Blog Archive: June 2013

On Medium

Posted By Tim Bray

Last week I wrote Texas Politics about the legislative-gamesmanship theatrics around Wendy Davis filibuster. It did OK on the blog, nothing special. Evan Hansen of Medium reached out asking if I wanted to republish there. I couldnt think of a good reason to do that, but then I also couldnt think of a good reason not to. So heres a bloggers-eye view of being a Medium author. The Medium version is Dont Mess With Them and its better than my version, because I did a couple more editing passes and tightened things up. Also, the presentation over there is terrific; minimal and very readable.

Goodbye Evi Nemeth

Posted By Greg Lehey

Sad news went around a couple of days ago: Evi Nemeth was lost at sea at the beginning of the month. After Jim Gray that's the second person I know who went out to sea and never came back. And they were both well-known computer people, not exactly the kind of person you'd expect to end like that.

Better OS X Control

Posted By Tim Bray

If you use Emacs, you can stop reading now. If you dont, theres a possibility that you may not be aware of an incredibly powerful productivity-boosting tool that works in almost every OS X app. Read on. Take Control The trick Im about to describe works whenever youre editing text: Gmail, Pages, Keynote, wherever. It relies on the Control key, which is down on the lower left corner of most OS X keyboards (but stay tuned for a trick to make it more accessible). The trick is, hold down the Control key while youre hitting another, for example a, which Ill abbreviate C-A.

Friday Squid Blogging: Man Pulled Under by Squids

Posted By Bruce Schneier

Video story on Animal Planet. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Me on EconTalk

Posted By Bruce Schneier

Another audio interview; this one is mostly about security and power....

My Talk at Google

Posted By Bruce Schneier

Last week, I gave a talk at Google. It's another talk about power and security, my continually evolving topic-of-the-moment that could very well become my next book. This installment is different than the previous talks and interviews, but not different enough that you should feel the need to watch it if you've seen the others. There are things I got...

Preventing Cell Phone Theft through Benefit Denial

Posted By Bruce Schneier

Adding a remote kill switch to cell phones would deter theft. Here we can see how the rise of the surveillance state permeates everything about computer security. On the face of it, this is a good idea. Assuming it works -- that 1) it's not possible for thieves to resurrect phones in order to resell them, and 2) that it's...

Test entry

Posted By Eric Allman

This is just to test sending from MacJournal to a blog. Note: This is only a test.Original post blogged on b2evolution.

Test entry

Posted By Eric Allman

This is just to test sending from MacJournal to a blog. Note: This is only a test.Original post blogged on b2evolution.

Games, at some length

Posted By Cory Doctorow

Edge Magazine's Jason Killingsworth interviewed me at some length about my history with videogames, from Apple ][+ to Atari to arcades, with notes on Zynga, DRM, piracy and the Humble Bundles.

Down and Out in the Magic Kingdom illo

Posted By Cory Doctorow

(Click to embiggen) Illustrator Brian J. Smith did me the tremendous honor of creating this fabulous, detailed illustration inspired by my novel Down and Out in the Magic Kingdom, which turned ten this year. He hid all kinds of great little gracenotes in it, too -- tons of characters from the book and from the … [Read more]

Malware that Foils Two-Factor Authentication

Posted By Bruce Schneier

This is an interesting article about a new breed of malware that also hijack's the victim's phone text messaging system, to intercept one-time passwords sent via that channel....

Evi Nemeth potentially lost at sea

Posted By Tom Limoncelli

It is with a heavy heart that I pass on this information. There is a report that the boat Evi Nemeth was sailing on has not been heard from since June 3rd. The New Zealand Herald seems to have broken the story first. Evi co-wrote the groundbreaking book, "UNIX System Administration Handbook". It has been used as a textbook and outside of schools by nearly every Unix/Linux sysadmin I know. It meticulously covers every popular Unix varient of its day. (In the 1990s there was a lot more variation between Unixes). Since its publication there have been many updates and even a Linux-specific version.

Rent-seeking for Nomads

Posted By Tim Bray

A friend was telling me of a young woman he knows whod been struggling to get by in New York and hed been sort of mentoring. Only shes spent most of this year traveling in Southeast Asia and South America, finding herself. I wondered what she was living on. Turns out shes offering her Manhattan apartment on Airbnb and covering its rent with enough left over to fuel her nomadic self-discovery. I wonder if its even legal? Whatever, when theres something desirable to be sold and people who want to buy it, deals get done; particularly in NYC.

Pre-9/11 NSA Thinking

Posted By Bruce Schneier

This quote is from the Spring 1997 issue of CRYPTOLOG, the internal NSA newsletter. The writer is William J. Black, Jr., the Director's Special Assistant for Information Warfare. Specifically, the focus is on the potential abuse of the Government's applications of this new information technology that will result in an invasion of personal privacy. For us, this is difficult to...

Lessons from Biological Security

Posted By Bruce Schneier

Nice essay: The biological world is also open source in the sense that threats are always present, largely unpredictable, and always changing. Because of this, defensive measures that are perfectly designed for a particular threat leave you vulnerable to other ones. Imagine if our immune system were designed to deal only with a single strain of flu. In fact, our...

Texas Politics

Posted By Tim Bray

If you werent watching the livestream (courtesy of The Texas Tribune) you missed an astounding piece of drama. I only caught the last 90 minutes, but wow. Wendy The charisma and eloquence of Senator Davis was astonishing. By the time I started watching, shed been silenced by the Republican legislators tactics and just stood there, watching and smiling. Gaming the System I dont think the transparent sleaze of the efforts to rule her her out of order were all that terrible. The whole point of being governed by elected legislatures is that its rule-based, and wherever there are rules they can be gamed, and thats OK.

Secrecy and Privacy

Posted By Bruce Schneier

Interesting article on the history of, and the relationship between, secrecy and privacy As a matter of historical analysis, the relationship between secrecy and privacy can be stated in an axiom: the defense of privacy follows, and never precedes, the emergence of new technologies for the exposure of secrets. In other words, the case for privacy always comes too late....

Lookalikes

Posted By Benjamin Mako Hill

Is Franz Sacher, the Inventor of the famous sachertorte, still alive and and working at the at the Electronic Frontier Foundation? Might this help explain why EFF Technology Project Director Peter Eckersley is so concerned about protecting privacy and pseudonymity?

My //build/ talk on Friday @ noon PDT (webcast)

Posted By Herb Sutter

The session schedule for this week’s //build/ conference in San Francisco has now been posted. I have a talk on Friday at noon Pacific time, titled “The Future of C++.” Note this is a Microsoft conference, so the talk is specifically about the future of the Visual C++ product, but nevertheless it’s all about Standard […]

Cracking the Kryptos Sculpture

Posted By Bruce Schneier

Great story....

Apple: four times as good

Posted By Greg Lehey

More investigation of Apple's host naming today. It's clear that there's a naming issue somewhere. Investigation with scutil revealed two different names: sh-3.2# scutil --get HostName Melbourne sh-3.2# scutil --get ComputerName newyork Apart from these two, there's the dynamic global hostname, which is something else again. I can only find it in the GUI setup screen, but it does get saved: But wait! There's more! hostname has its own view of the world: sh-3.2# hostname Melbourne sh-3.2# hostname -s Dereel sh-3.2# hostname Dereel sh-3.2# scutil --get HostName Melbourne sh-3.2# scutil --get ComputerName newyork Four different names for one computer!

Investigating mail problems

Posted By Greg Lehey

So despite setting the firewall rules, I still wasn't able to connect to my remote MTA. But the reason was easy enough to find: 12:26:32.694551 IP ppp121-44-119-168.lns20.syd6.internode.on.net.40321 > w3.lemis.com.smtp: Flags [S], seq 161129313, win 65535, options [mss 1460,sackOK,eol], length 0 12:26:32.807306 IP lns20.syd6.on.ii.net > ppp121-44-119-168.lns20.syd6.internode.on.net: ICMP host w3.lemis.com unreachable - admin prohibited filter, length 36 Clearly a configuration problem, so I sent a message to Internode Support asking them to fix it. Some hours later got a call from Stuart, telling me that they're not blocking anything.

Australian Liberal Party Spam

Posted By Greg Lehey

In my article about Facebook spam last week I couldn't find a really good example of a reputable organization spamming Facebook users. Today I got a perfect one. The Liberal Party of Australia, arguably a reputable organization, considers it appropriate to spam its potential voters: Never mind the polemic and inaccurate message (electricity prices have gone up, but not by 94%): would you vote for spammers?

MAD in Cyberspace

Posted By Bruce Schneier

Ron Beckstrom gives a talk ( ">video and transcript) about "Mutually Assured Destruction," "Mutually Assured Disruption," and "Mutually Assured Dependence."...

Networking, Apple style

Posted By Greg Lehey

While following up on my network problems, decided to compare what Apple does. Yes, like other BSD-based system they also have a localhost bound to the interface lo0. This seems to be a BSDism: the Linux interface is simply called lo. But somehow since last use the machine had changed its system name, from newyork to newyorkmmmmmmmmmmmmmmmmm. No idea how that happened, but it should be trivial to change it, right? hostname is your friend. Well, it may be your friend, but Apple doesn't take it seriously. I'm told it works until you reboot, and then you're back to the old name again.

Following up on mail problems

Posted By Greg Lehey

Pulled my tuit item about the mail problems today. As I suspected, there were two different problems. The more obvious one was setting up the mail tunnel. The script is called mailtunnel: === grog@eureka (/dev/pts/10) ~ 17 -> which mailtunnel /home/local/bin/mailtunnel I modified the script to include debug output, and none came. After quite some time it occurred to me that I had a function in my .bashrc, and that's what got executed. And at some juncture while setting up teevee, I modified its .bashrc, conveniently a symlink to /eureka/home/grog/.bashrc, and managed to save an older version: --- .bashrc     2012/10/04 06:01:06     1.57 +++ .bashrc     2013/05/19 04:55:38 @@ -1,4 +1,4 @@ -# $Id: diary-jun2013.php,v 1.34 2013/06/25 02:24:38 grog Exp $ +# ...

Two Factor, Twice

Posted By Tim Bray

One of my jobs is browbeating people to turn on 2-Step Verification, and its working; more and more people are. Today I learned that weve got some open-source technology you can use to add 2-factor to your own app. Please Get Safe Seriously, if you havent already, and if someone hacking your Google account would screw up your life, then start here right now and come back after youve turned it on. Ill wait. What, you didnt do it? Youre not convinced? You think itll be inconvenient? Wrong. Its super-smooth; every so often, when Google asks you to refresh your login, itll ask you to enter a number that we send you by SMS.

Horror Story

Posted By Tim Bray

I just read Neil Gaimans The Ocean at the End of the Lane and its wonderfully done but I didnt enjoy it. Theres a good chance you might, though. Gaiman is one of the very few writers whose books I just go ahead and buy without waiting to read reviews or even sniffing the social-media fumes. This book wont change that even though it made me unhappy. Gaimans in good form, so the magic here is magical, the people are real (except for the ones that arent supposed to be), the monsters are monstrous, and the ambiance is intensely felt: You are there.

Spear Phishing Attack Against the Financial Times

Posted By Bruce Schneier

Interesting story with a lot of details....

The Future of Satellite Surveillance

Posted By Bruce Schneier

Pretty scary -- and cool. Remember, it's not any one thing that's worrisome; it's everything together....

Where is localhost?

Posted By Greg Lehey

Sent off a relatively routine mail message today and got an unexpected response: This is the mail system at host eureka.lemis.com. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. ... <[email protected]>: Host or domain name not found. Name service error for     name=localhost type=AAAA: Host not found Huh? What does that mean? In particular, it's a resolution failure for an AAAA record, which relates to IPv6. And I don't use IPv6. More importantly, though, why now?

Technology and Activism: where does the Internet fit?

Posted By Cory Doctorow

Last weekend, I took part in a panel at Yoko Ono's Meltdown festival at Southbank in London, on "Technology and Activism," along with Jamie Bartlett (Director for the Analysis of Social Media at DEMOS) and David Babbs (Executive Director of 38 Degrees), chaired by Olivia Solon from Wired UK. It went well and covered lots … [Read more]

3 Camera Reviews

Posted By Tim Bray

Its a wonderful time in the camera biz, with new device flavors grabbing market share all over the place. Ive made my bet on the Fujifilm X series, so lets start with a 2-parter over at The Online Photographer, Fuji X-E1: The Keeper (Part I) and Part II. Theres not that much new information here, but its fun piece to read. For something completely different, check out this early DPReview look at the Galaxy NX, Samsungs big serious camera thats also an Android Jellybean device. Im sure theres photographic gold in them thar hills somewhere. At the moment I have no urge to abandon Fujis diminutive form factor and fabulous Fujinon lenses, but if I get an idea for an Android app that uses the camera hardware, that could change fast.

Iceowls Awesome New Icon

Posted By Benjamin Mako Hill

If you’re a Debian user, you are probably already familiar with some of the awesome icons for IceWeasel (rebranded Mozilla Firefox), IceDove (rebranded Mozilla Thunderbird) and IceApe (rebranded Mozilla SeaMonkey).     I was pretty ambivalent about the decision to rebrand Firefox until I saw some of proposed the IceWeasel icons which  in my humble [...]

Server down after nearly 5 years?

Posted By Greg Lehey

My external server is hosted with RootBSD, and I've been very happy with them. As of today it has an uptime of 1,726 days4 years, 8 months and 24 days. And now they're going to move the data centre! To quote this page: And his server had only been up for 2½ years.

Friends web site still down

Posted By Greg Lehey

I noted a couple of days ago that the new web site for the Friends of the Ballarat Botanical Gardens is still down. It seems that they jumped the gun and changed the DNS information before installing the web site. Since the site has been down for days, it's reasonable to assume that they've run into trouble. So I put up the old site at fbbg.lemis.com and offered to Adel to redirect to it while she sorts out her problems. But today I got a message which blew my mind. This isn't a bug, it's standard procedure, it seems, and they had warned the Friends that the site would be out of action for a couple of days: there are some elements of the site that can't be implemented and tested until after propagation.

Goodbye Facebook, hello Google+?

Posted By Greg Lehey

After my rant about Facebook yesterday, Peter Jeremy came up with a solution: use Google+ instead. It doesn't have inline spam (yet). I had actually had a better solution: ignore all these social media sites. But for the fun of it, I signed up with Google+. What is it? Yes, of course I didn't read the description, but what I'm presented with looks nothing like what I expected. I'll revisit it some time when I'm bored, but for the moment the difference is clear: I'm on Facebook because it's the only way to communicate with lots of people I know. Few people have invited me to join them on Google+, and most of those are also on Facebook.

Friday Squid Blogging: How the Acidification of the Oceans Affects Squid

Posted By Bruce Schneier

It's not good. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Me on the Lou Dobbs Show

Posted By Bruce Schneier

I was on the Lou Dobbs Show earlier this week....

US Offensive Cyberwar Policy

Posted By Bruce Schneier

Today, the United States is conducting offensive cyberwar actions around the world. More than passively eavesdropping, we're penetrating and damaging foreign networks for both espionage and to ready them for attack. We're creating custom-designed Internet weapons, pretargeted and ready to be "fired" against some piece of another country's electronic infrastructure on a moment's notice. This is much worse than what...

The Japanese Response to Terrorism

Posted By Bruce Schneier

Lessons from Japan's response to Aum Shinrikyo: Yet what's as remarkable as Aum's potential for mayhem is how little of it, on balance, they actually caused. Don't misunderstand me: Aum's crimes were horrific, not merely the terrible subway gassing but their long history of murder, intimidation, extortion, fraud, and exploitation. What they did was unforgivable, and the human cost, devastating....

Why we can't beat spam

Posted By Greg Lehey

Spam has been one of the most irritating aspects of online life since I first started using email on the Internet. There are all sorts of ways to try to limit it, but as time goes on, it's clear that we can't win. The basic problem is that too many people consider it to be just another legitimate form of advertising, and too many users just accept it. Yes, penis enlargements and Viagra are frowned upon, but that's because of the subject, not because of spam. But who uses email any more anyway? Facebook is the way of the future (Oh brave new world, that has such people in't!)

New Details on Skype Eavesdropping

Posted By Bruce Schneier

This article, on the cozy relationship between the commercial personal-data industry and the intelligence industry, has new information on the security of Skype. Skype, the Internet-based calling service, began its own secret program, Project Chess, to explore the legal and technical issues in making Skype calls readily available to intelligence agencies and law enforcement officials, according to people briefed on...

Love Letter to an NSA Agent

Posted By Bruce Schneier

A fine piece: "A Love Letter to the NSA Agent who is Monitoring my Online Activity." A similar sentiment is expressed in this video....

The US Uses Vulnerability Data for Offensive Purposes

Posted By Bruce Schneier

Companies allow US intelligence to exploit vulnerabilities before it patches them: Microsoft Corp. (MSFT), the world's largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists...

Petition the NSA to Subject its Surveillance Program to Public Comment

Posted By Bruce Schneier

I have signed a petition calling on the NSA to "suspend its domestic surveillance program pending public comment." This is what's going on: In a request today to National Security Agency director Keith Alexander and Defense Secretary Chuck Hagel, the group argues that the NSA's recently revealed domestic surveillance program is "unlawful" because the agency neglected to request public comments...

Feature Phone

Posted By Tim Bray

My Galaxy Nexus unfortunately Died The Death. Itll boot and seem to work, but as soon as you try to open an email or whatever, kiss it goodbye. So I rummaged through the back of the closet and, well, its amazing how little you can get by with. Id like to replace the GNexus with one of those pure-Android HTC Ones theyre talking up, but you cant get those yet so I needed a stopgap. The closet yielded an old Nexus S which I put my SIM in and turned on; up come some antique Android version. Also, it was broken; probably this is some best-forgotten engineering build from three years ago.

Job Market Materials

Posted By Benjamin Mako Hill

Last year, I applied for academic, tenure track, jobs at several communication departments, information schools, and in HCI-focused computer science programs with a tradition of hiring social scientists. Being on the market  as it is called  is both scary and time consuming. Like me, many candidates have never been on the market before. [...]

Finding Sociopaths on Facebook

Posted By Bruce Schneier

On his blog, Scott Adams suggests that it might be possible to identify sociopaths based on their interactions on social media. My hypothesis is that science will someday be able to identify sociopaths and terrorists by their patterns of Facebook and Internet use. I'll bet normal people interact with Facebook in ways that sociopaths and terrorists couldn't duplicate. Anyone can...

Cost/Benefit Questions NSA Surveillance

Posted By Bruce Schneier

John Mueller and Mark Stewart ask the important questions about the NSA surveillance programs: why were they secret, what have they accomplished, and what do they cost? This essay attempts to figure out if they accomplished anything, and this essay attempts to figure out if they can be effective at all....

How to Create Your Own Git Server

Posted By Diomidis D. Spinellis

Although I'm a happy (also paying) user of GitHub's offerings, there are times when I prefer to host a private repository on a server I control. Setting up your own Git server can be useful if you're isolated from the public internet, if you're subject to inflexible regulations, or if you simply want features different from those offered by GitHub (and other similar providers). Setting up a Git server on a Unix (Linux, Mac OS X, *BSD, Solaris, AIX) machine isn't difficult, but there are many details to observe. Here is a complete guide.

SCO: The pain that never ends

Posted By Greg Lehey

In other news, Jürgen Lock pointed me at this report. After only 10 years, a complete lack of evidence, and a bankruptcy, SCO (now spelt XINUOS) is still not giving up with their law suit against IBM. Why? Went back looking and discovered that it was ten years ago today that SCO announced that they had terminated IBM's UNIX license. It's also the tenth anniversary of the publication of a Byte interview with Chris Sontag, unfortunately also no longer accessible. Went looking and found that most of the documents to which I had referred in my documentation of the case have since ceased to exist.

Death to HTML!

Posted By Greg Lehey

While playing around with my photos a few days ago, I came across a strange problem: in my diary for 16 April 2011, my normal photo resizing stopped working correctly. Spent some considerable time investigating it, finally reducing it to a simple example. Normally I have five potential display sizes for an image: hide (size 0), thumbnail (67,500 pixels, size 1), small (270,000 pixels, size 2), and two big, both the native size of the image. Size 3 scales this image to the width of the window, while size 4 shows it in full resolution. In this case, though, size 3 was smaller than size 2.

Goodbye Friends

Posted By Greg Lehey

Phone call from somebody at a company Wordsworth. He wanted access to the domain fbbg.org.au. I told him there was a web site, but no, it seems Wordsworth (or whatever) is the company doing the transition to a professional web site, and what he really wanted was information on how to update the DNS information. He had the registry key, but didn't know what to do with it. Asked him to send me a mail message, which came from Adel, with whom I had spoken earlier this year, with an email domain address from a different domain. Sent her the information, and the DNS records were quickly updated.

Details of NSA Data Requests from US Corporations

Posted By Bruce Schneier

Facebook (here), Apple (here), and Yahoo (here) have all released details of US government requests for data. They each say that they've turned over user data for about 10,000 people, although the time frames are different. The exact number isn't important; what's important is that it's much lower than the millions implied by the PRISM document. Now the big question:...

Cumulus Networks: A Sneak Preview of One of My Favorite Startups

Posted By James Hamilton

Back in 2009, in Datacenter Networks are in my way, I argued that the networking world was stuck in the mainframe business model: everything vertically integrated. In most datacenter networking equipment, the core Application Specific Integrated Circuit (ASIC  the heart of a switch or router), the entire hardware platform for the ASIC including power and physical network connections, and the software stack including all the protocols all come from a single vender and there is no practical mechanism to make different choices. This is how the server world operated back 40 years ago and we get much the same result. Networking gear is expensive, interoperates poorly, is expensive to manage and is almost always over-subscribed and constraining the rest of the equipment in the datacenter.  Further exaggerating what is already a serious problem, unlike the mainframe server world of 40 years back, networking equipment is also unreliable.

NSA Secrecy and Personal Privacy

Posted By Bruce Schneier

In an excellent essay about privacy and secrecy, law professor Daniel Solove makes an important point. There are two types of NSA secrecy being discussed. It's easy to confuse them, but they're very different. Of course, if the government is trying to gather data about a particular suspect, keeping the specifics of surveillance efforts secret will decrease the likelihood of...

Evidence that the NSA Is Storing Voice Content, Not Just Metadata

Posted By Bruce Schneier

Interesting speculation that the NSA is storing everyone's phone calls, and not just metadata. Definitely worth reading. I expressed skepticism about this just a month ago. My assumption had always been that everyone's compressed voice calls is just too much data to move around and store. Now, I don't know. There's a bit of a conspiracy-theory air to all of...

Reprocessing old panoramas

Posted By Greg Lehey

It's been nearly two years since I started my current panoramic views of the garden, and in that time lots of things have changed. In particular, at the time I was using out-of-camera JPEGs, and now I process my images with DxO Optics Pro. The difference in appearance may be at least partially due to that. Here the verandah two years ago and now: Spent quite some time reprocessing the images with DxO Optics Pro, but the difference wasn't that pronounced.

Project C-43: A Final Piece of Public-Key Cryptography History

Posted By Bruce Schneier

This finally explains what John Ellis was talking about in "The Possibility of Non-Secret Encryption" when he dropped a tantalizing hint about wartime work at Bell Labs....

Blogging Will Resume This Week

Posted By Jeff Barr

After spending the past three years in the UW’s MCDM program (one class per quarter), I graduated last week. I now have a lot more free time and I plan to use some of it on this blog. As soon … Continue reading →

Blowback from the NSA Surveillance

Posted By Bruce Schneier

There's one piece of blowback that isn't being discussed -- aside from the fact that Snowden killed the chances of a liberal arts major getting a job at the DoD for a decade -- and that's how the massive NSA surveillance of the Internet affects the US's role in Internet governance. Ron Deibert makes this point: But there are unintended...

PayPal: Don't follow this link

Posted By Greg Lehey

Mail from PayPal today with some policy updates and the good advice not to follow any links in their messages, but to type in the URL! Yes, it's possible to have a disguised link, but the idea of cutting and pasting doesn't seem to have occurred to them. And then they provide links anywaywhich do exactly the kind of obfuscation they're warning about (real URL at bottom left): What happens if you follow that link? An electronic rap on the knuckles?

Golang Diaries I

Posted By Tim Bray

Some of the most popular things on this blog have been diaries Ive written as I explore my way through a new technology or hobby. Im picking up the Go Programming Language, whose HQ is (significantly) at golang.org and which Im going to refer to as Golang for reasons which should become obvious. Whatever you thing of Golang, its apparently got some momentum and some seriously smart people are working on and in it; so this may actually be of service to the community. At this point, I should tip my hat to Mark Pilgrim, who taught me that a really good time to write about something is while youre still discovering it, before youre looking at it from the inside.

Unmapped Lands

Posted By Tim Bray

I ran across Theresa Couchman on The Setup (always recommended), which convinced me to buy The Unmapped Lands, and wow, is it ever fun. There is a whole lot of stuff in this book; probably more than really necessary, because the people in it are so interesting. I was actually sort of hoping Ms Couchman would ease off on the action a bit and just run with them a bit, but I never wasnt entertained. Lets see, we start with a hardass witch in Albany, NY, and then we get a demon and a smart rat and an Intuitive and a Magician and an alternate-reality portal and a grimoire and dragons and giant spiders and, yeah, theres more, but you get the idea.

Taming DxO

Posted By Greg Lehey

I've been processing my photos with DxO Optics Pro for over a year now, but I still haven't really understood all the details. I frequently use the HDR Artistic profile, which gives me the kind of in-your-face colours and shadow accentuation that I like, but I've only gradually come to realize that it comes at the expense of considerable burnout in the highlights. Today I had to adjust some of my flower images by up to 2 EV to get some detail back in the highlights. More to be learnt.

Velocity 2013 in Santa Clara

Posted By Tom Limoncelli

I'll be attending the Velocity conference next week. If you see me please say "hi"!

Indian Veg

Posted By Benjamin Mako Hill

Recently, I ate at the somewhat famous London vegetarian restaurant Indian Veg Bhelpoori House in Islington (often referred to simply as Indian Veg). I couldn’t help but imagine that the restaurant had hired Emanuel Bronner as their interior decorator.

The NSAs Prism: why we should care

Posted By Cory Doctorow

The Guardian

Why you should care about surveillance

Posted By Cory Doctorow

I got tired of people savvying me about the revelations of NSA surveillance and asking why anyone would care about secret, intrusive spying, so I wrote a new Guardian column about it, "The NSA's Prism: why we should care." We're bad at privacy because the consequences of privacy disclosures are separated by a lot of … [Read more]

Revisiting AEC map slowness

Posted By Greg Lehey

One of my complaints about the AEC web site was that the maps they provided were enormously bloated, and they took up to 15 minutes CPU time to render on my machine. We discussed the matter on IRC and discovered a number of interesting things. Firstly, one of the issues was the way I zoomed: increase the map size to 800% and then pan with the slide bars. I didn't realize that most maps have labels in text, so I could have searched with normal text search, which speeded things up considerablyonly a couple of minutes. But then somebody tried running with Microsoft, and the map rendered orders of magnitude faster than under FreeBSDso fast that I probably wouldn't have commented.

Internode: our fault after all

Posted By Greg Lehey

My network problems are no longer quite as bad as they were two months ago. The connection quality is still so bad that VoIP is seldom practical, but I no longer have the extreme dropout rate that I had at the time. That's no thanks to Internode, who ignored my traces and just gave up. I asked them to escalate the matter, and they said yes, they'd do so. Silence. And then I got a message: Apologises for the late reply, this email is in regards to the throughput issue that you reported back in early April.

Friday Squid Blogging: Sperm Consumption in the Southern Bottletail Squid

Posted By Bruce Schneier

It's a novel behavior. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

findIDP Tech Choices

Posted By Tim Bray

Im building a service that uses a bunch of heuristics to, given an email address, figure out which Identity Provider (IDP) you should try to use to log that address in. Im doing it in Go. Heres why. The Context You can read about about the whys of the thing in Project findIDP. But heres the how: You get an email address. You do a whole bunch of network retrievals; glance at the domains MX record, try WebFinger, ask some well-known providers whether they host the domain. People can go online and select their own IDP for email addresses they control.

Sixth Annual Movie-Plot Threat Contest Semifinalists

Posted By Bruce Schneier

On April 1, I announced the Sixth Annual Movie Plot Threat Contest: I want a cyberwar movie-plot threat. (For those who don't know, a movie-plot threat is a scare story that would make a great movie plot, but is much too specific to build security policy around.) Not the Chinese attacking our power grid or shutting off 911 emergency services...

Ricin as a Terrorist Tool

Posted By Bruce Schneier

This paper (full paper behind paywall) -- from Environment International (2009) -- does a good job of separating fact from fiction: Abstract: In recent years there has been an increased concern regarding the potential use of chemical and biological weapons for mass urban terror. In particular, there are concerns that ricin could be employed as such an agent. This has...

Guardian podcast on publishing with Jonny Geller and Henry Volans

Posted By Cory Doctorow

Neil Gaiman's taken over the Guardian's Books Podcast, and had me and agent Jonny Geller and Henry Volans, head of Faber Digital, in the studio for a wide-ranging and awfully fun podcast. The first 20 minutes are a fascinating look at weird London by Damien Walter, and then we kick off with the discussion. MP3 … [Read more]

UK Pirate Cinema is out!

Posted By Cory Doctorow

The UK edition of my novel Pirate Cinema hits stores officially today! Tell your friends! When Trent McCauley's obsession for making movies by reassembling footage from popular films causes his home s internet to be cut off, it nearly destroys his family. Shamed, Trent runs away to London. A new bill threatens to criminalize even … [Read more]

GotW #94 Special Edition: AAA Style (Almost Always Auto)

Posted By Herb Sutter

Toward correct-by-default, efficient-by-default, and pitfall-free-by-default variable declarations, using “AAA style”& where “triple-A” is both a mnemonic and an evaluation of its value.   Problem JG Questions 1. What does this code do? What would be a good name for some_function? template<class Container, class Value>void some_function( Container& c, const Value& v ) { if( find(begin(c), end(c), […]

GotW #93 Solution: Auto Variables, Part 2

Posted By Herb Sutter

Why prefer declaring variables using auto? Let us count some of the reasons why&   Problem JG Question 1. In the following code, what actual or potential pitfalls exist in each labeled piece of code? Which of these pitfalls would using auto variable declarations fix, and why or why not? // (a)void traverser( const vector<int>& […]

Trading Privacy for Convenience

Posted By Bruce Schneier

Ray Wang makes an important point about trust and our data: This is the paradox. The companies contending to win our trust to manage our digital identities all seem to have complementary (or competing) business models that breach that trust by selling our data. ...and by turning it over to the government. The current surveillance state is a result of...

By His Things Shall You Know Him (podcast)

Posted By Cory Doctorow

The Institute for the Future commissioned me to write a story about the "Internet of Things," and I wrote them a piece called By His Things Will You Know Him, about death, networks, and computers. It's part of an anthology called "An Aura of Familiarity: Visions from the Coming Age of Networked Matter," which we'll … [Read more]

By His Things Shall You Know Him

Posted By Cory Doctorow

By His Things Will You Know Him, "An Aura of Familiarity: Visions from the Coming Age of Networked Matter," Institute for the Future

Interview withe PRIs The World about Orwell, Huxley and the NSA

Posted By Cory Doctorow

I recorded an interview with the PRI show The World yesterday about Orwell, Huxley and the NSA. It came out well, I think. MP3 Link

More on Feudal Security

Posted By Bruce Schneier

Facebook regularly abuses the privacy of its users. Google has stopped supporting its popular RSS feeder. Apple prohibits all iPhone apps that are political or sexual. Microsoft might be cooperating with some governments to spy on Skype calls, but we don't know which ones. Both Twitter and LinkedIn have recently suffered security breaches that affected the data of hundreds of...

Class remixes of Little Brother from Cathedral Prep in Queens, NY

Posted By Cory Doctorow

Boys from Brett Wierzbicki's English class at Cathedral Preparatory Seminary in Queens, NY have been reading my novel Little Brother and Brett gave them the option of doing a book-remix instead of a traditional book-report. All told, they produced seven absolutely terrific remixes of the book, and they were good enough to send them all … [Read more]

Essays Related to NSA Spying Documents

Posted By Bruce Schneier

Here's a quick list of some of my older writings that are related to the current NSA spying documents: "The Internet Is a Surveillance State ," 2013. The importance of government transparency and accountability, 2013. The dangers of a government/corporate eavesdropping partnership, 2013. "Why Data Mining Won't Stop Terror," 2006. "The Eternal Value of Privacy," 2006. The dangers of our...

Good Internet Baseball

Posted By Tim Bray

I was in OpenID meetings at Microsoft all day Tuesday, and started driving home to Vancouver at 4PM. This a fairly painful route at that time, but the Blue Jays and White Sox, via MLB on the Nexus 7, reduced the pain considerably. The problems included an accident on 405 (but theres always an accident on 405) and that Skagit-river bridge that fell down last month (but the detour isnt terrible). Still, a lot of stop-and-go. If you could just keep going you could do the trip in under 3 hours; it took me a just over 4. So right there in the Microsoft parking lot, I pulled up the MLB app on the N7 and checked out what was on; then tuned into the Toronto pre-game show.

Native Mock Orange

Posted By Tim Bray

Wikipedia does not list this among the common names of Philadelphus_lewisii but thats what we call it. At the moment it is a wild eruption of blossoms and perfume, actually managing to outshine the roses, which are in full-on attack mode too. The flowers are too many to count. Since they are mostly white, they wear the colors the sun drapes them with, depending on the time and the angle.

Resurrecting Debian Seattle

Posted By Benjamin Mako Hill

      When I last lived in Seattle, nearly a decade ago, I hosted the Debian Seattle Social email list. When I left the city, the mailing list eventually fell victim to bitrot. When Allison Randall asked me about the list a couple months ago, I decided that moving back to Seattle was a good excuse [...]

Prosecuting Snowden

Posted By Bruce Schneier

Edward Snowden broke the law by releasing classified information. This isn't under debate; it's something everyone with a security clearance knows. It's written in plain English on the documents you have to sign when you get a security clearance, and it's part of the culture. The law is there for a good reason, and secrecy has an important role in...

The Psychology of Conspiracy Theories

Posted By Bruce Schneier

Interesting. Crazy as these theories are, those propagating them are not -- theyre quite normal, in fact. But recent scientific research tells us this much: if you think one of the theories above is plausible, you probably feel the same way about the others, even though they contradict one another. And its very likely that this isn't the only news...

Trust in IT

Posted By Bruce Schneier

Ignore the sensationalist headline. This article is a good summary of the need for trust in IT, and provides some ideas for how to enable more of it. Virtually everything we work with on a day-to-day basis is built by someone else. Avoiding insanity requires trusting those who designed, developed and manufactured the instruments of our daily existence. All these...

More Hugin project file frobbing

Posted By Greg Lehey

Preparing comparison images of panoramas isn't easy. Each time the crop is subtly different, so they don't register correctly when combined on a web page: the images tend to jump when the mouse goes over them. What I need is a way to crop different images identically. And that information, too, should be in the Hugin project file. But where? I still can't find the documentation. Still, inspection can be useful. Tried comparing the project files of the normal panorama and the HDR version of yesterday's garden to the south-east investigation. They differ in many ways, of course, notably in the number of images, but right at the start I got: --- garden-se.jpeg.pto  2013-06-10 11:27:25.000000000 +1000 +++ garden-se-hdr.jpeg.pto      2013-06-09 12:21:25.000000000 +1000 @@ -1,21 +1,45 @@  # hugin project file  #hugin_ptoversion 2 -p f1 w6057 h3490 v237  E12.2262 R0 S364,5763,771,3284 ...

Tagging and Location Technologies

Posted By Bruce Schneier

Interesting speculative article....

Little Brother is the One School/One Book choice for Chariho High in Rhode Island

Posted By Cory Doctorow

I'm delighted to announce that Chariho High School in Wood River Junction, RI, has chosen my novel Little Brother for its One School/One Book program. Above is a video I recorded for the students; here's a press release [PDF] from Chariho: FOR THE FIRST TIME, Chariho Regional High Schools Summer Reading Program is One School … [Read more]

How to make a MacBook Kensington Lock Adapter

Posted By Diomidis D. Spinellis

Apple, in its infinite wisdom, has not included a Kensington lock slot in the current model of the MacBook Pro computer. Given the computer's price, desirability, and the fact that three people I know have had theirs stolen, I decided to build an improvised adapter that would allow me attach a Kensington lock to the computer. I realize, that the security offered by such a contraption is what my colleague Vassilis Prevelakis calls an "advisory lock", for Kensington locks can be easily picked or pried away.

Government Secrets and the Need for Whistle-blowers

Posted By Bruce Schneier

Yesterday, we learned that the NSA received all calling records from Verizon customers for a three-month period starting in April. That's everything except the voice content: who called who, where they were, how long the call lasted -- for millions of people, both Americans and foreigners. This "metadata" allows the government to track the movements of everyone during that period,...

Turnbull speaks

Posted By Greg Lehey

Reply to the mail message I sent to Malcolm Turnbull last month: Greg, we have every intention on delivering on our plan. Thanks for your tip on the fasterbroadband survey site, we will look into that. Nothing world-shattering, and I remain to be convinced, but since at the time I voiced an opinion that he might not reply, it's only fair to note that I was wrong.

More alternative panoramas

Posted By Greg Lehey

On with my panorama processing experiments today. One view that is particularly challenging is the 180° view south-east from the north-east corner of the house. The left-hand end is a shade area, and to the right of centre it's open, so the difference in illumination is markedtoday, surprisingly, it was only a difference of 3.4 EV from the darkest to the brightest. Still, an interesting motive for comparing the three relevant methods. In each case I started with the same 18 images, representing the following 6 views: I've deliberately shown these taken at ...

Law abiding citizen.

Posted By Theo Schlossnagle

Back-to-Basics Weekend Reading - Auctions and bidding: A guide for computer scientists

Posted By Werner Vogels

I have just returned from the AWS Summits in New Zealand and Japan, which were both very well attended and, according to the feedback, very successful. While I was in New Zealand I had great discussion with the folks from Trade Me, the auction site which according to some counts for 70% of all NZ internet traffic. This resulted in some deep technical conversations later, over beer, with some colleagues and customers about the principles behinds different auction and bidding styles. I noticed that my basic knowledge there was rather rusty and I have decided to use this weekend to go a bit more in-depth in the various styles and techniques.

Alternative panorama processing

Posted By Greg Lehey

More playing around with panorama processing today. The sun was shining, so I took more HDR images than normal. Normally I process the images by first converting them to tone-mapped images, and then running Hugin to stitch them together. But Hugin can handle the HDR conversion too, so today I tried that (Exposure fused from stacks). What a time it takes! The tone-mapping step takes quite a time too, but here I had a total of 63 images, and cpfind alone took over an hour of CPU time to find its control points. Stitching took about another 90 minutes, and in total the whole thing took 3½ hours.

London and Michigan

Posted By Benjamin Mako Hill

I’ll be spending the week after next (June 17-23) in London for the annual meeting of the International Communication Association where I’ll be presenting a paper. This will be my first ICA and I’m looking forward to connecting with many new colleagues in the discipline. If you’re one of them, reading this, and would like [...]

Back-to-Basics Weekend Reading - Auctions and bidding: A guide for computer scientists

Posted By Werner Vogels

I have just returned from the AWS Summits in New Zealand and Japan, which were both very well attended and, according to the feedback, very successful. While I was in New Zealand I had great discussion with the folks from Trade Me, the auction site which according to some counts for 70% of all NZ internet traffic.

Clarion Write-a-Thon: sponsoring writers to raise money for the Clarion science fiction and fantasy workshop

Posted By Cory Doctorow

I've just signed up for the Clarion Write-a-Thon, an annual fundraiser that brings in money to run the non-profit Clarion Writers Workshop, a kind of bootcamp for science fiction writers held every year at UCSD's La Jolla Campus. I'm a Clarion grad, volunteer board-member, and I'm back teaching the program this year, so I guess … [Read more]

PHP: planned obsolescence

Posted By Greg Lehey

About a week ago the Oly-e web site went down, with messages like: Warning: fopen(data/.threading): failed to open stream: No such file or directory in /var/www/clients/client35/web109/web/news/a.php4 on line 76 Warning: fgets() expects parameter 1 to be resource, boolean given in /var/www/clients/client35/web109/web/news/a.php4 on line 77 Warning: fclose() expects parameter 1 to be resource, boolean given in /var/www/clients/client35/web109/web/news/a.php4 on line 94 No prizes for guessing where that came from. Reported it to Reinhard Wagner, who runs the site, and he told me that his ISP had spring a PHP update on him without warning.

Friday Squid Blogging: Squid Comic

Posted By Bruce Schneier

A squid comic about the importance of precise language in security warnings. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Audio Interview with Me

Posted By Bruce Schneier

In this podcast interview, I talk about security, power, and the various things I have been thinking about recently....

Project findIDP

Posted By Tim Bray

What happened was, I got an invite to Poetica, the new startup by Good Internet People Blaine and Maureen. (Poetica has a strong central idea and is aesthetically a treat.) The login experience was unlike anything Id seen. The screen had just one blank space: Type your email address. So I picked my address at our textuality.com family domain, where mail happens to go through Google apps. The next thing I saw was the approval screen from Google saying OK to use your identity to log into Poetica? Then there I was, signed-in and seeing the new-user experience. Very, very slick; and of course no passwords involved.

New article in "login magazine": Ganeti: Cluster Virtualization Manager

Posted By Tom Limoncelli

The June issue of ";login: Magazine" (the Usenix magazine) is out and it includes a piece I contributed to: Ganeti: Cluster Virtualization Manager by Guido Trotter and Tom Limoncelli If you are a Usenix member you'll receive the issue in the mail soon if you haven't already. Otherwise you can purchase the article or the entire magazine online. Even better: join Usenix and don't miss an issue!

GotW #93: Auto Variables, Part 2

Posted By Herb Sutter

Why prefer declaring variables using auto? Let us count some of the reasons why&   Problem JG Question 1. In the following code, what actual or potential pitfalls exist in each labeled piece of code? Which of these pitfalls would using auto variable declarations fix, and why or why not? // (a)void traverser( const vector<int>& […]

GotW #92 Solution: Auto Variables, Part 1

Posted By Herb Sutter

What does auto do on variable declarations, exactly? And how should we think about auto? In this GotW, we’ll start taking a look at C++’s oldest new feature.   Problem JG Questions 1. What is the oldest C++11 feature? Explain. 2. What does auto mean when declaring a local variable? Guru Questions 3. In the […]

A Really Good Article on How Easy it Is to Crack Passwords

Posted By Bruce Schneier

Ars Technica gave three experts a 16,000-entry encrypted password file, and asked them to break them. The winner got 90% of them, the loser 62% -- in a few hours. The list of "plains," as many crackers refer to deciphered hashes, contains the usual list of commonly used passcodes that are found in virtually every breach involving consumer websites. "123456,"...

Interrupt timeout, channel dead

Posted By Greg Lehey

Watching TV today, the playback tripped over some kind of data corruption, after which I couldn't play anything back. It's not the first time, but this time I looked at the system log and discovered: Jun  6 16:54:14 teevee kernel: pcm0: chn_write(): pcm0:play:dsp0.p1: play interrupt timeout, channel dead That's the audio output channel. And there seems to be no way to revive it. Reboot time. And clearly, since it has happened more than once, time to investigate more carefully. It seems that there have been a number of reports of this problem, most recently probably this one.

Civilization

Posted By Tim Bray

Im writing this in the library at Renfrew Park Community Centre, waiting while my sons at a martial-arts class. Just walking in here, I got all choked up. I guess most places in North America have these scattered around. Quite likely lots of other places round the world too, only Ive never been to any because theyre emphatically for locals, usually. Theyre where you find gyms and meeting rooms and swimming pools and rinks and libraries, in some combination. In Vancouver, theyre pretty well all busy all the time. There are aerobics and yoga and swimming and karate and committees happening here.

The Cost of Terrorism in Pakistan

Posted By Bruce Schneier

This study claims "terrorism has cost Pakistan around 33.02% of its real national income" between the years 1973 and 2008, or about 1% per year. The St. Louis Fed puts the real gross national income of the U.S. at about $13 trillion total, hand-waving an average over the past few years. The best estimate I've seen for the increased cost...

Web search: brute force and ignorance

Posted By Greg Lehey

Should I keep my diary in text files or in a database? Clearly the professional approach is a database, but I've never quite got round to doing it. One of the nice things about keeping my diary in files is that I can use standard tools like grep to search for things, something I do relatively frequently. But that only works at home. Two weeks ago I was at Jenny Bartlett's and wanted to find a diary reference to Android using her Android tablet. A complete pain, especially since I didn't recall the date. What I need is a web-accessible grep.

Eugene Spafford Answers Questions on CNN.com

Posted By Bruce Schneier

Excellent interview....

GotW #92: Auto Variables, Part 1

Posted By Herb Sutter

What does auto do on variable declarations, exactly? And how should we think about auto? In this GotW, we’ll start taking a look at C++’s oldest new feature.   Problem JG Questions 1. What is the oldest C++11 feature? Explain. 2. What does auto mean when declaring a local variable? Guru Questions 3. In the […]

GotW #91 Solution: Smart Pointer Parameters

Posted By Herb Sutter

NOTE: Last year, I posted three new GotWs numbered #103-105. I decided leaving a gap in the numbers wasn’t best after all, so I am renumbering them to #89-91 to continue the sequence. Here is the updated version of what was GotW #105.   How should you prefer to pass smart pointers, and why?   […]

Data protection in the EU: the certainty of uncertainty

Posted By Cory Doctorow

The Guardian

Anonymizing is really hard really, so why is the EU acting like its easy?

Posted By Cory Doctorow

My latest Guardian column is "Data protection in the EU: the certainty of uncertainty," a look at the absurdity of having privacy rules that describes some data-sets as "anonymous" and others as "pseudonymous," while computer scientists in the real world are happily re-identifying "anonymous" data-sets with techniques that grow more sophisticated every day. The EU … [Read more]

Security and Human Behavior (SHB 2013)

Posted By Bruce Schneier

I'm at the Sixth Interdisciplinary Workshop on Security and Human Behavior (SHB 2013). This year we're in Los Angeles, at USC -- hosted by CREATE. My description from last year still applies: SHB is an invitational gathering of psychologists, computer security researchers, behavioral economists, sociologists, law professors, business school professors, political scientists, anthropologists, philosophers, and others -- all of whom...

Firefox: works

Posted By Greg Lehey

Back to the firefox problem today. I have established that I no longer get a SIGSEGV on startup if I build with debugging support, which goes beyond mere symbols in the binaries. It also produces lots of debug messages. The fact that the resultant binary doesn't fail suggests that the problem could be a race condition of some kind. So: back to a build without symbols. Problem: it worked. I can no longer reproduce the problem. How I hate that! It usually means that the bug has gone into hiding, but hasn't gone away. Potentially some minor change in the system software in the nearly 2 weeks since I first ran into the problem might have solved the problem.

The Problems with CALEA-II

Posted By Bruce Schneier

The FBI wants a new law that will make it easier to wiretap the Internet. Although its claim is that the new law will only maintain the status quo, it's really much worse than that. This law will result in less-secure Internet products and create a foreign industry in more-secure alternatives. It will impose costly burdens on affected companies. It...

The Security Risks of Unregulated Google Search

Posted By Bruce Schneier

Someday I need to write an essay on the security risks of secret algorithms that become part of our infrastructure. This paper gives one example of that. Could Google tip an election by manipulating what comes up from search results on the candidates? The studys participants, selected to resemble the US voting population, viewed the results for two candidates on...

The possibility of cross-site configuration management

Posted By Tom Limoncelli

Steve Murawski from the ServerFault blog has some interesting notes about the prospect of a single configuration management system that works across Linux and Windows and other things too.

Little Brother is San Franciscos One City/One Book pick for 2013

Posted By Cory Doctorow

I am as pleased as is humanly possible to announce that the San Francisco Public Library system has chosen my novel Little Brother for its "One City/One Book" program, the first ever young adult novel to be so honored by the SFPL. I'll be coming to San Francisco in late September to visit the city's … [Read more]

The Problems with Managing Privacy by Asking and Giving Consent

Posted By Bruce Schneier

New paper from the Harvard Law Review by Daniel Solove: "Privacy Self-Management and the Consent Dilemma": Privacy self-management takes refuge in consent. It attempts to be neutral about substance -- whether certain forms of collecting, using, or disclosing personal data are good or bad -- and instead focuses on whether people consent to various privacy practices. Consent legitimizes nearly any...

Firefox: success?

Posted By Greg Lehey

Tried my latest firefox build again today. It worked! Well, sort of. It might be that I forgot to specify a DISPLAY environment variable yesterday, though when I did so today I got a corresponding error message. But it produced voluminous debug output and... worked. Another Heisenbug chased away by debug code. I have better things to do than chase this stuff, so I did them.

The Scalzi/Amazon Trap

Posted By Tim Bray

I kind of liked The Androids Dream and Redshirts by John Scalzi. A couple weeks ago I needed some light-ish reading so I picked up Old Mans War, and the jaws closed on my wallet. Its the first book of a multi-part space-opera series. The aliens are mostly satisfactorily evil, the solution to the impossibility-of-coherent-space-opera problem is clever, and the people in the stories are interesting. There are irritants  for example, the only character so far to suggest, you know, talking to the aliens before shooting, is reviled as a blowhard and quickly disposed of. But still, good story, clever premise, and I confess to enjoying space opera.

Blogginess

Posted By Tim Bray

Paul Kedrosky, highly visible Internet/Money guy, tweets: So strange to see people talking about future of blogs in 2013. Blogs still exist? (His own blog is now just a daily tweetpendium.) Pauls smart, but thats ridiculous. Just to warm up, heres some recent random blog brilliance, harvested from less-than-a-month-old tabs in the nearest browser. Doc Searls, Identity is personal. The gunslinger blog, scenes from the wild west. Colby Cosh, Lord, send pesticide for the weed of gendercide. John Hempton, Spark Networks and the strange failure of sex-starved Jewish computer science undergrads... and Practical lessons in assessing exotic risks. What Matters We increase and improve our body of knowledge through conversation.

Insight into Hugin stitching modes

Posted By Greg Lehey

It was the beginning of winter and coincidentally house photo day today. Despite the forecast, it wasn't raining, and there was almost no wind, so I ended up with some relatively good if dreary images: Once again I experimented with the various stitching methods that Hugin offers. I'm gradually understanding the different stitching methods that I looked at last week. Of course, I have to confess that I didn't RTFM. Not that that helps much: the page shows the stitcher menu and claims If you click the Create panorama button the new stitch popup sub-screen will be displayed.

Firefox on hold for now

Posted By Greg Lehey

Into the office this morning to find that the debug build of firefox had finally completed. Ran it: === grog@monorchid (/dev/pts/1) ~ 2 -> firefox nsStringStats  => mAllocCount:              6  => mReallocCount:            1  => mFreeCount:               6  => mShareCount:              4  => mAdoptCount:              0  => mAdoptFreeCount:          0 === grog@monorchid (/dev/pts/1) ~ 3 -> Well, at least it didn't crash.

Firefox pain, next installment

Posted By Greg Lehey

On with my attempts to build firefox today. Repeated the build that died yesterday with SIGKILL andit happened again! It wasn't until some time later that Jürgen Lock reminded me that this is what happens when you run out of swap. In parallel, installed the image on my real hardware, with 3 GB of memory and 3 GB of swap. This time it didn't die with SIGKILL. Instead I got: /usr/bin/clang++ -o nsCategoryManager.o -c -I../../dist/stl_wrappers -I../../dist/system_wrappers -include ../../../config/gcc_hidden.h -DMOZ_GLUE_IN_PROGRAM -DMOZILLA_INTERNAL_API -D_IMPL_NS_COM -DEXPORT_XPT_API -DEXPORT_XPTC_API -D_IMPL_NS_GFX -D_IMPL_NS_WIDGET -DIMPL_XREAPI -DIMPL_NS_NET -DIMPL_THEBES  -DSTATIC_EXPORTABLE_JS_API -DNO_NSPR_10_SUPPORT -D_IMPL_NS_COM -I../../../xpcom/components/../reflect/xptinfo/src -I../../../xpcom/components/../base -I../../../xpcom/components/../ds -I../../../xpcom/components/../build -I..

Future network problems

Posted By Greg Lehey

In the short term, the radiation tower will be a solution for the network connectivity problems. But for the foreseeable future that will offer a maximum speed of 25 Mb/s, and it will max out under 100 Mb/ssurprisingly similar to the Coalition's plans for a castrated NBN. One of their biggest complaints was slow rollout; yesterday NBN produced a report for the Senate Budget Estimates Committee showing that they had greatly improved rollout, in some cases increasing total deployment by over 30% over the total up to the previous month. They started slowly, but they seem to be catching up now. What did the committee talk about?

Current network problems

Posted By Greg Lehey

My current 3G network was quite reliable up to about the beginning of the year, but since then the quality has dropped markedly, and Internode just don't want to know. Roll on the radiation tower! Today was particularly bad. Each of these represents a drop in connections, which kills my TCP connections and takes about 5 minutes to recover: May 31 08:51:49 eureka ppp[2657]: tun0: IPCP: myaddr 121.44.75.14 hisaddr = 10.1.0.1 May 31 09:21:27 eureka ppp[2657]: tun0: IPCP: myaddr 121.44.115.16 hisaddr = 10.1.0.1 May 31 09:55:22 eureka ppp[2657]: tun0: IPCP: myaddr 121.44.87.232 hisaddr = 10.1.0.1 May 31 10:27:02 eureka ppp[2657]: tun0: IPCP: myaddr 118.209.74.64 hisaddr = 10.1.0.1 May 31 12:52:40 eureka ppp[2657]: tun0: IPCP: myaddr 121.44.92.89 hisaddr = 10.1.0.1 May 31 15:02:25 eureka ppp[2657]: tun0: IPCP: myaddr 118.209.81.159 hisaddr = 10.1.0.1 May 31 15:37:34 eureka ppp[2657]: tun0: IPCP: myaddr 118.209.20.125 hisaddr = ...