` && CDPATH="${ZSH_VERSION+.}

DynamoDB Keeps Getting Better (and cheaper!)

Posted By Werner Vogels

We love getting feedback so we can deliver the improvements and new features that really matter to our customers. You can see from the pace at which we roll out new functionality that teams across AWS take this very seriously. One of the teams thats iterating quickly is DynamoDB. They recently launched Local Secondary Indexes and today they are releasing several new features that will help customers build faster, cheaper, and more flexible applications: Parallel Scans  To be able to increase the throughput of table scans, the team has introduce new functionality that allows you to scan through the table with multiple threads concurrently.

DynamoDB Keeps Getting Better (and cheaper!)

Posted By Werner Vogels

We love getting feedback so we can deliver the improvements and new features that really matter to our customers. You can see from the pace at which we roll out new functionality that teams across AWS take this very seriously. One of the teams that?s iterating quickly is DynamoDB. They recently launched Local Secondary Indexes and today they are releasing several new features that will help customers build faster, cheaper, and more flexible applications:

Sounds Like a Map

Posted By Benjamin Mako Hill

I love maps  something that became clear to me when I was looking at the tag cloud of my bookmarks a few years back. One of my favorite blogs (now a book) is Frank Jabobs’ Strange Maps. So it’s no coincidence that a number of my favorite MIT Mystery Hunt puzzles are map based. [...]

Ports: your fault

Posted By Greg Lehey

On with the ports pain. Today I had: === root@stable-amd64 (/dev/pts/0) /usr/ports/graphics/digikam 12 -> make all ===>   digikam-0.9.6_4 depends on file: /usr/local/bin/moc - found .... ===>   libkipi-0.1.6_6 depends on shared library: kimproxy.0 - not found ===>    Verifying install for kimproxy.0 in /usr/ports/x11/kdelibs3 ===>  kdelibs-3.5.10_13 is marked as broken: kdelibs-3.5-openssl-1.0.0.patch is unfetchable. So: basically a broken port. But the current version of KDE is version 4. Looking at the ports, I discovered that there are no fewer than 5 digikam ports, three of which start with digikam-kde4. What does /usr/ports/UPDATING have to say?

Transparency and Accountability

Posted By Bruce Schneier

As part of the fallout of the Boston bombings, we're probably going to get some new laws that give the FBI additional investigative powers. As with the Patriot Act after 9/11, the debate over whether these new laws are helpful will be minimal, but the effects on civil liberties could be large. Even though most people are skeptical about sacrificing...

Down and Out in the Magic Kingdom read-aloud part 07

Posted By Cory Doctorow

As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by m planning a prequel. volume As part of that, planning'I going to read aloud the entire text of that first book into the podcast, making notes on the book as I go. Here's … [Read more]

2007 NSA Manual on Internet Hacking

Posted By Bruce Schneier

Mildly interesting....

GotW #3: Using the Standard Library (or, Temporaries Revisited) (3/10)

Posted By Herb Sutter

Effective reuse is an important part of good software engineering. To demonstrate how much better off you can be by using standard library algorithms instead of handcrafting your own, let’s reconsider the previous question to demonstrate how many of the problems could have been avoided by simply reusing what’s already available in the standard library. […]

GotW #2 Solution: Temporary Objects

Posted By Herb Sutter

Unnecessary and/or temporary objects are frequent culprits that can throw all your hard work  and your program’s performance  right out the window. How can you spot them and avoid them?   Problem JG Question 1. What is a temporary object? Guru Question 2. You are doing a code review. A programmer has written […]

3D printed guns are going to create big legal precedents

Posted By Cory Doctorow

The Guardian

3D printed guns and the law: will judges be able to think clearly about digital files when guns are involved?

Posted By Cory Doctorow

My latest Guardian column is "3D printed guns are going to create big legal precedents," and it looks at an underappreciated risk from 3D printed guns: that courts will be so freaked out by the idea of 3D printed guns that they'll issue reactionary decisions that are bad for the health of the Internet and … [Read more]

Understanding the Creative Cloud

Posted By Greg Lehey

I thought I had commented enough about Creative Cloud, but then I got a message from Michael Hughes: When you click on what's included, they have: The world's best desktop applications for photography, video, audio, and design. So I'm I missing something? It looks like they are still selling you desktop applications. Why are they using the cloud? So I read the page, and I'm sure it didn't say what I saw before.

X display resolution insights

Posted By Greg Lehey

Since I've had the new 58" TV, some menus, notably in web browsers, have been in minuscule fonts, and I haven't found a knob to tweak to fix it. But it occurred to me that the text is about the same absolute size that it would be on a normal desktop monitor. At 60 cm it would be legible if the display resolution were high enough. At 3 m distance it's illegible. Further investigation in the nVidia X config options appendix showed that I could override the DPI value for the panel, which X had calculatedprobably correctlyat 42 DPI. Increasing the value to 120 seemed to set it about correctly for the distance: --- xorg.conf   2013/03/27 00:53:46     1.22 +++ xorg.conf   2013/05/12 06:27:59 @@ -80,6 +80,8 @@      Driver         "nvidia"      VendorName ...

Updating web browsers, the hard way

Posted By Greg Lehey

The installation of firefox on teevee is ancient (release 6.0), and it doesn't have flash. Clearly I need an upgrade. But how? Under FreeBSD that's done with the Ports Collection. And I'm having enough trouble on a brand-new machine. Just trying it with an old, out-of-date machine seems a Bad Idea. So I tried upgrading from the binaries. Also, it seems, a Bad Idea. In summary: The first attempt failed because perl, pkgconf and xcb-util-renderutil were out of date.

Ports progress

Posted By Greg Lehey

Now that I've processed my weekly photos, I can return to building ports. On Friday I had a strange dependency failure in openjdk. Tried again today in various ways, including an attempt to install version 7 instead of the version 6 that the depending port was asking for. No go: it still complained that libz was missing. In the end gave up and installed the binary package, which workedand didn't install any libz! I wish I understood why I'm having so much trouble.

I feel pain when articles get inaccurate titles

Posted By Tom Limoncelli

You may have read the Popular Science article: Thieves Stole $45 Million From ATMs Because The U.S. Uses Absurd 40-Year-Old Technology Let me quote: So why is the US so far behind? Infrastructure is a major factor; countries like Japan and the UK are much smaller, so replacing all the old point-of-sale machines and ATMs is easier. Bullshit. Bullshit. Bullshit. Bullshit. The reason is that bank executives had the choice between paying a lot of money to do the right thing or a little money to consultants who would tell them what they wanted to hear. It's a big win for consultants.

X cursor hang: insight

Posted By Greg Lehey

Heavy CPU and memory use, such as I cause while processing my weekly photos, frequently triggers this horrible X bug that I've been suffering from for over a year: the X server loops, and the cursor jumps back and forth between two screens. I've taken to not using the mouse when the system is paging heavily, and today I didn't (quite) have the problem. What I did have, though, was surprising: on the second server, which is a single display spread over 4 monitors, the mouse cursor moved to the wrong screen! Moving left from the second screen from the left should, of course, have taken me to the leftmost screen.

Creative cloud: good or bad?

Posted By Greg Lehey

Mail from Tom Maynard today: I know several professional photographers who do not share your view of Adobe Creative Cloudand, even I dispute some of the statements you made, since I investigated the Cloud as an alternative to outright purchase of Creative Suite 6. OK, that's valid. But what are the reasons? I've been following this thread, in which people object mainly to the same things that I did a couple of days ago, and alsoparticularly the professionalsto the fact that they have to move their intellectual property offsite.

Rapture of the Nerds is a Campbell Award finalist

Posted By Cory Doctorow

Well, this is fabulous news: Rapture of the Nerds, the novel Charlie Stross and I published last year, is a finalist for the 2013 Campbell Award for best novel. It's in some truly outstanding company, too -- check out that shortlist!

Daily ports breakage

Posted By Greg Lehey

After my fixes yesterday, a surprising number of ports compiled without error. The next one to die was chromium (or is that chrome? I still don't know): ./base/basictypes.h:206:39: note: in definition of macro 'COMPILE_ASSERT'    typedef CompileAssert<(bool(expr))> msg[bool(expr) ? 1 : -1]                                        ^ ./base/observer_list_threadsafe.h: In constructor 'UnboundMethod<T, Method, Params>::UnboundMethod(Method, const Params&)': ./base/observer_list_threadsafe.h:66:9: warning: typedef 'badunboundmethodparams' locally defined but not used [-Wunused-local-typedefs]          badunboundmethodparams);          ^ ./base/basictypes.h:206:39: note: in definition of macro 'COMPILE_ASSERT'    typedef CompileAssert<(bool(expr))> msg[bool(expr) ?

Making Wootz Steel

Posted By Niels Provos

Making Wootz Steel

Posted By Niels Provos

Making Wootz Steel

Posted By Niels Provos

Friday Squid Blogging: Squid Festival in Monterey

Posted By Bruce Schneier

It's at the end of May. Note that it's being put on by the Calamari Entertainment Group. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

The Onion on Browser Security

Posted By Bruce Schneier

Wise advice: At Chase Bank, we recognize the value of online banking­ -- its quick, convenient, and available any time you need it. Unfortunately, though, the threats posed by malware and identity theft are very real and all too common nowadays. Thats why, when youre finished with your online banking session, we recommend three simple steps to protect your personal...

Back-to-Basics Weekend Reading - Using continuations to implement thread management and communication in operating systems

Posted By Werner Vogels

I have returned from a great series of AWS Summits in NYC and in Europe so it is time to get back to some weekend reading. During the nineties much operating systems research focussed on microkernels, which resulted in a large collection of prototype systems: Mach 3.0, L3/L4, Plan 9, Xenokernel, Minix and others. Not many of those made into production, the version of Mach that rolled into Mac OS X through the XNU integration was an earlier, monolithic version. I believe commercially QNX has been the most successful microkernel. There was a wealth of interesting, fundamental research triggered by the concepts of microkernels: new communication paradigms, memory management structures, schedulers, etc.

My Berlin talk: Its not a fax machine connect to a waffle iron

Posted By Cory Doctorow

Here's the video of "It's not a fax machine connect to a waffle iron," the talk I gave at the Re:publica conference in Berlin this week: "Lawmakers treat the Internet like it's Telephone 2.0, the Second Coming of Video on Demand, or the World's Number One Porn Distribution Service, but it's really the nervous system … [Read more]

Mail Cover

Posted By Bruce Schneier

From a FOIAed Department of Transportation document on investigative techniques: A "mail cover" is the process by which the U.S. Postal Service records any data appearing on the outside cover of any class of mail, sealed or unsealed, or by which a record is made of the contents of unsealed (second-, third-, or fourth-class) mail matter as allowed by law....

Back-to-Basics Weekend Reading - Using continuations to implement thread management and communication in operating systems

Posted By Werner Vogels

I have returned from a great series of AWS Summits in NYC and in Europe so it is time to get back to some weekend reading. During the nineties much operating systems research focussed on microkernels, which resulted in a large collection of prototype systems: Mach 3.0, L3/L4, Plan 9, Xenokernel, Minix and others.

WAN Accellerators

Posted By Tom Limoncelli

What is your opinion of WAN Accelerators? Please post to the comments section. I haven't used or configured a WAN Accelerator but from the reading I've done so far it seems that the older the protocol is, the better a W.A. will help. Older protocols were designed when we were ignorant of the networking realities we have today. More modern protocols tend to do their own compression, caching, don't do stupid things that fail over high latency links, and so on. In particular: Am I right but if you mostly have home-grown protocols, you can tune them better than a W.A.

Daily ports breakage

Posted By Greg Lehey

This morning's ports breakage: ===>  Applying FreeBSD patches for libmatroska-1.3.0 ===>   libmatroska-1.3.0 depends on package: libebml>=1.2.1 - not found ===>    Verifying install for libebml>=1.2.1 in /usr/ports/textproc/libebml ... ===>   Registering installation for libebml-1.3.0 ===>   Returning to build of libmatroska-1.3.0 ===>    Verifying install for ebml.3 in /usr/ports/textproc/libebml ===>   Returning to build of libmatroska-1.3.0 Error: shared library "ebml.3" does not exist *** [lib-depends] Error code 1 What's that? I have just installed libebml, and it claims it wasn't installed? In fact, the version that got installed was the version in the Makefile, libebml.so.4.

The Remixing Dilemma: The Trade-off Between Generativity and Originality

Posted By Benjamin Mako Hill

This post was written with Andrés Monroy-Hernández. It is a summary of a paper just published in American Behavioral Scientist. You can also read the full paper: The remixing dilemma: The trade-off between generativity and originality. It is part of a series of papers I have written with Monroy-Hernández using data from Scratch. You can [...]

GotW #2: Temporary Objects (5/10)

Posted By Herb Sutter

Unnecessary and/or temporary objects are frequent culprits that can throw all your hard work  and your program’s performance  right out the window. How can you spot them and avoid them?   Problem JG Question 1. What is a temporary object? Guru Question 2. You are doing a code review. A programmer has written […]

GotW #1 Solution: Variable Initialization  or Is It? (3/10)

Posted By Herb Sutter

This first problem highlights the importance of understanding what you write. Here we have a few simple lines of codemost of which mean something different from all the others, even though the syntax varies only slightly.   Problem JG Question 1. What is the difference, if any, among the following? widget w; // (a)widget w(); […]

The Economist on Guantanamo

Posted By Bruce Schneier

Maybe the tide is turning: America is in a hole. The last response of the blowhards and cowards who have put it there is always: "So what would you do: set them free?" Our answer remains, yes. There is clearly a risk that some of them would then commit some act of violence -- in Yemen, elsewhere in the Middle...

Pirate Cinema on the Locus Award ballot!

Posted By Cory Doctorow

The 2013 Locus Awards final ballot has been announced, and as ever, it is a fabulous guide signposting some of the very best work published science fiction and fantasy in the past year -- a perfect place to start your explorations of the year's books. I am very honored to have been included on the … [Read more]

Photoshop: Triumph of marketing over technology

Posted By Greg Lehey

So it's official. Adobe will not develop its Creative Suite software any more. Instead they have created a Creative Cloud. To quote the Creative Suite page: While Adobe Creative Suite® 6 products will continue to be available for purchase, Adobe has no plans for future releases of Creative Suite or other CS products. With a little trouble I found the pricing page for Creative Cloud. Apart from free trial membership, the very minimum you can pay is $20 US per month. And you have to commit to at least 12 months, so you can't save things up for a few months, buy a month's worth of processing, and then stop again.

Ports pain, next installment

Posted By Greg Lehey

After fixing my build environment, I thought that my ports would build cleanly. So I wasn't really expecting this when I came into the office: ===> Building docs cat ./src/attach.c ./src/auth.c ./src/btree.c ./src/btree.h ./src/btree_rb.c ./src/build.c ./src/copy.c ./src/date.c ./src/delete.c ./src/encode.c ./src/expr.c ./src/func.c ./src/hash.c ./src/hash.h ./src/insert.c ./src/main.c ./src/os.c ./src/pager.c ./src/pager.h ./src/parse.y ./src/pragma.c ./src/printf.c ./src/random.c ./src/select.c ./src/shell.c ./src/sqlite.h.in ./src/sqliteInt.h ./src/table.c ./src/tclsqlite.c ./src/tokenize.c ./src/trigger.c ./src/update.c ./src/util.c ./src/vacuum.c ./src/vdbe.c ./src/vdbeaux.c ./src/vdbe.h ./src/where.c | grep '$Id: ' | sort +4 | tail -1 \           | awk '{print $5,$6}' >last_change /usr/local/bin/tclsh8.5 ./www/index.tcl `cat ./VERSION` >index.html /usr/local/bin/tclsh8.5: not found gmake: *** [index.html] Error 127 Stop in /src/FreeBSD/svn/ports/databases/sqlite2.

Springies

Posted By Tim Bray

I used to run lots of flower pix; it was almost a trademark for this blog in its early days. Their absence hasnt been a matter of policy; whatever mental subsystem it is that pulls the camera up to the eye operates several levels below the one where I think about things. But the sun was just right after supper tonight. From top to bottom: Poppies, the Rugosa thats winning this years Rose Race, and a Lonicera ciliosa Honeysuckle. Nothing I can say can add much. While on the subject of flowers: This spring in my neighborhood, many of the women are wearing simple dresses in floral prints, mostly lightweight stuff with a bit of swing and float to it.

Reidentifying Anonymous Data

Posted By Bruce Schneier

Latanya Sweeney has demonstrated how easy it can be to identify people from their birth date, gender, and zip code. The anonymous data she reidentified happened to be DNA data, but that's not relevant to her methods or results. Of the 1,130 volunteers Sweeney and her team reviewed, about 579 provided zip code, date of birth and gender, the three...

Systems Software

Posted By Diomidis D. Spinellis

Systems software is the low-level infrastructure that applications run on: the operating systems, language runtimes, libraries, databases, application servers, and many other components that churn our bits 24/7. Its the mother of all code. In contrast to application software, which is constructed to meet specific use cases and business objectives, systems software should be able to serve correctly any reasonable workload. Consequently, it must be extremely reliable and efficient. When it works like that, its a mighty tool that lets applications concentrate on meeting their users needs. When it doesnt, the failures are often spectacular.

Evacuation Alerts at the Airport

Posted By Bruce Schneier

Last week, an employee error caused the monitors at LAX to display a building evacuation order: At a little before 9:47 p.m., the message read: "An emergency has been declared in the terminal. Please evacuate." An airport police source said officers responded to the scene at the Tom Bradley International Terminal, believing the system had been hacked. But an airport...

Back to building ports

Posted By Greg Lehey

One of the things that I had to put on hold while doing my photo processing was the ports build that has been going on for over a month. Today I was able to continue; and of course several ports had changed, so once again I had the continual hangs waiting for configuration information. I still don't have qt built.

Whose NBN?

Posted By Greg Lehey

The discussion about the Australian National Broadband Network is ramping up in preparation for the elections in September. The incumbent Labor government has introduced a very ambitious FTTP solution, originally only with 100 Mb/s maximum speed. But now the opposition parties (Liberal (in my mind really conservative) and National) look set to win the next election and replace it with an FTTN solution that is barely acceptable now and most certainly will not be in the future: a guarantee of only 25 Mb/s with the hope of 50 Mb/s some time in the future. It doesn't help that the NBN project is significantly behind schedule: This government clearly doesn't understand networking.

A new machine?

Posted By Greg Lehey

My photo experiences show that I need more memory at any rate. But my motherboard is nearly 5 years old, and it doesn't take more than 8 GB of memory. Time for a new machine? The current CPU is an AMD Phenom 9550, which PassMark rates at 2493 points. The top of the line processors rate at 14,969, at prices I'm not prepared to pay. But I thought I could find something at about 70% of that rating for under $300. I was almost right; for $280 odd I can get an Intel Core i7-3770K with 9,461 points (63%), and for $180 I can get an AMD FX-8350 (9,144 points or 61%).

Photo processing: your computer is too wimpy

Posted By Greg Lehey

Before leaving for Geelong, I checked how my enblend run was going. Again 20 GB of process space, 5.5 GB of memory. It had been running for 14 hours, had used only 80 minutes of CPU time, and had processed about half the photos. When I got back from Geelong 3½ hours later, it had only used about another 10 minutes of CPU time and loaded another 8 image.

Is the U.S. Government Recording and Saving All Domestic Telephone Calls?

Posted By Bruce Schneier

I have no idea if "former counterterrorism agent for the FBI" Tom Clemente knows what he's talking about, but that's certainly what he implies here: More recently, two sources familiar with the investigation told CNN that Russell had spoken with Tamerlan after his picture appeared on national television April 18. What exactly the two said remains under investigation, the sources...

Zeno's Interview Question

Posted By Tom Limoncelli

I hope to teach a "how to interview" class at an upcoming conference. Here's one of the points I'll be making. How can one interview question help me understand what the candiate does and doesn't know Unix? Here's the question: What happens with I type this at a shell prompt: telnet www.wikipedia.org 80 RETURN Usually the candiate will explain just the command: "It opens a connection to port 80 on wikipedia". That's a good answer. The follow-up question is, "Please give me more detail". At this point they might explain how DNS works or how TCP network connections work.

Intelligence Analysis and the Connect-the-Dots Metaphor

Posted By Bruce Schneier

The FBI and the CIA are being criticized for not keeping better track of Tamerlan Tsarnaev in the months before the Boston Marathon bombings. How could they have ignored such a dangerous person? How do we reform the intelligence community to ensure this kind of failure doesn't happen again? It's an old song by now, one we heard after the...

A day processing a single photo

Posted By Greg Lehey

On with the big panorama today. It took me all day, and by the end I still wasn't finished. Here the times it took to align the images: Process       Time (minutes) hugin       40:56 cpfind       192:57 icpfind       1:20 ...

Springtime Tab Sweep  The World

Posted By Tim Bray

The only unifying theme is that theyve been building up in the browser for months, and are generally consistent with my worldview. Why its OK to hate banks From The Economist, The people versus the bankers, an approachable, quantitative discussion of why banking is systemically broken, and why it would be good for society to inflict severe financial pain on bankers. Who you are and where you come from From Pacific Standard magazine, of which I know nothing, Ethan Watters writes We Arent the World, in which its revealed that peoples cultural roots influence their perceptions and behaviors, um, radically (etymology joke there), which isnt surprising, and that quantitative social science has never really wired in this apparently-an-axiom, which is.

Springtime Tab Sweep  Tech

Posted By Tim Bray

Ouch, some of these tabs are old. Unifying theme: none. Corroding Style Sheets Liking the look of Stylus. All these tantalizing alternatives when what we really want is to take the ship up and nuke CSS from orbit. Wisdom From CACM, The Tail at Scale by Jeff Dean and Luiz André Barroso. Maybe the deepest thinking about large-system performance characteristics youre apt to read in any given year. Git Joy Both good: LearnGitBranching and Git Koans. Emacs Joy Multiple-cursor madness. And, its fun! Eek. Mongo Joy Specifically, High Availability with MongoDB for Fun and Profit. I havent built a high-volume site in some years, and while Ive not missed it that much, I would like a chance to play with some of the new database tech.

Michael Chertoff on Google Glass

Posted By Bruce Schneier

Interesting op-ed by former DHS head Michael Chertoff on the privacy risks of Google Glass. Now imagine that millions of Americans walk around each day wearing the equivalent of a drone on their head: a device capable of capturing video and audio recordings of everything that happens around them. And imagine that these devices upload the data to large-scale commercial...

Down and Out in the Magic Kingdom read-aloud part 06

Posted By Cory Doctorow

As I mentioned in my March Locus column, I'm celebrating the tenth anniversary of Down and Out in the Magic Kingdom by m planning a prequel. volume As part of that, planning'I going to read aloud the entire text of that first book into the podcast, making notes on the book as I go. Here's … [Read more]

Tim Wu and I talk networks, policy and the future

Posted By Cory Doctorow

Slate's "Stranger Than Fiction" podcast has just aired its second episode: a discussion between Tim Wu (a cyberlawyer, Internet scholar and good egg) and me (MP3)! Future installments will include talks with Kim Stanley Robinson and Margaret Atwood (as well as others) -- the inaugural episode featured Tim in discussion with Neal Stephenson.

Honeywords

Posted By Bruce Schneier

Here is a simple but clever idea. Seed password files with dummy entries that will trigger an alarm when used. That way a site can know when a hacker is trying to decrypt the password file....

GotW #1: Variable Initializationor Is It? (3/10)

Posted By Herb Sutter

This first problem highlights the importance of understanding what you write. Here we have a few simple lines of code  most of which mean something different from all the others, even though the syntax varies only slightly.   Problem JG Question 1. What is the difference, if any, among the following? widget w; // [...]

Linkedin: mutual admiration society?

Posted By Greg Lehey

I've commented in the past about strange messages like this one: Congratulations! Your connection Peter has endorsed you for the following new skills &amp; expertise: Linux MySQL Unix Panoramic Photography FreeBSD Open Source Brewing Kernel The difference in this one is that I know it's genuine: it's from Peter Jeremy, and it makes sense. But this time I went to my Linkedin profile to see what else had accumulated there. It's amazing. I've been endorsed for things I know nothing about, like Solaris, Cloud computing or perl, by people with whom I have had no contact for decades, in at least one case for over 30 years.

Ports: progress

Posted By Greg Lehey

Next port build error today, in X: checking for XF86DGA... configure: error: Package requirements (x11 xxf86dga >= 1.1) were not met: Package xxf86dga was not found in the pkg-config search path. Perhaps you should add the directory containing `xxf86dga.pc' to the PKG_CONFIG_PATH environment variable Package 'xxf86dga', required by 'world', not found That makes no sense at all. More environment variables? I've been working on my .bashrc literally for decades, as the comment at the top states: # $Id: .bashrc,v 1.57 2012/10/04 06:01:06 grog Exp $ # This is the cruft of ages, originally started as a .bashrc on # Inactive System V/386 in about May 1990.

Guru of the Week and the Exceptional C++ Series

Posted By Herb Sutter

Its time for me to pick up Guru of the Week (GotW) again in earnest, as part of work on revising my three Exceptional C++ books for todays C++. Most Exceptional C++ Items are enhanced versions of GotW issues, after all, so the simplest and best place to start is with GotW. Its also much [...]

Scammers get cleverer

Posted By Greg Lehey

Received a strange email with quadruple spaced lines today. Here's the relevant content: From [email protected]  Fri May  3 19:30:09 2013 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM,         HTML_MESSAGE,T_DKIM_INVALID autolearn=ham version=3.3.2 Received: from eureka.lemis.com (eureka.lemis.com [192.109.197.137])         by eureka.lemis.com (Postfix) with ESMTP id 0B062F74FA         for ; Fri,  3 May 2013 19:30:09 +1000 (EST) Received: from mail.lemis.com [208.86.224.149]         by eureka.lemis.com with POP3 (fetchmail-6.3.21)         for (single-drop); Fri, 03 May 2013 19:30:09 +1000 (EST) Received: from mail-oa0-f65.google.com (mail-oa0-f65.google.com [209.85.219.65])         by w3.lemis.com (Postfix) with ESMTP id 464453B764         for ; Fri,  3 May 2013 09:15:48 +0000 (UTC) Date: Fri, 3 May 2013 10:15:47 +0100 Subject: Link removal please.......

Computational photography continued

Posted By Greg Lehey

Continued with the computational photography course today. Somehow it's tailing off. The first couple of lectures and assignments were interesting, but now it's becoming too superficial. Saw a lecture about panoramas, which had a theoretical discussion of image alignment. Normally this is done by placing control points between individual images, but he didn't mention that at all, instead talking about homography in general terms (showing matrix operations but not really explaining what the individual parameters were), and glossing over things like projections.

Ports pain, next instalment

Posted By Greg Lehey

On with my month-long attempt to build a clean reference installation of the FreeBSD ports that I use. Today my error was: ===>  qt4-corelib-4.8.4_1 conflicts with installed package(s):       qt-3.3.8_14 So what installed qt version 3? Some out-of-date port? I started building all ports from scratch with a new ports tree just a few days ago. Still, presumably that port would work with newer versions of qt, so decided just to remove the old version. But it wasn't just one port: === root@stable-amd64 (/dev/pts/0) /home/Sysconfig/scripts 7 -> pkg_delete qt-3.3.8_14 pkg_delete: package 'qt-3.3.8_14' is required by these other packages and may not be deinstalled: arts-1.5.10_8,1 kdelibs-3.5.10_13 libkipi-0.1.6_6 libkexiv2-0.1.9_8 libkdcraw-0.1.9_5 digikam-0.9.6_4 pdfedit-0.4.5_2 Are there really that many ports that depend on old ...

Friday Squid Blogging: Squid Escape Artist

Posted By Bruce Schneier

It's amazing how small a hole he can fit through. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Another WWII Message Decoded

Posted By Bruce Schneier

It's a really interesting code and story. (The first link has the most detailed information about the code and the cryptanalysis.)...

"DRM-free" scares the s*** out of me

Posted By Tom Limoncelli

Today is the International Day Against DRM. As an author, and one that is currently living on unemployment insurance payments, DRM-free scares the shit out of me. Every book I've ever published has been pirated. Some I have even found in the "/tmp" directory of open HTTP servers. Every time I see my books pirated I die a little inside. Writing is very difficult for me. People don't realize how hard it is. How do I stop procrastinating and sit down to write? I eliminate everything else "tempting" from my life for a year or two until the book is done.

The Public/Private Surveillance Partnership

Posted By Bruce Schneier

Our government collects a lot of information about us. Tax records, legal records, license records, records of government services received-- it's all in databases that are increasingly linked and correlated. Still, there's a lot of personal information the government can't collect. Either they're prohibited by law from asking without probable cause and a judicial order, or they simply have no...

Improving Book Publicity in the 21st Century

Posted By Cory Doctorow

Locus

Easy win for publishing: network and systematize PR and marketing

Posted By Cory Doctorow

My latest Locus column, "Improving Book Publicity in the 21st Century," addresses the lack of automation and management in traditional publishing an publicity, and suggests some simple and cheap ways that publishers could join up the way its editorial, marketing a PR departments communicate with reviewers and other publicity outlets to save money and score … [Read more]

Phone call with a Heavily-Accented Phisher

Posted By Niels Provos

Phone call with a Heavily-Accented Phisher

Posted By Niels Provos

Phone call with a Heavily-Accented Phisher

Posted By Niels Provos

NFS locking and ports builds

Posted By Greg Lehey

Got round to looking at my NFS locking issues today. Simple: by default FreeBSD doesn't start the NFS processes at all, so you have to configure it in /etc/rc.conf. I had that already in my real computers, but not in the ports build box. Problem solved? Hard to say. The next problem was already there: no xterm. X had built, but for some reason xterm, a dependency, hadn't. Left another ports-try run, which it continued to do for the rest of the day and into the night.

Rock and Roll Story

Posted By Tim Bray

I just finished reading Blues Highway Blues by Eyre Price, which is said to be one of a series called Crossroads Thrillers. If you like either American music or crime writing, you might like this. If you like both, your chances are pretty high. You might want to visit Prices site linked under his name there; its somewhat unique, which is getting hard to be on the Web these days. As of May 2013, his description of Blues Highway Blues is perfectly accurate; I cant improve on it, plus it comes with the audio of one of the songs in the book.

Risks of Networked Systems

Posted By Bruce Schneier

Interesting research: Helbing's publication illustrates how cascade effects and complex dynamics amplify the vulnerability of networked systems. For example, just a few long-distance connections can largely decrease our ability to mitigate the threats posed by global pandemics. Initially beneficial trends, such as globalization, increasing network densities, higher complexity, and an acceleration of institutional decision processes may ultimately push human-made or...

More on FinSpy/FinFisher

Posted By Bruce Schneier

FinFisher (also called FinSpy) is a commercially sold spyware package that is used by governments world-wide, including the U.S. There's a new report that has a bunch of new information: Our new findings include: We have identified FinFisher Command & Control servers in 11 new Countries. Hungary, Turkey, Romania, Panama, Lithuania, Macedonia, South Africa, Pakistan, Nigeria, Bulgaria, Austria. Taken together...

Google Pays $31,000 for Three Chrome Vulnerabilities

Posted By Bruce Schneier

Google is paying bug bounties. This is important; there's a market in vulnerabilities that provides incentives for their being kept secret and exploitable; for Google to buy and patch them makes us all more secure. The U.S. government should do the same....

Details of a Cyberheist

Posted By Bruce Schneier

Really interesting article detailing how criminals steal from a company's accounts over the Internet. The costly cyberheist was carried out with the help of nearly 100 different accomplices in the United States who were hired through work-at-home job scams run by a crime gang that has been fleecing businesses for the past five years. Basically, the criminals break into the...

Why Google Glass is so important

Posted By Tom Limoncelli

Every tech blog, news site, magazine and newspaper is writing about Google Glass. Half are saying good things half are saying bad things. But there's one thing they all agree on: Mentioning Google Glass in a headline gets you readers. You're reading this. Right? I bet a whole lot of you don't always read my blog but you are reading this post, right? Writing about the success or failure of Google Glass is fantastic for many reasons: It's low cost. You don't have to spend $1,500 on one. Just read other people's blogs and repeat what they've said, speculate, or just make shit up!

Computational Photography or Python tutorial?

Posted By Greg Lehey

On with the computational photography assignments today. They're not really difficult; I did one before the network blew up, Convolution. This involves running a multi-pixel window (confusingly called a kernel) over an image and producing a new image where each pixel is the sum of the products of the kernel element with the corresponding pixel covered by the kernel. It would be easy enough in C, but I had to do it in Python, and that required learning still more functions.