Planet Russell


Worse Than FailureCodeSOD: The Key to Using Dictionaries

It's easy to use dictionaries/maps to solve the wrong kinds of problems, but deep down, what's more elegant than a simple hashed map structure? If you have the key, fetching the associated value back out happens in constant time, regardless of the size of the map. The same is true for inserting. In fact, hash maps only become inefficient when you start searching them.

Concetta recently started a new job. Once upon a time, a developer at the office noticed that the user-facing admin pages for their product were garbage. They whipped up their own internal version, which let them accomplish tasks that were difficult, time-consuming, or downright impossible to do in the "official" front end. Time passed, someone noticed, "Hey, this is better than our actual product!", and suddenly the C# code that just lived in one folder on one developer's machine was getting refactored and cleaned up into an application they could release to the public.

Concetta wasn't surprised to see that the code wasn't exactly great. She wasn't surprised that it constantly threw exceptions any time you tried to change anything. But she was surprised by this:

var result = (from kvp in HubProxies where kvp.Key == hubType select kvp.Value).FirstOrDefault(); if (result != null) return result; result = hubConnection?.CreateHubProxy(hubType.Name); HubProxies.Add(hubType, result); return result;

HubProxies was a dictionary, mapping Type keys to HubProxy objects. it was pretty clear where the previous developer had stumbled: if a certain value of hubType had never gotten a HubProxy associated with it, you'll get a key error when trying to Get the value there.

Of course, C# dictionaries have a wonderful TryGetValue method, which will accomplish two things: it will get the value and put it in an output parameter without enumerating each individual key, if that key exists, and it will return a boolean telling you whether or not the key exists.

It's the latter part which actually drew Concetta's attention to this block of code: she was getting duplicate key exceptions. This block of code was attempting to add a value for a key which already existed. It's not hard to see why. The FirstOrDefault() line will return either the first match or if there are no matches, null. But what if the dictionary contains nulls?

Concetta's first attempt to fix this code was to use TryGetValue, but that lead to downstream null reference exceptions. As it turned out, the dictionary might contain nulls, but shouldn't contain nulls. It wasn't hard to make sure an actual, concrete value was returned every time. This was no billion dollar mistake, but Concetta was impressed by how much the original developer got wrong in so few lines.

[Advertisement] ProGet can centralize your organization's software applications and components to provide uniform access to developers and servers. Check it out!

Planet Linux AustraliaPia Waugh: UNDP 2018: Evidence based vs experimentation based policy

Recently I have a remote talk to a UNDP event about Evidence based versus experimentation based policy. Below are the notes.
  • We invented all of this, and we can reinvent it. We can co-create a better future for everyone, if we choose. But if we settle for making things just a bit better, a bit more sustainable, a bit anything, then we will fundamentally fail the world because change and complexity is growing exponentially, and we need an exponential response to keep up.
  • There is a dramatic shift in paradigm from control to enablement, from being a king in a castle to a node in a network, which assumes a more collaborative approach to governance.
  • Evidence based approaches are great to identify issues, but we need experimentation based approaches, equitably co-designed with communities, so create sustainable and effective solutions. Evidence based solutions often are normative rather than transformative.
  • We need both evidence and experimentation based policy making, combined with system thinking and public engagement to make a real difference.
  • Digital transformation is often mistaken for meaning the digitisation of or service design led improvement of services, but digital transformation means creating institutions that are fit for purpose for the 21st century, from policy, regulation, services, public engagement, a full rethink and redesign of our social, economic and political systems.
  • History in implementation, and we realised that it was the disconnect between policy and implementation, the idea of policy as separate to implementation is undermining the possibility of meeting the policy intent through implementation.
  • Measurement ends up being limited to the context of function rather than outcomes.
  • Urgently need to reform how we do policy, regulation and legislation, to embrace an outcomes based approach, to bring design thinking and system design into the process from the start, from policy development in the first instance.
  • Working in the open is essential to getting both the demand and supply of evidence based policy, and working openly also means engaging in the shared design of policy and services with the communities we serve, to draw on the experience, expertise and values of the communities.
  • Public Values Management
  • Evidence based AND experimentation based policy.
  • Examples:
    • Service Innovation Lab – NZ
      • Service design and delivery – rapid prototyping is trusted for service design
      • Applying design thinking to regulation and policy
      • Legislation as code – rapid testing of policy and legislation, Holidays Act, it is critical if we want to have a chance of ensuring traceable, accountable and trusted decision making by public sectors as we see more automated decision making with the adoption of AI and ML grow.
      • Simultaneous legislation and implementation, to ensure implementation has a chance of meeting the original policy intent.
    • Taiwan – Uber case study, civic deliberation
    • Their Future Matters – data driven insights and outcomes mapping and then co-design of solutions, co-design with Aboriginal NGOs
    • 50 year optimistic future – to collaboratively design what a contextual, cultural and values driven “good” looks like for a society, so we can reverse engineer what we need to put in place to get us there.
  • Final point – if we want people to trust our policies, services and legislation, we need to do open government data, models, traceable and accountable decision making, and representative and transparent public participation in policy.
  • Links:


Planet Linux AustraliaRobert Norris: It Turns out to be The Protagonist of The Story. Come And Have A Look

In the Garden of Eden, Adam and Eve were tempted to steal the forbidden fruit and were punished by God. The image of the snake has been poor in the West: hey, ferocious, and jealous. But there are some exceptions. When Queen Victoria of England chose to marry, she chose an unusual snake-shaped ring, symbolizing eternal life, ancient power and eternal love.

Due to the choice of Queen Victoria, celebrities from all walks of life in Britain followed suit. In the 19th century, the jewels were very popular with snake-shaped decorations, mostly in the shape of a ring: the snake’s mouth biting the snake’s tail, which means that the snake eats itself, then re-born again, and circulates forever in the flowing time.

In 2010, the British Portrait Gallery exhibited a portrait of Queen Elizabeth I painted in the 16th century. The Queen originally held a bouquet of roses, but after a few hundred years, the paint fell off and people found that there was a black snake under the rose.
Why in this painting, the Queen will hold the black snake and be covered up. This has become a mystery of history. British experts speculated that perhaps this is because the snake’s meaning is not clear, it is both the original sin and the symbol of wisdom. This may represent the controversial position of the snake in Western culture.

The Portrait of Mysterious Queen

Perhaps because of this unclear meaning of the snake, the major luxury brands are competing to use each other and reinterpreting the meaning of the snake with their own products. Inspired by the Mediterranean Eden, Bvlgati’s Spring and Summer 2017 collection is inspired by legendary craftsmanship and is perfected in modern design.
Exquisite accessories, capturing the geometric patterns of the garden, the innocence of the petals and the seductive temptation of the snake. This is a profound interpretation of the radiance and darkness of the Garden of Eden. In the spring and summer of 2017, the Bulgari accessories family pays tribute to the skilled creators, of which the Serpenti series is the most popular.

Bulgari inspires its jewelry into its new accessories, creating a collection of exquisite leather goods in a colorful and unparalleled craftsmanship that adds to the brand’s unique vibrancy, showcasing the brand’s bold and fearless soul, blending luxury with avant-garde skills. And each piece creates a luxury piece with unique creativity of Bulgari.

The mastery of color is eye-catching, and exquisite Italian craftsmanship of brand is also known.

Serpenti Forever red or blue Serpentage leather snake head jewelry bag

Serpentage Scale Snake Head Bag was inspired by the 1965 Serpenti Fine Jewelry Collection, turning the entire bag into a large “jewel”. Let jewelry and leather bags cleverly connect together to become the most popular works of brand.

Planet Linux AustraliaMichael Still: Chaos Monkeys


A very well written tale of a Wall Street quant who left during the GFC to adventure in startup land and ended up at Facebook attempting to solve their monetization problems for an indifferent employer. Martinez must have been stomping around Mountain View because his description of the environment and what its like to work inside a Silicon Valley company ring very true to me.

A good read.

Chaos Monkeys Book Cover Chaos Monkeys
Antonio Garcia Martinez
Business & Economics
Harper Paperbacks
July 24, 2018

The instant New York Times bestseller, now available in paperback and featuring a new afterword from the author--the insider's guide to the Facebook/Cambridge Analytica scandal, the inner workings of the tech world, and who really runs Silicon Valley “Incisive.... The most fun business book I have read this year.... Clearly there will be people who hate this book — which is probably one of the things that makes it such a great read.” — Andrew Ross Sorkin, New York Times Imagine a chimpanzee rampaging through a datacenter powering everything from Google to Facebook. Infrastructure engineers use a software version of this “chaos monkey” to test online services’ robustness—their ability to survive random failure and correct mistakes before they actually occur. Tech entrepreneurs are society’s chaos monkeys. One of Silicon Valley’s most audacious chaos monkeys is Antonio García Martínez. After stints on Wall Street and as CEO of his own startup, García Martínez joined Facebook’s nascent advertising team. Forced out in the wake of an internal product war over the future of the company’s monetization strategy, García Martínez eventually landed at rival Twitter. In Chaos Monkeys, this gleeful contrarian unravels the chaotic evolution of social media and online marketing and reveals how it is invading our lives and shaping our future.



Planet DebianBenjamin Mako Hill: Awards and citations at computing conferences

I’ve heard a surprising “fact” repeated in the CHI and CSCW communities that receiving a best paper award at a conference is uncorrelated with future citations. Although it’s surprising and counterintuitive, it’s a nice thing to think about when you don’t get an award and its a nice thing to say to others when you do. I’ve thought it and said it myself.

It also seems to be untrue. When I tried to check the “fact” recently, I found a body of evidence that suggests that computing papers that receive best paper awards are, in fact, cited more often than papers that do not.

The source of the original “fact” seems to be a CHI 2009 study by Christoph Bartneck and Jun Hu titled “Scientometric Analysis of the CHI Proceedings.” Among many other things, the paper presents a null result for a test of a difference in the distribution of citations across best papers awardees, nominees, and a random sample of non-nominees.

Although the award analysis is only a small part of Bartneck and Hu’s paper, there have been at least two papers have have subsequently brought more attention, more data, and more sophisticated analyses to the question.  In 2015, the question was asked by Jaques Wainer, Michael Eckmann, and Anderson Rocha in their paper “Peer-Selected ‘Best Papers’—Are They Really That ‘Good’?

Wainer et al. build two datasets: one of papers from 12 computer science conferences with citation data from Scopus and another papers from 17 different conferences with citation data from Google Scholar. Because of parametric concerns, Wainer et al. used a non-parametric rank-based technique to compare awardees to non-awardees.  Wainer et al. summarize their results as follows:

The probability that a best paper will receive more citations than a non best paper is 0.72 (95% CI = 0.66, 0.77) for the Scopus data, and 0.78 (95% CI = 0.74, 0.81) for the Scholar data. There are no significant changes in the probabilities for different years. Also, 51% of the best papers are among the top 10% most cited papers in each conference/year, and 64% of them are among the top 20% most cited.

The question was also recently explored in a different way by Danielle H. Lee in her paper on “Predictive power of conference‐related factors on citation rates of conference papers” published in June 2018.

Lee looked at 43,000 papers from 81 conferences and built a regression model to predict citations. Taking into an account a number of controls not considered in previous analyses, Lee finds that the marginal effect of receiving a best paper award on citations is positive, well-estimated, and large.

Why did Bartneck and Hu come to such a different conclusions than later work?

Distribution of citations (received by 2009) of CHI papers published between 2004-2007 that were nominated for a best paper award (n=64), received one (n=12), or were part of a random sample of papers that did not (n=76).

My first thought was that perhaps CHI is different than the rest of computing. However, when I looked at the data from Bartneck and Hu’s 2009 study—conveniently included as a figure in their original study—you can see that they did find a higher mean among the award recipients compared to both nominees and non-nominees. The entire distribution of citations among award winners appears to be pushed upwards. Although Bartneck and Hu found an effect, they did not find a statistically significant effect.

Given the more recent work by Wainer et al. and Lee, I’d be willing to venture that the original null finding was a function of the fact that citations is a very noisy measure—especially over a 2-5 post-publication period—and that the Bartneck and Hu dataset was small with only 12 awardees out of 152 papers total. This might have caused problems because the statistical test the authors used was an omnibus test for differences in a three-group sample that was imbalanced heavily toward the two groups (nominees and non-nominees) in which their appears to be little difference. My bet is that the paper’s conclusions on awards is simply an example of how a null effect is not evidence of a non-effect—especially in an underpowered dataset.

Of course, none of this means that award winning papers are better. Despite Wainer et al.’s claim that they are showing that award winning papers are “good,” none of the analyses presented can disentangle the signalling value of an award from differences in underlying paper quality. The packed rooms one routinely finds at best paper sessions at conferences suggest that at least some additional citations received by award winners might be caused by extra exposure caused by the awards themselves. In the future, perhaps people can say something along these lines instead of repeating the “fact” of the non-relationship.

Planet DebianIustin Pop: Looking for a better backup solution


After my last post, didn’t feel like writing for a while. But now I found a good subject: backups. Ah, backups…

I’ve run my current home-grown backup solution for a long time. Git history says at least since mid-2007 (so 11½ years), but the scripts didn’t start in Git, so 12 years is a fair assessment.

It’s a simple solution, based on incremental filesystem dumps, and back to level 0 periodically. I did use my backups to recover files (around once per year, I think), so it works, but it’s clunky. The biggest deficiencies are:

  • I don’t have enough space to backup everything I want to backup, if I want long-term history (since the full dumps every N units of time are costly).
  • Since the dump utility I use is limited to 9 levels, it also creates a limitation on how often I can make backups, which leads to too coarse backup granularity (and large at-risk intervals).
  • Since the dump is incremental, one needs to restore the correct archives in the correct order to get to the file… urgh!

Clearly I’m using technology from the stone-age, so this week I took a look at what’s available to replace my home-grown stuff.

But let’s make it clear first: I’m not interested in cloud-based backups as main solution. They might suit as an N+M (where M > 2) option, but not as primary/only solution. Plus, where’s the fun in delegating the technical stuff to others?

Various options


The first thing I looked at, because it was on the back of my mind for a while, was rsnapshot. Its simplicity is very appealing, as well as its nice file-based deduplication, but a quick look at the current situation is not very encouraging:

  • it seems half-orphaned; not a very dire situation, but the fact that despite much discussion on that bug, it didn’t get a clear clojure; activity is small, the last official release was in 2015 and only a few commits since then;
  • low activity wouldn’t be a problem, but there are quite a few bugs filled that point to potential data loss, for example issue 141: “At certain conditions rsnapshot removes old backups without make new ones”;

Looking especially at the mentioned issue 141 made realise that the use of relative (e.g. hourly.N, etc.) timestamps is what leads to fragility in the script. Ideally the actual directories would be absolute-timestamp-based (e.g. 2018-12-09T15:45:44), and there would be just helpful symlinks (hourly.0) to these. Sure, there is the “sync_first” mode which seems safer, but it still doesn’t guarantee the correct transition since the various rotate calls are independent from each other and from the sync action itself.

Speaking of the rotate calls, the whole cron story (“create a cron entry for each cycle, and make sure to run the greater period ones before the lower periods”) points to more issues regarding the architecture of the rotation.

The conclusion was that at best, this would be a small improvement on my current solution. And since rsnapshot itself is a 4K LOC Perl script, I’m unlikely to contribute significantly to it; also, my desired changes would change the use of it significantly.

So, if this doesn’t work, what about other solutions?

borg backup

A tool very highly spoken of in the DIY/self-hosting backups is borgbackup. A quick look at it shows many advantages over rsnapshot:

  • space efficient storage, due to chunk-based (variable chunk? not entirely clear what’s the criteria for chunk length) deduplication, even across source filesystems/source machine/etc.
  • data encryption, yay!
  • customisable compression

It also can do off-site backups, of course, also requiring SSH access; and if the tool is also installed remotely, it’s much more efficient.

Something not clearly spoken about in the readme is the “correct” (IMHO) handling of repository maintenance: since archives are time-based and not relative, you declare pruning much more logically, along the lines of “keep only N backups older than T”. And it’s pruning, not rotation, which is very good.

Add on top the better handling of multiple filesystems/areas to be backed up, all in a single repository, and at first glance everything looks good. But a bit deeper look make me worried about a few things.

Reliability: On one hand, the archives are mountable. Which seems fancy. But it also means that without the tool working, and the metadata in good shape, you can’t access the data. A quick look at the design shows significant complexity, which means likely bugs, in the whole archive/database/chunk handling. If this would be the only way to get space-efficient compression, all would be good, but if you’re willing to give up encryption (at least for local backups this can be an acceptable trade-off), then rsnapshot plus a tool like duperemove which can do block-based deduplication (yes, it will kill performance on HDDs) seems a much simpler way to get the same result. And without the entire overhead of “your repository consists of opaque blobs” potential problem.

Of course, having significant internal state, there are tools to support this, like borg check and borg recreate, but the existence of these tools in itself confirms to me that there’s an inherent risk in such a design. A rsnapshot directory can be deleted, but it’s hard to get it corrupted.

Speaking of mounting archives, it also means that getting to your files a few hours ago is not as trivial as in rsnapshot’s case, which is simply cp /snapshots/hourly.3/desired/path/file ., without mounting, needing to come up with the right permissions to allow unprivileged users to do it, etc.

Security: The promise of isolating clients from bad servers and viceversa is good indeed. But it also has a few issues, out of which for my use case most important is the following: in order to allow clients to only push new archives, but not delete/break old ones (i.e. append-only mode), one can set a per-connection (via SSH keys forced command args) append only mode: you just need to set --append-only for that client. It gives a nice example, but it ends up with:

As data is only appended, and nothing removed, commands like prune or delete won’t free disk space, they merely tag data as deleted in a new transaction.

Be aware that as soon as you write to the repo in non-append-only mode (e.g. prune, delete or create archives from an admin machine), it will remove the deleted objects permanently (including the ones that were already marked as deleted, but not removed, in append-only mode).

So basically, the append only mode is not “reject other actions” (and ideally alert on this), but rather “postpone modifications until later”, which makes it IMHO useless.

Conclusion: borg backup is useful if you want a relatively hands-off, works well solution, but it has corner cases that kind of nullify its space savings advantage, depending on your trade-offs. So, not for me.

What would my ideal solution be?

After thinking on it, these are the important trade-offs:

  1. File or block/chunk-based deduplication? Given native (file-system-level) block-based deduplication, a “native” (in the backup tool) seems preferred for local backups; for remote backups, of course it’s different, but then deduplication with encryption is its own story
  2. File storage: native (1:1) or bundled (and needs extraction step); I personally would take native again, just to ensure I can get access to the files without the tool/its internal state to be needed to work
  3. Per-file-system or global repository: ideally global, so that different file-systems don’t require separate handling/integration.

This leans more towards a rsnapshot-like solution… And then there are additional bonus points (in random order):

  • facilitating secure periodic snapshots to offline media
  • facilitating secure remote backups on dumb storage (not over SSH!) so that cloud-based backups can be used if desired
  • native support for redundancy in terms of Reed-Solomon error correction so that small blocks being lost don’t risk losing an entire file
  • ideally good customisation for the retention policy
  • ideally good exclusion rules (i.e. needing to add manually /home/*/.mozilla/cache is not “good”)

That’s a nice list, and from my search, I don’t think there is something like that.

Which makes me worried that I’ll start another project I won’t have time to properly maintain…

Next steps

Well, at least the next step is to get bigger harddrives for my current backup solution ☺ I’m impressed by the ~64K hours (7+ years) Power_On_Hours of my current HDDs, and it makes me feel good about choosing right hardware way back, but I can buy now 5× or more bigger hard-drives, which will allow more retention and more experiments. I was hoping I can retire my HDDs completely and switch to SSDs only, but that’s still too expensive, and nothing can beat the density and price of 10TB+ HDDs…

Comments and suggestions are very welcome! In the meantime, I’m shopping for hardware :-P

Planet DebianPetter Reinholdtsen: Why is your site not using Content Security Policy / CSP?

Yesterday, I had the pleasure of watching on Frikanalen the OWASP talk by Scott Helme titled "What We’ve Learned From Billions of Security Reports". I had not heard of the Content Security Policy standard nor its ability to "call home" when a browser detect a policy breach (I do not follow web page design development much these days), and found the talk very illuminating.

The mechanism allow a web site owner to use HTTP headers to tell visitors web browser which sources (internal and external) are allowed to be used on the web site. Thus it become possible to enforce a "only local content" policy despite web designers urge to fetch programs from random sites on the Internet, like the one enabling the attack reported by Scott Helme earlier this year.

Using CSP seem like an obvious thing for a site admin to implement to take some control over the information leak that occur when external sources are used to render web pages, it is a mystery more sites are not using CSP? It is being standardized under W3C these days, and is supposed by most web browsers

I managed to find a Django middleware for implementing CSP and was happy to discover it was already in Debian. I plan to use it to add CSP support to the Frikanalen web site soon.

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Planet DebianAndreas Metzler: Please test GnuTLS 3.6 in experimental

GnuTLS 3.6.x has been marked stable with release 3.6.5. Binary packages are available in experimental. - Please test! FWIW I have rebuilt all reverse build-dependencies without finding GnuTLS-triggered build errors.

GnuTLS 3.6.x is ABI compatible with earlier versions. However the addition of TLS 1.3 support might require source changes. Due to differences in the TLS 1.3 handshake GNUTLS_E_AGAIN can be returned for blocking sockets.

Planet Linux AustraliaSimon Lyall: Donations 2018

Each year I do the majority of my Charity donations in early December (just after my birthday) spread over a few days (so as not to get my credit card suspended).

I also blog about it to hopefully inspire others. See: 2017, 2016, 2015

All amounts this year are in $US

My main donations was to Givewell (to allocate to projects as they prioritize). I’m happy that they are are making efficient uses of donations.

I gave some money to the Software Conservancy to allocate across the projects (mostly open source software) they support and also to Mozilla to support the Firefox browser (which I use) and other projects.

Next were three advocacy and infrastructure projects.

and finally I gave some money to a couple of outlets whose content I consume. Signum University produce various education material around science-fiction, fantasy and medieval literature. In my case I’m following their lectures on Youtube about the Lord of the Rings. The West Wing Weekly is a podcast doing a episode-by-episode review of the TV series The West Wing.




Planet DebianVishal Gupta: Using LSTMs to join words (Portmanteaus): Part 2

Part 1 - Training a Name-Generating LSTM

Part 2 : Joining Names using our LSTM

Now that we have an LSTM to generate names, we can use it to bridge two words. Since the model can predict likeliness of 27 characters succeeding a given sequence of letters, we can use it find the bridge between two words. We define a bridge as :

  • Let m = Length of the left word, L
  • Let n = Length of the right word, R
  • Then Bridge(L,R) = (i,j), i <= m & j <= n
  • Where i is the end index of the left word in the portmanteau and j is the start index of the right word in the portmanteau.
  • Hence… Join(L,R) = L[:i] + R[j:]
  • For all combinations of (i,j) compute a score by summing the probabilities obtained from the char LSTM.


import pandas as pd
import numpy as np
import random

Loading our model

from keras.models import model_from_json

json_file = open('model_keras.json', 'r')
loaded_model_json =
model = model_from_json(loaded_model_json)
print("Loaded model from disk")

Alternatively, you can also download the weight files

wget -nv
wget wget -nv

Helper functions

  • sample_preds : Probabilities of 27 characters (A-Z + \n) to follow given sequence
  • ohmygauss:Function to return decreasing gaussian sequence (right half of bell curve)
from scipy.stats import norm
def sample_preds(preds, temperature=1.0):
    preds = np.asarray(preds).astype('float64')
    preds = np.log(preds) / temperature
    exp_preds = np.exp(preds)
    preds = exp_preds / np.sum(exp_preds)
    return preds

def ohmygauss(length, sigma=1.8):
    rv = norm(loc=0, scale=sigma)
    x = np.arange(length)
    return rv.pdf(x)

Getting bridge scores

  1. Iterate over all sequences of 3 (SEQLEN) characters in the left word. (MINLEFT -> n)
    1. Iterate over all sequences of 3 (COMPARE) characters in the right word. (0 -> MINRIGHT)
      1. Get probability that given character in right word will follow sequence from word
      2. Repeat for COMPARE sequences.</br> For example : to bridge britain and exit at _br+exit,
        Score : prob(e|"_br")*w1 + prob(x|"bre")*w2 + prob(i|"rex")*w3
      3. Multiply Gaussian factors to score to prioritize words that are bridges towards the beginning of the right word
LEFT_BIAS = [0.06, 0.05, 0.04]

def proc(left, right, verbose=False):
    best_matches = {}
    best_i = None
    best_i_score = -1
    for i in range(0, len(left) - MINLEFT + 1):
        # Searching all sequences of size COMPARE in the right word
        # to find best match
        best_j = None
        best_j_score = -1
        best_matches[i] = {}
        right_bound = len(right) - MINRIGHT + 1
        gaus_factors = ohmygauss(right_bound)
        for j in range(0, right_bound):
            right_chars = right[j:j + COMPARE]
            s = 0
            for x in range(COMPARE):
                # Character on right which is being sampled
                c_index = char_indices[right_chars[x]]
                if verbose:
                    print ("Sampling " + left[i + x:i + SEQLEN] +
                           right[j:j + x] + "-->" + right_chars[x])

                # Generating sequence and getting probability
                Xoh = one_hot(left[i + x:i + SEQLEN] + right[j:j + x],char_indices)
                preds = model.predict(Xoh, verbose=0)[0]
                pred_probs = sample_preds(preds, 0.7)

                # Getting corresponding character in left word
                left_char = np.zeros((1, len(char_indices)))
                    left_char[0, char_indices[left[i + SEQLEN + x]]] = 1
                except IndexError:
                # Adding some bias to left_char and adding it to predicted probs
                biased_probs = LEFT_BIAS[x] * left_char + \
                    (1 - LEFT_BIAS[x]) * pred_probs

                # Adding probability of bridging at c_index to s
                s += biased_probs[0, c_index]

            # Prioritizing words that start with the first few letters of the right word
            s = s * gaus_factors[j]

            if verbose:
                print (i, j, s,)
            best_matches[i][j] = s
            if s > best_j_score:
                best_j = j
                best_j_score = s
#         best_matches[i] = {'index': best_j, 'score': best_j_score}
        if best_j_score > best_i_score and i < len(left) - MINLEFT:
            best_i_score = best_j_score
            best_i = i

    return best_matches, best_i

Picking the best portmanteaus

  • Maximize smoothness of the bridge (derived from proc using the LSTM model)
  • Minimize length of portmanteau
  • Maximize fraction of each word in portmanteau

def join(left, right, verbose=False,dict_result=False,n=3):
    left = '\n' + left
    right = right + '\n'
    matches, i = proc(left, right, verbose)
    probs = {}
    for i_temp in matches:
        for j_temp in matches[i_temp]:
            word = (left[:i_temp + SEQLEN] + right[j_temp:]).replace('\n', '').title()
            num_letters = len(word)
            if verbose :
                print (word, num_letters,(1 / float(num_letters)) * 0.5)
            probs[word] = probs.get(word,0)+round(matches[i_temp][j_temp],4) + (1 / float(num_letters) * PHONEME_WT)
            probs[word] *= (min((i_temp+1)/min(len(left),8),1.0) + min((len(right) - j_temp - 1)/min(len(right),8),1.0))
    if dict_result:
        return probs
        ser = pd.Series(probs).sort_values()[::-1][:n]
        ports = ser.index.tolist()
        port_vals = [i+'('+str(round(ser[i],3))+')' for i in ports]
        print (left,'+',right,' = ',port_vals)

Generating common portmanteaus

word_pairs =  [('britain','exit'),('biology', 'electronic'), ('affluence', 'influenza'), ('brad', 'angelina'),
               ('brother', 'romance'), ('breakfast', 'lunch'), ('chill', 'relax'), ('emotion', 'icon'),('feminist', 'nazi')]

for p in word_pairs:
britain + exit
=  ['Britainexit(0.71)', 'Brexit(0.705)', 'Briexit(0.69)']

biology + electronic
=  ['Biolectronic(1.23)', 'Biolonic(0.821)', 'Bionic(0.677)']

affluence + influenza
=  ['Affluenza(2.722)', 'Affluenfluenza(1.261)', 'Affluencenza(1.093)']

brad + angelina
=  ['Brangelina(1.626)', 'Braangelina(0.637)', 'Bradangelina(0.635)']

brother + romance
=  ['Brotheromance(1.493)', 'Bromance(0.963)', 'Brothermance(0.625)']

breakfast + lunch
=  ['Breaunch(0.657)', 'Breakfasunch(0.59)', 'Breakfalunch(0.588)']

chill + relax
=  ['Chillax(1.224)', 'Chilax(1.048)', 'Chillelax(0.699)']

emotion + icon
=  ['Emoticon(1.331)', 'Emotion(0.69)', 'Emicon(0.667)']

feminist + nazi
=  ['Feminazi(1.418)', 'Femazi(0.738)', 'Feministazi(0.678)']

Generating Pokemon names!

pokemon_pairs = [('char','lizard'), ('venus', 'dinosaur'), ('blast', 'tortoise'), ('pikapika', 'chu')]        
for p in pokemon_pairs:
char + lizard
=  ['Chard(0.928)', 'Charizard(0.764)', 'Charlizard(0.698)']

venus + dinosaur
=  ['Venusaur(1.051)', 'Venosaur(0.945)', 'Venusdinosaur(0.661)']

blast + tortoise
=  ['Blastortoise(1.46)', 'Blastoise(1.121)', 'Blasttortoise(0.627)']

pikapika + chu
=  ['Pikachu(0.728)', 'Pikapikachu(0.714)', 'Pichu(0.711)']

Try it yourself!

Wanna give it a spin ? Run it on Colab or download the notebook and run it locally.

Planet DebianJelmer Vernooij: Lintian Brush

With Debian packages now widely being maintained in Git repositories, there has been an uptick in the number of bulk changes made to Debian packages. Several maintainers are running commands over many packages (e.g. all packages owned by a specific team) to fix common issues in packages.

Examples of changes being made include:

  • Updating the Vcs-Git and Vcs-Browser URLs after migrating from alioth to salsa
  • Stripping trailing whitespace in various control files
  • Updating e.g. homepage URLs to use https rather than http

Most of these can be fixed with simple sed or perl one-liners.

Some of these scripts are publically available, for example:


Lintian-Brush is both a simple wrapper around a set of these kinds of scripts and a repository for these scripts, with the goal of making it easy for any Debian maintainer to run them.

The lintian-brush command-line tool is a simple wrapper that runs a set of "fixer scripts", and for each:

  • Reverts the changes made by the script if it failed with an error
  • Commits the changes to the VCS with an appropriate commit message
  • Adds a changelog entry (if desired)

The tool also provides some basic infrastructure for testing that these scripts do what they should, and e.g. don't have unintended side-effects.

The idea is that it should be safe, quick and unobtrusive to run lintian-brush, and get it to opportunistically fix lintian issues and to leave the source tree alone when it can't.


For example, running lintian-brush on the package talloc fixes two minor lintian issues:

% debcheckout talloc
declared git repository at
git clone talloc ...
Cloning into 'talloc'...
remote: Enumerating objects: 2702, done.
remote: Counting objects: 100% (2702/2702), done.
remote: Compressing objects: 100% (996/996), done.
remote: Total 2702 (delta 1627), reused 2601 (delta 1550)
Receiving objects: 100% (2702/2702), 1.70 MiB | 565.00 KiB/s, done.
Resolving deltas: 100% (1627/1627), done.
% cd talloc
talloc% lintian-brush
Lintian tags fixed: {'insecure-copyright-format-uri', 'public-upstream-key-not-minimal'}
% git log
commit 0ea35f4bb76f6bca3132a9506189ef7531e5c680 (HEAD -> master)
Author: Jelmer Vernooij <>
Date:   Tue Dec 4 16:42:35 2018 +0000

    Re-export upstream signing key without extra signatures.

    Fixes lintian: public-upstream-key-not-minimal
    See for more details.

 debian/changelog                |   1 +
 debian/upstream/signing-key.asc | 102 +++++++++++++++---------------------------------------------------------------------------------------
 2 files changed, 16 insertions(+), 87 deletions(-)

commit feebce3147df561aa51a385c53d8759b4520c67f
Author: Jelmer Vernooij <>
Date:   Tue Dec 4 16:42:28 2018 +0000

    Use secure copyright file specification URI.

    Fixes lintian: insecure-copyright-format-uri
    See for more details.

 debian/changelog | 3 +++
 debian/copyright | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

Script Interface

A fixer script is run in the root directory of a package, where it can make changes it deems necessary, and write a summary of what it's done for the changelog (and commit message) to standard out.

If a fixer can not provide any improvements, it can simply leave the working tree untouched - lintian-brush will not create any commits for it or update the changelog. If it exits with a non-zero exit code, then it is assumed that it failed to run and it will be listed as such and its changes reset rather than committed.

In addition, tests can be added for fixers by providing various before and after source package trees, to verify that a fixer script makes the expected changes.

For more details, see the documentation on writing new fixers.


lintian-brush is currently available in unstable and testing. See man lintian-brush(1) for an explanation of the command-line options.

Fixer scripts are included that can fix (some of the instances of) 34 lintian tags.

Feedback would be great if you try lintian-brush - please file bugs in the BTS, or propose pull requests with new fixers on salsa.

Planet DebianVishal Gupta: Using LSTMs to join words (Portmanteaus): Part 1

Often, I find myself making portmateaus from verbs, names, adjectives and pretty much any word I think too much about. Sometimes to shrink phrases, and sometimes to name a product or app; occasionally, to ship couples. And as someone who loves tinkering with AI, I wondered if it was possible to write an algorithm to do it… and here we are. The first part, this blog is about training a model that can generate artificial names with a character-level LSTM.

If you’re new to LSTMs, RNNs, or sequential models, here are a few resources that can help you learn and get started:

Part 1 : Training a Name-Generating LSTM

  • First, we need to train an LSTM on a large dataset of names, so it can generate artificial names by predicting the nth character given (n-1) characters of a name.
  • In the image on the left, we have a character-level RNN with accepts and predicts 1 of 4 characters ('h','e','l' and 'o').
  • Hence it has 4-dimensional input and output layers, and a hidden layer of 3 units (neurons).
  • The output layer contains confidences the RNN assigns for the next character (vocabulary is "h,e,l,o")
  • We want the green numbers to be high and red numbers to be low (in the output layer).

Image Credits : Andrej Karpathy


Importing pandas, numpy, random and sys

import pandas as pd
import numpy as np
import random
import sys

Downloading the Dataset

Baby Names from Social Security Card Applications - National Level Data


Loading and pre-processing data.

SEQLEN = 3 # No. of chars our LSTM uses to predict the next character
STEP = 1 # No. of letters to skip between two samples

Hence, the name PETER is used to generate the following samples :

X1 X2 X3 Y
- - P E
- P E T
T E R -

We need to do this for all names in our dataset.

  • Load names from NationalNames.csv
  • Eliminate names shorter than 4 chars and having frequency less than 3
  • Join (seperating) names with \n
def get_data():
    df = pd.read_csv('data/Names/NationalNames.csv')
    names = list(df[(df['Count'] > 3) & (df['Name'].str.len() > 4)]['Name'].unique())
    text = '\n' + '\n\n'.join(names).lower() + '\n'
    chars = sorted(list(set(text)))

    print ("Loaded",len(names),"names with",len(chars),"characters.")
    # Loaded 87659 names with 27 characters.
    return text,chars
  • Split text into sequences of 3 characters (X) and adding next character to next_chars (y)
def get_seq(args):
    text = args[0]
    sequences = []
    next_chars = []
    for i in range(0, len(text) - SEQLEN, STEP):
        sequences.append(text[i: i + SEQLEN])
        next_chars.append(text[i + SEQLEN])
    print('No. of sequences:', len(sequences))
    print('No. of chars:', len(next_chars))
    return sequences,next_chars,args[1]

  • One-Hot Encoding characters in sequences and next_chars
# This function encodes a given word into a numpy array by 1-hot encoding the characters
def one_hot(word,char_indices):
    x_pred = np.zeros((1, SEQLEN, 27))

    for t, char in enumerate(word):
        x_pred[0, t, char_indices[char]] = 1.
    return x_pred
# Encoding all sequences
def get_vectors(args):
    sequences,next_chars,chars = args
    char_indices = dict((c, i) for i, c in enumerate(chars))
    indices_char = dict((i, c) for i, c in enumerate(chars))
    X = np.zeros((len(sequences), SEQLEN, len(chars)), dtype=np.bool)
    y = np.zeros((len(sequences), len(chars)), dtype=np.bool)
    for i, sentence in enumerate(sequences):
        X[i] = one_hot(sentence,char_indices)
        y[i, char_indices[next_chars[i]]] = 1
    print ("Shape of X (sequences):",X.shape)
    print ("Shape of y (next_chars):",y.shape)
    # Shape of X (sequences): (764939, 3, 27)
    # Shape of y (next_chars): (764939, 27)
    return X,y,char_indices, indices_char

Creating the LSTM Model

  • We’re creating a simple LSTM model that takes in a sequence of size SEQLEN, each element of len(chars) numbers (1 or 0)
  • The output of the LSTM goes into a Dense layer that predicts the next character with a softmaxed one-hot encoding
from keras.models import Sequential
from keras.layers import Dense, Activation
from keras.layers import LSTM
from keras.optimizers import RMSprop

def get_model(num_chars):
    model = Sequential()
    model.add(LSTM(16, input_shape=(SEQLEN, num_chars)))

    optimizer = RMSprop(lr=0.01)
    model.compile(loss='categorical_crossentropy', optimizer=optimizer)
    return model

Sampling with our model

  • Picking the element with the greatest probability will always return the same character for a given sequence
  • I’d like to induce some variance by sampling from a probability array instead.

To explain this better, here’s an excerpt from Andrej Karpathy’s blog about CharRNNs :

Temperature. We can also play with the temperature of the Softmax during sampling. Decreasing the temperature from 1 to some lower number (e.g. 0.5) makes the RNN more confident, but also more conservative in its samples. Conversely, higher temperatures will give more diversity but at cost of more mistakes (e.g. spelling mistakes, etc).

def sample(preds, temperature=1.0):
    # helper function to sample an index from a probability array
    preds = np.asarray(preds).astype('float64')
    preds = np.log(preds) / temperature
    exp_preds = np.exp(preds)
    preds = exp_preds / np.sum(exp_preds)
    probas = np.random.multinomial(1, preds, 1)
    return np.argmax(probas)

Training the LSTM on our dataset of Names

  • Finally, we use the functions defined above to fetch data and train the model
  • I trained for 30 epochs since the loss almost seemed to stagnate after that
  • This depends on the dataset that’s being used and complexity of the sequences.
X,y,char_indices, indices_char = get_vectors(get_seq(get_data()))
model = get_model(len(char_indices.keys())), y,

# Saving the model
model_json = model.to_json()
with open("model_keras.json", "w") as json_file:

Testing our model

def gen_name(seed):
    generated = seed
    for i in range(10):
        x_pred = np.zeros((1, SEQLEN, 27))
        for t, char in enumerate(seed):
            x_pred[0, t, char_indices[char]] = 1.
        preds = model.predict(x_pred, verbose=0)[0]
        next_char = indices_char[sample(preds,0.5)]
        if next_char == '\n':break
        generated += next_char
        seed = seed[1:] + next_char

    return generated

  • Generating names from 3-letter seeds
for i in ['mar','ram','seb']:
    print ('Seed: "'+i+'"\tNames :',[gen_name(i) for _ in range(5)])
Seed: "mar"	Names : ['marisa', 'maria', 'marthi', 'marvamarra', 'maria']
Seed: "ram"	Names : ['ramir', 'ramundro', 'ramariis', 'raminyodonami', 'ramariegena']
Seed: "seb"	Names : ['sebeexenn', 'sebrinx', 'seby', 'sebrey', 'seberle']  

Great! We have a model that can generate fake names. Now all you need is a fake address and an empty passport. Jk.

In the next blog, I’ll explain how you can use this model to join two words by finding the best bridge.

Planet DebianDirk Eddelbuettel: It was twenty years ago …

… this week that I made a first cameo in the debian/changelog for the Debian R package:

r-base (0.63.1-1) unstable; urgency=low

  • New upstream release
  • Linked html directory to /usr/doc/r-base/doc/html (Dirk Eddelbuettel)

– Douglas Bates Fri, 4 Dec 1998 14:22:19 -0600

For the next few years I assisted Doug here and there, and then formally took over in late 2001.

It’s been a really good and rewarding experience, and I hope to be able to help with this for a few more years to come.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Planet Linux AustraliaOpenSTEM: School-wide Understanding Our World® implementations

Are you considering implementing our integrated HASS+Science program, but getting a tad confused by the pricing?  Our subscription model didn’t not provide a So nowstraightforward calculation for a whole school or year-level.  However, it generally works out to $4.40 (inc.GST) per student.  So now we’re providing this as an option directly: implement our integrated HASS+Science program […]

Planet DebianLouis-Philippe Véronneau: I'm going to FOSDEM 2019 (and to a DebConf video sprint)

The DebConf video team tries to organise one or two sprints a year outside of DebConf to fix problems and improve our recording and streaming setup. It helps us a lot, since hacking on camera-related stuff without actual cameras can sometimes be problematic.

This year, our first sprint will take place a week before FOSDEM 2019. If you have some spare time and are familiar with Ansible or simply want to learn more about our setup, feel free to drop by!

A clip from Final Space, s/adventures/beers/g

I'm of course planning to stay a few days after the sprint and go to FOSDEM. It will be my first time there and I can't wait to see how large it is! I'm also pretty siked, as it'll be my first time in Bruxelles too. Let's just say I've heard good things about Bruxelle's craft beer scene and intend to dedicate few afternoons/nights to documenting the largest amount of brews I'll be able to stomach.

Here's a few places I really want to go to, but if you have advices, hit me up! I'm mainly interested in places where they brew their own beer.

  • Nanobrasserie de l'Ermitage1
  • Brussels Beer Project
  • Brasserie No Science
  • En Stoemelings
  • Beerstorming
  • Brasserie de la Senne
  • Brasserie Cantillon
  • Moeder Lambic
  • Délirium Café or Little Delirium Café

I might also have a go at Brew Dog, as I like their beers a lot and their bar in Bruxelles seems pretty nice.

Two cheers for bunches of Free Software and beers!

  1. L'Ermitage has been brewing very nice collabs with some of the finest craft breweries in Quebec (like Dunham!). A must!!! 

Krebs on SecurityBomb Threat Hoaxer, DDos Boss Gets 3 Years

The ringleader of a gang of cyber hooligans that made bomb threats against hundreds of schools and launched distributed denial-of-service (DDoS) attacks against Web sites — including KrebsOnSecurity on multiple occasions — has been sentenced to three years in a U.K. prison, and faces the possibility of additional charges from U.S.-based law enforcement officials.

George Duke-Cohan, 19, caused a massive uproar earlier this year after communicating a series of bomb threats against 1,700 schools, colleges and universities across the United Kingdom. But shortly after being arrested on suspicion of the threats and released, Duke-Cohan was back at it again — this time expanding his threats to include schools in the United States.

One of many tweets from the attention-starved Apophis Squad, which launched multiple DDoS attacks against KrebsOnsecurity over the past few months.

At the same time, authorities in the U.K. and U.S. discovered that Duke-Cohan was responsible for falsely reporting the hijack of a plane bound for the United States. That flight, which had almost 300 passengers on board, was later quarantined in San Francisco pending a full security check.

Duke-Cohan was part of an attention-seeking group of ne’er-do-wells who called themselves the Apophis Squad. Duke-Cohan and his crew modeled themselves after the actions of the Lizard Squad, another group of e-fame seeking online hoodlums who also ran a DDoS-for-hire service, called in bomb threats to airlines, DDoSed this Web site repeatedly and whose members were nearly all subsequently arrested and charged with various cybercrimes.

Indeed, until recently the Apophis Squad’s Web site and DDoS-for-hire service was hosted on the same Internet server used by a handful of other domains that were tied to the Lizard Squad.

Earlier this year, came under sustained attack from the Apophis Squad, who took to Twitter to taunt this author while the attacks were underway. Duke-Cohan and other Apophis Squad members also attacked the free email service Protonmail, even as all of them continued to use their Protonmail accounts to communicate about the attacks.

KrebsOnSecurity assisted Protonmail in its investigation into the attacks, and the company later credited this author with helping to identify Duke-Cohan as the driving force behind the DDoS attacks.

Sources close to the investigation say Duke-Cohan may yet see additional charges from U.S.-based authorities. Also, several other members identified by this author as alleged co-conspirators along with Duke-Cohan have not yet been charged with a crime either in the U.K. or in the United States.

It’s not always fun when your site isn’t responsive because of determined attacks from groups like the Apophis Squad, but I try not to get too bent out of shape when these attacks do occur — mainly for two reasons: Firstly, those responsible typically end up getting busted and going to jail. Also, I usually get at least one good story out of it. In this case, make that two good stories.

Further reading:

Schools Bomb Hoaxes: Teenager Jailed for Nationwide Threats

A video of the the U.K. National Crime Agency (NCA) questioning and detaining Duke-Cohan.


Cory DoctorowVideos from the University of Chicago “Censorship and Information Control” seminar

This year, I helped University of Chicago science fiction writer and renaissance scholar Ada Palmer and science historian Adrian Johns host a series of interdisciplinary seminars on “Censorship, Information Control, & Revolutions in Information Technology from the Printing Press to the Internet.”

Thanks to our generous Kickstarter backers, we were able to raise money to pay for high-quality videography and closed captioning to make the videos beautiful and accessible. The first session is now online, with more to follow soon (they’ll be on the seminar’s channel).

CryptogramProblems with the Squid Emoji

The Monterey Bay Aquarium has some problems with the squid emoji.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Cory DoctorowSan Franciscans! Come celebrate the launch of the EFF/McSweeney’s special privacy issue with me on Dec 11!

I’m heading to San Francisco next week for a launch party on December 11th celebrating the release of The End of Trust, a collaboration between EFF and McSweeney’s on internet surveillance and the future of the net; the event is at 7:30PM at Manny’s at 3092 16th Street (RSVP here), and I’ll be on a panel with EFF exec director Cindy Cohn, moderated by the amazing Annalee Newitz! end of trust,san francisco,events,happy mutants,privacy, mannys-730pm

CryptogramBack Issues of the NSA's Cryptolog

Five years ago, the NSA published 23 years of its internal magazine, Cryptolog. There were lots of redactions, of course.

What's new is a nice user interface for the issues, noting highlights and levels of redaction.

CryptogramBanks Attacked through Malicious Hardware Connected to the Local Network

Kaspersky is reporting on a series of bank hacks -- called DarkVishnya -- perpetrated through malicious hardware being surreptitiously installed into the target network:

In 2017-2018, Kaspersky Lab specialists were invited to research a series of cybertheft incidents. Each attack had a common springboard: an unknown device directly connected to the company's local network. In some cases, it was the central office, in others a regional office, sometimes located in another country. At least eight banks in Eastern Europe were the targets of the attacks (collectively nicknamed DarkVishnya), which caused damage estimated in the tens of millions of dollars.

Each attack can be divided into several identical stages. At the first stage, a cybercriminal entered the organization's building under the guise of a courier, job seeker, etc., and connected a device to the local network, for example, in one of the meeting rooms. Where possible, the device was hidden or blended into the surroundings, so as not to arouse suspicion.

The devices used in the DarkVishnya attacks varied in accordance with the cybercriminals' abilities and personal preferences. In the cases we researched, it was one of three tools:

  • netbook or inexpensive laptop
  • Raspberry Pi computer
  • Bash Bunny, a special tool for carrying out USB attacks

Inside the local network, the device appeared as an unknown computer, an external flash drive, or even a keyboard. Combined with the fact that Bash Bunny is comparable in size to a USB flash drive, this seriously complicated the search for the entry point. Remote access to the planted device was via a built-in or USB-connected GPRS/3G/LTE modem.

Slashdot thread.

Worse Than FailureError'd: The Error is ...Terror?

"Lasterror...Las terror...Terrorist...Zoroaster...They're all so close! Which one do I choose??" wrote Ralph.


"From time to time I check into Amazon for new flavors of M&Ms. This time, I think I'll pass on 'Shoe-leather'," writes Mike S.


Gary S. wrote, "Oh, it's ok Illustrator, I'll come back later!"


"Since the maximum permitted word length is 8 letters, entering the first Jumble Bonus Word is going to be a bit of a challenge," Louise H. writes.


Tobias writes, "Oh {curse word}!! The virus is going to destroy my {brand} {model}! {other curse word}"


"I'm not a Bruce Springsteen fan myself, but Google News must really dislike his concerts," Bill T. wrote.


[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!

Planet DebianJonathan Dowland: I'm moving to the Red Hat OpenJDK team

I'm very excited to announce that I've moved roles within Red Hat: I am now part of the OpenJDK team!

I've been interested in the theory and practise behind compilers, programming language design and the interaction of the two for a long time¹. Before my undergrad I was fascinated by the work of Wouter van Oortmerssen, who built lots of weird and wonderful experimental languages and systems². During my undergrad, dissatisfied with the available choice of topics for my third year, I petitioned the Computer Science Department at Durham University to revive an older module "Programming Language Design & Compiling". I'm eternally grateful to Dr. Paul Callaghan for being prepared to teach it to us³.

I've spent my time within Red Hat so far in "Cloud Enablement". Our mission was to figure out and develop the tools, techniques and best practises for preparing containerized versions of the Middleware product portfolio to run on OpenShift, Red Hat's enterprise container management platform. The team was always meant to be temporary, the end game being the product teams themselves taking responsibility for building the OpenShift containers for their products, which is where we are today. And so, myself and the other team members are dismantling the temporary infrastructure and moving on to other roles.

Within Cloud Enablement, one of my responsibilities was the creation of the Java Applications for OpenShift container image, which is effectively OpenJDK and integration scripts for OpenShift. I am going to continue maintaining and developing this image (or images) within the OpenJDK team.

Longer term I'm looking forward to getting my teeth into some of the technical work within OpenJDK: such as the JVM, architecture ports, garbage collectors or the JIT or AOT compilers within the runtime.

Earlier this year, I put together a private "bucket list" of things I wanted to achieve in the near-ish future. I recently stumbled across it, having not thought about it for a while, and I was pleasantly surprised to see I'd put on "compilers/lang design" as something to revisit. With my move to OpenJDK I can now consider that ticked off.

  1. I'm straying into this area a little bit with my PhD work (graph rewriting, term rewriting, etc.)
  2. one of which, WadC, I took over maintenance of, ten years ago
  3. Paul has recently had some of his writing published in the book Functional Programming: A PragPub Anthology

Planet DebianOlivier Berger: Demo of displaying labtainers labs in a Web browser through Guacamole

Here’s a first report on trying to add Guacamole to Labtainers in order to allow running Labtainers in a headless way, without an X display, in containers, and accessing the GUI in a Web browser, through the use of VNC and Guacamole.

We’ve casted a demo of it :

Labtainer + Guacamole demo on Vimeo.

This aims at allowing similar use cases as for the execution of labs on the cloud (“virtual labs”), and uses the same remote display connection mechanism, I’ve already blogged about in the case of CloVER (Guacamole)

To repeat our efforts, we’ve been working, together with Thomas Gonçalves, in order to test the feasability of running Labtainers in a “headless” way, in containers, accessing the display through a Web browser. This corresponds to what I’ve described in

Under the hood, it reuses the approach of using a “master” container running the core of labtainer scripts (see my previous post), which is highly insecure, but helps us test it.

The architecture we’ve tested is as follows :

  • the “labtainer.master” container runs the Python scripts, and starts a VNC server (TigerVNC) which in turn runs bits of an XCFE session. The labs will be started in the X DISPLAY of that session (displaying the gnome terminals and such).
  • the “guacamole.labtainer” container runs Guacamole (using Jetty for the internal Web server), which includes guacd, the proxy that sits between a Web canvas and the VNC server of the other container. Guacamole has been setup to use a minimal set of resources, like no DB, etc.

When you connect your browser to a URL on the guacamole.labtainer container’s IP, you display the labs \o/

The current use case would typically be running these and the labs’ containers on a IaaS VM (which acts as a sandbox for running docker containers in a secure manner), without a full X desktop on that VM, and accessing the VM’s guacamole via HTTPS from outside the Cloud.

Guess what, even thoigh we had only tested that on Linux, it worked with almost no modification on Docker Desktop for Windows too.

You can find the Dockerfiles and scripts at : (and above), and the 2 container images have been put on the DockerHub by Thomas.

We’d welcome some feedback on whether you find this interesting.

Worse Than FailureAnnouncements: Tokyo TDWTF Meetup: Bonenkai

Tokyo readers, it's been quite a while since our last Tokyo/TDWTF nomihoudai. It's always a fun time, and we've got a good group of regulars now. Here's a pic of a group of us from a past meetup:

If you're unaware, nomihoudai is an easy way for a group of folks to get as much food and drink from the menu as they'd like for a set price over a set duration, without fussing over details like who ordered what and how many. And bonenkai, well... it's a a sort of year-end celebration, where you try to forget all of the year's woes through drinking.

So, if you're up for getting together on Friday, December 14 in the Shibuya area, please drop me a note via the contact form or direct, apapadimoulis/

[Advertisement] ProGet supports your applications, Docker containers, and third-party packages, allowing you to enforce quality standards across all components. Download and see how!


Planet DebianMarkus Koschany: My Free Software Activities in November 2018

Welcome to Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

Debian Games

  • This month I packaged a new upstream Git snapshot of performous, a karaoke game, because this seemed to be the quickest route to fix a build failure and RC bug (#914061) with Debian’s latest Boost version. We had to overcome some portability issues later (#914667, #914688) and now the only blocker for a migration to testing is GCC-8 itself.
  • I uploaded a new revision of widelands to fix a FTBFS with ICU 63.1 (#913513). The patch was provided by László Böszörményi.
  • I updated the packaging of the following games without making bigger changes, just the normal „grooming“: box2d, brainparty, dangen, flatzebra, jester and etw.
  • The latest upstream release 7.1.3 of renpy, a framework for developing visual-novel type games, is available now.
  • Last but not least I backported teeworlds version 0.7.0, a fun action packed 2D shooter, and its special build system bam to Stretch because the current version 0.6.0 is unable to connect to 0.7.0 servers. Now players should be able to choose between their favorite Teeworld versions.

Debian Java


  • I sponsored another update of android-platform-system-core for Kai-Chung Yan. From now on that should be no longer necessary because he is a Debian Developer now. Congratulations!
  • I packaged a new upstream release of https-everywhere, a very useful Firefox/Chromium addon.

Debian LTS

This was my thirty-third month as a paid contributor and I have been paid to work 30 hours on Debian LTS, a project started by Raphaël Hertzog. In that time I did the following:

  • From 19.11.2018 until 25.11.2018  I was in charge of our LTS frontdesk. I investigated and triaged CVE in jasper, gnome-keyring, keepalived, otrs2, gnuplot, gnuplot5, ncurses, sysstat, php5, uw-imap, eclipse and apktool.
  • DLA-1568-1. Issued a security update for curl fixing 5 CVE.
  • DLA-1583-1. Issued a security update for jasper fixing 5 CVE.
  • DLA-1592-1. Issued a security update for otrs2 fixing 2 CVE.
  • DLA-1593-1. Issued a security update for phpbb3 fixing 1 CVE.
  • DLA-1598-1. Issued a security update for ghostscript fixing 4 CVE.
  • DLA-1600-1. Issued a security update for libarchive fixing 12 CVE.
  • DLA-1603-1. Issued a security update for suricata fixing 4 CVE.
  • I reviewed the openssl update which was later released as DLA 1586-1.
  • I also reviewed and sponsored squid3, icecast2 and keepalived for Abhijith PA.


Extended Long Term Support (ELTS) is a project led by Freexian to further extend the lifetime of Debian releases. It is not an official Debian project but all Debian users benefit from it without cost. The current ELTS release is Debian 7 „Wheezy“. This was my sixth month and I have been paid to work 15  hours on ELTS.

  • I was in charge of our ELTS frontdesk from 19.11.2018 until 25.11.2018 and I triaged CVE in git, sysstat, suricata, libarchive and jasper.
  • ELA-62-1.  Issued a security update for libarchive fixing 3 CVE.
  • ELA-64-1.  Issued a security update for suricata fixing 4 CVE.
  • ELA-65-1.  Issued a security update for jasper fixing 9 CVE.
  • Since upstream development of jasper has slowed down and many bugs remain without a response, I wrote the patches for CVE-2018-18873, CVE-2018-19539 and CVE-2018-19542 myself. I will look into the remaining issues in December.

Thanks for reading and see you next time.

Planet Linux AustraliaDavid Rowe: Codec 2 and TWELP

DSP Innovations have recently published comparisons of Codec 2 with their TWELP codec at 2400 and 600 bit/s.

Along with some spirited rhetoric, they have published some TWELP 600 samples (including source). The comparison, especially in the 600 bit/s range, is very useful to my work.

I’ve extracted a random subset of the 600 bit/s a_eng.wav samples, broken up into a small chunks to make them easier to compare. Have a listen, and see what you think:

Sample Source MELP 600e Codec 2 700c TWELP 600
1 Listen Listen Listen Listen
2 Listen Listen Listen Listen
3 Listen Listen Listen Listen
4 Listen Listen Listen Listen
5 Listen Listen Listen Listen
6 Listen Listen Listen Listen

The samples do have quite a bit of background noise. The usual approach for noisy samples is to use a noise suppression algorithm first, e.g. we use the Speex noise suppression in FreeDV. However it’s also a test of the codecs robustness to background noise, so I didn’t perform any noise suppression for the Codec 2 samples.


I am broadly in agreement with their results. Using the samples provided, the TWELP codec appears to be comparable to MELP 2400, with Codec 2 2400 a little behind both. This is consistent with other Codec 2 versus MELP/AMBE comparisons at 2400 bits/s. That’s not a rate I have been focussing on, most of my work has been directed at lower rates required for HF Digital voice.

I think – for these samples – their 600 bit/s codec also does better than Codec 2 700C, but not by a huge margin. Their results support our previous findings that Codec 2 is as good as (or even a little better) than MELP 600e. It does depend on the samples used, as I will explain below.

DSP Innovations have done some fine work in handling non-speech signals, a common weakness with speech codecs in this range.

Technology Claims

As to claims of superior technology, and “30 year old technology”:

  1. MELP 2400 was developed in the 1990’s, and DSP Innovations own results show similar speech quality, especially at 2400 bits/s.
  2. AMBE is in widespread use, and uses a very similar harmonic sinusoidal model to Codec 2.
  3. The fundamental work on speech compression was done in the 1970s and 80’s, and much of what we use today (e.g. in your mobile phone) is based on incremental advances on that.
  4. As any reader of this blog will know, Codec 2 has been under continual development for the past decade. I haven’t finished, still plenty of “DSP Innovation” to come!

While a fine piece of engineering, TWELP isn’t in a class of it’s own – it’s still a communications quality speech codec in the MELP/AMBE/Codec 2 quality range. They have not released any details of their algorithms, so they cannot be evaluated objectively by peer review.

PESQ and Perceptual evaluation of speech quality

DSP Innovations makes extensive use of the PESQ measure, for both this study and for comparisons to other competitors.

Speech quality is notoriously hard to estimate. The best way is through controlled subjective testing but this is expensive and time consuming. A utility to accurately estimate fine differences in speech quality would be a wonderful research tool. However in my experience (and the speech coding R&D community in general), such a tool does not exist.

The problem is even worse for speech codecs beneath 4 kbit/s, as they distort the signal so significantly.

The P.862 standard acknowledges these limits, and explicitly states in Table 3 “Factors, technologies and applications for which PESQ has not currently been validated … CELP and hybrid codecs < 4 kbit/s". The standard they are quoting does not support use of PESQ for their tests.

PESQ is designed for phone networks, and much higher bit rate codecs. In section 2 of the standard they present best-case correlation results of +/- 0.5 MOS points (note on a scale of 1-5, this is +/- 10% error). That’s when it is used for speech codecs > 4 kbit/s that it is designed for.

So DSP Innovations statements like “Superiority of the TWELP 2400 and MELPe 2400 over CODEC2 2400 is on average 0.443 and 0.324 PESQ appropriately” are unlikely to be statistically valid.

The PESQ algorithm (Figure 4a of the standard) throws away all phase information, keeping just the FFT power spectrum. This means it cannot evaluate aspects of the speech signal that are very important for speech quality. For example PESQ could not tell the difference between voiced speech (like a vowel) an unvoiced (like a consonant) with the same power spectrum.

DSP Innovations haven’t shown any error bars or standard deviations on their results. Even the best subjective tests will have error bars wider than the PESQ results DSP Innovations are claiming as significant.

I do sympathise with them. This isn’t a huge market, they are a small company, and subjective testing is expensive. Numbers look good on a commercial web site from a marketing sense. However I suggest you disregard the PESQ numbers.

Speech Samples

Speech codecs tend to work well with some samples and fall over with others. It is natural to present the best examples of your product. DSP Innovations chose what speech material they would present in their evaluation of Codec 2. I have asked them to give me the same courtesy and code speech samples of my choice using TWELP. I have received no response to my request.

Support and Porting

An open source codec can be ported to another machine in seconds (rather than months that DSP Innovations quote) with a cross compiler. At no cost.

Having the source code makes minor problems easy to fix yourself. We have a community that can answer many questions. For tougher issues; well I’m available for paid support – just like DSP Innovations.

Also …. well open source is just plain cool. As a reminder, here are the reasons I started Codec 2, nearly 10 years ago.

To quote myself:

A free codec helps a large amount of people and promotes development and innovation. A closed codec helps a small number people make money at the expense of stifled business and technical development for the majority.

Reading Further

Open Source Low Rate Speech Codec Part 1, the post that started Codec 2.
P.862 PESQ standard.
CODEC2 vs TWELP on 2400 bps. DSP Innovations evaluate Codec 2, MELP, and TWELP at 2400 bits/s.
CODEC2 vs TWELP on 700 bps. DSP Innovations evaluate Codec 2, MELP, and TWELP at 600 (ish) bits/s.
AMBE+2 and MELPe 600 Compared to Codec 2. An earlier comparison, using samples from DSP Innovations.

CryptogramYour Personal Data is Already Stolen

In an excellent blog post, Brian Krebs makes clear something I have been saying for a while:

Likewise for individuals, it pays to accept two unfortunate and harsh realities:

Reality #1: Bad guys already have access to personal data points that you may believe should be secret but which nevertheless aren't, including your credit card information, Social Security number, mother's maiden name, date of birth, address, previous addresses, phone number, and yes ­ even your credit file.

Reality #2: Any data point you share with a company will in all likelihood eventually be hacked, lost, leaked, stolen or sold ­ usually through no fault of your own. And if you're an American, it means (at least for the time being) your recourse to do anything about that when it does happen is limited or nil.


Once you've owned both of these realities, you realize that expecting another company to safeguard your security is a fool's errand, and that it makes far more sense to focus instead on doing everything you can to proactively prevent identity thieves, malicious hackers or other ne'er-do-wells from abusing access to said data.

His advice is good.

Worse Than FailureCodeSOD: Stringed Out

The line between objects and maps can sometimes get a little blurry. In languages like JavaScript, there’s really no difference between the two. In Python, the deep internals of your classes are implemented essentially as dicts, though there are ways around that behavior.

In a language like C#, however, you’ve got types, you’ve got property definitions. This can offer a lot of advantages. When you layer on features like reflection, you can inspect your objects. Combine all this, and it means that if you want to serialize a data object to XML, you can usually do it in a way that’s both typesafe and generally doesn’t require much code on your part. A handful of annotations and a few method calls, and boom- any object gets serialized.

Unless you work at Kara’s office, of course. When they have an object that requires serialization, they must inherit from SerializableObjectBase.

  public abstract class SerializableObjectBase
      public Dictionary<string, string> properties = new Dictionary<string, string>();
      public virtual void SerializeMe(XmlElement parent)
          foreach (KeyValuePair<string, string> item in properties)
              ).InnerText = item.Value;
      // Deserializer omitted for brevity.

All serializable properties must be stored in the properties dictionary. This dictionary is conveniently public, and stringly typed. The serialization method also produces a conveniently stringly-type XML document, so we don’t have to worry about anything so pedantic as schemas.

So, for example, if you wanted to create a serializable object, you might do something like this:

  public class Foo : SerializableObjectBase


Look how easy that is! Of course, if your custom class has any reference types, they can’t be stored in the properties dictionary, so you’ll have to write that yourself. Something like:

  public class Foo : SerializableObjectBase
    public override void SerializeMe(XmlElement parent)
      if (this.BarReference != null)
        var elem = parent.OwnerDocument.CreateElement("Bar")

Enjoy doing that for every property that can’t be stored as a string. You may have noticed that, since the properties dictionary is public, I didn’t add any property accessors to my class. 90% of the classes in their codebase followed that pattern. You were lucky to find a class that actually bothered to implement typed accessors. Of course, since you had to store any serializable property in your properties dictionary, the property accessors usually took the form:

  public int myProperty
      if (properties.ContainsKey("myProperty")) 
        return int.Parse(properties["myProperty"]);
      return 0;
      properties["myProperty"] = value.ToString();

What could be simpler?

[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!

Planet Linux AustraliaBlueHackers: Entrepreneurs’ Mental Health and Well-being Survey

Jamie Pride has partnered with Swinburne University and Dr Bronwyn Eager to conduct the largest mental health and well-being survey of Australian entrepreneurs and founders. This survey will take approx 5 minutes to complete. Can you also please spread the word and share this via your networks!

Getting current and relevant Australian data is extremely important! The findings of this study will contribute to the literature on mental health and well-being in entrepreneurs, and that this will potentially lead to future improvements in the prevention and treatment of psychological distress.

Jamie is extremely passionate about this cause! Your help is greatly appreciated.

Planet Linux AustraliaCraige McWhirter: Configuring Solarized Colours in Termonad

I'm currently using Termonad as my terminal of choice. What is Termonad?

Termonad is a terminal emulator configurable in Haskell. It is extremely customizable and provides hooks to modify the default behavior. It can be thought of as the "XMonad" of terminal emulators.

As a long time Xmonad user, this is a rather appealing description as well as a fairly lofty and worthy goal. It's also a niche not currently filled, one that I'm pretty happy to see being filled. By default, Termonad looks like this.

Default Termonad palette

Which is pretty standard as far as terminal defaults go but a long way from the eye-soothing grace of the Solarized palette which I essentially won't work without.

The Solarized dark output looks like this (Haskell in vim):

Solarized (dark) Termonad palette

This is the function controlling the dark palette:

    solarizedDark1 :: Vec N8 (Colour Double)
    solarizedDark1 =
         sRGB24   0  43  54 -- base03, background
      :* sRGB24 220  50  47 -- red
      :* sRGB24 133 153   0 -- green
      :* sRGB24 181 137   0 -- yellow
      :* sRGB24  38 139 210 -- blue
      :* sRGB24 211  54 130 -- magenta
      :* sRGB24  42 161 152 -- cyan
      :* sRGB24 238 232 213 -- base2
      :* EmptyVec

    solarizedDark2 :: Vec N8 (Colour Double)
    solarizedDark2 =
         sRGB24   7  54  66 -- base02, background highlights
      :* sRGB24 203  75  22 -- orange
      :* sRGB24  88 110 117 -- base01, comments / secondary text
      :* sRGB24 131 148 150 -- base0, body text / default code / primary content
      :* sRGB24 147 161 161 -- base1, optional emphasised content
      :* sRGB24 108 113 196 -- violet
      :* sRGB24 101 123 131 -- base00
      :* sRGB24 253 246 227 -- base3
      :* EmptyVec

The Solarized light output looks like this (Haskell in vim):

Solarized (light) Termonad palette

This is the function controlling the light palette:

    solarizedLight1 :: Vec N8 (Colour Double)
    solarizedLight1 =
         sRGB24 238 232 213 -- base2, background highlights
      :* sRGB24 220  50  47 -- red
      :* sRGB24 133 153   0 -- green
      :* sRGB24 181 137   0 -- yellow
      :* sRGB24  38 139 210 -- blue
      :* sRGB24 211  54 130 -- magenta
      :* sRGB24  42 161 152 -- cyan
      :* sRGB24   7  54  66 -- base02
      :* EmptyVec

    solarizedLight2 :: Vec N8 (Colour Double)
    solarizedLight2 =
         sRGB24 253 246 227 -- base3, background
      :* sRGB24 203  75  22 -- orange
      :* sRGB24 147 161 161 -- base1, comments / secondary text
      :* sRGB24 101 123 131 -- base00, body text / default code / primary content
      :* sRGB24  88 110 117 -- base01, optional emphasised content
      :* sRGB24 108 113 196 -- violet
      :* sRGB24 131 148 150 -- base0
      :* sRGB24   0  43  54 -- base03
      :* EmptyVec

You can see how I've applied these options in this commit.

Update: My complete example is now included in the termonad examples.


TEDMoving forward: Notes from Session 6 of TEDWomen 2018

Ariana Curtis is a museum curator who imagines how museums can honor the lives of people both extraordinary and everyday, prominent and hidden. She speaks at TEDWomen 2018: Showing Up, on November 30, 2018, in Palm Springs, California. Photo: Callie Giovanna / TED

After three days of astonishing speakers and bold ideas, you may be asking yourself: Where do we go now? The answer: forward.

The final session of TEDWomen 2018, hosted by TEDWomen curator Pat Mitchell, featured a dynamic lineup of forward thinkers: Ariana Curtis, Galit Ariel, Majd Mashharawi, Soraya Chemaly, Katharine Hayhoe, Cecile Richards, Kakenya Ntaiya, Farida Nabourema and surprise speaker Stacey Abrams. All together, they helped us look at how things are now — and imagine how they could be.

The stories of everyday women are essential, too. Public representations of women are too often enveloped in the language of the extraordinary, says museum curator Ariana Curtis. The stories of extraordinary women are seductive, but they are limited — by definition, to be extraordinary is to be non-representative, atypical. Curtis is dedicated to women’s history that reflects both the remarkable and the quotidian. “If we can collectively apply the radical notion that women are people, it becomes easier to show women as people are — familiar, diverse, present,” she says. As the curator for Latinx Studies at the Smithsonian National Museum of African American History and Culture, she’s empowered to change the current narrative where, she says, “respectability politics and idealized femininity influence how we display women and which women we choose to display.” This in turn leads to the exclusion “of the everyday, the regular, the underrepresented and usually the non-white.” As she says: “I will continue to collect from extraordinary history-makers. Their stories are important. But what drives me to show up today and every day is the simple passion to write our names in history, display them publicly for millions to see, and,” as she quotes poet Sonia Sanchez, to “walk in the ever-present light that is women.”

Exploring new worlds, right here on Earth. Technologist Galit Ariel believes that space is humanity’s final frontier — but she’s not talking about the dark, cold expanse between the planets and stars. She’s talking about the mind-blowing, space-bending technology known as augmented reality or AR. “While similar immersive technologies such as virtual reality aspire to transport you into a completely parallel world, augmented reality adds a digital layer directly onto or within our existing physical environment,” she says. AR can map, understand and react to physical spaces; imagine your entire living room transformed into a lush jungle, for instance, as a jaguar hunts for prey between your sofa and the door. Since our bodies and minds are wired for rich physical interactions, Ariel says, it’s crucial that we create technologies that help us be more present and connected to the world — instead of inside our phones. “Technology will no longer be something that happens elsewhere, but a powerful tool to explore and extend the world, society and ourselves,” she says. In the near future, expect to see more and better platforms — things like wearables and maybe even devices directly embedded into our bodies (Black Mirror, anyone?). “Amazing journeys await us right here on planet Earth,” Ariel says. “Bon voyage.”

After more than 150 failed experiments, Majd Mashharawi helped create a building block out of the ashes and rubble of demolished houses in Gaza. Now she’s helping bring solar energy to the area too. She speaks at TEDWomen 2018: Showing Up, on November 30, 2018, in Palm Springs, California. Photo: Marla Aufmuth / TED

Rebuilding Gaza, one brick and one solar cell at a time. “For more than ten years, I and two million people back home have been living in darkness, locked between two borders that are nearly impossible to leave,” says Majd Mashharawi. She lives in Gaza, and she reflects on growing up with “a whole lot of nothing” in the conflict-ridden region — and deciding that she would create something from that nothing. She gravitated toward two urgent needs: for building materials and for electric power, both in short supply in Gaza. After months of research and more than 150 failed experiments, Mashharawi has created a building block that’s made out of the ashes and rubble of demolished houses. The block is light, cheap and strong, and with it, Mashharawi launched the Gaza-based startup GreenCake — which has trained both women and men graduates in manufacturing. “This block is not just a building block,” she says. “It changed the stereotype about women in Gaza, which stated: ‘This type of work is just for men.'” Now Mashharawi has turned her attention to electricity, helping to create a smart solar kit for energy and light. With a business model centered on sharing the solar units among several families, the device is catching on — returning electric power to the hands of people, one solar cell at a time.

Changing the cultural conversation about women and anger. Even though we live in an age where unisex bathrooms and unisex clothing exist, some emotions still get assigned to a single sex. “In culture after culture, anger is reserved as the moral property of boys and men,” says journalist Soraya Chemaly, author of Rage Becomes Her: The Power of Women’s Anger. In contrast, angry women are seen as unhinged, irrational or shrill, and they’re often mocked, penalized or punished if they let out their rage (with women of color facing the most severe consequences). Instructions to use one’s “nice” voice and keep smiling start early on, says Chemaly: “As a girl, I learnt that anger is better left entirely unvoiced.” Instead, it emerges in the form of tears, headaches, stomach-churning discontent or teeth-grinding frustration. Turning anger into a no-go zone for women is not only damaging to psyches and bodies, it also prevents real gender equity, Chemaly says: “Societies that don’t respect women’s anger don’t respect women.” As she notes of anger, “If it’s poison, it is also the antidote. We have an anger of hope.” She calls for people of all genders to accept — and not reject — women’s rage, and for women to turn their rage into a seismic force for compassion, justice, accountability and creativity. (Read an excerpt from her book on TED Ideas.)

The best way to make progress on climate change? Keeping talking about it, says climate scientist Katharine Hayhoe. “To care about a changing climate, we don’t have to be a liberal or a political activist,” she says at TEDWomen 2018: Showing Up, on November 30, 2018, in Palm Springs, California. Photo: Marla Aufmuth / TED

Let’s talk about climate change — from the heart. Climate scientist Katharine Hayhoe is a professor at Texas Tech University, which is in Lubbock, Texas, a place once named the second most conservative town in America. When it comes to talking about climate change there, people immediately see it as political. And that’s not specific to Texas, Hayhoe says — across the US, climate change is viewed as a partisan issue. But in her mind, “to care about a changing climate, we don’t have to be a liberal or a political activist,” she says. “We just have to be a human who wants this planet to be a safe home for all of us.” So, how can we speak about climate change without making it political? Hayhoe suggests an approach less focused on the science and more focused on the heart — by starting the conversation from a place of agreement and mutual respect, and then connecting the dots to why climate change matters personally to you. For instance, maybe climate change affects the places you live, your grandchildren or your favorite outdoor hobbies. It’s not a good idea to paralyze people with fear, Hayhoe says. After all, solutions aren’t that far out of reach. Even in Hayhoe’s home state of Texas, almost 20 percent of the state’s electricity comes from renewable sources. “Working together, we can fix it,” she says. “We can’t give in to despair. We have to go out and look for the hope we need to inspire us to act — and that hope begins with a conversation, today.”

We need to build a sustained global movement for women’s equality, says Cecile Richards — one that’s intersectional and inter-generational. And we can do this without waiting for instructions or permission. She speaks at TEDWomen 2018: Showing Up, on November 30, 2018, in Palm Springs, California. Photo: Marla Aufmuth / TED

The next political revolution: women. The former president of Planned Parenthood, Cecile Richards has been fighting for women’s rights her entire life. On the TEDWomen stage, she has an urgent message — if women are not at the table, then they are on the menu. What does this mean? Well, though women have made great strides in the last 100 years, they still lack real political power. She offers another way of looking at things: “If half of Congress could get pregnant, we would finally quit fighting about birth control and Planned Parenthood.” So just how do women go about building this political revolution? Richards says that it’s already started and proven by events like the 2017 Women’s March in DC and the unprecedented amount of women who ran for office and won in the 2018 US elections. Now we need to build a sustained global movement for women’s equality — one that’s intersectional and inter-generational. We can do this without waiting for instructions or permission to make a difference, she says, by being vocal about what we stand for, realizing nobody is free until everybody’s free and voting in every election. “One of us can be ignored, two of us can be dismissed — but together, we’re a movement,” she says. “And we’re unstoppable.”

How one girl’s dream transformed a communityKakenya Ntaiya dreamed of getting an education. But in her village of Enoosaen, Kenya, Maasai girls were expected to undergo female genital mutilation (FGM) at puberty, get married and give up school. So Ntaiya negotiated with her father: she would undergo FGM, but in return, she would stay in school. Eventually, she left for college in the United States, vowing to return to repay her community for their support. Ntaiya returned, founded the education NGO Kakenya’s Dream, and built the Kakenya Center for Excellence, a school where girls can live and study safely. Believing that empowering a community must extend beyond the girls themselves, Ntaiya works with parents, grandmothers and community leaders to make sure they know how well their girls are doing. And realizing that nothing will truly change if boys grow up “with the same mindset as their fathers before them,” she helped launch a program to teach children about gender equality, health and human rights. Kakenya’s Dream shows that “it truly does take a village to make this kind of a dream come true.”

Everything you know about autocracy is wrong. There’s a certain naiveté in the way the press covers dictatorship, activist Farida Nabourema tells us. During interviews about her struggle against Togolese dictator Faure Gnassingbé, her interviewers often emphasize his abuses, “because they believe that will gain attention and sympathy” for activists. “But in reality, it serves the purpose of dictators — it helps them advertise their cruelty,” and consolidates their grip on power. Instead, why not focus on “the stories of resistance, the stories of defiance, the stories of resilience,” and inspire people to fight back? That naiveté extends to citizens of democratic countries, who often assume that oppressed countries are less “morally advanced,” that the world is moving towards freedom, and that very soon, dictatorships will disappear. The reality is much different, Nabourema warns us. “No country is actually destined to be oppressed, but at the same time, no country or no people are immune to oppression or dictatorship.” Any country with a large concentration of power, a reliance on propaganda, excessive militarization, and a disdain for human rights risks falling into autocracy — and we should all be vigilant.

After a highly contested 2018 campaign for governor of Georgia, Stacey Abrams offers insights on how to move forward — and some hints at what her future might hold. She was the surprise final speaker at TEDWomen 2018: Showing Up, on November 30, 2018, in Palm Springs, California. Photo: Marla Aufmuth / TED

Be aggressive about your ambition. Stacey Abrams‘s 2018 campaign for governor of Georgia was watched across the world. The first black woman to be nominated by a major party for governor, she lost after a hard-fought race. Now she’s the surprise speaker onstage at TEDWomen 2018, where, in an electrifying talk, she shares the lessons she learned from her campaign, advice on how to move forward through setbacks — and some hints at what her future might be. Read a full recap of her talk here.

LongNowThe Equation of Time Cam: Keeping Good Time for 10,000 Years

Fig. 1. The Equation of Time Cam.

In the collections of the Royal Observatory of Greenwich, amongst the myriad time-keeping and navigational devices of the past, there sits a curious artifact built to last into a future none of us will witness. Standing half-a-foot tall, it looks more like a sculpture than an instrument of time, with slender curves that lend it the appearance of a human torso.

It is a prototype of the Equation of Time Cam, a mechanism that will be in The Long Now Foundation’s 10,000 Year Clock. The Equation of Time Cam solves one of the crucial design and engineering problems in building a clock meant to last ten thousand years: keeping accurate time while accounting for the slow but significant changes in the Earth’s rotation over the millennia.

Even the most accurate mechanical clocks in the world eventually drift off of the correct time. In order to remain accurate over thousands of years, the 10,000 Year Clock needed a feedback mechanism that could check what time it is, and correct itself. The clock’s builders chose the sun to serve as that feedback mechanism. As Danny Hillis, the inventor of the Clock of the Long Now, puts it (02011):

Human societies have always organized their activities around the rising and setting of the Sun. Civilization required agriculture. Agriculture required sunlight. Much of human culture is organized around a diurnal or annual cadence. […] The Sun matters to humans, even to their devices in the depths of space and on the surfaces of other planets. It has done so throughout history and the Clock makes the statement that it will continue to matter thousands of years into the future.

The Clock keeps time with a pendulum, which generates absolute time.¹ The sun is used to correct any drift. On the sunny days around the solstices at solar noon, a shaft of light will shine into the mountain where the Clock resides, synchronizing it to the sun and providing the input of solar time.

But there’s a discrepancy between solar time and absolute time. That’s because the position of the sun at solar noon throughout the course of a year is not regular. It varies due to the Earth’s elliptical trajectory around the sun (called the eccentricity of Earth’s orbit) and the Earth’s axial tilt (called the obliquity of the ecliptic). This variability is represented by a diagram called an analemma (Figure 2).

Fig. 2. The analemma showing the sun’s position at solar noon over the course of one year. Note the plus or minus fifteen minute time difference.

If you were to visit an accurate sundial at exactly noon on a sunny day in mid-February and looked at the time on your watch or phone, this discrepancy would become especially apparent: your watch or phone would read 12:00, but the shadow cast by the sun on the sundial would correspond to 11:46. If you were to do the same on a sunny day in early November, the opposite would be true: 12:00 on your timekeeping device would correspond to 12:14 on the sundial.

The equation of time reconciles the difference between these two kinds of time. It converts solar time to clock time, and vice versa, such that over the course of a year the differences resolve to zero.

Fig. 3. The Equation of Time as it appears today. Note the four times over the course of the year where solar time and sundial time align.

In the early eighteenth century, astronomical regulator clocks were invented that used equation of time cam mechanisms that automatically converted clock time to solar time. The two-dimensional cam, shaped in such a way to embody the equation of time, would rotate once a year, with a follower that traveled around the curves.

Fig. 4. Left: A Graham astronomical regulator clock. Right: A two-dimensional equation of time cam. 

These traditional equation of time cams would not be sufficient for purposes of reconciling time in the 10,000 Year Clock. That’s because they’re designed to correct for the same analemma year after year. They do not take into account slow, long-term changes in the Earth’s rotation. These variations would scarcely be perceptible over the lifetime of a normal clock, but on a long enough time scale, such as 10,000 years, these changes would be profound, and would result in errors for purposes of timekeeping.

Fig. 5. The “wobble” of the Earth during the Precession of the Equinoxes.

The first variation in the Earth’s motion that must be accounted for is its cyclic wobble, called the precession of the equinoxes. Like a spinning top, the Earth gradually shifts the orientation of its axis, and completes a cycle after roughly 26,000 years. Today, our axis points to the North Star, Polaris. In 8,000 years, we will have a new North Star: Demeb. In 12,000 years, our North Star will be Vega.

The second variation is the fact that the Earth is slowing down by 1.8 milliseconds per day, or roughly one second per century. This is due to a number of factors, including the tidal effects of the moon, shifts in the Earth’s crusts, and changes in sea levels. If you were to synchronize two clocks 2,500 years ago, with one keeping perfect time and the other based on solar time, these clocks would be out of sync by four hours today.

Fig. 6. The moon accounts for some of the Earth’s rotation slowing down over time.

The Equation of Time Cam was built to enable the Clock to convert from local solar time to absolute time while accounting for these predicted long-term variations over the next 10,000 years.²

Fig. 7. The Equation of Time Cam.

But the Clock’s builders wanted to do more than simply turn a mathematical equation into its physical representation. They wanted to create an object that would be aesthetically compelling to visitors of the Clock for millennia.

Fig. 8. The evolution of the Equation of Time Cam prototype models.

“Most engineering solutions, usually the first one that someone comes up with that fulfills the engineering goal is the solution,” says Alexander Rose, who works with Danny Hillis on the Clock Project at The Long Now Foundation. “In our case, the goal of this project is not only to make the cam work but to make it a compelling object. We didn’t stop at the first one that worked, we didn’t stop at the second one that worked, we got to a third one that worked and tuned that until it was very aesthetic and interesting to hold and to look at.”

Fig. 9. The Equation of Time Cam over the coming thousands of years, with the equation of time visible at left. The cam rotates once each year, with a follower slowly moving up the cam until the year 12000.

Danny Hillis enlisted engineer Stewart Dickson to create a three-dimensional model based on his derivations of the equation of time. The Cam for the first prototype of the Clock was built using a 3D printer, and then cast into bronze. This work was carried out at The Crucible under the direction of fabricator Chris Rand. After the first one that was made for the Clock, Levenger made an edition of 365 Equation of Time Cams, most of which were given as a thank you for Long Now members at the “Equation of Time Cam” level of membership.

Fig. 10. The prototype of the 10,000 Year Clock. The Equation of Time Cam is visible in the top left, below the Clock’s face.

In 02018, a new numbered edition of the Equation of Time Cam was created. These cams are made of bronze and entirely machined similar to the one now being made for the monument scale Clock. This next edition is available via donation on Long Now’s “Artifacts” page.

Fig. 11. Machining the new edition of the Equation of Time Cam.

02018 also saw the construction of the full-size stainless steel Equation of Time Cam for the monument scale clock. Compared to the prototype Equation of Time Cam, which stands at six inches tall, the full-size cam will be 10.2 inches — one inch per thousand years with a little extra room on either end. This extra room provides future engineers with a window of roughly 100 years to create a new Cam.

Fig. 12. Construction and assembly of the full-size Equation of Time Cam that will be in the 10,000 Year Clock.

In examining the question of what time was, Saint Augustine once said: “If no one asks me, I know what it is. If I wish to explain it to him who asks, I do not know.” The Equation of Time Cam ensures that the Clock of the Long Now will — for the next ten thousand years, at least — always know.


[1] Absolute time, as used here, basically just means “man made clock time.” But the broader way to think about this refers to the solar system barycentric coordinate time of general relativity. As Hillis et al put it (02011): “This timescale is the independent variable in the equations of planetary motion that emerge from Einstein’s space-time field equations and metric tensor. It is therefore a direct expression of our current understanding of the space-time relationship. A defined relationship between coordinate time in the solar system barycentric frame and International Atomic Time (TAI) at a site on Earth (or Earth satellite) can be used to properly relate these timescales.”

[2] While the Equation of Time Cam is precomputed to correct for celestial variations over time, there’s one variable that potentially places a limit on the Clock’s accuracy: climate change. As noted above, rising sea levels are one factor that slows the Earth’s rotation over time. The Earth’s predicted slowdown is accounted for in the Equation of Time Cam, but calamitous climate change events could slow it down even further. In 02010, Danny Hillis requested a paper from astrophysicist Michael Busch to assess the impact of the most dramatic predictions of climate change on the Clock’s accuracy. Busch found that if the ice sheets of Antarctica or Greenland were to melt completely — which could take centuries, i.e., less than the total timespan of the Clock — it could affect when solar noon is by 37 days over the course of 10,000 years.

Learn More:

CryptogramSecurity Risks of Chatbots

Good essay on the security risks -- to democratic discourse -- of chatbots.

Google AdsenseHelp us improve our services and products

We’d like to personally invite you to share your thoughts with us so that we can keep improving your experience with us.

Depending on your email preferences, you may have received a survey by email, if so please take the time to respond to it as we value your input.

In the past, we’ve used your responses to improve how we help you, ways you interact with our product, and what type of features we offer.
The survey should take about 10-15 minutes and can be answered on mobile.

Whether you’ve completed this survey before or you’re providing feedback for the first time, we’d like to thank you for sharing your valuable thoughts. We’re looking forward to feedback!

Thank you!

Worse Than FailureCodeSOD: Golf Buddies

Hiring people you know is a double-edged sword. You already have an established relationship, and shared background, and an understanding of how they think and act. You’re helping a friend out, which always feels good. Then again, good friends don’t always make good co-workers, and if you limit your hiring pool to “people I know” you’re not always going to find the best people.

Becky’s boss, Chaz, tends to favor his golf buddies. One of those golf buddies got hired, developed for a few months, then just gradually ghosted on the job. They never quite quit or got fired, they just started coming in less and less until they stopped coming in at all.

Chaz passed the code over to Becky to fix. By “passed”, that is to say, he emailed her a zip file of the source, which was the only working copy of the code. There was no documentation, no source control, certainly no tests, and no description of what the program was actually supposed to do. “Just fix the bugs,” Chaz said.

M m = new M(true, C);
Mc mc = new Mc();
mc.AccountReference = Mb.AccountReference;
mc.Originator = Mb.ShortCode;
IEnumerable<msgItem> e = from x in m
group x by x.To into y
select y.First();
string r = string.Join(",", from x in e select x.To);
Msg msg = new Msg();
msg.Body = Mb.Text;
msg.Type = MessageType.SMS;
msg.Recipients = r;
res = ms.Send(mc);
Mb.LocalStatus = LocalStatus.Sent;
if (res.Ids.Count != e.Count())
Mb.LocalStatus = LocalStatus.Failed;

Obviously, this “golf buddy” was also a bit of a fan of keyboard golf. I mean, look at this line. Look at this.

M m = new M(true, C);

I could just stare at that line all day. Every developer tends to use a little bit of shorthand, but this whole block is amazing in its opacity. I’m convinced that the fact the class Mc has fields named AccountReference is a sign that there was at least one other developer on this project, who was trying desperately to use words.

They obviously LocalStatus.Failed in that.

[Advertisement] ProGet can centralize your organization's software applications and components to provide uniform access to developers and servers. Check it out!

LongNowWatch: Videos from Whole Earth 50th Now Online

This October, hundreds gathered in San Francisco at the Fort Mason Center for Arts & Culture to celebrate the 50th anniversary of The Whole Earth Catalog. Long Now was a sponsor and helped produce media for the event, which is now available online. The evening program (viewable above) featured conversations between Whole Earth Catalog contributors and contemporary wave-makers as they discussed the legacy of the Catalog and what the next 50 years might hold. Speakers included Ryan Phelan, Danica Remy, Rusty Schweickart, Kevin Kelly, Simone Giertz, Howard Rheingold, Chip Conley, Stephanie Mills, Stephanie Feldstein, Stewart Brand and Sal Khan. Select highlights from the program are viewable below.

Whole Earth Catalog contributor Kevin Kelly and robotics inventor Simone Giertz share their advice for aspiring makers:

Whole Earth contributor and social media pioneer Howard Rheingold on what makes a community a community:

Whole Earth Catalog founder Stewart Brand discusses the future of education with Khan Academy founder Sal Khan.

Stewart Brand on what his 29-year-old self would think of 02018:

More photos and videos from the event can be accessed on the Whole Earth 50th website.

Whole Earth 50th was sponsored by the San Francisco Art Institute, WIRED, The Long Now Foundation, Ken and Maddy Dychtwald, Peter and Cathleen Schwartz, Stewart Brand and Ryan Phelan, Juan and Mary Enriquez, and Gerry Ohrstrom.

Planet DebianReproducible builds folks: Reproducible Builds: Weekly report #188

Here’s what happened in the Reproducible Builds effort between Sunday November 25 and Saturday December 1 2018:

Patches filed

Test framework development

There were a number of updates to our Jenkins-based testing framework that powers this week, including:

  • Chris Lamb prepared a merge request to generate and serve diffoscope JSON output in addition to the existing HTML and text formats (example output). This required Holger Levsen to increase the partition holding /var/lib/jenkins/userContent/reproducible from 255G to 400G. Thanks to Profitbricks for sponsoring this virtual hardware for more than 6 years now.

  • Holger Levsen and Jelle van der Waa started to add integrate new Arch Linux build nodes, namely and,

  • In addition, Holger Levsen installed the needrestart package everywhere [] updated an interface to always use short hostname [], explained what some nodes were doing [] as well as performed the usual node maintenance ([], [], [], etc.).

  • Jelle van der Waa also fixed a number of issues in the Arch Linux integration including showing the language in the first build [] and setting LANG/LC_ALL in the first build [].

This week’s edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Jelle van der Waa & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Planet DebianBenjamin Mako Hill: Banana Peels

Photo comic of seeing a banana peel in the road while on a bike.

Although it’s been decades since I last played, it’s still flashbacks to Super Mario Kart and pangs of irrational fear every time I see a banana peel in the road.

Planet DebianGunnar Wolf: New release of the Raspberry Pi 3 *unofficial Debian preview* image

Back in June, Michael Stapelberg asked for somebody interested in adopting the unofficial Debian image for the Raspberry Pi 3 family. It didn't take me long to raise my hand.
What did take me long is to actually do it. I have adopted Raspberry3 image spec repository, with the recipes to build the image using Lars' great vmdb2, as well as the raspi3-firmware non-free Debian package.
After delaying this for too long, first in order to understand it better, and second because of the workload I had this last semester, I think we are ready to announce...

There is a new, updated preview image!

You can look at the instructions at the Debian Wiki page on RaspberryPi3. Or you can just jump to the downloads, at my people.debian.orgxzipped image (388MB, unzips to 1.5GB, and resizes to the capacity of your boot SD at first boot), verification sha256sum, and PGP-signed verification sha256sum.
There are still many things that can be improved, for sure. The main issues for me are:

  • No wireless support. Due to a bug in Linux kenel 4.18, wlan0 support is broken. It is reported, and we expect it to be fixed in the next kernel upload.
  • Hardcoded root password. This will be tackled later on — part of the issue is that I cannot ensure how this computer will be booted. I have some ideas to tackle this, though...

Other than that, what we have is a very minimal Debian system, ready for installing software!
At some point in the future, I plan to add build profiles for some common configurations. But lets go a step at a time.

Planet Linux AustraliaSimon Lyall: Audiobooks – November 2018

The Vanity Fair Diaries 1983-1992 by Tina Brown

Well written although I forgot who was who at times. The author came over very real and it is interesting to feel what has/hasn’t changed since the 1980s. 7/10

His Last Bow and The Valley of Fear by Sir Arthur Conan Doyle. Read by Stephen Fry

The Valley of Fear is solid. The short stories are not among my favorites but everything is well produced 7/10

First Man: The Life of Neil A. Armstrong by James R. Hansen

I read this prompted by the movie. Unlike the movie covers his family, early and post-moon life and has a lot more detail everywhere. Not overly long however 8/10

Don’t Make Me Pull Over! : An Informal History of the Family Road Trip by Richard Ratay

Nice combination of the author’s childhood experiences in the early-70s along with a history of the hotel, highway and related topics. 8/10

Giants’ Star by James P. Hogan

3rd book in the trilogy. Worth reading if you read and liked the first two. 6/10

U.S.S. Seawolf: Submarine Raider of the Pacific by Joseph Eckberg

First person account of a crew-member of a US Sub before & during the first year (up to Jan 1943) of US involvement in WW2. Published during the war and solely sourced for one person, so missing some details due to wartime censorship and lack of reference to other sources. Engaging though. 8/10

Mind of the Raven: Investigations and Adventures with Wolf-Birds by Bernd Heinrich

I didn’t like these quite as much as “Summer World” and “Winter World” since 100% ravens got a bit much but still it was well written & got me interested in the birds. 7/10

The Greater Journey: Americans in Paris by David McCullough

Covering American visitors (mostly artists, writers and doctors) to Paris mainly from 1830 to 1900. Covering how they lived and how Paris influenced them along with some history of the city. 9/10



Krebs on SecurityA Breach, or Just a Forced Password Reset?

Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. Many Sharefile users interpreted this as a breach at Citrix and/or Sharefile, but the company maintains that’s not the case. Here’s a closer look at what happened, and some ideas about how to avoid a repeat of this scenario going forward.

The notice sent to ShareFile users looked like this:

Dozens of readers forwarded the above message to KrebsOnSecurity, saying they didn’t understand the reasoning for the mass password reset and that they suspected a breach at ShareFile.

I reached out to ShareFile and asked them point blank whether this reset effort was in response to any sort of intrusion at Citrix or ShareFile; they said no. I asked if this notice had been sent to everyone, and inquired whether ShareFile offers any form(s) of multi-factor authentication options that customers could use to supplement the security of passwords.

A Citrix spokesperson referred me to this page, which says ShareFile users have a number of options when it comes to locking down their accounts with multi-factor authentication, including a one-time code sent via SMS/text message, as well as one-time passwords generated by support authenticator mobile apps from Google and Microsoft (app-based multi-factor is the more secure option, as discussed here).

More importantly, the Citrix spokesperson said the company did not enforce a password reset on accounts that were using its most robust form of multi-factor authentication (single sign-on solutions, or SSOs). To wit:

“This is not in response to a breach of Citrix products or services,” wrote spokesperson Jamie Buranich. “Citrix forced password resets with the knowledge that attacks of this nature historically come in waves. Attacker’s additional efforts adapt to the results, often tuning the volume and approach of their methods. Our objective was to minimize the risk to our customers. We did not enforce a password reset on accounts that are using more stringent authentication controls. Citrix also directly integrates with common SSO solutions, which significantly reduces risk.”

The company did not respond to questions about why it decided to adopt regular password resets as a policy when doing so flies in the face of password and authentication best practices recommended by the National Institute of Standards and Technology (NIST), which warns:

“Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.”

NIST explains its rationale for steering organizations away from regular forced password resets thusly:

“Users tend to choose weaker memorized secrets when they know that they will have to change them in the near future. When those changes do occur, they often select a secret that is similar to their old memorized secret by applying a set of common transformations such as increasing a number in the password. This practice provides a false sense of security if any of the previous secrets has been compromised since attackers can apply these same common transformations.”

“But if there is evidence that the memorized secret has been compromised, such as by a breach of the verifier’s hashed password database or observed fraudulent activity, subscribers should be required to change their memorized secrets. However, this event-based change should occur rarely, so that they are less motivated to choose a weak secret with the knowledge that it will only be used for a limited period of time.”

In short, NIST says it makes sense to force an across-the-board password reset following a breach — either of a specific user’s account or the entire password database. But doing so at regular intervals absent such evidence of compromise is likely to result in less complex and secure passwords.

Ideally, ShareFile users who received a password reset notice may be able to avoid the next round of password resets by adopting one of the two-step authentication options mentioned above. And I hope it goes without saying, but please don’t re-use a password you used anywhere else.

However, if you are the type of person who likes to re-use passwords, then you definitely need to be using a password manager, which helps you pick and remember strong passwords/passphrases and essentially lets you use the same strong master password/passphrase across all Web sites.

Incidentally, there are several companies — such as auth0 and Okta — that make it easy to integrate with breached password databases like Troy Hunt’s to help proactively prevent users from picking passwords they have used at other sites (or at least at other sites that have been breached publicly).

Whether online merchants are willing to adopt such preemptive approaches is another matter, said Julie Conroy, research director with the Aite Group, a market analyst firm.

“With the reality that such a vast swath of username/password combinations have been compromised, this creates the potential for a ton of inline friction, something that is an anathema to merchants, and which banks work hard to stay away from as well,” Conroy said.

Update: 4:53 p.m. ET: Citrix just published its own blog post about this here.

TEDShowing off: Notes from Session 5 of TEDWomen 2018

The term “showing off” gets a bad rap. But for Session 5 of TEDWomen 2018, a lineup of speakers and performers reclaimed the phrase — showing off their talents, skills and whole extraordinary selves. Hosted by TED’s head of conferences, Kelly Stoetzel, and head of curation, Helen Walters, the talks ranged from architecture and the environment to education and grief, taking on the fundamental challenges that we face as humans. The session featured Ane Brun, Kotchakorn Voraakhom, Kate E. Brandt, Danielle Moss Lee, Carla Harris, Helen Marriage and Nora McInerny.

Multi-instrumentalist, singer and composer Ane Brun kicks off Session 5 with a poised, intimate performance of “It All Starts With One” and “You Light My Fire.” She performs at TEDWomen 2018: Showing Up, on November 29, 2018, in Palm Springs, California. (Photo: Callie Giovanna / TED)

It all starts with a dramatic opening. The session starts with an air of anticipation, thanks to multi-instrumentalist Ane Brun‘s opening number, “It All Starts With One.” This cabaret workout for piano and string quartet is based on “the revolution of dreams” of the Arab Spring, written to celebrate “small victories … that little drop that I, as an individual, can add to the flood of change.” Her intimate follow-up number, “You Light My Fire,” is “a statue in the shape of a song” dedicated to the unacknowledged warriors who fight for women’s rights.

Our sinking cities. At this very moment, 48 major cities across the globe are sinking — cities like New York City, Los Angeles, London, Tokyo, Shanghai and Bangkok, built on the soft ground alongside their rivers. Landscape architect and TED Fellow Kotchakorn Voraakhom comes from Bangkok herself and was displaced, along with millions of others, by the devastating flood that hit Thailand in 2011. “Our city’s modern infrastructure — especially our notion to fight floods with concrete — has made us extremely vulnerable to climate uncertainty,” she says. In the years since, she’s worked to combine the ingenuity of modern engineering with the reality of rising sea levels to help cities live with climate change. She and her team designed the Chulalongkorn Centenary Park, a big green crack in the heart of Bangkok and the city’s first new public park in more than three decades. The park is not only a site for recreation and beautification; it also helps the city deal with water through some ingenious design. Bangkok is a flat city, so by inclining the whole park, it harnesses the power of gravity to collect every drop of rain — holding and collecting up to a million gallons of water during severe floods. “This park is not about getting rid of flood water,” she says. “It’s about creating a way to live with it.” In a sinking city where every rainfall is a wake-up call, this “amphibious design” provides new hope of making room for water.

“Greening” Google with a circular approach. “What if, like nature, everything was repurposed, reused and reborn for use again?” asks Google’s head of sustainability, Kate E. Brandt, who is in charge of “greening” the tech giant. Every time someone completes a search on Google or uploads a video to YouTube, Google’s data centers are hard at work — filled with servers using a significant amount of energy. And with demand for energy and materials only continuing to grow, Brandt’s work is to figure a sustainable path forward. Her idea? To create a circular economy grounded in three tenets: designing out waste, keeping products and materials in use, and transitioning to renewable energy. In this circular world, all goods would be designed to be easily repaired and remanufactured. She imagines, for instance, that even clothes and shoes could be leased and returned — with old clothes going back to the designer to reuse the materials for a new batch of clothing. “If we each ask ourselves, ‘What can I do to positively impact our economy, our society, our environment?’ — then we will break out of the global challenges that have been created by our take-make-and-waste economy, and we can realize a circular world of abundance,” she says.

Activist Danielle Moss Lee advocates for “the forgotten middle”: those students and coworkers who are often overlooked but who, when motivated and empowered to succeed, can reach their full potential. She speaks at TEDWomen 2018: Showing Up, November 29, 2018, Palm Springs, California. (Photo: Callie Giovanna / TED)

Tapping into the forgotten middle. We all know “the forgotten middle” — “they’re the students, coworkers and plain old regular folks who are often overlooked because they’re seen as neither exceptional nor problematic,” says activist and former educator Danielle Moss Lee. But, she says, there is more here. “I think there are some unclaimed winning lottery tickets in the middle,” Lee says. “I think the cure for cancer and the path to world peace might very well reside there.” Lee has spent much of her career trying to help this group reach their full potential. In middle school, she herself was languishing in that strata, until her mother noticed and set her on a different path. Later, in New York City, Lee helped create a program to work with the forgotten middle and identified some of the core elements of a formula to motivate them. These include holding kids to high expectations (instead of asking, “Hey, do you want to go to college?”, ask, “What college would you like to attend?”), giving them “the hidden curriculum” needed to succeed (study skills, leadership development, liberal-arts coursework and adult support), and making them accountable to themselves, each other and their communities (seeing themselves as belonging to a group of young people who came from the same backgrounds and who were all aspiring for more). Lee says, “When I think of my kids, and I think of all the doctors, lawyers, teachers, social workers and artists who came from our little nook in New York City, I hate to think what wouldn’t have happened if we hadn’t invested in the kids in the middle.”

In our careers, we all need a sponsor. Corporate America insists it is a meritocracy — a place where those who succeed simply “put their heads down and work really hard.” But former Wall Street banker Carla Harris tells us this simple truth: that’s not the case. To really move forward and be recognized for your work, you need someone else to make a case for you — especially in those pivotal decisions that are often made behind closed doors. This person isn’t a mentor, champion or advocate — but a sponsor, someone who is “carrying your paper into the room … pounding the table on your behalf.” Sponsors need three things: a seat at the table, power in the decision-making process and an investment in you and your work. Harris says you can attract a sponsor by utilizing two forms of social capital: performance currency, which you gain when you perform beyond expectations, and relationship currency, which you gain by engaging meaningfully with the people around you. “You can survive a long time in your career without a mentor,” Harris says, “but you are not going to ascend in any organization without a sponsor.”

Designer Helen Marriage creates moving, ephemeral moments that reveal beauty among ruins, reexamine history and whimsically demonstrate what’s possible. She speaks at TEDWomen 2018: Showing Up, November 29, 2018, Palm Springs, California. (Photo: Callie Giovanna / TED)

A moment when curiosity triumphs over suspicion, and delight banishes anxiety. Designer Helen Marriage brings people together through larger-than-life art and spectacle. “I want to take you to a different kind of world — a world of the imagination where using this most powerful tool that we have, we can transform our physical surroundings,” she says. With Artichoke, the company she cofounded in 2006, Marriage seeks to create moving, ephemeral moments that reveal beauty among ruins, reexamine history and whimsically demonstrate what’s possible. Why? “In doing so, we can change forever how we feel, and how we feel about the people we share the planet with.” On the TEDWomen stage, Marriage tells the tale of three cities she transformed into spaces of culture and connection. In Salisbury, French actors performed Faust on stilts with handheld pyrotechnics; in London, she conjured magic by shutting down the city streets for four days to tell the story of a little girl and an elephant. And in Derry (also known as Londonderry) — a town still gripped by Northern Ireland’s Protestant/Catholic conflict — she helped address community tribalism in Burning Man fashion, building a wooden temple that housed written hopes, thoughts, loves and losses — then burning it down. Reminiscent of a town ritual that usually deepens rifts, the work brought thousands of people together on both sides to share and experience a deeply profound moment. As she says: “In the end, this is all about love.”

Moving forward doesn’t mean moving on. In a heartbreaking, hilarious talk, writer and podcaster Nora McInerny shares her hard-earned wisdom about life and death. In 2014, soon after losing her second pregnancy and her father, McInerny’s husband Aaron died after three years fighting brain cancer. Since then, McInerny has made a career of talking about life’s hardest moments — not just her own, but also the losses and tragedies that others have experienced. She started the Hot Young Widows Club, a series of small gatherings where men and women can talk about their partners who have died and say the things that other people in their lives aren’t yet willing to hear. “The people who we’ve lost are still so present for us,” she says. Now remarried, McInerny says that we need to change how we think about grief — that it’s possible to grieve and love in the same year and week, even the same breath. She invites us to stop talking about “moving on” after the death of a loved one: “I haven’t moved on from Aaron, I’ve moved forward with him,” she says. And she encourages us to remind one another that some things can’t be fixed, and not all wounds are meant to heal.

TEDThe art of possibility: The talks of TED@Merck KGaA, Darmstadt, Germany

For a second year, TED and Merck KGaA, Darmstadt, Germany, have partnered to explore the art of possibility. (Photo: Richard Hadley / TED)

The possibilities life affords us are endless. We can find them everywhere, at the micro and macro levels and across all fields. Do you see them? Look closer: they are there every time we use our curiosity and imagination to explore and try new things.

For a second year, TED and Merck KGaA, Darmstadt, Germany, have partnered to explore the art of possibility. At this year’s TED@Merck KGaA, Darmstadt, Germany, hosted by TED’s international curator Bruno Giussani at Staatstheater Darmstadt on November 26, 2018, a lineup of 13 visionaries, dreamers and changemakers shared the possibilities of past, present and future.

After opening remarks from Stefan Oschmann, Chairman of the Executive Board and CEO of Merck KGaA, Darmstadt, Germany, the talks of Session 1 kick off.

Sharks could be our newest weapons against cancer, says antibody researcher Doreen Koenning. She shares her work at TED@Merck KGaA, Darmstadt, Germany. (Photo: Richard Hadley / TED)

Can sharks help us fight cancer? The time-worn cliché, “If you hear hoofbeats, think of horses, not zebras,” is meant to remind us that the most obvious solution is usually the correct ones. Yet antibody researcher Doreen Koenning has dedicated her career to doing exactly the opposite — and in the process, she’s uncovered surprising weapons that may help us fight cancer. Koenning studies sharks — specifically, their antibodies, which are unusually stable and robust, and which interact with a wide variety of complex molecules. What does this have to do with cancer? Medicines made from human antibodies help us battle cancer — but since they blend into our immune system so well, it’s difficult to track their side effects. Shark antibodies, by contrast, stand out like a sore thumb. Because of this, they could become a valuable tool for neglected diseases and clinical drug trials — and potentially create a new breed of cancer medicines. In the end, Koenning reminds us that we can find useful molecules in many other species, each of them having very special traits. So our search for “zebras” shouldn’t stop at the shark tank.

By bridging immunology and biology, we can engineer vaccines that evolve alongside the superbugs, says pharmacist Vikas Jaitely. He speaks at TED@Merck KGaA, Darmstadt, Germany. (Photo: Richard Hadley / TED)

We can fight antibiotic-resistant superbugs with a new class of vaccines. We urgently need to revamp our approach to developing solutions for bacterial diseases, says pharmacist Vikas Jaitely. Deadly superbugs like MRSA and Clostridium difficile are quickly evolving to resist antibiotics by continuously mutating their genes and even borrowing stronger DNA from other bacteria. Although medical science is trying to keep up, these strains are progressing at a much faster rate than our antibiotics; by 2050, superbugs could claim up to 10 million lives a year globally. Jaitely proposes a new source of help: learning directly from the bacteria and developing what he calls an “ecosystem of evolving vaccines” that can be rapidly modified to target ever-changing bacteria strains. Jaitely says that by modeling superbug behavior and tracking the most probable adaptations (similar to how we approach the flu virus), we can engineer vaccines that evolve alongside the superbugs, functioning as protective shields in our bodies. By “bridging immunology and biology,” he concludes, “we can remove these bugs’ superpowers through the power of our own immune systems, fully trained by these new vaccines.”

What your breath could reveal about your health. There’s no better way to stop a disease than catching and treating it early, before symptoms show. That’s the whole point of medical screening techniques like radiography, MRIs and blood and tissue tests. But there’s a medium with overlooked potential for medical analysis: your breath. Technologist Julian Burschka shares the latest in the art of breath analysis — the screening of the volatile organic compounds we exhale — and how it can be used to better understand the biochemical processes happening inside a patient’s body. Burschka explains how research on breath analysis has skyrocketed recently, and that there’s substantial data suggesting that diseases like Alzheimer’s, diabetes and even colon cancer can be detected in our breath. As the technology matures, the decision of whether or not to treat a disease based on early detection will still be debated, Burschka says. But it’s opening up exciting new possibilities like the creation of longitudinal data that could track the same patient over her lifetime, enabling doctors to detect abnormalities based on a patient’s own medical history, not the average population. “Breath analysis should provide us with a powerful tool not only to proactively detect specific diseases, but also to predict and ultimately prevent them,” Burschka says.

The possibilities of dynamic lighting. Light is all around us, yet many of us don’t realize how much of an effect it has on our behavior and productivity. Lighting researcher Sarah Klein believes we can use lighting to improve our daily lives. Lighting is often chosen with installation costs in mind — not designed to help us feel our best. Klein thinks we should change that approach and make it work with our biological needs. She suggests a “dynamic light system” — a network of adjustable, condition-specific LED lights that NASA uses to help their astronauts get the right amount of sleep. This kind of solution isn’t just for astronauts — it can be useful back on Earth, too, Klein says. For example, a dynamic light system could help travelers cope with jetlag on airplanes and enable people to heal faster in hospitals. Now that we know the impact that light has on us, she says, “We can create a healthier environment for our colleagues, our friends, our families — and ultimately ourselves.”

The impact of a TED Talk, one year later. In a personal, eye-opening talk at last year’s TED@Merck, patient advocate Scott Williams highlighted the invaluable role of informal caregivers — those friends and relatives who go the extra mile for their loved ones in need. More than a million views later, Williams is back on the TED stage, discussing the impact of his talk both within Merck KGaA, Darmstadt, Germany, and on the general public. Since the talk, the company has launched a program called Embracing Carers that supports informal caregivers, and people from around the world have reached out to Williams to share their stories and perspectives. Now, Williams and Embracing Carers are partnering with like-minded organizations, such as Eurocarers and the American Cancer Society (and actor Rob Lowe!), to share tools and resources. “This journey generated interest and brought people together,” Williams says. “It sparked a dynamic conversation about the situation of carers.”

A grassroots healthcare revolution in Africa. The last several decades have brought revolutionary advances in medical technology — and yet, according to the World Health Organization, half of the world’s population still can’t get basic health care. How can we fix this glaring gap? Inclusive health care advocate Boris A. Hesser believes that the answer lies in community pharmacies, and developing them into bonafide centers of care. Throughout Africa, for example, small pharmacies can be logical local service points for basic medical care and long-term patient outcomes — if they can access the tools they need. Hesser’s team has already built five basic, sustainable facilities around Nairobi that provide preventative care, affordable medication and even refrigeration for medicines. It’s one step in bringing affordable health care to everyone, everywhere.

Scientist Li Wei Tan is passionate about bubbles. At TED@Merck KGaA, Darmstadt, Germany, she shares the magic of these soapy spheres. (Photo: Richard Hadley / TED)

The wonderful, surprisingly scientific world of bubbles. Ink formulation scientist Li Wei Tan wants to burst your bubble. It’s actually her job to do just that; when you hold a smartphone, it’s her work that helps give the screen such a crisp, clear quality, by removing the micro- and nano-sized bubbles that want to live in the ink beneath the screen. Tan knows all about the secret world of bubbles — how to remove tiny ones and create the giant bubbles that may have fascinated you as a child — and shares the magic of these soapy spheres. Bubbles are mathematical marvels because they’re constantly seeking geometric perfection, which gives them their shape, Tan says. (Did you know six connected bubbles form a cube in the center?) And these spectacular orbs have influenced industries from manufacturing and shipping (where boats are trying to mimic the bubble-producing tendencies of swimming penguins) to medicine — even down to the tiny bubbles in champagne. “As a scientist who is passionate about bubbles,” she says, “I love to see them, I love to play with them, I love study them, and also I love to drink them.”

Why multitasking works — if we slow it down. “To do two things at once is to do neither,” so the saying goes. But economist and journalist Tim Harford thinks that doing two things at once — or three or even four — is exactly what we should be going for, so long as we slow down to do them right. Harford calls this concept “slow-motion multitasking,” and it’s a pattern of behavior common in highly creative people of all stripes — from Einstein and Darwin to Michael Crichton and Twyla Tharp. Slow-motion multitasking is “when we have several projects in progress at the same time, and we move from one to the other and back again as the mood takes us or the situation demands,” he says. The benefits of this approach are manifold. For instance, creativity often comes from moving an idea out of its original situation and into a new context. As Harford puts it: “It’s easier to think outside the box if you spend some time clambering from one box to another.” What’s more, learning to do one thing may help you do something else. Harford gives the example of medical trainees who became significantly better at analyzing and diagnosing images of eye diseases after spending time studying art. And by balancing several fulfilling projects at once, Harford explains, you’re less likely to get stuck: a setback on one project presents itself as an opportunity to work on another. So how do you keep all these creative pursuits straight in your head? Harford suggests storing related information in separate boxes — whether these are actual physical boxes or digital folders — that can be easily accessed when inspiration strikes. “We can make multitasking work for us, unleashing our natural creativity,” Harford says. “We just need to slow it down.”

Breaking down cultural barriers — with cake. Materials scientist Kathy Vinokurov says that when faced with cultural boundaries in unfamiliar environments, we should be bold and take the first step to bridge those gaps. Born in Russia, Vinokurov moved to Israel as a teenager, where she says she built an imaginary wall between her and her classmates. Fast forward to a new job in Germany later in life and Vinokurov realized she had done the same thing at her workplace. While we can’t control the perceptions others have of us, Vinokurov says, we can control how we communicate and share with those around us. She suggests that when we’re in new settings, we can ease cultural barriers by showing up as our full, authentic selves — and, perhaps, bringing sweet treats from home, like cake. “This opens up the possibility to talk about all the bricks that, if not addressed, may build that wall,” Vinokurov says. While not everyone will immediately open up, she encourages us to spark conversation and “cultural barriers will start to melt away.” Though the tensions of a new workplace can be daunting, sometimes it really is as easy as pie.

By combining AI and blockchain, we could enter an era where we render all data — published and unpublished — searchable and shareable, says complexity specialist Gunjan Bhardwaj. He shares his vision of the future at TED@Merck KGaA, Darmstadt, Germany. (Photo: Richard Hadley / TED)

Technological tools for mining medical data. Complexity specialist Gunjan Bhardwaj begins his talk with a grim statement: “All of us in this room have a friend or a loved one who has suffered from a life-threatening disease.” When faced with this reality, we find ourselves trying to sort through a mountain of medical data to figure out what therapies are available, pinpoint where we can get them and identify the best experts to help. And this mountain is constantly growing; according to a study by Peter Densen: at the present rate, medical knowledge will double itself every 73 days in the year 2020. Doctors and researchers — let alone patients and their families — will find it impossible to attain a cohesive view of this “deep, dense and diverse” data. Bharwaj identifies two potential technological solutions to this problem: artificial intelligence and blockchain. An AI trained in the specialized language of medical science could crawl data and enable users to answer their most pressing questions. And using blockchain to encrypt siloed, proprietary and otherwise unavailable data could allow researchers to share their unpublished findings more securely, sparking innovation. By combining AI and blockchain, we could enter an era where we render all data — published and unpublished — searchable and shareable. “That era is now,” Bharwaj says.

The self-assembling circuits of the future. We’ve all experienced the frustration of an old computer or smartphone grinding to a halt. It’s the circuits to blame. In time, if we don’t develop better hardware for evolving tech like facial recognition and augmented reality, we could hit a point where the mind-blowing potential of software may be limited, warns developer Karl Skjonnemand. Right now, much of our technology runs thanks to transistors — big, hulking machines that after 50 years of continuous reinvention are now smaller than a red blood cell. But Skjonnemand says that we’re reaching their physical limits, while still needing to go smaller. It’s time for a totally different, robust and cost-effective approach inspired by nature and brought to life by science: designing self-assembling materials after membranes and cell structures in order to continue with the spectacular expansion of computing and the digital revolution. “This could even be the dawn of a new era of molecular manufacturing,” says Skjonnemand. “How cool is that?”

What should electric cars sound like? Renzo Vitale designs an automotive system that few of us consider — the sonic environments cars produce. Electric cars, with their low audio footprints, offer some welcomed silence in our cities — as well as new dangers, since they can easily sneak up on unsuspecting pedestrians. So what kind of sounds should they make to keep people safe? Instead of an engine sound, Vitale explores “sonic textures that are able to transmit emotion … connecting feelings and frequencies” that “speak to the character and identity of the car” — or “sound genetics.” In practice, this could mean a car that sounds like a harmonious synthesizer reaching crescendo as it accelerates. Vitale is also an artist and a performer, using his automotive environments as blueprints for mind-boggling installations and musical scores. To close of his talk, he plays selections from his piano albums, Storm and Zerospace.

At TED@Merck KGaA, Darmstadt, Germany, Daniel Sherling shares his work bringing the joy of science to American kids who don’t have access to high-tech facilities. (Photo: Richard Hadley / TED)

How a shipping container sparks students’ curiosity. “How can students get excited about science if they don’t have access to the resources that actually make science fun?” asks science education promoter Daniel Sherling. With his team at MilliporeSigma, Sherling transformed a yellow shipping container into a “Curiosity Cube” — a mobile science lab meant to create an engaging, dynamic learning environment. Inside the Curiosity Cube, students can find technology like programmable robots, 3D printers, interactive microscopes, virtual reality and more. The Cube is strapped to a trailer and travels throughout North America, visiting schools that lack the resources for real hands-on science experiments. This way, he says, interactive science can be brought to the students who need it most. And on weekends, families and students can find the Cube in large city centers or public spaces. It’s open to anyone interested in learning more about science — no matter their age. “If we can expose students to the wonders of science, if we can get them just that much more excited for science class the next day, we truly believe we can have a domino effect,” says Sherling. “Because what students need is the opportunity to see and experience how awesome science is. To feel safe to learn, to build their confidence, and most importantly to have their curiosity sparked.”

Deutsche Philharmonie Merck wrapped up the evening with a piece composed by Ben Palmer in 2018 to celebrate the 350th anniversary of Merck KGaA, Darmstadt, Germany. (Photo: Richard Hadley / TED)

“Part II. The Journey Through Time.” After closing remarks from Belén Garijo, CEO Healthcare, at Merck KGaA, Darmstadt, Germany, Deutsche Philharmonie Merck wraps up the evening performing a piece composed by its conductor Ben Palmer in 2018 to celebrate the 350th anniversary of the company. This is followed by a second piece by Mikhail Glinka, “Ruslan and Lyudmila,” an overture based on a poem by Pushkin, providing a contemplative melody with toiling bravado, soaring strings and notes of inspiration — which one could imagine as the sounds of a working mind struck by brilliance.

Planet DebianJonathan Dowland: iPod refresh

Recently I filled up the storage in my iPod and so planned to upgrade it. one. This is a process I've been through several times in the past. My routine used to be to buy the largest capacity SD card that existed at the time (usually twice the capacity of the current one) and spend around £90. Luckily, SD capacity has been growing faster than my music collection. You can buy 400G SD cards today, but I only bought a 200G one, and I only spent around £38.

As I wrote last time, I don't use iTunes: I can move music on and off it from any computer, and I choose music to listen to using a simple file manager. One drawback of this approach is I tend to listen to the same artists over and over, and large swathes of my collection lie forgotten about. The impression I get is that music managers like iTunes have various schemes to help you keep in touch with the rest of your collection, via playlists: "recently added", "stuff you listened to this time last year", or whatever.

As a first step in this direction, I decided it would be useful to build up playlists of recently modified (or added) files. I thought it would be easiest to hook this into my backup solution. In case it's of interest to anyone else, I thought I'd share my solution. The scheme I describe there is used to run a shell script to perform the syncing, which now looks (mostly) like this:

date="$(/bin/date +%Y-%m-%d)"

    grep -v deleting \
        | grep -v '/\._' \
        | grep -E '(m4a|mp3|ogg|wav|flac)$' \
        | tee -a "$plsd/$date.m3u8"

# set the attached blinkstick LED to a colour indicating "work in progress"
# systemd sets it to either red or green once the job is complete
blinkstick --index 1 --limit 10 --set-color 33c280

# sync changes from my iPod onto my NAS; feed the output of files changed
# into "make_playlists"
rsync -va --delete --no-owner --no-group --no-perms \
    --exclude=/.Spotlight-V100 --exclude=/.Trash-1000 \
    --exclude=/.Trashes --exclude=/lost+found /media/ipod/ /music/ \
    | make_playlists

# sync all generated playlists back onto the iPod
rsync -va --no-owner --no-group --no-perms \
    /home/jon/pls/ /media/ipod/playlists/

Time will tell whether this will help.

Planet DebianDaniel Lange: Google GMail continues to own the email market, Microsoft is catching up

Back in 2009 I wrote about Google's GMail emerging as the dominant platform for email. It had 46% of all accounts I sampled from American bloggers for the Ph.D. thesis of a friend. Blogging was big back then :-).

Now I wondered how things have changed over the last decade while I was working on another email related job. Having access to a list of 2.3 million email addresses from a rather similar (US-centric) demographic, let's do some math:

Google's GMail has 39% in that (much larger, but still non-scientific and skewed) sample. This is down from 46% in 2009. Microsoft, with its various email domains from Hotmail to has massively caught up from 10% to 35%. This is definitely also due to now focussing more on the strong Microsoft Office brands e.g. for Office 365 and Yahoo, the #2 player back in 2009, is at 18%, still up from the 12% back then.

So Google plus Microsoft command nearly ¾ of all email addresses in that US-centric sample. Adding Yahoo into the equation leaves the accounts covered at >92%. Wow.

Email has essentially centralized onto three infrastructure providers and with this the neutrality advantage of open standards will probably erode. Interoperability is something two or three players can make or break for 90% of the user base within a single meeting in Sunnyvale.

Google is already trying their luck with "confidential email" which carry expiry dates and revokable reading rights for the recipient. So ... not really email anymore. More like Snapchat. Microsoft has been famous for their winmail.dat attachments and other negligence of email best practices. Yahoo is probably busy trying to develop a sustainable business model and trying to find cash that Marissa didn't spend so hopefully less risk of trying out misguided "innovations" in the email space from them.

All other players are less that 1% of the email domains in the sample. AOL used to have 3.1% and now the are at 0.6% which is in the same (tiny) ball park as the combined Apple offerings (, at 0.4%.

There is virtually no use of the new TLDs for (real, user)1 email. Just a few hundreds of .info and .name. And very few that consider themselves .sexy or .guru and want to tell via their email TLD.

Domain owner   2009 2018
GMail   46.1% 38.6%
Yahoo 11.6% 18.3%
Microsoft 9.9% 35.4%
AOL 3.1% 0.6%
Apple 1.0% 0.4%
Comcast 2.3% 0.2%
SBCGlobal 0.9%   0.09%

  1. There is extensive use of cheap TLDs for "throw-away" spam operations

Sociological ImagesThe Age of Hollywood: A Look at May-December Movies

For better or worse, pop culture models some of our deepest assumptions about social relationships. One classic example is the Hollywood double standard when it comes to gender and aging—leading men get to age while the media expects most leading women to stay forever young. This can lead to age gaps on screen that mirror uncomfortable patterns of gendered power in society.

Has this trend gotten better or worse over time? I recently came across some great open data from the Hollywood Age Gap project, where Lynn Fisher has collected the ages of actors playing the romantic leads in over 600 films to calculate the actual age gaps behind the on-screen relationships. The website does an excellent job showing the gaps for each movie individually, but we can also look at them in the aggregate. It turns out that as more movies are produced, more also tend to have smaller age gaps between the leads. The average age gap for films in this data set sits just below 10 years since 2000, down from average gaps of about 15 years through the 1970s.

(Click to Enlarge)

We also know that social context matters for relationships. If both people are older, for example, smaller age gaps aren’t as big a deal. The classic “half-your-age-plus-seven” shortcut is one example of the kind of informal rules cultures can develop to figure these things out. After a little math, I color coded the age gaps using this common shortcut. About 27% of the movies in this data set fail the test. Notice how the rule cuts both ways—some larger age gaps pass the test because both actors are older. Other smaller age gaps fail the test.

(Click to Enlarge)

However, there is still a massive gendered double standard in these movies. Once we remove the 20 instances of same-sex relationships in the data set, 83% of the cases have an older man and only 17% of cases have an older woman. The older men cases are also more likely to violate the half-plus-seven rule (based on a quick chi-square test for gender of older actor x half plus seven status – p<.001).

(Click to Enlarge)

The news here is a mixed bag. While average age gaps as a whole are on the decline, these data show how Hollywood still has a gendered double standard for who has to act in a potentially “creepy” scenario on screen.

Evan Stewart is a Ph.D. candidate in sociology at the University of Minnesota. You can follow him on Twitter.

(View original at

TEDGathering together: Notes from Session 4 of TEDWomen 2018

In a searching session of talks hosted by curator and photographer Deborah Willis and her son, artist Hank Willis Thomas (who spoke together at TEDWomen 2017), 12 speakers explored conflict, love, the environment and activism, and more. The session featured duet talks from Paula Stone Williams and Jonathan WilliamsNeha Madhira and Haley Stack, Aja Monet and phillip agnewBeth Mortimer and Tarje Nissen-Meyer, and William Barber and Liz Theoharis, as well as solo talks from Jan Rader and Yvonne Van Amerongen.

Paula Stone Williams and her son Jonathan Williams share their story of personal reckoning. “I could not ask my father to be anything other than her true self,” Jonathan says. They speak at TEDWomen 2018: Showing Up, November 29, 2018, Palm Springs, California. (Photo: Callie Giovanna / TED)

A story of redemption. Paula Stone Williams and her son Jonathan Williams know that the truth will set you free — but only after it upends your carefully constructed narrative. In a moving, deeply personal talk, they share the story of Paula’s transition from male to female. Her devotion to authenticity caused her to leave her comfort zone as a nationally known religious leader. In the process, Paula lost all of her jobs, most of her friends and was rejected by her church. “I always taught the kids that when the going gets tough, you have to take the road less traveled — the narrow path — but I had no idea how hard it would become,” she says. Jonathan faced a personal reckoning himself, questioning his childhood memories and asking himself: “Had my father even ever existed?” After a long process of reconciliation, Jonathan ultimately shifted his personal and professional outlook, turning his church into an advocate for the LGBTQ community. “I could not ask my father to be anything other than her true self,” he says. Nowadays, Jonathan’s kids lovingly refer to Paula with a new team of endearment: “GramPaula.”

How empathy can catalyze change in the opioid crisis. Compassion and education can save lives in the opioid epidemic, says Huntington, West Virginia, fire chief Jan Rader. As she saw rising levels of drug overdoses and deaths in her city, Rader realized that, unlike rescuing someone from a fire, helping someone suffering from substance abuse disorder requires interwoven, empathy-based solutions — and she realized that first responders have an important role to play in the overdose epidemic. So she developed programs like Quick Response Team, a 72-hour post-overdose response team of recovery coaches and paramedics, and ProAct, a specialty addiction clinic. Rader also established self-care initiatives for her team of first responders, like yoga classes and on-duty massages, to help alleviate PTSD and compassion fatigue. These programs have already had a remarkable impact — Rader reports that overdoses are down 40 percent and deaths are down 50 percent. Stigma remains one of the biggest barriers in tackling the opioid crises, but when a community comes together, change can happen. “In Huntington, we are showing the rest of the country … that there is hope in this epidemic,” Rader says.

When is a free press not really free? The freedom to publish critical journalism is more important than ever. Neha Madhira and Haley Stack remind us that this should apply “to everyone, no matter where you live or how old you are.” Madhira and Stack — who work at the Eagle Nation Online, a high school newspaper in Texas — learned the hard way that student journalists “don’t have the same First Amendment rights” everyone else had. In 2017, their principal pulled three stories, on topics like a book that was removed from a class reading list, and the school’s response to National Walkout Day. He instituted “prior review” and “prior restraint” policies on all stories, banned editorials, and fired the paper’s advisor. They had no choice but to fight. Madhira says, “How were we supposed to write our paper… if we couldn’t keep writing the relevant stories that were impacting our student body?” They received an outpouring of support from around the country, which eventually persuaded the principal to overturn his policy. But this all could happen again — which is why they now lobby for New Voices, a law which would extend First Amendment protections to student journalism, and which has now passed in 14 states. Madhira and Stack hope it will pass nationwide.

Aja Monet and phillip agnew blend art and community organizing into a way to change their community. They speak at TEDWomen 2018: Showing Up, on November 29, 2018, in Palm Springs, California. (Photo: Callie Giovanna / TED)

Art as organizing. Activists and artists Aja Monet and phillip agnew connected the way many young couples meet today — on Instagram. What started on social media quickly turned into a powerful partnership they call “Love Riott.” Together, they founded Smoke Signals Studio, a space for community-based art and music in Little Haiti, Miami. As they describe it, Smoke Signals is a place “to be loved, to be heard and to be held.” It’s a place where art and organizing become the answer to anger and anxiety. Both Monet and agnew have dedicated their lives to merging arts and culture with community organizing — Monet with the Community Justice Project and agnew with the Dream Defenders. “Great art is not a monologue. Great art is a dialogue between the artist and the people,” Monet says.

Using seismology to study elephants, biologist Beth Mortimer and geophysicist Tarje Nissen-Meyer are helping to fight poaching and protect wildlife. They spoke at TEDWomen 2018: Showing Up, on November 29, 2018, in Palm Springs, California. (Photo: Callie Giovanna / TED)

The enigmatic language of elephants. To study the language of elephants, one needs a seismometer — a device that measures earthquakes — which is how biologist Beth Mortimer and geophysicist Tarje Nissen-Meyer came to work together. Elephants communicate simultaneously through the land and air over long distances using infrasonic vocalizations, meaning that they make sounds deeper than the human ear can detect. “These vocalizations are as loud as 117 decibels, which is about the same volume as a Coachella rock concert,” says Nissen-Meyer. By using seismology to study wildlife, the pair is developing a noninvasive, real-time and low-cost study method that is practical in developing countries to help them fight poaching. Eventually, they’d like to go beyond elephants, and they have plans to continue eavesdropping on the silent discos of the animal kingdom, keeping an ear to the ground to help protect the world’s most vulnerable societies, precious landscapes and iconic animals.

Living a good life with dementia. How would you prefer to spend the last years of your life: in a sterile, hospital-like institution or in a comfortable home that has a supermarket, pub, theater and park within easy walking distance? The answer seems obvious now, but when the Hogeweyk dementia care center was founded by Yvonne Van Amerongen 25 years ago, it was seen as a risky break from traditional dementia care. Located near Amsterdam, Hogeweyk is a gated community consisting of 27 homes with more than 150 residents who have dementia, all overseen 24/7 by well-trained professional and volunteer staff. (The current physical village opened in 2009.) People live in groups according to shared lifestyles. One home, where Van Amerongen’s mother now lives, contains travel, music and art enthusiasts. Surprisingly, it runs on the same public funds given to other nursing homes in the Netherlands — success, Van Amerongen says, comes from making careful spending decisions. As she puts it, “Red curtains are as expensive as gray ones.” The village has attracted international visitors eager to study the model, and direct offshoots are under construction in Canada and Australia. Whether people have dementia or not, Van Amerongen says, “Everyone wants fun in life and meaning in life.”

“This is a moral uprising … a new and unsettling force of people who are repairing the breach, who refuse to give up, and refuse to settle and surrender to suffering,” says Reverend William Barber, right. Together with Reverend Liz Theoharis, at left, he speaks at TEDWomen 2018: Showing Up, November 29, 2018, Palm Springs, California. (Photo: Callie Giovanna / TED)

America’s fusion is our story. Reverends William Barber and Liz Theoharis have traveled from the Bronx to the border, from the deep South to the California coast, meeting mothers whose children died because of a lack of healthcare, homeless families whose encampments have been attacked by police and communities where there’s raw sewage in people’s yards. Closing session 4 of TEDWomen 2018, the two make a powerful call to end poverty. “America is beset by deepening poverty, ecological devastation, systemic racism and an economy harnessed to seemingly endless war,” Barber says. In a nation that boasts of being the wealthiest country in world, 51 percent of children live in food-insecure homes, and 250,000 people die every year of poverty and low wealth. “If we have a different moral imagination, if we have policy shifts guided by moral fusion, we can choose a better way,” Theoharis says. This past spring, Barber and Theoharis helped organize the largest, most expansive simultaneous wave of nonviolent civil disobedience in the 21st century and perhaps in history, re-inaugurating the Poor People’s Campaign started by Dr. Martin Luther King, Jr. The campaign is changing the narrative around poor people, refuting the idea that it’s not possible for everyone to survive and thrive. Barber and Theoharis are organizing hearings, holding community BBQs, going door to door registering people for a movement, holding freedom schools and developing public policies that will improve people’s lives. “This is a moral uprising … a new and unsettling force of people who are repairing the breach, who refuse to give up, and refuse to settle and surrender to suffering,” Barber says.

CryptogramBad Consumer Security Advice

There are lots of articles about there telling people how to better secure their computers and online accounts. While I agree with some of it, this article contains some particularly bad advice:

1. Never, ever, ever use public (unsecured) Wi-Fi such as the Wi-Fi in a café, hotel or airport. To remain anonymous and secure on the Internet, invest in a Virtual Private Network account, but remember, the bad guys are very smart, so by the time this column runs, they may have figured out a way to hack into a VPN.

I get that unsecured Wi-Fi is a risk, but does anyone actually follow this advice? I think twice about accessing my online bank account from a pubic Wi-Fi network, and I do use a VPN regularly. But I can't imagine offering this as advice to the general public.

2. If you or someone you know is 18 or older, you need to create a Social Security online account. Today! Go to

This is actually good advice. Brian Krebs calls it planting a flag, and it's basically claiming your own identity before some fraudster does it for you. But why limit it to the Social Security Administration? Do it for the IRS and the USPS. And while you're at it, do it for your mobile phone provider and your Internet service provider.

3. Add multifactor verifications to ALL online accounts offering this additional layer of protection, including mobile and cable accounts. (Note: Have the codes sent to your email, as SIM card "swapping" is becoming a huge, and thus far unstoppable, security problem.)

Yes. Two-factor authentication is important, and I use it on some of my more important online accounts. But I don't have it installed on everything. And I'm not sure why having the codes sent to your e-mail helps defend against SIM-card swapping; I'm sure you get your e-mail on your phone like everyone else. (Here's some better advice about that.)

4. Create hard-to-crack 12-character passwords. NOT your mother's maiden name, not the last four digits of your Social Security number, not your birthday and not your address. Whenever possible, use a "pass-phrase" as your answer to account security questions ­ such as "Youllneverguessmybrotherinlawsmiddlename."

I'm a big fan of random impossible-to-remember passwords, and nonsense answers to secret questions. It would be great if she suggested a password manager to remember them all.

5. Avoid the temptation to use the same user name and password for every account. Whenever possible, change your passwords every six months.

Yes to the first part. No, no no -- a thousand times no -- to the second.

6. To prevent "new account fraud" (i.e., someone trying to open an account using your date of birth and Social Security number), place a security freeze on all three national credit bureaus (Equifax, Experian and TransUnion). There is no charge for this service.

I am a fan of security freezes.

7. Never plug your devices (mobile phone, tablet and/or laptop) into an electrical outlet in an airport. Doing so will make you more susceptible to being hacked. Instead, travel with an external battery charger to keep your devices charged.

Seriously? Yes, I've read the articles about hacked charging stations, but I wouldn't think twice about using a wall jack at an airport. If you're really worried, buy a USB condom.

Worse Than FailureCodeSOD: Chunks of Genius

Brian recently started a new job. That means spending some time poking around the code base, trying to get a grasp on what the software does, how it does it, and maybe a little bit of why. Since the users have some complaints about performance, that's where Brian is mostly focusing his attention.

The "good" news for Brian is that the his predecessors were "geniuses", and they came up with a lot of "clever" solutions to common problems. The actually good news is that they've long since moved on to other jobs, and Brian will have a free hand in trying to revise their "cleverness".

void ReportInstance::WriteData(SQLConn & conn) { XSQL_QUERY("delete from report_data where report_id = " << GetInstID(), conn); XString sXML(GetDetailAsXML()); { XBuffer buff(sXML); buff.ZipCompress(); sXML = RawToHex(buff.GetBuff(), buff.GetSize()); } int iSize(sXML.GetLength()); int iRow(0); for (int i = 0; i < iSize; i += 248) { XString sFrag(""); if ((iSize - i) > 248) { sFrag = sXML.Mid(i, 248); } else { sFrag = sXML.Mid(i); } XSQL_QUERY("insert into report_data (report_id, seq, chunk) values (" << GetInstID() << iRow << ZString("[" + sFrag + "]") << ")", conn); iRow++; } }

Even just skimming this code sets my eye to twitching, mostly from the number of XML related objects in it. This is a "clever" solution to the problem of running a report and saving the results.

Run the query, and capture the results as XML. Take that XML, run it through zip compression. Then, split the zipped content into 248 character chunks, and save those back into the database.

This elegant solution is easily reversed to reassemble the report data. Even better, this removes the challenge of dealing with obscure and difficult database datatypes like blobs. The chunk column in the database is, as you might expect, VARCHAR(250).

[Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!

Planet DebianRuss Allbery: Review: The Winter Long

Review: The Winter Long, by Seanan McGuire

Series: October Daye #8
Publisher: DAW
Copyright: 2014
ISBN: 1-101-60175-2
Format: Kindle
Pages: 368

This is the eighth book in the October Daye series and leans heavily on the alliances, friendship, world-building, and series backstory. This is not the sort of series that can be meaningfully started in the middle. And, for the same reason, it's also rather hard to review without spoilers, although I'll give it a shot.

Toby has had reason to fear Simon Torquill for the entire series. Everything that's happened to her was set off by him turning her into a fish and destroying her life. She's already had to deal with his partner (in Late Eclipses), so it's not a total surprise that he would show up again. But Toby certainly didn't expect him to show up at her house, or to sound weirdly unlike an enemy, or to reference a geas and an employer. She had never understood his motives, but there may be more to them than simple evil.

I have essentially struck out trying to recommend this series to other people. I think everyone else who's started it has bounced off of it for various reasons: unimpressed by Toby's ability to figure things out, feeling the bits borrowed from the mystery genre are badly done, not liking Irish folklore transplanted to the San Francisco Bay Area, or just finding it too dark. I certainly can't argue with people's personal preferences, but I want to, since this remains my favorite urban fantasy series and I want to talk about it with more people. Thankfully, the friends who started reading it independent of my recommendation all love it too. (Perhaps I'm cursing it somehow?)

Regardless, this is more of exactly what I like about this series, which was never the private detective bits (that have now been discarded entirely) and was always the maneuverings and dominance games of faerie politics, the comfort and solid foundation of Toby's chosen family, Toby's full-throttle-forward approach to forcing her way through problems, and the lovely layered world-building. There is so much going on in McGuire's faerie realm, so many hidden secrets, old grudges, lost history, and complex family relationships. I can see some of the shape of problems that the series will eventually resolve, but I still have no guesses as to how McGuire will resolve them.

The Winter Long takes another deep look at some of Toby's oldest relationships, including revisiting some events from Rosemary and Rue (the first book of the series) in a new light. It also keeps, and further deepens, my favorite relationships in this series: Tybalt, Mags and the Library (introduced in the previous book), and of course the Luidaeg, who is my favorite character in the entire series and the one I root for the most.

I've been trying to pinpoint what I like so much about this series, particularly given the number of people who disagree, and I think it's that Toby gets along with, and respects, a wide variety of difficult people, and brings to every interaction a consistent set of internal ethics and priorities. McGuire sets this against a backdrop of court politics, ancient rivalries and agreements, and hidden races with contempt for humans; Toby's role in that world is to stubbornly do the right thing based mostly on gut feeling and personal loyalty. It's not particularly complex ethics; most of the challenges she faces are eventually resolved by finding the right person to kick (or, more frequently now, use her slowly-growing power against) and the right place to kick them.

That simplicity is what I like. This is my comfort reading. Toby looks at tricky court intrigues, bull-headedly does the right thing, and manages to make that work out, which for me (particularly in this political climate) is escapism in the best sense. She has generally good judgment in her friends, those friends stand by her, and the good guys win. Sometimes that's just what I want in a series, particularly when it comes with an impressive range of mythological creations, an interesting and slowly-developing power set, enjoyable character banter, and a ton of world-building mysteries that I want to know more about.

Long story short, this is more of Toby and friends in much the same vein as the last few books in the series. It adds new depth to some past events, moves Toby higher into the upper echelons of faerie politics, and contains many of my favorite characters. Oh, and, for once, Toby isn't sick or injured or drugged for most of the story, which I found a welcome relief.

If you've read this far into the series, I think you'll love it. I certainly did.

Followed by A Red-Rose Chain.

Rating: 8 out of 10

Planet DebianColin Watson: Deploying Swift

Sometimes I want to deploy Swift, the OpenStack object storage system.

Well, no, that’s not true. I basically never actually want to deploy Swift as such. What I generally want to do is to debug some bit of production service deployment machinery that relies on Swift for getting build artifacts into the right place, or maybe the parts of the Launchpad librarian (our blob storage service) that use Swift. I could find an existing private or public cloud that offers the right API and test with that, but sometimes I need to test with particular versions, and in any case I have a terribly slow internet connection and shuffling large build artifacts back and forward over the relevant bit of wet string makes it painfully slow to test things.

For a while I’ve had an Ubuntu 12.04 VM lying around with an Icehouse-based Swift deployment that I put together by hand. It works, but I didn’t keep good notes and have no real idea how to reproduce it, not that I really want to keep limping along with manually-constructed VMs for this kind of thing anyway; and I don’t want to be dependent on obsolete releases forever. For the sorts of things I’m doing I need to make sure that authentication works broadly the same way as it does in a real production deployment, so I want to have Keystone too. At the same time, I definitely don’t want to do anything close to a full OpenStack deployment of my own: it’s much too big a sledgehammer for this particular nut, and I don’t really have the hardware for it.

Here’s my solution to this, which is compact enough that I can run it on my laptop, and while it isn’t completely automatic it’s close enough that I can spin it up for a test and discard it when I’m finished (so I haven’t worried very much about producing something that runs efficiently). It relies on Juju and LXD. I’ve only tested it on Ubuntu 18.04, using Queens; for anything else you’re on your own. In general, I probably can’t help you if you run into trouble with the directions here: this is provided “as is”, without warranty of any kind, and all that kind of thing.

First, install Juju and LXD if necessary, following the instructions provided by those projects, and also install the python-openstackclient package as you’ll need it later. You’ll want to set Juju up to use LXD, and you should probably make sure that the shells you’re working in don’t have http_proxy set as it’s quite likely to confuse things unless you’ve arranged for your proxy to be able to cope with your local LXD containers. Then add a model:

juju add-model swift

At this point there’s a bit of complexity that you normally don’t have to worry about with Juju. The swift-storage charm wants to mount something to use for storage, which with the LXD provider in practice ends up being some kind of loopback mount. Unfortunately, being able to perform loopback mounts exposes too much kernel attack surface, so LXD doesn’t allow unprivileged containers to do it. (Ideally the swift-storage charm would just let you use directory storage instead.) To make the containers we’re about to create privileged enough for this to work, run:

lxc profile set juju-swift security.privileged true
lxc profile device add juju-swift loop-control unix-char \
    major=10 minor=237 path=/dev/loop-control
for i in $(seq 0 255); do
    lxc profile device add juju-swift loop$i unix-block \
        major=7 minor=$i path=/dev/loop$i

Now we can start deploying things! Save this to a file, e.g. swift.bundle:

series: bionic
description: "Swift in a box"
    charm: "cs:mysql-62"
    channel: candidate
    num_units: 1
      dataset-size: 512M
    charm: "cs:keystone"
    num_units: 1
    charm: "cs:swift-storage"
    num_units: 1
      block-device: "/etc/swift/storage.img|5G"
    charm: "cs:swift-proxy"
    num_units: 1
      zone-assignment: auto
      replicas: 1
  - ["keystone:shared-db", "mysql:shared-db"]
  - ["swift-proxy:swift-storage", "swift-storage:swift-storage"]
  - ["swift-proxy:identity-service", "keystone:identity-service"]

And run:

juju deploy swift.bundle

This will take a while. You can run juju status to see how it’s going in general terms, or juju debug-log for detailed logs from the individual containers as they’re putting themselves together. When it’s all done, it should look something like this:

Model  Controller  Cloud/Region     Version  SLA
swift  lxd         localhost        2.3.1    unsupported

App            Version  Status  Scale  Charm          Store       Rev  OS      Notes
keystone       13.0.1   active      1  keystone       jujucharms  290  ubuntu
mysql          5.7.24   active      1  mysql          jujucharms   62  ubuntu
swift-proxy    2.17.0   active      1  swift-proxy    jujucharms   75  ubuntu
swift-storage  2.17.0   active      1  swift-storage  jujucharms  250  ubuntu

Unit              Workload  Agent  Machine  Public address  Ports     Message
keystone/0*       active    idle   0    5000/tcp  Unit is ready
mysql/0*          active    idle   1     3306/tcp  Ready
swift-proxy/0*    active    idle   2     8080/tcp  Unit is ready
swift-storage/0*  active    idle   3              Unit is ready

Machine  State    DNS           Inst id        Series  AZ  Message
0        started  juju-d3e703-0  bionic      Running
1        started   juju-d3e703-1  bionic      Running
2        started   juju-d3e703-2  bionic      Running
3        started  juju-d3e703-3  bionic      Running

At this point you have what should be a working installation, but with only administrative privileges set up. Normally you want to create at least one normal user. To do this, start by creating a configuration file granting administrator privileges (this one comes verbatim from the openstack-base bundle):

_OS_PARAMS=$(env | awk 'BEGIN {FS="="} /^OS_/ {print $1;}' | paste -sd ' ')
for param in $_OS_PARAMS; do
    if [ "$param" = "OS_AUTH_PROTOCOL" ]; then continue; fi
    if [ "$param" = "OS_CACERT" ]; then continue; fi
    unset $param
unset _OS_PARAMS

_keystone_unit=$(juju status keystone --format yaml | \
    awk '/units:$/ {getline; gsub(/:$/, ""); print $1}')
_keystone_ip=$(juju run --unit ${_keystone_unit} 'unit-get private-address')
_password=$(juju run --unit ${_keystone_unit} 'leader-get admin_passwd')

export OS_AUTH_URL=${OS_AUTH_PROTOCOL:-http}://${_keystone_ip}:5000/v3
export OS_USERNAME=admin
export OS_PASSWORD=${_password}
export OS_USER_DOMAIN_NAME=admin_domain
export OS_PROJECT_DOMAIN_NAME=admin_domain
export OS_PROJECT_NAME=admin
export OS_REGION_NAME=RegionOne
# Swift needs this:
# Gnocchi needs this
export OS_AUTH_TYPE=password

Source this into a shell: for instance, if you saved this to ~/.swiftrc.juju-admin, then run:

. ~/.swiftrc.juju-admin

You should now be able to run openstack endpoint list and see a table for the various services exposed by your deployment. Then you can create a dummy project and a user with enough privileges to use Swift:

openstack domain create SwiftDomain
openstack project create --domain SwiftDomain --description Swift \
openstack user create --domain SwiftDomain --project-domain SwiftDomain \
    --project SwiftProject --password "$PASSWORD" "$USERNAME"
openstack role add --project SwiftProject --user-domain SwiftDomain \
    --user "$USERNAME" Member

(This is intended for testing rather than for doing anything particularly sensitive. If you cared about keeping the password secret then you’d use the --password-prompt option to openstack user create instead of supplying the password on the command line.)

Now create a configuration file granting privileges for the user you just created. I felt like automating this to at least some degree:

touch ~/.swiftrc.juju
chmod 600 ~/.swiftrc.juju
sed '/^_password=/d;
     s/\( OS_PROJECT_DOMAIN_NAME=\).*/\1SwiftDomain/;
     s/\( OS_PROJECT_NAME=\).*/\1SwiftProject/;
     s/\( OS_USER_DOMAIN_NAME=\).*/\1SwiftDomain/;
     s/\( OS_USERNAME=\).*/\1'"$USERNAME"'/;
     s/\( OS_PASSWORD=\).*/\1'"$PASSWORD"'/' \
     <~/.swiftrc.juju-admin >~/.swiftrc.juju

Source this into a shell. For example:

. ~/.swiftrc.juju

You should now find that swift list works. Success! Now you can swift upload files, or just start testing whatever it was that you were actually trying to test in the first place.

This is not a setup I expect to leave running for a long time, so to tear it down again:

juju destroy-model swift

This will probably get stuck trying to remove the swift-storage unit, since nothing deals with detaching the loop device. If that happens, find the relevant device in losetup -a from another window and use losetup -d to detach it; juju destroy-model should then be able to proceed.

Credit to the Juju and LXD teams and to the maintainers of the various charms used here, as well as of course to the OpenStack folks: their work made it very much easier to put this together.

Planet Linux AustraliaCraige McWhirter: Finding Bugs in an Aercus WS3083

Aercus WS3083

While we're not drought declared, there's been precious little rain over the last 6 months or so, which made it hard to work out if I really had a problem or not.

The rainfall had been light and infrequent while each time the weather station recorded 0mm rainfall, which didn't seem unreasonable but was dubious nonetheless.

All the sensors appeared to be working OK. I re-seated, reconnected and reset everything to make sure that the system was connected and working fine but with no change in the result.

I eventually was driven to digging out the manual gauge which recorded 18mm the next time it rained while the weather station recorded 0mm.

No choice this time but to get up the ladder and disassemble the rain gauge.

I removed the cover and everything passed an initial eye balling.

Aercus WS3083 rain gauge

The Aercus WS3083 uses a lever arm to measure and discard collected rain. Being a simple primate, I attempted toggled it with my index finger, instantly noted it wasn't moving freely before a massive grasshopper|cricket flew out from under the arm and into my face. It had made a nice home under the arm, preventing it from dipping down and counting rain.

Unsurprisingly it moved freely after that and has been accurately measuring rain since.

Postscript: I think the chickens are still upset at me for failing to catch the grasshopper|cricket and feed it to them.


Planet DebianSean Whitton: Debian Policy call for participation -- December 2018

Here’s are some of the bugs against the Debian Policy Manual. Please consider getting involved.

Consensus has been reached and help is needed to write a patch

#853779 Clarify requirements about update-rc.d and invoke-rc.d usage in mai…

#874019 Note that the ’-e’ argument to x-terminal-emulator works like ’–’

#874206 allow a trailing comma in package relationship fields

#902612 Packages should not touch users’ home directories

#905453 Policy does not include a section on NEWS.Debian files

#906286 repository-format sub-policy

#907051 Say much more about vendoring of libraries

Wording proposed, awaiting review from anyone and/or seconds by DDs

#786470 [copyright-format] Add an optional “License-Grant” field

#845255 Include best practices for packaging database applications

#850156 Please firmly deprecate vendor-specific series files

#897217 Vcs-Hg should support -b too

Merged for the next release (no action needed)

#188731 Also strip .comment and .note sections

#845715 Please document that packages are not allowed to write outside thei…

#912581 Slightly relax the requirement to include verbatim copyright inform…

Planet DebianGunnar Wolf: Chairing «Topics on Internet Censorship and Surveillance»

I have been honored to be invited as a co-chair (together with Vasilis Ververis and Mario Isaakidis) for a Special Track called «Topics on Internet Censorship and Surveillance» (TICS), at the The Eighteenth International Conference on Networks, which will be held in Valencia, Spain, 2019.03.24–2019.03.28, and organized under IARIA's name and umbrella.

I am reproducing here the Call for Papers. Please do note that if you are interested in participating, the relevant dates are those publicized for the Special Track (submission by 2019.01.29; notification by 2019.02.18; registration and camera-ready by 2019.02.27), not those on ICN's site.

Over the past years there has been a greater demand for online censorship and surveillance, as an understandable reaction against hate speech, copyright violations, and other cases related to citizen compliance with civil laws and regulations by national authorities. Unfortunately, this is often accompanied by a tendency of extensively censoring online content and massively spying on citizens actions. Numerous whistleblower revelations, leaks from classified documents, and a vast amount of information released by activists, researchers and journalists, reveal evidence of government-sponsored infrastructure that either goes beyond the requirements and scope of the law, or operates without any effective regulations in place. In addition, this infrastructure often supports the interests of big private corporations, such as the companies that enforce online copyright control.

TICS is a special track the area of Internet censorship, surveillance and other adversarial burdens to technology that bring in danger; to a greater extent the safety (physical security and privacy) of its users.

Proposals for TICS 2019 should be situated within the field of Internet censorship, network measurements, information controls, surveillance and content moderation. Ideally topics should connect to the following , but not limited to:

  • Technical, social, political, and economical implications of Internet censorship and surveillance
  • Detection and analysis of network blocking and surveillance infrastructure (hardware or software)
  • Research on legal frameworks, regulations and policies that imply blocking or limitation of the availability of network services and online content
  • Online censorship circumvention and anti-surveillance practices
  • Network measurements methodologies to detect and categorize network interference
  • Research on the implications of automated or centralized user content regulation (such as for hate speech, copyright, or disinformation)

Please help me share this invitation with possible interested people!
Oh — And to make this more interesting and enticing for you, ICN will take place at the same city and just one week before the Internet Freedom Festival, the Global Unconference of the Internet Freedom Communities ☺

Krebs on SecurityJared, Kay Jewelers Parent Fixes Data Leak

The parent firm of bling retailers Jared and Kay Jewelers has fixed a bug in the Web sites of both companies that exposed the order information for all of their online customers.

In mid-November 2018, KrebsOnSecurity heard from a Jared customer who found something curious after receiving a receipt via email for a pair of earrings he’d just purchased as a surprise gift for his girlfriend.

Dallas-based Web designer Brandon Sheehy discovered that slightly modifying the link in the confirmation email he received and pasting that into a Web browser revealed another customer’s order, including their name, billing address, shipping address, phone number, email address, items and total amount purchased, delivery date, tracking link, and the last four digits of the customer’s credit card number.

Sheehy said after discovering the weakness, his mind quickly turned to the various ways that crooks might exploit it.

“My first thought was they could track a package of jewelry to someone’s door and swipe it off their doorstep,” he said. “My second thought was that someone could call Jared’s customers and pretend to be Jared, reading the last four digits of the customer’s card and saying there’d been a problem with the order, and if they could get a different card for the customer they could run it right away and get the order out quickly. That would be a pretty convincing scam. Or just targeted phishing attacks.”

Concerned that his own information was similarly exposed, Sheehy contacted Jared parent company Signet Jewelers and asked them to fix the data exposure. When several weeks passed and Sheehy could still view his information and that of other Jared customers, he reached out to KrebsOnSecurity.

Scott Lancaster, chief information security officer at Signet, said the company did fix the problem for all future orders shortly after receiving a customer’s complaint. But Lancaster said Signet neglected to remedy the data exposure for all past orders until contacted by KrebsOnSecurity.

“When a customer first brought this matter to our attention in early November, we fixed it for all new orders going forward,” Lancaster said. “But we didn’t notice at the time that this applied to all past orders as well as future orders.”

Lancaster said the problem affected only orders made online through and, and that the weakness was not present on the sites of the company’s other jewelry brands, such as Zales and Piercing Pagoda.

Data exposures like these are some of the most common yet preventable for online retailers. In July, identity theft protection service LifeLock corrected an information disclosure flaw that exposed the email address of millions of subscribers. And in April 2018, remedied a weakness exposing millions of customer names, email and physical addresses, birthdays and partial credit card numbers.

Sheehy said he’s glad Signet has fully fixed the bug, but said he was annoyed that it seems like many companies fail to address or even acknowledge such failures unless and until they’re confronted by the news media.

“Being a Web developer, the only thing I can chalk this up to is complete incompetence, and being very lazy and indifferent to your customers’ data,” he said. “This isn’t novel stuff, it’s basic Web site security.”

TEDBe aggressive about your ambition: Stacey Abrams speaks at TEDWomen 2018

“I am moving forward knowing what is in my past. I know the obstacles they have for me. I’m fairly certain they’re energizing and creating new obstacles now,” says Stacey Abrams. “They’ve got four years to figure it out. Maybe two.” She speaks at TEDWomen 2018: Showing Up, November 30, 2018, in Palm Springs, California. (Photo: Marla Aufmuth / TED)

Stacey Abrams’s 2018 campaign for governor of Georgia was watched across the world. The first black woman to be nominated by a major party for governor, she lost after a hard-fought race. Now she’s the surprise speaker onstage at TEDWomen 2018, where, in an electrifying talk, she shares the lessons she learned from her campaign, advice on how to move forward through setbacks — and some hints at what her future might be.

Back when Abrams was 17 and the valedictorian of her high school, she was invited to meet the governor of Georgia with her parents. They took the bus, and as they walked up past the lines of other students’ arriving cars, the guard outside stopped them. Judging them by the bus they’d arrived on, he told her and her parents that they didn’t belong there that day. Abrams doesn’t remember actually meeting the governor or her fellow valedictorians. “The only clear memory I have from that day was a man standing in front of the most powerful place in Georgia, looking at me and telling me I don’t belong,” Abrams says. “And so I decided to be the person who got to open the gates.”

It didn’t work out that way this time, Abrams says, and now she’s tasked with figuring out what to do next. “I’m going to do what I’ve always done,” she says. “I’m going to move forward, because going backwards isn’t an option and standing still is not enough.”

We should ask ourselves three questions about everything we do, Abrams says: What do I want? Why do I want it? And how do I get it?

“I know what I want, and that is justice, because poverty is immoral and a stain on our nation,” Abrams says.

Once you know what you want, you have understand why you want it. Make sure you want it not because it’s something you should do, but because it’s something you must do, she says: “It should be something that doesn’t allow you to sleep at night unless you’re dreaming about it.” (And revenge, she says, is not a good reason.)

Finally, understand how you’re going to do it. For Abrams, that meant turning out 1.2 million African American voters in Georgia — more voters than the entire amount who voted on the Democratic side of the ticket in 2014. And it meant tripling the number of Asian and Hispanic Americans who stood up and said: “This is our state, too.”

The obstacles — the debt, the fear, the fatigue — aren’t insurmountable, Abrams says, but there’s more work to be done.

“I am moving forward knowing what is in my past. I know the obstacles they have for me. I’m fairly certain they’re energizing and creating new obstacles now,” Abrams says. “They’ve got four years to figure it out. Maybe two.”

Planet DebianJulien Danjou: A multi-value syntax tree filtering in Python

A multi-value syntax tree filtering in Python

A while ago, we've seen how to write a simple filtering syntax tree with Python. The idea was to provide a small abstract syntax tree with an easy to write data structure that would be able to filter a value. Filtering meaning that once evaluated, our AST would return either True or False based on the passed value.

With that, we were able to write small rules like Filter({"eq": 3})(4) that would return False since, well, 4 is not equal to 3.

In this new post, I propose we enhance our filtering ability to support multiple values. The idea is to be able to write something like this:

>>> f = Filter(
  {"and": [
    {"eq": ("foo", 3)},
    {"gt": ("bar", 4)},
>>> f(foo=3, bar=5)
>>> f(foo=4, bar=5)

The biggest change here is that the binary operators (eq, gt, le, etc.) now support getting two values, and not only one, and that we can pass multiple values to our filter by using keyword arguments.

How should we implement that? Well, we can keep the same data structure we built previously. However, this time we're gonna do the following change:

  • The left value of the binary operator will be a string that will be used as the key to access the keyword arguments passed to our Filter.__call__ values.
  • The right value of the binary operator will be kept as it is (like before).

We therefore need to change our Filter.build_evaluator to accommodate this as follow:

def build_evaluator(self, tree):
        operator, nodes = list(tree.items())[0]
    except Exception:
        raise InvalidQuery("Unable to parse tree %s" % tree)
        op = self.multiple_operators[operator]
    except KeyError:
            op = self.binary_operators[operator]
        except KeyError:
            raise InvalidQuery("Unknown operator %s" % operator)
        assert len(nodes) == 2 # binary operators take 2 values
        def _op(values):
            return op(values[nodes[0]], nodes[1])
        return _op
    # Iterate over every item in the list of the value linked
    # to the logical operator, and compile it down to its own
    # evaluator.
    elements = [self.build_evaluator(node) for node in nodes]
    return lambda values: op((e(values) for e in elements))

The algorithm is pretty much the same, the tree being browsed recursively.

First, the operator and its arguments (nodes) are extracted.

Then, if the operator takes multiple arguments (such as and and or operators), each node is recursively evaluated and a function is returned evaluating those nodes.
If the operator is a binary operator (such as eq, lt, etc.), it checks that the passed argument list length is 2. Then, it returns a function that will apply the operator (e.g., operator.eq) to values[nodes[0]] and nodes[1]: the former access the arguments (values) passed to the filter's __call__ function while the latter is directly the passed argument.

The full class looks like this:

import operator

class InvalidQuery(Exception):

class Filter(object):
    binary_operators = {
        u"=": operator.eq,
        u"==": operator.eq,
        u"eq": operator.eq,



        u"<=": operator.le,
        u"≤": operator.le,
        u"le": operator.le,



    multiple_operators = {
        u"or": any,
        u"∨": any,
        u"and": all,
        u"∧": all,

    def __init__(self, tree):
        self._eval = self.build_evaluator(tree)

    def __call__(self, **kwargs):
        return self._eval(kwargs)

    def build_evaluator(self, tree):
            operator, nodes = list(tree.items())[0]
        except Exception:
            raise InvalidQuery("Unable to parse tree %s" % tree)
            op = self.multiple_operators[operator]
        except KeyError:
                op = self.binary_operators[operator]
            except KeyError:
                raise InvalidQuery("Unknown operator %s" % operator)
            assert len(nodes) == 2 # binary operators take 2 values
            def _op(values):
                return op(values[nodes[0]], nodes[1])
            return _op
        # Iterate over every item in the list of the value linked
        # to the logical operator, and compile it down to its own
        # evaluator.
        elements = [self.build_evaluator(node) for node in nodes]
        return lambda values: op((e(values) for e in elements))

We can check that it works by building some filters:

x = Filter({"eq": ("foo", 1)})
assert not x(foo=1, bar=1)

x = Filter({"eq": ("foo", "bar")})
assert not x(foo=1, bar=1)

x = Filter({"or": (
    {"eq": ("foo", "bar")},
    {"eq": ("bar", 1)},
assert x(foo=1, bar=1)

Supporting multiple values is handy as it allows to pass complete dictionaries to the filter, rather than just one value. That enables users to filter more complex objects.

Sub-dictionary support

It's also possible to support deeper data structure, like a dictionary of dictionary. By replacing values[nodes[0]] by self._resolve_name(values, node[0]) with a _resolve_name method like this one, the filter is able to traverse dictionaries:


def _resolve_name(self, values, name):
        for subname in name.split(self.ATTR_SEPARATOR):
            values = values[subname]
        return values
    except KeyError:
        raise InvalidQuery("Unknown attribute %s" % name)

It then works like that:

x = Filter({"eq": ("baz.sub", 23)})
assert x(foo=1, bar=1, baz={"sub": 23})

x = Filter({"eq": ("baz.sub", 23)})
assert not x(foo=1, bar=1, baz={"sub": 3})

By using the syntax key.subkey.subsubkey the filter is able to access item inside dictionaries on more complex data structure.

That basic filter engine can evolve quite easily in something powerful, as you can add new operators or new way to access/manipulate the passed data structure.

If you have other ideas on nifty features that could be added, feel free to add a comment below!

CryptogramThe DoJ's Secret Legal Arguments to Break Cryptography

Earlier this year, the US Department of Justice made a series of legal arguments as to why Facebook should be forced to help the government wiretap Facebook Messenger. Those arguments are still sealed. The ACLU is suing to make them public.

Worse Than FailureTales from the Interview: A Reusable Application

Jay J had been helping a friend with the job hunt. As an experienced developer, with a strong network, Jay had a sense of who was hiring and what jobs were promising. One of his connections turned up a lead at Initech. Jay pointed his friend in that direction, and wished for the best.

"They won't let me apply," the friend explained when Jay asked how things were going. "Here, try it. These are my details. This is the link for the web application. Fill in the form and see what happens."

The first thing Jay noticed when pulling up the form was that it was clearly built from a toolkit of reusable widgets. The way validations appeared, the way the page laid out- this was a bolt-together HR application built out of some enterprise solution. Nothing inherently wrong with that approach- it can save time by using reusable components.

The trick, of course, is that reusable components have to be used correctly.

Jay filled in the from. Name. Address. Birth date. Attach a resume. Re-enter 90% of the information that's already on the resume. Click submit.

Error: dteBirthDate cannot be a holiday

A date picker with reusable validations is a good idea. Blindly using the validation configuration from someplace else in the system is not.

"Y'know," Jay said, "maybe you don't want to work there anyway."

[Advertisement] Ensure your software is built only once and then deployed consistently across environments, by packaging your applications and components. Learn how today!

Planet DebianJoachim Breitner: Sliding Right into Information Theory

It's hardly news any more, but it seems I have not blogged about my involvement last year with an interesting cryptanalysis project, which resulted in the publication Sliding right into disaster: Left-to-right sliding windows leak by Daniel J. Bernstein, me, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom, which was published at CHES 2017 and on ePrint (ePrint is the cryptographer’s version of arXiv).

This project nicely touched upon many fields of computer science: First we need systems expertise to mount a side-channel attack that uses cache timing difference to observe which line of a square-and-multiply algorithm the target process is executing. Then we need algorithm analysis required to learn from these observations partial information about the bits of the private key. This part includes nice PLy concepts like rewrite rules (see Section 3.2). Oncee we know enough about the secret keys, we can use fancy cryptography to recover the whole secret key (Section 3.4). And finally, some theoretical questions arise, such as: “How much information do we need for the attack to succeed?” and “Do we obtain this much information”, and we need some nice math and information theory to answer these.

Initially, I focused on the PL-related concepts. We programming language people are yak-shavers, and in particular “rewrite rules” just demands the creation of a DSL to express them, and an interpreter to execute them, doesn’t it? But it turned out that these rules are actually not necessary, as the key recovery can use the side-channel observation directly, as we found out later (see Section 4 of the paper). But now I was already hooked, and turned towards the theoretical questions mentioned above.

Shannon vs. Rényi

It felt good to shake the dust of some of the probability theory that I learned for my maths degree, and I also learned some new stuff. For example, it was intuitively clear that whether the attack succeeds depends on the amount of information obtained by the side channel attack, and based on prior work, the expectation was that if we know more than half the bits, then the attack would succeed. Note that for this purpose, two known “half bits” are as good as knowing one full bit; for example knowing that the secret key is either 01 or 11 (one bit known for sure) is just as good as knowing that the key is either 00 or 11.

Cleary, this is related to entropy somehow -- but how? Trying to prove that the attack works if the entropy rate of the leak is >0.5 just did not work, against all intuition. But when we started with a formula that describes when the attack succeeds, and then simplified it, we found a condition that looked suspiciously like what we wanted, namely H > 0.5, only that H was not the conventional entropy (also known as the Shannon entropy, H = −∑p ⋅ log p), but rather something else: H = −∑p2, which turned to be called the collision entropy or Rényi entropy.

This resulted in Theorem 3 in the paper, and neatly answers the question when the Heninger and Shacham key recovery algorithm, extended to partial information, can be expected to succeed in a much more general setting that just this particular side-channel attack.

Markov chains and an information theoretical spin-off

The other theoretical question is now: Why does this particular side channel attack succeed, i.e. why is the entropy rate H > 0.5. As so often, Markov chains are an immensly powerful tool to answer that question. After some transformations, I managed to model the state of the square-and-multiply algorithm, together with the side-channel leak, as a markov chain with a hidden state. Now I just had to calculate its Rényi entropy rate, right? I wrote some Haskell code to do this transformation, and also came up with an ad-hoc, intuitive way of calculating the rate. So when it was time to write up the paper, I was searching for a reference that describes the algorithm that I was using…

Only I could find none! I contacted researchers who have published related to Markov chains and entropies, but they just referred me in circles, until one of them, Maciej Skórski responded. Our conversation, highly condendensed, went like this: “Nice idea, but it can’t be right, it would solve problem X” – “Hmm, but it feels so right. Here is a proof sketch.” – “Oh, indeed, cool. I can even generalize this! Let’s write a paper”. Which we did! Analytic Formulas for Renyi Entropy of Hidden Markov Models (preprint only, it is still under submission).

More details

Because I joined the sliding-right project late, not all my contributions made it into the actual paper, and therefore I published an “inofficial appendix” separately on ePrint. It contains

  1. an alternative way to find the definitively knowable bits of the secret exponent, which is complete and can (in rare corner cases) find more bits than the rewrite rules in Section 3.1
  2. an algorithm to calculate the collision entropy H, including how to model a side-channel attack like this one as a markov chain, and how to calculate the entropy of such a markov chain, and
  3. the proof of Theorem 3.

I also published the Haskell code that I wrote for this projects, including the markov chain collision entropy stuff. It is not written with public consumption in mind, but feel free to ask if you have questions about this.

Note that all errors, typos and irrelevancies in that document and the code are purely mine and not of any of the other authors of the sliding-right paper. I’d like to thank my coauthors for the opportunity to join this project.

Planet DebianDaniel Pocock: Smart home: where to start?

My home automation plans have been progressing and I'd like to share some observations I've made about planning a project like this, especially for those with larger houses.

With so many products and technologies, it can be hard to know where to start. Some things have become straightforward, for example, Domoticz can soon be installed from a package on some distributions. Yet this simply leaves people contemplating what to do next.

The quickstart

For a small home, like an apartment, you can simply buy something like the Zigate, a single motion and temperature sensor, a couple of smart bulbs and expand from there.

For a large home, you can also get your feet wet with exactly the same approach in a single room. Once you are familiar with the products, use a more structured approach to plan a complete solution for every other space.

The Debian wiki has started gathering some notes on things that work easily on GNU/Linux systems like Debian as well as Fedora and others.


What is your first goal? For example, are you excited about having smart lights or are you more concerned with improving your heating system efficiency with zoned logic?

Trying to do everything at once may be overwhelming. Make each of these things into a separate sub-project or milestone.

Technology choices

There are many technology choices:

  • Zigbee, Z-Wave or another protocol? I'm starting out with a preference for Zigbee but may try some Z-Wave devices along the way.
  • E27 or B22 (Bayonet) light bulbs? People in the UK and former colonies may have B22 light sockets and lamps. For new deployments, you may want to standardize on E27. Amongst other things, E27 is used by all the Ikea lamp stands and if you want to be able to move your expensive new smart bulbs between different holders in your house at will, you may want to standardize on E27 for all of them and avoid buying any Bayonet / B22 products in future.
  • Wired or wireless? Whenever you take up floorboards, it is a good idea to add some new wiring. For example, CAT6 can carry both power and data for a diverse range of devices.
  • Battery or mains power? In an apartment with two rooms and less than five devices, batteries may be fine but in a house, you may end up with more than a hundred sensors, radiator valves, buttons, and switches and you may find yourself changing a battery in one of them every week. If you have lodgers or tenants and you are not there to change the batteries then this may cause further complications. Some of the sensors have a socket for an optional power supply, battery eliminators may also be an option.

Making an inventory

Creating a spreadsheet table is extremely useful.

This helps estimate the correct quantity of sensors, bulbs, radiator valves and switches and it also helps to budget. Simply print it out, leave it under the Christmas tree and hope Santa will do the rest for you.

Looking at my own house, these are the things I counted in a first pass:

Don't forget to include all those unusual spaces like walk-in pantries, a large cupboard under the stairs, cellar, en-suite or enclosed porch. Each deserves a row in the table.

Sensors help make good decisions

Whatever the aim of the project, sensors are likely to help obtain useful data about the space and this can help to choose and use other products more effectively.

Therefore, it is often a good idea to choose and deploy sensors through the home before choosing other products like radiator valves and smart bulbs.

The smartest place to put those smart sensors

When placing motion sensors, it is important to avoid putting them too close to doorways where they might detect motion in adjacent rooms or hallways. It is also a good idea to avoid putting the sensor too close to any light bulb: if the bulb attracts an insect, it will trigger the motion sensor repeatedly. Temperature sensors shouldn't be too close to heaters or potential draughts around doorways and windows.

There are a range of all-in-one sensors available, some have up to six features in one device smaller than an apple. In some rooms this is a convenient solution but in other rooms, it may be desirable to have separate motion and temperature sensors in different locations.

Consider the dining and sitting rooms in my own house, illustrated in the floorplan below. The sitting room is also a potential 6th bedroom or guest room with sofa bed, the downstairs shower room conveniently located across the hall. The dining room is joined to the sitting room by a sliding double door. When the sliding door is open, a 360 degree motion sensor in the ceiling of the sitting room may detect motion in the dining room and vice-versa. It appears that 180 degree motion sensors located at the points "1" and "2" in the floorplan may be a better solution.

These rooms have wall mounted radiators and fireplaces. To avoid any of these potential heat sources the temperature sensors should probably be in the middle of the room.

This photo shows the proposed location for the 180 degree motion sensor "2" on the wall above the double door:


To summarize, buy a Zigate and a small number of products to start experimenting with. Make an inventory of all the products potentially needed for your home. Try to mark sensor locations on a floorplan, thinking about the type of sensor (or multiple sensors) you need for each space.

Planet Linux AustraliaLinux Users of Victoria (LUV) Announce: LUV December 2018 Main Meeting: Linux holiday gift ideas

Dec 4 2018 18:30
Dec 4 2018 19:30
Dec 4 2018 18:30
Dec 4 2018 19:30
Kathleen Syme Library, 251 Faraday Street Carlton VIC 3053


6:30 PM to 7:30 PM Tuesday, December 4, 2018
Training Room, Kathleen Syme Library, 251 Faraday Street Carlton VIC 3053


  • Andrew Chalmers
  • Andrew Pam


Many of us like to go for dinner nearby after the meeting, typically at Brunetti's or Trotters Bistro in Lygon St.  Please let us know if you'd like to join us!

Linux Users of Victoria is a subcommittee of Linux Australia.

December 4, 2018 - 18:30

read more

Planet DebianRuss Allbery: Review: Linked

Review: Linked, by Albert-László Barabási

Publisher: Plume
Copyright: 2002, 2003
Printing: May 2003
ISBN: 0-452-28439-2
Format: Trade paperback
Pages: 241

Barabási at the time of this writing was a professor of physics at Notre Dame University (he's now the director of Northeastern University's Center of Complex Networks). Linked is a popularization of his research into scale-free networks, their relationship to power-law distributions (such as the distribution of wealth), and a proposed model explaining why so many interconnected systems in nature and human society appear to form scale-free networks. Based on some quick Wikipedia research, it's worth mentioning that the ubiquity of scale-free networks has been questioned and may not be as strong as Barabási claims here, not that you would know about that controversy from this book.

I've had this book sitting in my to-read pile for (checks records) ten years, so I only vaguely remember why I bought it originally, but I think it was recommended as a more scientific look at phenomenon popularized by Malcolm Gladwell in The Tipping Point. It isn't that, exactly; Barabási is much less interested in how ideas spread than he is in network structure and its implications for robustness and propagation through the network. (Contagion, as in virus outbreaks, is the obvious example of the latter.)

There are basically two parts to this book: a history of Barabási's research into scale-free networks and the development of the Barabási-Albert model for scale-free network generation, and then Barabási's attempt to find scale-free networks in everything under the sun and make grandiose claims about the implications of that structure for human understanding. One of these parts is better than the other.

The basic definition of a scale-free network is a network where the degree of the nodes (the number of edges coming into or out of the node) follows a power-law distribution. It's a bit hard to describe a power-law distribution without the math, but the intuitive idea is that the distribution will contain a few "winners" who will have orders of magnitude more connections than the average node, to the point that their connections may dominate the graph. This is very unlike a normal distribution (the familiar bell-shaped curve), where most nodes will cluster around a typical number of connections and the number of nodes with a given count of connections will drop off rapidly in either direction from that peak. A typical example of a power-law distribution outside of networks is personal wealth: rather than clustering around some typical values the way natural measurements like physical height do, a few people (Bill Gates, Warren Buffett) have orders of magnitude more wealth than the average person and a noticeable fraction of all wealth in society.

I am moderately dubious of Barabási's assertion here that most prior analysis of networks before his scale-free work focused on random networks (ones where new nodes are connected at an existing node chosen at random), since this is manifestly not the case in computer science (my personal field). However, scale-free networks are a real phenomenon that have some very interesting properties, and Barabási and Albert's proposal of how they might form (add nodes one at a time, and prefer to attach a new node to the existing node with the most connections) is a simple and compelling model of how they can form. Barabási also discusses a later variation, which Wikipedia names the Bianconi-Barabási model, which adds a fitness function for more complex preferential attachment.

Linked covers the history of the idea from Barabási's perspective, as well as a few of its fascinating properties. One is that scale-free networks may not have a tipping point in the Gladwell sense. Depending on the details, there may not be a lower limit of nodes that have to adopt some new property for it to spread through the network. Another is robustness: scale-free networks are startlingly robust against removal of random nodes from the network, requiring removal of large percentages of the nodes before the network fragments, but are quite vulnerable to a more targeted attack that focuses on removing the hubs (the nodes with substantially more connections than average). Scale-free networks also naturally give rise to "six degrees of separation" effects between any two nodes, since the concentration of connections at hubs lead to short paths.

These parts of Linked were fairly interesting, if sometimes clunky. Unfortunately, Barabási doesn't have enough material to talk about mathematical properties and concrete implications at book length, and instead wanders off into an exercise in finding scale-free networks everywhere (cell metabolism, social networks, epidemics, terrorism), and leaping from that assertion (which Wikipedia, at least, labels as not necessarily backed up by later analysis) to some rather overblown claims. I think my favorite was the confident assertion that by 2020 we will be receiving custom-tailored medicine designed specifically for the biological networks of our unique cells, which, one, clearly isn't going to happen, and two, has a strained and dubious connection to scale-free network theory to say the least. There's more in that vein. (That said, the unexpected mathematical connection between the state transition of a Bose-Einstein condensate and scale-free network collapse given sufficiently strong attachment preference and permission to move connections was at least entertaining.)

The general introduction to scale-free networks was interesting and worth reading, but I think the core ideas of this book could have been compressed into a more concise article (and probably have, somewhere on the Internet). The rest of it was mostly boring, punctuated by the occasional eye-roll. I appreciate Barabási's enthusiasm for his topic — it reminds me of professors I worked with at Stanford and their enthusiasm for their pet theoretical concept — but this may be one reason to have the popularization written by someone else. Not really recommended as a book, but if you really want a (somewhat dated) introduction to scale-free networks, you could do worse.

Rating: 6 out of 10


Planet DebianMike Gabriel: My Work on Debian LTS/ELTS (November 2018)

In November 2018, I have worked on the Debian LTS project for nine hours as a paid contributor. Of the originally planned twelve hours (four of them carried over from October) I gave two hours back to the pool of available work hours and carry one hour over to December.

For November, I also signed up for four hours of ELTS work, but had to realize that at the end of the month, I hadn't even set up a test environment for Debian wheezy ELTS, so I gave these four hours back to the "pool". I have started getting an overview of the ELTS workflow now and will start fixing packages in December.

So, here is my list of work accomplished for Debian LTS in November 2018:

  • Regression upload of poppler (DLA 1562-2 [1]), updating the fix for CVE-2018-16646
  • Research on Saltstack salt regarding CVE-2018-15750 and CVE-2018-15751. Unfortunately, there was no reference in the upstream Git repository to the commit(s) that actually fixed those issues. Finally, it turned out that the REST netapi code that is affected by the named CVEs was added between upstream release 2014.1.13 and 2014.7(.0). As Debian jessie ships salt's upstream release 2014.1.13, I concluded that salt in jessie is not affected by the named CVEs.
  • Last week I joined Markus Koschany with triaging a plentitude of libav issues that have/had status "undetermined" for Debian jessie. I was able to triage 21 issues, of which 15 have applicable patches. Three issues have patches that don't apply cleanly and need manual work. One issue only is valid to ffmpeg, but not to libav. For another issue, there seems to be no patch available (yet). And yet another issue seemed already somehow fixed in libav (although with error code AVERROR_PATCHWELCOME).

Thanks to all LTS/ELTS sponsors for making these projects possible.



Planet DebianThorsten Alteholz: My Debian Activities in November 2018

FTP master

This month I accepted 486 packages, which is twice as much as last month. On the other side I was a bit reluctant and rejected only 38 uploads. The overall number of packages that got accepted this month was 556.

Debian LTS

This was my fifty third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 30h. During that time I did LTS uploads or prepared security uploads of:

  • [DLA 1574-1] imagemagick security update for one CVE
  • [DLA 1586-1] openssl security update for two CVEs
  • [DLA 1587-1] pixman security update for one CVE
  • [DLA 1594-1] xml-security-c security update for one (temporary) CVE
  • [DLA 1595-1] gnuplot5 security update for three CVEs
  • [DLA 1597-1] gnuplot security update for three CVEs
  • [DLA 1602-1] nsis security update two CVEs

Thanks to Markus Koschany for testing my openssl package. It is really having a calming effect when a different pair of eyes has a quick look and does not start to scream.

I also started to work on the new CVEs of wireshark.

My debdiff of tiff was used by Moritz to doublecheck his and Lazlos work, and finally resulted in DSA 4349-1. Though not every debdiff will result in its own DSA , they are still useful for the security team. So always think of Stretch when you do a DLA.

Last but not least I did some days of frontdesk duties.

Debian ELTS

This month was the sixth ELTS month.

During my allocated time I uploaded:

  • ELA-58-1 for tiff3
  • ELA-59-1 for openssl
  • ELA-60-1 for pixman

I also started to work on the new CVEs of wireshark.

As like in LTS, I also did some days of frontdesk duties.

Other stuff

I improved packaging of …

  • libctl by finally moving to guile-2.2. Though guile-2.0 might not disappear completely in Buster, this is my first step to make it happen
  • mdns-scan
  • libjwt

I uploaded new upstream versions of …

Again I to sponsored some packages for Nicolas Mora. This time it were some dependencies for his new project taliesin, a lightweight audio media server with a REST API interface and a React JS client application. I am already anxious to give it a try :-).

As it is again this time of the year, I would also like to draw some attention to the Debian Med Advent Calendar. Like the past years, the Debian Med team starts a bug squashing event from the December 1st to 24th. Every bug that is closed will be registered in the calendar. So instead of taking something from the calendar, this special one will be filled and at Christmas hopefully every Debian Med related bug is closed. Don’t hestitate, start to squash :-).

Planet DebianSylvain Beucler: New Android SDK/NDK Rebuilds

As described in a previous post, Google is still click-wrapping all Android developer binaries with a non-free EULA.

I recompiled SDK 9.0.0, NDK r18b and SDK Tools 26.1.1 from the free sources to get rid of it:

with one-command, Docker-based builds:

This triggered an interesting thread about the current state of free dev tools to target the Android platform.

Hans-Christoph Steiner also called for joining efforts towards a repository hosted using the F-Droid architecture:

What do you think?

Planet DebianSven Hoexter: nginx and lua to evaluate CDN behaviour

I guess in the past everyone used CGIs to achieve something similar, it just seemed like a nice detour to use the nginx Lua module instead. Don't expect to read something magic. I'm currently looking into different CDN providers and how they behave regarding cache-control header, and what additional header they sent by default and when you activate certain feature. So I setup two locations inside the nginx configuration using a content_by_lua_block {} for testing purpose.

location /header {
  default_type 'text/plain';
  content_by_lua_block {
   local myheads=ngx.req.get_headers()
   for key in pairs(myheads) do
    local outp="Header '" .. key .. "': " .. myheads[key]

location /cc {
 default_type 'text/plain';
  content_by_lua_block {
   local cc=ngx.req.get_headers()["cc"]
   if cc ~= nil then
    ngx.say("moep - no cc header found")

The first one is rather boring, it just returns you the request header my origin server received, like this

$ curl -is
HTTP/2 200 
date: Sun, 02 Dec 2018 13:20:14 GMT
content-type: text/plain
set-cookie: __cfduid=d503ed2d3148923514e3fe86b4e26f5bf1543756814; expires=Mon, 02-Dec-19 13:20:14 GMT; path=/;; HttpOnly; Secure
strict-transport-security: max-age=2592000
expect-ct: max-age=604800, report-uri=""
server: cloudflare
cf-ray: 482e16f7ae1bc2f1-FRA

Header 'x-forwarded-for':
Header 'cf-ipcountry': DE
Header 'connection': Keep-Alive
Header 'accept': */*
Header 'accept-encoding': gzip
Header 'host':
Header 'x-forwarded-proto': https
Header 'cf-visitor': {"scheme":"https"}
Header 'cf-ray': 482e16f7ae1bc2f1-FRA
Header 'cf-connecting-ip':
Header 'user-agent': curl/7.62.0

The second one is more interesting, it copies the content of the "cc" HTTP request header to the "cache-control" response header to allow you convenient evaluation of the handling of different cache-control header settings.

$ curl -H'cc: no-store,no-cache' -is
HTTP/2 200 
date: Sun, 02 Dec 2018 13:27:46 GMT
content-type: image/jpeg
set-cookie: __cfduid=d971badd257b7c2be831a31d13ccec77f1543757265; expires=Mon, 02-Dec-19 13:27:45 GMT; path=/;; HttpOnly; Secure
cache-control: no-store,no-cache
cf-cache-status: MISS
strict-transport-security: max-age=2592000
expect-ct: max-age=604800, report-uri=""
server: cloudflare
cf-ray: 482e22001f35c26f-FRA


$ curl -H'cc: public' -is
HTTP/2 200 
date: Sun, 02 Dec 2018 13:28:18 GMT
content-type: image/jpeg
set-cookie: __cfduid=d48a4b571af6374c759c430c91c3223d71543757298; expires=Mon, 02-Dec-19 13:28:18 GMT; path=/;; HttpOnly; Secure
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Sun, 02 Dec 2018 17:28:18 GMT
strict-transport-security: max-age=2592000
expect-ct: max-age=604800, report-uri=""
server: cloudflare
cf-ray: 482e22c8886627aa-FRA


$ curl -H'cc: no-cache,no-store' -is
HTTP/2 200 
date: Sun, 02 Dec 2018 13:30:33 GMT
content-type: image/jpeg
set-cookie: __cfduid=dbc4758b7bb98d556173a89aa2a8c2d3a1543757433; expires=Mon, 02-Dec-19 13:30:33 GMT; path=/;; HttpOnly; Secure
cache-control: public, max-age=14400
cf-cache-status: HIT
expires: Sun, 02 Dec 2018 17:30:33 GMT
strict-transport-security: max-age=2592000
expect-ct: max-age=604800, report-uri=""
server: cloudflare
cf-ray: 482e26185d36c29c-FRA


As you can see this endpoint is currently fronted by Cloudflare using a default configuration. If you burned one request path below "/cc/" and it's now cached for a long time you can just use a random different one to continue your test, without any requirement to flush the CDN caches.


Planet DebianJulian Andres Klode: Migrating web servers

As of today, I migrated various services from shared hosting on to a VPS hosted by hetzner. This includes my weechat client, this blog, and the following other websites:

  • redirector


Uberspace runs CentOS 6. This was causing more and more issues for me, as I was trying to run up-to-date weechat binaries. In the final stages, I ran weechat and tmux inside a debian proot. It certainly beat compiling half a system with linuxbrew.

The web performance was suboptimal. Webpages are served with Pound and Apache, TLS connection overhead was just huge, there was only HTTP/1.1, and no keep-alive.

Security-wise things were interesting: Everything ran as my user, obviously, whether that’s scripts, weechat, or mail delivery helpers. Ugh. There was also only a single certificate, meaning that all domains shared it, even if they were completely distinct like and

Enter Hetzner VPS

I launched a VPS at hetzner and configured it with Ubuntu 18.04, the latest Ubuntu LTS. It is a CX21, so it has 2 vcores, 4 GB RAM, 40 GB SSD storage, and 20 TB of traffic. For 5.83€/mo, you can’t complain.

I went on to build a repository of ansible roles (see repo on, that configured the system with a few key characteristics:

  • http is served by nginx
  • certificates are per logical domain - each domain has a canonical name and a set of aliases; and the certificate is generated for them all
  • HTTPS is configured according to Mozilla’s modern profile, meaning TLSv1.2-only, and a very restricted list of ciphers. I can revisit that if it’s causing problems, but I’ve not seen huge issues.
  • Log files are anonymized to 24 bits for IPv4 addresses, and 32 bit for IPv6 addresses, which should allow me to identify an ISP, but not an individual user.

I don’t think the roles are particularly reusable for others, but it’s nice to have a central repository containing all the configuration for the server.

Go server to serve comments

When I started self-hosting the blog and added commenting via mastodon, it was via a third-party PHP script. This has been replaced by a Go program (GitHub repo). The new Go program scales a lot better than a PHP script, and provides better security properties due to AppArmor and systemd-based sandboxing; it even uses systemd’s DynamicUser.

Special care has been taken to have time outs for talking to upstream servers, so the program cannot hang with open connections and will respond eventually.

The Go binary is connected to nginx via a UNIX domain socket that serves FastCGI. The service is activated via systemd socket activation, allowing it to be owned by www-data, while the binary runs as a dynamic user. Nginx’s native fastcgi caching mechanism is enabled so the Go process is only contacted every 10 minutes at the most (for a given post). Nice!


Performance is a lot better than the old shared server. Pages load in up to half the time of the old one. Scalability also seems better: I tried various benchmarks, and achieved consistently higher concurrency ratings. A simple curl via https now takes 100ms instead of 200ms.

Performance is still suboptimal from the west coast of the US or other places far away from Germany, but got a lot better than before: Measuring from Oregon using webpagetest, it took 1.5s for a page to fully render vs ~3.4s before. A CDN would surely be faster, but would lose the end-to-end encryption.

Upcoming mail server

The next step is to enable email. Setting up postfix with dovecot is quite easy it turns out. Install them, tweak a few settings, setup SPF, DKIM, DMARC, and a PTR record, and off you go.

I mostly expect to read my email by tagging it on the server using notmuch somehow, and then syncing it to my laptop using muchsync. The IMAP access should allow some notifications or reading on the phone.

Spam filtering will be handled with rspamd. It seems to be the hot new thing on the market, is integrated with postfix as a milter, and handles a lot of stuff, such as:

  • greylisting
  • IP scoring
  • DKIM verification and signing
  • ARC verification
  • SPF verification
  • DNS lists
  • Rate limiting

It also has fancy stuff like neural networks. Woohoo!

As another bonus point: It’s trivial to confine with AppArmor, which I really love. Postfix and Dovecot are a mess to confine with their hundreds of different binaries.

I found it via uberspace, which plan on using it for their next uberspace7 generation. It is also used by some large installations like and

I plan to migrate mail from uberspace in the upcoming weeks, and will post more details about it.

Krebs on SecurityWhat the Marriott Breach Says About Security

We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties. But anytime we see such a colossal intrusion go undetected for so long, the ultimate cause is usually a failure to adopt the most important principle in cybersecurity defense that applies to both corporations and consumers: Assume you are compromised.


For companies, this principle means accepting the notion that it is no longer possible to keep the bad guys out of your networks entirely. This doesn’t mean abandoning all tenets of traditional defense, such as quickly applying software patches and using technologies to block or at least detect malware infections.

It means accepting that despite how many resources you expend trying to keep malware and miscreants out, all of this can be undone in a flash when users click on malicious links or fall for phishing attacks. Or a previously unknown security flaw gets exploited before it can be patched. Or any one of a myriad other ways attackers can win just by being right once, when defenders need to be right 100 percent of the time.

The companies run by leaders and corporate board members with advanced security maturity are investing in ways to attract and retain more cybersecurity talent, and arranging those defenders in a posture that assumes the bad guys will get in.

This involves not only focusing on breach prevention, but at least equally on intrusion detection and response. It starts with the assumption that failing to respond quickly when an adversary gains an initial foothold is like allowing a tiny cancer cell to metastasize into a much bigger illness that — left undetected for days, months or years — can cost the entire organism dearly.

The companies with the most clueful leaders are paying threat hunters to look for signs of new intrusions. They’re reshuffling the organizational chart so that people in charge of security report to the board, the CEO, and/or chief risk officer — anyone but the Chief Technology Officer.

They’re constantly testing their own networks and employees for weaknesses, and regularly drilling their breach response preparedness (much like a fire drill). And, apropos of the Marriott breach, they are finding creative ways to cut down on the volume of sensitive data that they need to store and protect.


Likewise for individuals, it pays to accept two unfortunate and harsh realities:

Reality #1: Bad guys already have access to personal data points that you may believe should be secret but which nevertheless aren’t, including your credit card information, Social Security number, mother’s maiden name, date of birth, address, previous addresses, phone number, and yes — even your credit file.

Reality #2: Any data point you share with a company will in all likelihood eventually be hacked, lost, leaked, stolen or sold — usually through no fault of your own. And if you’re an American, it means (at least for the time being) your recourse to do anything about that when it does happen is limited or nil.

Marriott is offering affected consumers a year’s worth of service from a company owned by security firm Kroll that advertises the ability to scour cybercrime underground markets for your data. Should you take them up on this offer? It probably can’t hurt as long as you’re not expecting it to prevent some kind of bad outcome. But once you’ve accepted Realities #1 and #2 above it becomes clear there is nothing such services could tell you that you don’t already know.

Once you’ve owned both of these realities, you realize that expecting another company to safeguard your security is a fool’s errand, and that it makes far more sense to focus instead on doing everything you can to proactively prevent identity thieves, malicious hackers or other ne’er-do-wells from abusing access to said data.

This includes assuming that any passwords you use at one site will eventually get hacked and leaked or sold online (see Reality #2), and that as a result it is an extremely bad idea to re-use passwords across multiple Web sites. For example, if you used your Starwood password anywhere else, that other account you used it at is now at a much higher risk of getting compromised.

By the way, if you are the type of person who likes to re-use passwords, then you definitely need to be using a password manager, which helps you pick and remember strong passwords/passphrases and essentially lets you use the same strong master password/passphrase across all Web sites.

Theassume you’re compromised” philosophy involves freezing your credit files with the major credit bureaus, and regularly ordering free copies of your credit file from to make sure nobody is monkeying with your credit (except you).

It means planting your flag at various online services before fraudsters do it for you, such as at the Social Security Administration, U.S. Postal Service, Internal Revenue Service, your mobile provider, and your Internet service provider (ISP).

Assuming compromise means placing very little trust or confidence in anything that comes to you via email. In the context of this Marriott/Starwood breach, for example, consider all the data points that attackers may now have to make a phishing or malware attack more likely to be successful: Your Starwood account number, your address, phone number, email address, passport number, dates and times of your reservations, and credit card information.

How hard would it be for someone to craft an email that warns of a problem with a recent reservation or with your Starwood account, urging you to click a booby trapped link or attachment to learn more? Now imagine that such targeted emails can come from any brand with whom you’ve done business (for a refresher, see Reality #2 above).

Assuming you’re compromised means beefing up your passwords by adopting more robust multi-factor authentication — and perhaps even transitioning away from SMS/text messages for multifactor toward more secure app- or key-based options.


If the advice above sounds inconvenient, unfair and expensive for all involved, congratulations: You are well on your way to internalizing Realities #1 and #2. For better or worse, being a savvy consumer means constantly having to make difficult trade-offs between security, privacy, and convenience.

Oh, and you generally only get to pick two out of three of these qualities. Same goes for the trio of high-speed, high-quality, and low-cost. Or good, fast, and cheap. Again, pick two. You get the idea.

Unfortunately, these transactions become even more lopsided and difficult to weigh when one party to them always selects the same trade-off (e.g., fast, low-cost, and convenient). Right now, it sure seems like there aren’t a lot of consequences when huge companies that ought to know better screw up massively on security, leaving consumers and their paying customers to clean up the mess.

I don’t know how many more big-time privacy and security debacles we need to convince our nation’s leaders that perhaps we should enshrine in law some basic standards of care for how companies handle and secure consumer data, and what rights and expectations consumers should have when companies fail to meet those standards. Because it’s clear that unless and until this happens, some subset of businesses out there will continue to make the most expedient and short-sighted trade-offs available to them, regardless of the impact to their customers and the public at large.

On this point, as with many others related to Internet security and privacy, I found it hard to argue with the opinion of my home state Senator Mark Warner (D-Va.), who observed:

“It seems like every other day we learn about a new mega-breach affecting the personal data of millions of Americans. Rather than accepting this trend as the new normal, this latest incident should strengthen Congress’ resolve. We must pass laws that require data minimization, ensuring companies do not keep sensitive data that they no longer need. And it is past time we enact data security laws that ensure companies account for security costs rather than making their consumers shoulder the burden and harms resulting from these lapses.”


CryptogramFriday Squid Blogging: Japanese Squid-Fishing Towns in Decline

It's a problem:

But now, fluctuations in ocean temperatures, years of overfishing and lax regulatory oversight have drastically depleted populations of the translucent squid in waters around Japan.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Planet Linux AustraliaMichael Still: Artemis


Its been ages since I’ve read a book in a couple of days, let alone stayed up late when I really shouldn’t in order to finish a book. Artemis is the book which broke me out of that rut — this is a fun, clever, light read. Its quite different when compared to The Martian, but I think that’s good. Weir has attempted to do something new instead of just playing on his previous successes.

An excellent book, and Mr Weir is solidly landing on my buy-everything-he-writes list.

Artemis Book Cover Artemis
Andy Weir
Del Rey
November 13, 2017

She grew up on the moon, of course she has a dark side... Jazz Bashara is a criminal. Well, sort of. Life on Artemis, the first and only city on the moon, is tough if you're not a rich tourist or an eccentric billionaire. So smuggling in the occasional harmless bit of contraband barely counts, right? Not when you've got debts to pay and your job as a porter barely covers the rent. Everything changes when Jazz sees the chance to commit the perfect crime, with a reward too lucrative to turn down. But pulling off the impossible is just the start of Jazz's problems, as she learns that she's stepped square into a conspiracy for control of Artemis itself - and that now, her only chance at survival lies in a gambit even more unlikely than the first.


Planet DebianPaul Wise: FLOSS Activities November 2018





  • myrepos: respond to some tickets
  • Debian: respond to porterbox schroot query, remove obsolete role accounts, restart misbehaving webserver, redirect openmainframe mail to debian-s390, respond to query about consequences of closing accounts
  • Debian wiki: unblacklist networks, redirect/answer user support query, answer question about page names, whitelist email addresses
  • Debian packages site: update mirror config
  • Debian derivatives census: merge and deploy changes from Outreachy applicants and others


The purple-discord upload was sponsored by my employer. All other work was done on a volunteer basis.

CryptogramClick Here to Kill Everybody News

My latest book is doing well. And I've been giving lots of talks and interviews about it. (I can recommend three interviews: the Cyberlaw podcast with Stewart Baker, the Lawfare podcast with Ben Wittes, and Le Show with Henry Shearer.) My book talk at Google is also available.

The Audible version was delayed for reasons that were never adequately explained to me, but it's finally out.

I still have signed copies available. Be aware that this is both slower and more expensive than online bookstores.

Planet DebianChris Lamb: Free software activities in November 2018

Here is my monthly update covering what I have been doing in the free software world during November 2018 (previous month):

Reproducible builds

Whilst anyone can inspect the source code of free software for malicious flaws almost all software is distributed pre-compiled to end users.

The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

This month I:


Debian LTS

This month I have worked 18 hours on Debian Long Term Support (LTS) and 12 hours on its sister Extended LTS project.

  • Investigated and triaged, libsdl2-image, lighttpd, nginx, pdns, poppler, rustc & xml-security-c amongst many others.

  • "Frontdesk" duties, responding to user queries, etc.

  • Issued DLA 1572-1 for nginx to fix a denial of service (DoS) vulnerability — as there was no validation for the size of a 64-bit atom in an .mp4 file this led to CPU exhaustion when the size was zero.

  • Issued DLA 1576-1 correcting a SSH passphrase disclosure in ansible's User module leaking data in the global process list.

  • Issued DLA 1584-1 for ruby-i18n to fix a remote denial-of-service vulnerability.

  • Issued DLA 1585-1 to prevent an XSS vulnerability in ruby-rack where a malicious request could forge the HTTP scheme being returned to the underlying application.

  • Issued DLA 1591-1 to fix two vulnerabilities in libphp-phpmailer where a arbitrary local files could be disclosed via relative path HTML transformations as well as an object injection attack.

  • Uploaded libsdl2-image (2.0.3+dfsg1-3) and sdl-image1.2 (1.2.12-10) to the unstable distribution to fix buffer overflows on a corrupt or maliciously-crafted XCF files. (#912617 & #912618)

  • Uploaded ruby-i18n (0.7.0-3) to unstable [...] and prepared a stable proposed update for a potential 0.7.0-2+deb9u1 in stretch (#914187).

  • Uploaded ruby-rack (1.6.4-6) to unstable [...] and (2.0.5-2) to experimental [...]. I also prepared a proposed update for a 1.6.4-4+deb9u1 in the stable distribution (#914184).


  • python-django (2:2.1.3-1) — New upstream bugfix release.

  • redis:

    • 5.0.1-1 — New upstream release, ensure that Debian-supplied Lua libraries are available during scripting. (#913185), refer to /run directly in .service files, etc.
    • 5.0.1-2 — Ensure that lack of IPv6 support does not prevent startup Debian where we bind to the ::1 interface by default. (#900284 & #914354)
    • 5.0.2-1 — New upstream release.
  • redisearch (1.2.1-1) — Upload the last AGPLv3 (ie. non-Commons Clause)) package from my GoodFORM project.

  • hiredis (0.14.0-3) — Adopt and tidy package (#911732).

  • python-redis (3.0.1-1) — New upstream release.

  • adminer (4.7.0-1) — New upstream release & ensure all documentation is under /usr/share/doc.

I also sponsored uploads of elpy (1.26.0-1) & muttrc-mode-el (1.2+git20180915.aa1601a-1).

Debian bugs filed

  • molly-guard: Breaks conversion with usrmerge. (#914716)

  • git-buildpackage: Please add gbp-dch --stable flag. (#914186)

  • git-buildpackage: gbp pq -Pq suffixes are not actually optional. (#914281)

  • python-redis: Autopkgtests fail. (#914800)

  • git-buildpackage: Correct "saving" typo. (#914280)

  • python-astropy: Please drop unnecessary dh_strip_nondeterminism override. (#914612)

  • shared-mime-info: Don't assume every *.key file is an Apple Keynote file. (#913550, with patch)

FTP Team

As a Debian FTP assistant this month I ACCEPTed 37 packages: android-platform-system-core, arm-trusted-firmware, boost-defaults, dtl, elogind, fonts-ibm-plex, gnome-remote-desktop, gnome-shell-extension-desktop-icons, google-i18n-address, haskell-haskell-gi-base, haskell-rio, lepton-eda, libatteanx-serializer-rdfa-perl, librdf-trine-serializer-rdfa-perl, librdf-trinex-compatibility-attean-perl, libre-engine-re2-perl, libtest-regexp-pattern-perl, linux, lua-lxc, lxc-templates, ndctl, openssh, osmo-bsc, osmo-sgsn, othman, pg-rational, qtdatavis3d-everywhere-src, ruby-grape-path-helpers, ruby-grape-route-helpers, ruby-graphiql-rails, ruby-js-regex, ruby-regexp-parser, shellia, simple-revision-control, theme-d, ulfius & vim-julia.

Planet DebianGregor Herrmann: RC bugs 2018/01-48

I just arrived at the Bug Squashing Party in bern. – a good opportunity to report the RC bugs I've touched so far this year (not that many …):

  • #750732 – src:libanyevent-perl: "libanyevent-perl: Intermittent build failures on various architectures"
    disable a test (pkg-perl)
  • #862678 – src:pidgin: "Switch from network-manager-dev to libnm-dev"
    propose patch, later uploaded by maintainer
  • #878550 – src:liblog-dispatch-filerotate-perl: "liblog-dispatch-filerotate-perl: missing (build) dependency on libparams-validate-perl"
    add missing (build) dependency, upload to DELAYED/5
  • #882618 – libdbix-class-schema-loader-perl: "libdbix-class-schema-loader-perl: Test failures"
    apply patch from ntyni (pkg-perl)
  • #884626 – src:liblinux-dvb-perl: "liblinux-dvb-perl FTBFS with linux-libc-dev 4.14.2-1"
    upload with fix from knowledgejunkie (pkg-perl)
  • #886044 – src:syncmaildir: "syncmaildir: Depends on gconf"
    propose a patch
  • #886355 – src:libpar-packer-perl: "libpar-packer-perl: frequent parallel FTBFS"
    disable parallel building (pkg-perl)
  • #890905 – src:jabref: "jabref: doesn't build/run with default-jdk/-jre"
    try to come up with a patch (pkg-java)
  • #892275 – redshift: "redshift: Unable to connect to GeoClue."
    investigate and downgrade
  • #892392 – src:aqemu: "aqemu: build-depends on GCC 6"
    propose a patch
  • #893251 – jabref: "jabref: doesn't start with liblog4j2-java 2.10.0-1"
    use versioned (build) dependency (pkg-java)
  • #894626 – libsnmp-perl: "libsnmp-perl: undefined symbol: netsnmp_ds_toggle_boolean"
    propose a patch
  • #894727 – libgit-repository-perl: "libgit-repository-perl: FTBFS: t/10-new_fail.t broke with new git"
    add patch from upstream pull request (pkg-perl)
  • #895697 – src:libconfig-model-tester-perl: "libconfig-model-tester-perl FTBFS: Can't locate Module/ in @INC"
    add missing build dependency (pkg-perl)
  • #896502 – libxml-structured-perl: "libxml-structured-perl: missing dependency on libxml-parser-perl"
    add missing (build) dependency (pkg-perl)
  • #896534 – libnetapp-perl: "libnetapp-perl: missing dependency on libnet-telnet-perl"
    add missing dependency (pkg-perl)
  • #896537 – libmoosex-mungehas-perl: "libmoosex-mungehas-perl: missing dependency on libtype-tiny-perl | libeval-closure-perl"
    add missing dependency (pkg-perl)
  • #896538 – libmonitoring-livestatus-class-perl: "libmonitoring-livestatus-class-perl: missing dependency on libmodule-find-perl"
    add missing dependency, upload to DELAYED/5
  • #896539 – libmodule-install-trustmetayml-perl: "libmodule-install-trustmetayml-perl: missing dependency on libmodule-install-perl"
    add missing (build) dependency (pkg-perl)
  • #896540 – libmodule-install-extratests-perl: "libmodule-install-extratests-perl: missing dependency on libmodule-install-perl"
    add missing (build) dependency (pkg-perl)
  • #896541 – libmodule-install-automanifest-perl: "libmodule-install-automanifest-perl: missing dependency on libmodule-install-perl"
    add missing (build) dependency (pkg-perl)
  • #896543 – liblwp-authen-negotiate-perl: "liblwp-authen-negotiate-perl: missing dependency on libwww-perl"
    add missing dependency, upload to DELAYED/5
  • #896549 – libhtml-popuptreeselect-perl: "libhtml-popuptreeselect-perl: missing dependency on libhtml-template-perl"
    add missing dependency, upload to DELAYED/5
  • #896551 – libgstreamer1-perl: "libgstreamer1-perl: Typelib file for namespace 'Gst', version '1.0' not found"
    add missing (build) dependencies (pkg-perl)
  • #897724 – src:collectd: "collectd: ftbfs with GCC-8"
    pass a compiler flag, upload to DELAYED/5
  • #898198 – src:libnet-oauth-perl: "FTBFS (test failures, also seen in autopkgtests) with libcrypt-openssl-rsa-perl >= 0.30-1"
    add patch (pkg-perl)
  • #898561 – src:libmarc-transform-perl: "libmarc-transform-perl: FTBFS with libyaml-perl >= 1.25-1 (test failures)"
    apply patch provided by YAML upstream (pkg-perl)
  • #898977 – libnet-dns-zonefile-fast-perl: "libnet-dns-zonefile-fast-perl: FTBFS: You are missing required modules for NSEC3 support"
    add missing (build) dependency (pkg-perl)
  • #900232 – src:collectd: "collectd: FTBFS: sed: can't read /usr/lib/pkgconfig/OpenIPMIpthread.pc: No such file or directory"
    propose a patch, later upload to DELAYED/2
  • #901087 – src:libcatalyst-plugin-session-store-dbi-perl: "libcatalyst-plugin-session-store-dbi-perl: FTBFS: Base class package "Class::Data::Inheritable" is empty."
    add missing (build) dependency (pkg-perl)
  • #901807 – src:libmath-gsl-perl: "libmath-gsl-perl: incompatible with GSL >= 2.5"
    apply patches from ntyni and tweak build (pkg-perl)
  • #902192 – src:libpdl-ccs-perl: "libpdl-ccs-perl FTBFS on architectures where char is unsigned"
    new upstream release (pkg-perl)
  • #902625 – libmath-gsl-perl: "libmath-gsl-perl: needs a versioned dependency on libgsl23 (>= 2.5) or so"
    make build dependency versioned (pkg-perl)
  • #903173 – src:get-flash-videos: "get-flash-videos: FTBFS in buster/sid (dh_installdocs: Cannot find "README")"
    fix name in .docs (pkg-perl)
  • #903178 – src:libclass-insideout-perl: "libclass-insideout-perl: FTBFS in buster/sid (dh_installdocs: Cannot find "CONTRIBUTING")"
    fix name in .docs (pkg-perl)
  • #903456 – libbio-tools-phylo-paml-perl: "libbio-tools-phylo-paml-perl: fails to upgrade from 'stable' to 'sid' - trying to overwrite /usr/share/man/man3/Bio::Tools::Phylo::PAML.3pm.gz"
    upload package fixed by carandraug (pkg-perl)
  • #904737 – src:uwsgi: "uwsgi: FTBFS: unable to build gccgo plugin"
    update build dependencies, upload to DELAYED/5
  • #904740 – src:libtext-bidi-perl: "libtext-bidi-perl: FTBFS: 'fribidi_uint32' undeclared"
    apply patch from CPAN RT (pkg-perl)
  • #904858 – src:libtickit-widget-tabbed-perl: "libtickit-widget-tabbed-perl: Incomplete debian/copyright?"
    fix d/copyright (pkg-perl)
  • #905614 – src:license-reconcile: "FTBFS: Failed test 'no warnings' with libsoftware-license-perl 0.103013-2"
    apply patch from Felix Lechner (pkg-perl)
  • #906482 – src:libgit-raw-perl: "libgit-raw-perl: FTBFS in buster/sid (failing tests)"
    patch test (pkg-perl)
  • #908323 – src:libgtk3-perl: "libgtk3-perl: FTBFS: t/overrides.t failure"
    add patch and versioned (build) dependency (pkg-perl)
  • #909343 – src:libcatalyst-perl: "libcatalyst-perl: fails to build with libmoosex-getopt-perl 0.73-1"
    upload new upstream release (pkg-perl)
  • #910943 – libhtml-tidy-perl: "libhtml-tidy-perl: FTBFS (test failures) with tidy-html5 5.7"
    add patch (pkg-perl)
  • #912039 – src:libpetal-utils-perl: "libpetail-utils-perl: FTBFS: Test failures"
    add missing build dependency (pkg-perl)
  • #912045 – src:mb2md: "mb2md: FTBFS: Test failures"
    add missing build dependency (pkg-perl)
  • #914288 – src:libpgplot-perl: "libpgplot-perl: FTBFS and autopkgtest fail with new giza-dev: test waits for input"
    disable interactive tests (pkg-perl)
  • #915096 – src:libperl-apireference-perl: "libperl-apireference-perl: Missing support for perl 5.28.1"
    add support for perl 5.28.1 (pkg-perl)

let's see how the weekend goes.

TEDWatch Tarana Burke’s TED Talk: Me Too is a movement, not a moment

An inspiring, honest talk: In 2006, Tarana Burke was consumed by a desire to do something about the sexual violence she saw in her community. She took out a piece of paper, wrote “Me Too” across the top and laid out an action plan for a movement centered on the power of empathy between survivors. More than a decade later, she reflects on what has since become a global movement — and makes a powerful call to dismantle the power and privilege that are building blocks of sexual violence. “We owe future generations nothing less than a world free of sexual violence,” she says. “I believe we can build that world.”

Share this talk:

TEDBreaking out: Notes from Session 3 of TEDWomen 2018

“I have seen a world where women are denied, and I have also seen what can happen when you invest in the potential of half of your population,” says activist Shad Begum. She speaks at TEDWomen 2018: Showing Up, on November 29, 2018, in Palm Springs, California. (Photo: Marla Aufmuth / TED)

In session 3 of TEDWomen 2018, hosted by social justice documentarian Jess Search, a lineup of speakers and performers — Eldra Jackson, Shad Begum, Emily Quinn, Shohini GhoseClimbing PoeTree, Maeve Higgins and Lindy Lou Isonhood — explored toxic masculinity, quantum computing, immigration, the death penalty and much more.

Eldra Jackson III shares his work breaking the cycle of emotional illiteracy that allows men to victimize others. He speaks at TEDWomen 2018: Showing Up, on November 29, 2018, in Palm Springs, California. (Photo: Callie Giovanna / TED)

An empathetic cure for toxic masculinity. Toxic masculinity is a disease that victimizes both its targets and its perpetrators, says educator Eldra Jackson III. Growing up, he had a “chronic case” of it — “so much so that [he] spent 24 years of a life sentence in prison for kidnapping, robbery and attempted murder.” As a teen, Jackson’s heroes were athletes and gangsters. So when sports didn’t work out as a career path, he gravitated toward what seemed the only other option: a life of crime. Jackson landed in jail, “where I didn’t care how I lived or if I died,” he says. He found a cure for this disease through Inner Circle, an organization founded by Patrick Nolan to combat gang violence in the prison yard. Through an exercise called Circle Time — “men sitting with men and cutting through the bullshit and challenging structural ways of thinking” — Jackson learned that “characteristics usually defined as weaknesses are parts of the whole, healthy man.” Today, as a free man, Jackson teaches his own sons what he has learned, and in doing so, he seeks to “eradicate the cycle of emotional illiteracy and groupthink that allows our males to continue to victimize others.”

Strengthening women’s leadership in Pakistan and beyond. Pakistani activist Shad Begum has spent her life working for the right of every woman to live to her full potential. “When women show up, things get better for everyone,” Begum says. “Yet I have found all too often women underestimate their own strength, potential and self-respect.” To counteract this troubling reality, Begum has invested in women’s leadership — first by founding the Association for Behaviour and Knowledge Transformation in 1994 and then by running for public office in Dir, Pakistan, in 2001 — and winning. Her fellow male councilors told her to buy sewing machines for the local women; instead she advocated for what she knew they really wanted: more access to clean drinking water. In the years since, Begum’s seen change happening at the local level as women find their place in the political process. She helped train 300 women and youth candidates for the 2015 local elections: 50 percent of them won and are now sitting in the local councils. And perhaps even more promising: While fewer than one hundred women voted in Dir’s 2013 general elections and 2015 local elections, more than 93,000 women turned out to vote in the 2018 general elections. “I have seen a world where women are denied, and I have also seen what can happen when you invest in the potential of half of your population,” Begum says. Now it’s time to keep making that investment.

“If there are infinite ways for our bodies to look, our minds to think, personalities to act — wouldn’t it make sense that there’s that much variety in biological sex, too?” asks intersex activist Emily Quinn. She speaks at TEDWomen 2018: Showing Up, on November 29, 2018, in Palm Springs. (Photo: Marla Aufmuth / TED)

Let’s talk about (biological) sex. We put people in boxes based on their genitalia, says intersex activist Emily Quinn, as if what’s between somebody’s legs tells you anything about that person — their kindness, generosity, humor. As an intersex individual who was born with both a vagina and and testicles, Quinn has been told since she was a child (and still as an adult) that her biology puts her at risk — despite the fact that a surgery to remove her genitals would most likely do more physical and emotional harm than good. Quinn asks: What constitutes a man, a woman? Does lacking or having certain organs disqualify a person from being who they are? Much like gender, biological sex exists on a spectrum and shouldn’t be boiled down to just male and female, she suggests. There are so many other human traits that have more than two options — think: hair color, eye color, complexion, height, even noses. Globally, intersex people aren’t rare or new; they’ve existed throughout every culture in history and represent about 2 percent of the global population — the same percentage as genetic redheads. (For scale, 2 percent is roughly about 150 million people, more than the entire population of Russia.) “If there are infinite ways for our bodies to look, our minds to think, personalities to act — wouldn’t it make sense that there’s that much variety in biological sex, too?” Quinn asks.

The weird world of quantum computing. What if you read about a computer that could “teleport” data across space and time, was physically impossible to hack and could simulate biological systems down to their subatomic particles? You’d probably think you were reading a science-fiction novel — but in fact, these are just a few of the real-life possibilities of quantum computers. Computer scientist Shohini Ghose works with quantum computers that store data not as binary zeros and ones, but as a spectrum of probabilities that a particular bit of information is true or false. And if you find that confusing, “don’t worry — you’re getting it.” The best way of understanding these strange devices is to realize that a quantum computer “is not just a more powerful version of our current computers,” she says — it’s something else entirely, “just like a light bulb is not a more powerful candle.” And like the light bulb, quantum computers will one day illuminate technological horizons we can barely imagine. As Ghose puts it: “The future is fundamentally uncertain, and to me, that is certainly exciting.”

A dazzling performance of poetry and song. Alixa Garcia and Naima Penniman of Climbing PoeTree mesmerize the audience with their poems “Being Human” and “Awakening.” In “Being Human,” they explore wonder and imagination, pairing awe-inducing spoken word with a flute and beatboxing performance that defies genres. “We believe creativity is the antidote to destruction,” Penniman says in between pieces. Supported by musicians Claudia Cuentas and Tonya Abernathy, they close out with “Awakening,” combining stunning vocals and ukulele in a powerful tribute to humanity’s fight for truth, justice and freedom.

The “good immigrant” trap. Irish comedian, writer and podcaster Maeve Higgins grew up learning about those who left Ireland, fleeing famine, oppression and seeking a new life. In 2014, she left Ireland herself, moving to Brooklyn on an O1 visa, which is designated for “aliens of extraordinary ability,” or those who have achieved in their fields. Since then, she’s travelled around the US, hearing stories of immigrants who have left their old homes behind in search of a new life. She’s found a pattern in these stories: We divide immigrants into good and bad. While people were celebrating the immigrants of the French national football team during their World Cup win this summer, for instance, migrants were drowning in the Mediterranean, while US politicians shut down the borders their ancestors passed through. This year, the US is on track to accept the fewest refugees in its history, Higgins says. Immigrants are being divided up by what they’re worth — some get O1 visas, while others are shut out. “People should not be considered valuable just because they do something of value to us,” Higgins says. “When we dehumanize another, we dehumanize ourselves. People are valuable because they are people. The moment we forget that, or deny it, terrible things happen.”

A new outlook on the death penalty. Human rights activist Lindy Lou Isonhood comes from a conservative Christian family in a conservative US state — but she’s here to tell us that the death penalty has new opponents. A native of Yazoo City, Mississippi, where the death penalty is “an unspoken part of the culture,” Isonhood was selected to be a juror in a murder case, and voted “yes” to giving a man named Bobby Wilcher the death penalty. After the case, the people around her told her to move on, but she couldn’t; it haunted her that she had sentenced a fellow human to die. She became a “silent survivor,” coping with PTSD on her own — until 12 years later, when Wilcher’s execution date was set. Searching for peace, Isonhood visited Wilcher in jail and apologized for her part in his sentencing. Wilcher forgave her, and after he was granted a last-minute stay, the two kept talking; in the months before his eventual execution, they became friends. After his execution, Isonhood sought out her fellow jury members because she had to know: Was she the only one who had been so deeply affected? What she found: “All those years, and I finally realized I was not the only disillusioned juror.” Now she’s found inspiration in her granddaughters, she says: “Because of my experience, they’re now more equipped to stand on their own and think for themselves.” Out of a dark situation, a sense of hope for the next generation.

TEDPropelled by possibility: Tarana Burke speaks at TEDWomen 2018

“Trauma halts possibility; movement activates it.” The founder of the Me Too movement, Tarana Burke, is the first speaker at TEDWomen 2018: Showing Up, on November 28, 2018, in Palm Springs, California. (Photo: Marla Aufmuth / TED)

Watch Tarana Burke’s TED Talk »

In 2006, Tarana Burke was consumed by a desire to do something about the rampant sexual violence she saw in her community. She took out a piece of paper, wrote “Me Too” across the top and laid out an action plan for a movement centered on the power of empathy between survivors — a movement that could open up the possibility of healing.

Over the next decade, the Me Too movement steadily helped survivors of sexual violence, particularly Black women and girls, find pathways to healing. In 2017, the movement gained a hashtag and sparked a global conversation on social media among survivors and supporters.

Yet as Burke takes the stage at TEDWomen 2018, she admits a hard truth: “I am numb.”

For Burke, numbness is not an absence of feeling — it’s an accumulation of feelings. It’s the memories that creep up in the middle of the night that can’t be fought off, the sense of the magnitude of the task ahead. And she recognizes that this feeling has spread. “For survivors, we often have to hold the truth of our experience,” she says. “But now we are all holding something, whether we want to or not.”

What might we all be holding on to? Burke reflects on the Kavanaugh hearings, the criticism of survivors that’s come out of the White House — and a media backlash that has framed the Me Too movement as a witch hunt, out to destroy due process or start a gender war. “Suddenly, a movement to center survivors of sexual violence is being talked about as a vindictive plot against men,” Burke says. At times, the movement she sees portrayed in the media is almost unrecognizable to the one she started over a decade ago.

So Burke wants to be clear about what the Me Too movement is. “This is a movement about the one in four girls and the one in six boys who are sexually abused every year, and who carry those wounds into adulthood,” she says. It’s about the far-reaching power of empathy and the millions of people who raised their hands a year ago to say “me too” — and still have their hands raised.

Amid the upheaval of this historical moment, it’s understandable that many of us have been left numb, she says. “This accumulation of feelings that so many of us are feeling together across the globe is collective trauma,” Burke says. But it is also the first step toward building the world we need right now. “This is bigger than a moment,” she says. “We are in a movement.”

In Burke’s eyes, the most powerful movements have always been about a bigger shared vision of what’s possible, not just the acknowledgment of what is now. Recalling Dr. King’s famous quoting of Theodore Parker — “The arc of the moral universe is long but it bends toward justice” — Burke reminds us that someone has to bend it.

“My vision for the Me Too movement is part of a collective vision to see a world free of sexual violence,” she says. “I believe we can build that world. Full stop.”

How can we reach this world? We start by dismantling the building blocks of sexual violence: power and privilege. This starts by shifting our culture away from a focus on individual bad actors or depraved, isolated behavior. Instead, we must recognize that any person sitting in a position of power comes with privilege, rendering those without power vulnerable — whether it’s a boss and employee, coach and athlete, landlord and tenant or another similar dynamic. “We reshape that imbalance [of power] by raising our voices against it in unison, by creating spaces that speak truth to power,” she says. “We have to re-educate ourselves and our children to understand that power and privilege doesn’t always have to destroy and take — it can be used to serve and build,” she says.

At the same time, Burke reminds us that the work of the Me Too movement is to teach survivors it’s OK not to lean in to the trauma. Rather being forced to replay their experiences in public for others’ awareness, Burke says, survivors should be given space to find and create joy in their lives.

Looking back on the origin of the Me Too movement in 2006, Burke returns to the notion of possibility. “I have been propelled by possibility for most of my life,” she says. “Possibility is a gift. It births new worlds and it births vision … Those who came before didn’t win every fight. But it did not kill their vision, it fueled it.”

For that reason, Burke refuses to give up — and asks that we do the same. “We owe future generations nothing less than a world free of sexual violence,” she says. “I believe we can build that world. Do you?”

CryptogramThree-Rotor Enigma Machine Up for Auction Today

Sotheby's is auctioning off a (working, I think) three-rotor Enigma machine today. They're expecting it to sell for about $200K.

I have an Enigma, but it's missing the rotors.

Planet DebianMichal Čihař: Weblate 3.3

Weblate 3.3 has been released today. The most visible new feature are component alerts, but there are several other improvements as well.

Full list of changes:

  • Added support for component and project removal.
  • Improved performance for some monolingual translations.
  • Added translation component alerts to highlight problems with a translation.
  • Expose XLIFF unit resname as context when available.
  • Added support for XLIFF states.
  • Added check for non writable files in DATA_DIR.
  • Improved CSV export for changes.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. Weblate is also being used on as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

Krebs on SecurityMarriott: Data on 500 Million Guests Stolen in 4-Year Breach

Hospitality giant Marriott today disclosed a massive data breach exposing the personal and financial information on as many as a half billion customers who made reservations at any of its Starwood properties over the past four years.

Marriott said the breach involved unauthorized access to a database containing guest information tied to reservations made at Starwood properties on or before Sept. 10, 2018, and that its ongoing investigation suggests the perpetrators had been inside the company’s networks since 2014.

Marriott said the intruders encrypted information from the hacked database (likely to avoid detection by any data-loss prevention tools when removing the stolen information from the company’s network), and that its efforts to decrypt that data set was not yet complete. But so far the hotel network believes that the encrypted data cache includes information on up to approximately 500 million guests who made a reservation at a Starwood property.

“For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date and communication preferences,” Marriott said in a statement released early Friday morning.

Marriott added that customer payment card data was protected by encryption technology, but that the company couldn’t rule out the possibility the attackers had also made off with the encryption keys needed to decrypt the data.

The hotel chain did not say precisely when in 2014 the breach was thought to have begun, but it’s worth noting that Starwood disclosed its own breach involving more than 50 properties in November 2015, just days after being acquired by Marriott. According to Starwood’s disclosure at the time, that earlier breach stretched back at least one year — to November 2014.

Back in 2015, Starwood said the intrusion involved malicious software installed on cash registers at some of its resort restaurants, gift shops and other payment systems that were not part of the its guest reservations or membership systems.

However, this would hardly be the first time a breach at a major hotel chain ballooned from one limited to restaurants and gift shops into a full-blown intrusion involving guest reservation data. In Dec. 2016, KrebsOnSecurity broke the news that banks were detecting a pattern of fraudulent transactions on credit cards that had one thing in common: They’d all been used during a short window of time at InterContinental Hotels Group (IHG) properties, including Holiday Inns and other popular chains across the United States.

It took IHG more than a month to confirm that finding, but the company said in a statement at the time it believed the intrusion was limited to malware installed at point of sale systems at restaurants and bars of 12 IHG-managed properties between August and December 2016.

In April 2017, IHG acknowledged that its investigation showed cash registers at more than 1,000 of its properties were compromised with malicious software designed to siphon customer debit and credit card data — including those used at front desks in certain IHG properties.

Marriott says its own network does not appear to have been affected by this four-year data breach, and that the investigation only identified unauthorized access to the separate Starwood network.

Starwood hotel brands include W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels that participate in the Starwood Preferred Guest (SPG) program.

Marriott is offering affected guests in the United States, Canada and the United Kingdom a free year’s worth of service from WebWatcher, one of several companies that advertise the ability to monitor the cybercrime underground for signs that the customer’s personal information is being traded or sold.

The breach announced today is just the latest in a long string of intrusions involving credit card data stolen from major hotel chains over the past four years — with many chains experiencing multiple breaches. In October 2017, Hyatt Hotels suffered its second card breach in as many years. In July 2017, the Trump Hotel Collection was hit by its third card breach in two years.

In Sept. 2016, Kimpton Hotels acknowledged a breach first disclosed by KrebsOnSecurity. Other breaches first disclosed by KrebsOnSecurity include two separate incidents at White Lodging hotels; a 2015 incident involving card-stealing malware at Mandarin Oriental properites; and a 2015 breach affecting Hilton Hotel properties across the United States.

This is a developing story, and will be updated with analysis soon.

CryptogramThat Bloomberg Supply-Chain-Hack Story

Back in October, Bloomberg reported that China has managed to install backdoors into server equipment that ended up in networks belonging to -- among others -- Apple and Amazon. Pretty much everybody has denied it (including the US DHS and the UK NCSC). Bloomberg has stood by its story -- and is still standing by it.

I don't think it's real. Yes, it's plausible. But first of all, if someone actually surreptitiously put malicious chips onto motherboards en masse, we would have seen a photo of the alleged chip already. And second, there are easier, more effective, and less obvious ways of adding backdoors to networking equipment.

Worse Than FailureError'd: Cash vs File Cache

"This was the ATM in the lobby of a certain hotel in Vienna," wrote Buddy, "The nice lady working at the reception desk said that 'it's been doing that, but it usually works.'"


"I know the US refuses to use the metric system, but I feel like Con Ed is taking it to the next level," writes George.


Adam G. writes, "Apparently, native CSS is now integrated in the latest Java SE release."


"Right - I don't know where that is, Google Maps, that's why I asked," writes Tom.


Bob B. wrote, "The request URI is too large, just like the font!"


"Of the things for Amazon to get wrong on Amazon Prime Day..." Neil D. writes.


[Advertisement] ProGet supports your applications, Docker containers, and third-party packages, allowing you to enforce quality standards across all components. Download and see how!

Planet DebianJonathan Dowland: glBSP

Continuing a series of blog posts about Debian packages I have adopted (Previously: smartmontools; duc), in January this year I also adopted glBSP.

I was surprised to see glBSP come up for adoption; I found out when I was installing something entirely unrelated, thanks to the how-can-i-help package. (This package is a great idea: it tells you about packages you have installed which are in danger of being removed from Debian, or have other interesting bugs filed against them. Give it a go!) glBSP is a dependency on another of my packages, WadC, so I adopted it fairly urgently.

glBSP is a node-building tool for Doom maps. A Map in Doom is defined in a handful of different lumps of data. The top-level, canonical data structures are relatively simple: THINGS is a list of things (type, coordinates, angle facing); VERTEXES is a list of points for geometry (X/Y coordinates); SECTORS define regions (light level, floor height and texture,…), etc. Map authoring tools can build these lumps of data relatively easily. (I've done it myself: I generate them all in liquorice, that I should write more about one day.)

During gameplay, Doom needs to answer questions such as: the player is at location (X,Y) and has made a noise. Can Monster Z hear that noise? Or: the player is at location (X,Y) at facing Z°, what walls need to be drawn? These decisions needed to be made very quickly on the target hardware of 1993 (a 486 CPU) in order to maintain the desired frame-rate (35fps). To facilitate this, various additional data structures are derived from the canonical lumps. glBSP is one of a class of tools called node builders that calculate these extra lumps. The name "node-builder" comes from one of the lumps (NODES), which encodes a binary-space partition of the map geometry (and that's where "BSP" comes from).

If you would be interested to know more about these algorithms (and they are fascinating, honest!), I recommend picking up Fabien Sanglard's forthcoming book "Game Engine Black Book: DOOM". You can pre-order an ebook from Google Play here. It will be available as a physical book (and ebook) via Amazon on publication date, which will be December 10, marking Doom's 25th anniversary.

The glBSP package could do with some work to bring it up to the modern standards and conventions of Debian packages. I haven't bothered to do that, because I'm planning to replace it with another node-builder. glBSP is effectively abandoned upstream. There are loads of other node builders that could be included: glBSP and Eureka author Andrew Apted started a new one called AJBSP, and my long-time friend Kim Roar Foldøy Hauge has one called zokumbsp. The best candidate as an all-round useful node-builder is probably ZDBSP, which was originally developed as an internal node-builder for the ZDoom engine, and was designed for speed. It also copes well with some torture-test maps, such as WadC's "choz.wl", which brought glBSP to its knees. I've submitted a package of ZDBSP to Debian and I'm waiting to see if it is accepted by the FTP masters. After that, we could consider removing glBSP.


TEDGetting started: Notes from Session 2 of TEDWomen 2018

Amanda Williams explores the colors of her hometown neighborhood in Chicago — including the colors of historic redlining — in a bold project called “Color(ed) Theory.” She speaks at TEDWomen 2018: Showing Up, on November 29, 2018, in Palm Springs. (Photo: Callie Giovanna / TED)

In an early morning session hosted by podcaster and TED2017 speaker Manoush Zomorodi, six speakers — Lucy Cooke, Ayanna Howard, Nivruti Rai, Monique W. Morris, Karissa Sanbonmatsu and Amanda Williams — brought us insights from the worlds of AI, robotics, epigenetics, education, and the wonderfully slow world of the sloth.

Sustainability lessons from the sloth. Sloths have a reputation for being languorous and lazy — they’re named after one of the seven deadly sins, after all. But they are misunderstood, says zoologist Lucy Cooke, who has spent more than a decade documenting the strange lives of the world’s slowest mammal. She’s come away with an important insight: “Learning the truth about the sloth may help save us and the planet we both call home,” she says. Sloths come from an ancient line of mammals that has been around for more than 40 million years (compared to around 300,000 years for humans). The secret to their success lies in their slow, sustainable and, well, slothful existence — which is more mindful than lazy, Cooke says. For instance, sloths have a massive four-chambered stomach and an unbelievably slow metabolism, sometimes taking up to one month to process a single leaf. This pace lets them eat many varieties of leaves, including some that would poison other, faster-digesting animals. They also have more neck bones than any other mammal — even giraffes — allowing them to turn their heads up to 270 degrees to graze without having to waste energy moving their body. Cooke thinks we can take a lesson from the sloth’s playbook: While we might not be able to lower our metabolism, we can slow down, reduce waste, and be more economical with our energy. If we can do this, we just might have a chance to hang around as long as the sloth.

Building robots that are friends, not foes. Robots aren’t perfect — after all, their algorithms are trained by flawed humans. AI can inherit our biases; an AI might recognize a man with a spatula as a woman, or a woman driving a car as a man. Roboticist Ayanna Howard asks: Why do we rely on biased algorithms to run our robots, and how do we fix them? We have an emotional connection to these robotic systems, Howard suggests. They take the chaos that is in our life and make it a little bit manageable — and thus, we treat them as authority figures, and allow them to pressure us to making emotional decisions. But there is hope. We can train robots to be better than us, and we can hold robot creators accountable for their creations. It’s not really the robots that we fear, Howard says — at the end of the day, we fear ourselves. She implores us to create a better future where robots are our friends, not foes.

Building AI “guardian angels.” Imagine an extra brain that knows us better than we know ourselves, that exists “with us, beside us, experiencing our world with us … always connected, always processing, always watching.” Nivruti Rai believes that AI systems could become these kinds of guardian angels. She and her research team have analyzed mountains of traffic data In India, where vehicles of every type and speed compete with humans (and animals) for road space. Machine-learning algorithms thrive on regular, repetitive data, but Indian roadways are loaded with “corner cases” — one-in-a-million incidents that present major obstacles to comprehending complex traffic systems. Rai is using these to her advantage, building an open-source database that includes corner cases to help train safer, more robust autonomous driving algorithms. If AI systems can safely navigate India’s traffic patterns, then they surely can solve other complex problems, she says — as long as we have a sufficiently robust data set.

Education is freedom work. “Around the world, black girls are struggling to be seen, working to be free and fighting to be included in the landscape of promise that a safe educational space provides,” says author and social justice scholar Monique W. Morris. In America, she tells us, black girls are seven times more likely than others to get suspended and three times more likely to be sent to juvenile court; they are overrepresented across the spectrum of disciplinary action in schools. Age compression is partly to blame — studies show that people perceive black girls as older (and less in need of protection) than they actually are — and their very appearance can be targeted for punishment, like the group of high-schoolers in South Africa who were penalized for wearing their hair in its natural state. (“Where can we be black if we can’t be black in Africa?” the girls asked.) Morris advises parents to start conversations with schools so that practices that harm black girls are eliminated. If schools are to be places of healing, she says, they’ll need fewer police officers and more counselors. “If we commit to this notion of education as freedom work, we can shift educational conditions so that no girl — even the most vulnerable among us –will get pushed out of school,” Morris says. “And that’s a win for all of us.”

Karissa Sanbonmatsu is a geneticist who explores what information we store in our genes — including surprising information about gender. She speaks at TEDWomen 2018: Showing Up, on November 29, 2018, in Palm Springs. (Photo: Callie Giovanna / TED)

What does it mean to be a woman? A scientist’s perspective. Biology researcher Karissa Sanbonmatsu studies DNA and why it gets itself all tied up in knots: the bends and folds that affect our lives on a fundamental level. As a scientist and trans woman, she and several other women across scientific disciplines are using epigenetics to search for the biomarkers that define gender on a molecular level by observing these twisty DNA structures. “One of the stunning things about our cells is that the components inside them are actually biodegradable,” she says. “They dissolve and then they’re rebuilt each day — kind of like a traveling carnival.” It’s this discovery that’s led to several others, specifically insights during pregnancy. Hormones, it turns out, trigger the formation of knots that can alter how we process life events, as well as the biological sex and brain development between trimesters — meaning that gender may develop separately in the womb. Asking what it means to be a woman, when people come in so many shapes and sizes, may not be the right question, says Sanbonmatsu. “Maybe becoming a woman means accepting ourselves for who we really are and acknowledging the same for each other.”

The intersection of color, race and space. Growing up in segregated Chicago, artist Amanda Williams thought that color could not be separated from race. As she puts it: “Racism is my city’s vivid hue.” While studying color theory in college, Williams learned about Josef Albers’ theory of color, which holds that the way we view color is actually subjective, relational, each color affected by its neighbor. Williams used this theory to understand the redlining in her neighborhood: In the 1930s, the federal government created a color-coding system for neighborhoods, and black neighborhoods, marked as “red,” didn’t receive federal housing loans. In response to this unfair characterization, Williams decided to create her own color palette, one that would speak to the people in her neighborhood. The result was “Color(ed) Theory,” a two-year art project that projected her own palette onto her neighborhood. She started by gathering stories and memories to reveal colors uniquely understood by black people. She then went for the biggest canvas she could find: houses, specifically ones that were going to be demolished. The boldly painted houses provoked a fresh reaction from the people around her and beyond. “Color(ed) Theory made unmistakably visible, the uncomfortable questions that institutions and governments have to ask themselves about why they do what they do,” says Williams. “They ask equally difficult questions of myself and my neighborhood counterparts about our value systems and what our path to collective agency needs to be.”

TEDShowing up: Notes from Session 1 of TEDWomen 2018

Propelled by possibility, Tarana Burke opens TEDWomen 2018 with a powerful call to action: “We owe future generations nothing less than a world free of sexual violence,” she says. (Photo: Marla Aufmuth / TED)

Women the world over are no longer accepting the status quo. They’re showing up and pushing boundaries. Whatever their focus and talent — business, technology, art, science, politics — pioneers and their allies are joining forces in an explosion of discovery and ingenuity to drive real, meaningful change.

At TEDWomen 2018 — three days of ideas and connections at La Quinta Resort and Club in La Quinta, California — a dynamic and diverse group of leaders, thinkers and people seeking change are facing challenges head-on while empowering us all to shape the future we want to see. The conference kicked off with an electrifying session hosted by TEDWomen curator Pat Mitchell on Wednesday night — with talks and performances by Simona Abdallah, Tarana Burke, Ai-jen Poo, Dolores Huerta, Ashweetha Shetty, Katharine Wilkinson, Marian Wright Edelman and Flor de Toloache.

A rallying beat to show up and be. Percussionist Simona Abdallah opens TEDWomen with a rapturous bang of the darbuka, a drum of Middle Eastern origin traditionally played by men. Beneath a spotlight with eyes closed and face alight with expression, Abdallah fills the room with the crisp, resounding rhythms of her drum. Her passion and talent in percussion has vaulted her over barriers to international success. And as she welcomes the audience to clap along, it feels like an invitation for everyone watching to find the rhythm of their own.

Propelled by possibility. In 2006, Tarana Burke was consumed by a desire to do something about the rampant sexual violence she saw in her community. She took out a piece of paper, wrote “Me Too” across the top and laid out an action plan for a movement centered on the power of empathy between survivors. More than a decade later, she reflects on the state of what has now become a global movement — and makes a powerful call to action to end sexual violence. “We owe future generations nothing less than a world free of sexual violence,” she says. “I believe we can build that world.” Read a full recap of her talk here.

Activist Ai-jen Poo shares her work helping overlooked domestic workers get a chance at a better life — as well as stories from the US-Mexico border, where migrant children are being separated from their families. She speaks at TEDWomen 2018: Showing Up, on November 28, 2018, in Palm Springs. (Photo: Callie Giovanna / TED)

What domestic workers can teach us about creating a more humane world. What is it like to be both absolutely essential and yet completely invisible? What is it like to care for the world’s most treasured humans but not be seen as possessing value of one’s own? These riddles help capture the painful existence of domestic workers — the nannies, cleaners, elder-care attendants and other low-paid laborers to whom many people entrust their loved ones and their homes. Their lack of status is tied to gender and race, as domestic workers are overwhelmingly women of color, says Ai-jen Poo, executive director of the National Domestic Workers Alliance (NDWA). For the past two decades, NDWA has pressed state legislatures to pass laws protecting such employees from discrimination and harassment and granting them basic benefits like paid time off and days of rest. But despite mistreatment and outright abuse, the workers she’s met are unstinting in their devotion to the people they’re hired to nurture, “to care no matter what.” In June 2018, Poo and other allies stood vigil at a border processing center in Texas, where they saw separated migrant children herded onto buses, their hands reaching through the windows for help. She recalls thinking, “If domestic workers were in charge, this never would have happened. Our humanity would never be so disposable that they would be treated this way.” She concludes: “We live in a time of moral choices. Everywhere we turn is full of moral choices, whether it’s at the border, at the ballot box, in our workplaces or in our homes. As you go about your day and you encounter these moral choices … think like a domestic worker who shows up and cares no matter what.”

Can women change the world? “¡Si se puede!” — “Yes we can!” Helen Keller once pointed out that while science has been able to cure many evils, it has found no remedy for the worst human evil of all: apathy. And legendary civil rights activist Dolores Huerta believes that this evil cripples those who should wield the most power: women. Why do so many women become apathetic? Huerta believes that they’re traumatized by aggression, taught to be victims, and are so overwhelmed by their emotive duties that they feel they don’t have the resources to become activists or to make demands of elected officials. But if the world is going to change, women must not only vote, they also must get others to vote — and vote people-centric activists into power. According to Huerta (building on an idea of Coretta Scott King), we will never have peace in the world until feminists take power. “We have power. Poor people have power. Every citizen has power, but in order to achieve the peace that we all yearn for, then we’ve all got to get involved.”

One woman’s story of perseverance. In a powerful personal talk, education advocate Ashweetha Shetty describes how she fought societal assumptions in her rural community in India — and ultimately found purpose creating opportunities for others through her foundation, Bodhi Tree. Throughout her life, Shetty felt boxed into the traditional domestic role assigned to her and other women in her village; she was told that because she was a poor rural girl, she wasn’t worthy of education. But she persisted, defying norms to graduate from college and land a prestigious year-long fellowship in Delhi. Now, she works to empower rural girls to pursue education and reclaim their voices and passions. Through Bodhi Tree, Shetty is determined to help create “a world where a girl like me is no longer a liability or a burden but a person of use, a person of value, a person of worthiness.”

“To address climate change, we must make gender equity a reality,” says Katharine Wilkinson of Project Drawdown. “And in the face of a seemingly impossible challenge, women and girls are a fierce source of possibility.” (Photo: Marla Aufmuth / TED)

Women and girls can heal mother earth. Author and environmentalist Katharine Wilkinson believes in the potential of girls and women to fight climate change — that by rising up to fight, emissions can be brought down. As vice president of communication and engagement at Project Drawdown, Wilkinson has spent the past several years studying how we can reverse global warming — and how climate change disproportionately affects women and girls. But if we can gain ground on gender equity, we also gain ground on addressing global warming. She outlines three key areas to tackle in order to fight global warming and empower women. First, we must support women smallholders — women who grow food on small areas of land with little resources. If we give these women access to better resources, their farm yields could increase by as much as 30 percent. Better farming on smaller plots could cause emissions from deforestation to drop. Wilkinson’s second solution is education. When women and girls are educated, they have more control over their health and finances, as well as the ability to succeed in a climate-changing world, she says. Educated women also marry later in life and have fewer children. Finally, Wilkinson calls for access to voluntary and high-quality reproductive healthcare. Giving more women control over the size of their family may mean one billion fewer people inhabiting Earth in 2050. “We need to break the silence around the condition of our planet,” Wilkinson says. “To address climate change, we must make gender equity a reality. And in the face of a seemingly impossible challenge, women and girls are a fierce source of possibility.”

Passion, purpose and advocacy. Marian Wright Edelman started the Children’s Defense Fund (CDF) 45 years ago. She’s been on the front lines fighting for children ever since. In conversation with Pat Mitchell, Wright Edelman discusses her upbringing in the segregated American South, the beginning of the CDF and how growing older has made her more radical. “God runs a full-employment economy, and if you just follow the need, you’ll never lack for purpose in life,” Wright Edelman says, echoing the call to action she heard her father repeat growing up. After working with Dr. Martin Luther King, Jr., on the Poor People’s Campaign for two years, Wright Edelman started the CDF, and since then the Fund has taken up causes borne out of the experiences Wright Edelman had growing up — things like immunization against preventable diseases and unequal access to education. Now she sees her purpose as drawing attention to injustice wherever it harms children and building a better world for the next generation. “We are not finished,” she says. “We are not ever going to feel finished until we end child poverty in the richest nation on earth.”

Mariachi band Flor de Toloache wrapped the opening session of TEDWomen 2018 with heartfelt music played from the soul. (Photo: Marla Aufmuth / TED)

Mariachi that will put a spell on you. Named after the Mexican medicinal flower (also known for its use in love potions), Latin Grammy-winning mariachi band Flor de Toloache wrapped the opening session of TEDWomen 2018 with heartfelt music played from the soul. Between songs, the all-female group shared the tale of how they came together in New York City, connected by passion and the desire to create a sound that both celebrates and expands the genre and tradition of mariachi. Their soaring, bilingual vocals and masterful playing brought the stage to life with light, sincerity and spell-binding melodies.

Planet DebianMolly de Blanc: Free software activities (November, 2018)

An orzo espresso in a glass espresso cup, on a ceramic plate with a spook and a small piece of a poppy seed pastry.Welcome to what is the first and may or may not be the last monthly summary of my free software activities.

November was a good month for me, heavily laden with travel. Conferences and meetings took me to Seattle, WA (USA) and Milano and Bolzano in Italy. I think of my activities as generally focusing on “my” projects — that is to say, representing my own thoughts and ideas, rather than those of my employer or associated projects.

In addition to using my free time to work on free and open source software and related issues, my day job is at the Free Software Foundation. I included highlights from my past month at the FSF. This feels a little bit like cheating.

November Activities (personal)

  • I keynoted the Seattle GNU/Linux festival (SeaGL), delivering a talk entitled “Insecure connections: Love and mental health in our digital lives.” Slides are available on GitLab.
  • Attended an Open Source Initiative board meeting in Milan, Italy.
  • Spoke at SFScon in Bolzano, Italy, giving a talk entitled “User freedom: A love Story.” Slides forthcoming. For this talk, I created a few original slides, but largely repurposed images from “Insecure connections.”
  • I made my first quantative Debian contribution, in which I added the Open Source Initiative to the list of organizations to which Debian is a member.
  • Submitted sessions to the Community and the Legal and Policy devrooms at FOSDEM. #speakerlife
  • Reviewed session proposals for CopyLeft Conf, for which I am on the paper’s committee.
  • I helped organize a $15,000 match donation for the Software Freedom Conservancy.

Some highlights from my day job

Planet DebianDaniel Pocock: Connecting software freedom and human rights

2018 is the 70th anniversary of the Universal Declaration of Human Rights.

Over the last few days, while attending the UN Forum on Business and Human Rights, I've had various discussions with people about the relationship between software freedom, business and human rights.

In the information age, control of the software, source code and data translates into power and may contribute to inequality. Free software principles are not simply about the cost of the software, they lead to transparency and give people infinitely more choices.

Many people in the free software community have taken a particular interest in privacy, which is Article 12 in the declaration. The modern Internet challenges this right, while projects like TAILS and Tor Browser help to protect it. The UN's 70th anniversary slogan Stand up 4 human rights is a call to help those around us understand these problems and make effective use of the solutions.

We live in a time when human rights face serious challenges. Consider censorship: Saudi Arabia is accused of complicity in the disappearance of columnist Jamal Khashoggi and the White House is accused of using fake allegations to try and banish CNN journalist Jim Acosta. Arjen Kamphuis, co-author of Information Security for Journalists, vanished in mysterious circumstances. The last time I saw Arjen was at OSCAL'18 in Tirana.

For many of us, events like these may leave us feeling powerless. Nothing could be further from the truth. Standing up for human rights starts with looking at our own failures, both as individuals and organizations. For example, have we ever taken offense at something, judged somebody or rushed to make accusations without taking time to check facts and consider all sides of the story? Have we seen somebody we know treated unfairly and remained silent? Sometimes it may be desirable to speak out publicly, sometimes a difficult situation can be resolved by speaking to the person directly or having a meeting with them.

Being at the United Nations provided an acute reminder of these principles. In parallel to the event, the UN were hosting a conference on the mine ban treaty and the conference on Afghanistan, the Afghan president arriving as I walked up the corridor. These events reflect a legacy of hostilities and sincere efforts to come back from the brink.

A wide range of discussions and meetings

There were many opportunities to have discussions with people from all the groups present. Several sessions raised issues that made me reflect on the relationship between corporations and the free software community and the risks for volunteers. At the end of the forum I had a brief discussion with Dante Pesce, Chair of the UN's Business and Human Rights working group.

Best free software resources for human rights?

Many people at the forum asked me how to get started with free software and I promised to keep adding to my blog. What would you regard as the best online resources, including videos and guides, for people with an interest in human rights to get started with free software, solving problems with privacy and equality? Please share them on the Libre Planet mailing list.

Let's not forget animal rights too

Are dogs entitled to danger pay when protecting heads of state?

Planet DebianBits from Debian: Debian welcomes its new Outreachy intern

Outreachy logo

Debian continues participating in Outreachy, and we'd like to welcome our new Outreachy intern for this round, lasting from December 2018 to March 2019.

Anastasia Tsikoza will work on Improving the integration of Debian derivatives with the Debian infrastructure and the community, mentored by Paul Wise and Raju Devidas.

Congratulations, Anastasia, and welcome!

From the official website: Outreachy provides three-month internships for people from groups traditionally underrepresented in tech. Interns work remotely with mentors from Free and Open Source Software (FOSS) communities on projects ranging from programming, user experience, documentation, illustration and graphical design, to data science.

The Outreachy programme is possible in Debian thanks to the efforts of Debian developers and contributors who dedicate their free time to mentor students and outreach tasks, and the Software Freedom Conservancy's administrative support, as well as the continued support of Debian's donors, who provide funding for the internships.

Join us and help extend Debian! You can follow the work of the Outreachy interns reading their blogs (they are syndicated in Planet Debian), and chat with us in the #debian-outreach IRC channel and mailing list.

Sociological ImagesGender Reveals Sparking Controversy

For years now, expecting parents have been popping balloons and cutting colorful cakes to announce the sex of their babies. These “gender reveal parties” can be a fun new take on the baby shower, but they also show just how much we invest in the gender identities of children. In a world where gender inequality persists and gender identities can be in flux, cultural traditions like this can lock people into rigid thinking that separates boys and girls.

Photo Credit: Peter Mai, Flickr CC

Of course, point this out at the wrong time and you’ll usually get accused of raining on the parade. It’s just a cake after all, right? The tricky part is that social scientists often show how identities can turn into ideologies that have real stakes for human behavior.

For a dramatic example, last week the world got footage of the gender reveal party that sparked a massive 2017 wildfire in Arizona. These parents wanted to go big to announce their new baby boy—so big that it warranted explosions in the middle of dry grasslands.

It’s not that gender stereotyping directly caused this fire—even if we didn’t have a rigid gender binary, people would still start disasters with a stray campfire or sparkler. This case is still useful for thinking about gender, though, because what we celebrate and how we celebrate it shows a lot about where people learn to place their interest and effort. We don’t have massive parties for baby’s first steps or first conversation, and I can’t think of a time when a First Communion needed 800 fire fighters to come clean up afterwards.


Evan Stewart is a Ph.D. candidate in sociology at the University of Minnesota. You can follow him on Twitter.

(View original at

CryptogramFBI Takes Down a Massive Advertising Fraud Ring

The FBI announced that it dismantled a large Internet advertising fraud network, and arrested eight people:

A 13-count indictment was unsealed today in federal court in Brooklyn charging Aleksandr Zhukov, Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov, Sergey Ovsyannikov, Aleksandr Isaev and Yevgeniy Timchenko with criminal violations for their involvement in perpetrating widespread digital advertising fraud. The charges include wire fraud, computer intrusion, aggravated identity theft and money laundering. Ovsyannikov was arrested last month in Malaysia; Zhukov was arrested earlier this month in Bulgaria; and Timchenko was arrested earlier this month in Estonia, all pursuant to provisional arrest warrants issued at the request of the United States. They await extradition. The remaining defendants are at large.

It looks like an impressive piece of police work.

Details of the forensics that led to the arrests.

Worse Than FailureA Dark Cloud Looming

Buford was a contract developer working at a mid-sized financial firm. He had just wrapped up a lengthy project and was looking for something new to sink his teeth into. Tanner, the manager in his area, tasked him with moving their implementation of Jenkins into "this great new thing they call The Cloud."

Tanner recently returned from a conference with a bunch of swag from a company called PuffyCloud. They claimed to have the easiest cloud-based implementation of Jenkins in the business. "It's pretty much just a copy-paste job according to this whitepaper they gave me. Take a look, create some user stories, and have it done by the end of the next sprint," Tanner instructed.

Buford opened up the whitepaper and soon found that PuffyCloud was certainly full of puffery. They boasted about how their approach was "production-ready for an enterprise environment" and "dozens of organizations have revolutionized their systems with PuffyCloud and the magic of our simple Docker Compose code."

After getting through several pages of drivel, Buford already had a better, cheaper way in mind. He returned to Tanner's office to explain, "Look, I don't know what these PuffyCloud guys will charge, but I'm certain I can get the same result for only the cost of my time. I can make my own Docker script to install everything on a cloud-based server that we control without a costly middle-man license from them."

Tanner furrowed his brow before responding, "Bah! Doing this yourself will take way too long. I guess you didn't hear me the first time I explained this PuffyCloud thing. Copy. And. Paste. Do that and you'll finish easily with time to spare in the sprint.

Buford went back to reading the mind-numbing whitepaper since Tanner was clearly insistent on going with PuffyCloud. Ten minutes later, he finally got to the "production-ready for an enterprise environment" script:

 image: jenkins_master
 cpu_shares: 100
 mem_limit: 500M ports:
 - "8080:8080",
 volumes_from: jenkins_dv
 image: jenkins_dv
 cpu_shares: 100
 mem_limit: 500M

Buford had so many questions from so little code. It sure as hell wasn't copy-paste-production. There was no way in hell 500M of memory would be enough, even for a bare-bones deployment. The image didn't even include a Docker repository. And that's before you take into account obvious syntax errors.

Predictably, the setup and implementation of PuffyCloud took Buford longer than a two week sprint. Since that didn't meet Tanner's expectations, Buford's contract was terminated. He was glad to be free of that mess but felt slightly bad that some other poor soul would have to deal with the PuffyCloud crapstorm.

[Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!

Planet DebianRuss Allbery: Review: The Blind Side

Review: The Blind Side, by Michael Lewis

Publisher: W.W. Norton & Company
Copyright: 2006, 2007
Printing: 2007
ISBN: 0-393-33047-8
Format: Trade paperback
Pages: 339

One of the foundations of Michael Lewis's mastery of long-form journalism is that he is an incredible storyteller. Given even dry topics of interest (baseball statistics, bond trading, football offensive lines), he has an uncanny knack for finding memorable characters around which to tell a story, and uses their involvement as the backbone of a clear explanation of complex processes or situations. That's why one of the surprises of The Blind Side is that Lewis loses control of his material.

The story that Lewis wants to tell is the development of the left tackle position in professional football. The left tackle is the player on the outside of the offensive line on the blind side of a right-handed quarterback. The advent of the west-coast offense with its emphasis on passing plays, and the corresponding development of aggressive pass rushers in the era of Lawrence Taylor, transformed that position from just another member of the most anonymous group of people in football into one of the most highly-paid positions on the field. The left tackle is the person most responsible for stopping a pass rush.

Lewis does tell that story in The Blind Side, but every time he diverts into it, the reader is left tapping their foot in frustration and wishing he'd hurry up. That's because the other topic of this book, the biographical through line, is Michael Oher, and Michael Oher the person is so much more interesting than anything Lewis has to say about football that the football parts seem wasted.

I'm not sure how many people will manage to read this book without having the details of Oher's story spoiled for them first, particularly given there's also a movie based on this book, but I managed it and loved the unfolding of the story. I'm therefore going to leave out most of the specifics to avoid spoilers. But the short version is that Oher was a sometimes-homeless, neglected black kid with incredible physical skills but almost no interaction with the public school system who ended up being adopted as a teenager by a wealthy white family. They help him clear the hurdles required to play NCAA football.

That's just the bare outline. It's an amazing story, and Lewis tells it very well. I had a hard time putting this book down, and rushed through the background chapters on the evolution of football to get back to more details about Oher. But, as much as Lewis tries to make this book a biography of Oher himself, it's really not. As Lewis discloses at the end of this edition, he's a personal friend of Sean Tuohy, Oher's adoptive father. Oher was largely unwilling to talk to Lewis about his life before he met the Tuohys. Therefore, this is, more accurately, the story of Oher as seen from the Tuohys' perspective, which is not quite the same thing.

There are so many pitfalls here that it's amazing Lewis navigates them as well as he does, and even he stumbles. There are stereotypes and pieces of American mythology lurking everywhere beneath this story, trying to make the story snap to them like a guiding grid: the wealthy white family welcoming in the poor black kid, the kid with amazing physical talent who is very bad at school, the black kid with an addict mother, the white Christian school who takes him in, the colleges who try to recruit him... you cannot live in this country without strong feelings about all of these things. Nestled next to this story like landmines are numerous lies that white Americans tell themselves to convince themselves that they're not racist. I could feel the mythological drag on this story trying to make Oher something he's not, trying to make him fit into a particular social frame. It's one of the reasons why I doubt I'll ever see the movie: it's difficult to imagine a movie managing to avoid that undertow.

To give Lewis full credit, he fights to keep this story free of its mythology every step of the way, and you can see the struggle in the book. He succeeds best at showing that Oher is not at all dumb, but instead is an extremely intelligent teenager who was essentially never given an opportunity to learn. He also provides a lot of grounding and nuance to Oher's relationship with the Tuohys. They're still in something of a savior role, but it seems partly deserved. And, most importantly, he's very open about the fact that Oher largely didn't talk to anyone about his past, including Lewis, so except for a chapter near the end laying out the information Lewis was able to gather, it's mostly conjecture on the part of the Tuohys and others.

But there is so much buried here, so many fault lines of US society, so many sharp corners of racism and religion and class, that Oher's story just does not fit into Lewis's evolution-of-football narrative. It spills out of the book, surfaces deep social questions that Lewis barely touches on, and leaves so many open questions (including Oher's own voice). One major example: Briarcrest Christian School, the high school Oher played for and the place where he was discovered as a potential NCAA and later professional football player, is a private high school academy formed in 1973 after the desegregation of Memphis schools as a refuge for the children of white supremacists. Lewis describes Oher's treatment as one of only three black children at the school as positive; I can believe that because three kids out of a thousand plays into one kind of narrative. Later, Lewis mentions in passing that the school balked at the applications of other black kids once Oher became famous, and one has to wonder how that might change the narrative for the school's administration and parents. There's a story there that's left untold, and might not be as positive as Oher's reception.

Don't get me wrong: these aren't truly flaws in Lewis's book, because he's not even trying to tell that story. He's telling the story of one exceptional young man who reached college football through a truly unusual set of circumstances, and he tells that story well. I just can't help but look for systems in individual stories, to look for institutions that should have been there for Oher and weren't. Once I started looking, the signs of systemic failures sit largely unremarked beneath nearly every chapter. Maybe this is a Rorschach test of political analysis: do you see an exceptional person rising out of adversity through human charity, or a failure of society that has to be patched around by uncertain chance that, for most people, will fail without ever leaving a trace?

The other somewhat idiosyncratic reaction I had to this book, and the reason why I've put off reading it for so long, is that I now find it hard to read about football. While I've always been happy to watch nearly any sport, football used to be my primary sport as a fan, the one I watched every Sunday and most Saturdays. As a kid, I even kept my own game statistics from time to time, and hand-maintained team regular season standings. But somewhere along the way, the violence, the head injuries, and the basic incompatibility between the game as currently played and any concept of safety for the players got to me. I was never someone who loved the mud and the blood and the aggression; I grew up on the west coast offense and the passing game and watched football for the tactics. But football is an incredibly violent sport, and the story of quarterback sacks, rushing linebackers, and the offensive line is one of the centers of that violence. Lewis's story opens with Joe Theismann's leg injury in 1985, which is one of the most horrific injuries in the history of sport. I guess I don't have it in me to get excited about a sport that does things like that to its players any more.

I think The Blind Side is a bit of a mess as a book, but I'm still very glad that I read it. Oher's story, particularly through Lewis's story-telling lens, is incredibly compelling. I'm just also wary of it, because it sits slightly askew on some of the deepest fault lines in American society, and it's so easy for everyone involved to read things into the story that are coming from that underlying mythology rather than from Oher himself. I think Lewis fought through this whole book to not do that; I think he mostly but did not entirely succeed.

The Tuohys have their own related book (In a Heartbeat), written with Sally Jenkins, that's about their philosophy of giving and charity and looks very, very Christian in a way that makes me doubtful that it will shine a meaningful light on any of the social fault lines that Lewis left unaddressed. But Oher, with Don Yaeger, has written his own autobiography, I Beat the Odds, and that I will read. Given how invested I got in his story through Lewis, I feel an obligation to hear it on his own terms, rather than filtered through well-meaning white people.

I will cautiously recommend this book because it's an amazing story and Lewis tries very hard to do it justice. But I think this is a book worth reading carefully, thinking about who we're hearing from and who we aren't, and looking critically at the things Lewis leaves unsaid.

Rating: 7 out of 10

Planet Linux AustraliaMichael Still: Turmoil


A very readable set of essays from Robyn Williams, the broadcaster of the Australian Science Show, not the comedian. Covering the state of modern science, journalism, the ABC, and whether modern democracy is doomed in an approachable and very readable form. I enjoyed this book greatly. A good Sunday morning and vacation read if you’re into approachable non-fiction.

Turmoil Book Cover Turmoil
Robyn Williams
Newsouth Press

Robyn Williams, presenter of The Science Show on ABC Radio, reveals all in Turmoil, a searingly honest and often blackly funny reflection on his life, friends, the people he loves and loathes, and a multi-faceted career that includes over forty years on radio. Robyn writes frankly about everything, from performing with Monty Python, his impressions of fellow scientists Richard Dawkins and David Attenborough, and his unique insights on climate change and the recent devaluing of science, to frugality and being treated for bowel cancer.


Planet DebianNorbert Preining: OneDrive and directory junctions sync problems

With Dropbox’s end of Linux support I have been on the search for alternatives, as I will quit my Dropbox contract and need to move considerable data to a different provider. Since I am also a Office365 subscriber I get 1Tb of free OneDrive space, which should be usable. With recent updates of the onedrive package in Debian I am maintaining, using it instead of Dropbox has become a feasible alternative. I also started to use OneDrive extensively on the Windows side to sync my Desktop, documents, and my GPS and Map data (history of 20 years of GPS tracks and loads of maps). Advertised all over the internet (eg here, here, here) is a method to use directory junctions to link arbitrary folders by creating a junction in the OneDrive folder that links to the original folder.

As it turns out, this does not work as expected: Assume the following setup

  • There is a folder c:\MyFolder
  • A junction in %UserProfile%\OneDrive\MyFolder pointing to c:\MyFolder

and create a file c:\MyFolder\test.txt. This file is kept in a pending synchronization state and is not properly uploaded to the server.

One can trigger the upload by various methods:

  • pause and restart syncing
  • change/create any file in %UserProfile%\OneDrive\

If a sync is triggered by one of the above, also the pending changes in c:\MyFolder are uploaded, but NOT otherwise.

This did hit me several times because I preferred to have the main folders not in the OneDrive directory, but in their original location. Experimentation turned out that if you do the link source and target switch, so that the actual folder is in the OneDrive directory, and the directory junction wherever you need it, files are correctly synchronized.

For those having the wrong setup already, the following steps allow to switch the direction without triggering a full resync:

  • Wait until OneDrive has synced completely, then exit the program from the notification area;
  • remove the junction with rmdir, this will not remove the original directory;
  • move the original directory into the OneDrive folder;
  • recreate the junction with mklink /j c:\MyFolder %UserProfile%\OneDrive\MyFolder;
  • restart OneDrive.

This should bring you back to fully synchronized state in a very short time, and further changes in either the OneDrive folder or the directory junction will immediately trigger a file sync operation.


TEDThe Next Wave: A night of talks from TED and Zebra Technologies

The Fourth Industrial Revolution is bringing a tsunami of change that will dramatically affect how we interact with and adapt to technology. The ways we choose to ride this wave will determine the shape of our future. Will we use this as an opportunity to solve our most pressing issues, or allow it to become a calamity that divides us?

At TED Salon: The Next Wave, presented by TED and Zebra Technologies and hosted by TED’s Bryn Freedman, five speakers and one performer explored the tools and expertise we’ll harness to build the future.

Does artificial intelligence keep humans from learning too? AI is more and more important in our workplaces, but there’s a big catch, says researcher Matt Beane: it’s threatening our own ability to learn on the job. Beane studies the relationship between humans and AI, and he’s found that, in industries ranging from investment banking to surgery, the story is the same: As tools get more sophisticated, workers (especially people just starting out) get fewer opportunities for hands-on learning, the kind that involves struggle, practice and mentorship. The paradox: That’s the very experience necessary to leverage sophisticated tools. “Organizations are trying harder and harder to get results from AI,” he says, “but we’re handling it in a way that blocks learning on the job.” It’s early days for AI in most fields — though by 2030, half a billion of us will be using it in some way — so Beane’s talk is an important corrective right now. What can be done? He shares a vision that flips the current story into one of distributed, AI-enhanced mentorships that empower everyone to learn and grow wiser. 

Tiana Epps-Johnson shares her work helping local election officials learn the skills and technologies they need to run modern-day elections. (Photo: Ryan Lash / TED)

Empowering local election officials. “Voting is one of the most tangible ways that each and every one of us can shape our communities,” says civic engagement champion Tiana Epps-Johnson. And yet, compared to the rest of the world, the United States has one of the lowest voter turnout rates. Why does the US fall so far behind? Epps-Johnson identifies the main issue as outdated technology. But her approach to fixing this problem is more targeted than simply getting newer technologies out there. She focuses on an important but untapped resource for election modernization: local election officials. These are the people on the ground, the ones who are supposed to make voting the best possible experience for the voters in their counties. Currently, many of them lack the basic skills needed to achieve this goal. Epps-Johnson works with local election officials to train these officials in the skills needed for modern-day elections — such as using social media to get the word out, harnessing data to improve the voting process, or creating and maintaining a website for voters in their county. “If you’re ready to help millions, if you’re ready to close the gap between the system that we have and the system that we deserve, we need you,” Epps-Johnson says.

Automation and its discontents. What’s the future of work? That’s the question that Roy Bahat, head of the venture firm Bloomberg Beta, has spent the past two years trying to answer. He helped lead a wide-ranging project to understand how technology will impact work over the next 10 to 20 years — interviewing AI experts, video game designers, educators, truckers, inmates and everyone in between to identify concerns and emerging trends. In a candid conversation with Bryn Freedman, curator of the TED Institute, Bahat shares insights from his findings, discussing two major themes that surfaced: stability and dignity. First and foremost, Bahat says, people want a stable and secure income. Beyond that, people kept bringing up the idea of dignity — of feeling needed and finding self-worth through work. As automation increases, we need to create respect for work like caregiving and educating — jobs that can’t be replaced by robots, Bahat says. If we can do that, we’ll be prepared for the future of work.

Design technologist James Morley-Smith shares how a challenging family experience helped him come up with a new approach to design. (Photo: Ryan Lash / TED)

Start by thinking about impairments. When design technologist James Morley-Smith’s son Fintan was five months old, he was diagnosed with an eye cancer that eventually led to a complete loss of vision. Fintan, who is “incredibly resilient,” has learned Braille and excels at school and in playing the piano. This last activity led to Morley-Smith’s epiphany — he saw how Fintan’s piano instructor took his impairments into account and decided to teach him songs on only the black keys first so Fintan could use them as anchors for the white keys. In his work at Zebra, Morley-Smith designs for employees who are often in noisy, poorly lit industrial settings and clad in bulky protective gear. By following the black-keys tactic, he’s factoring in users’ limitations from the get-go. By making small changes — such as increasing type size and ensuring that interfaces can be handled easily with gloved fingers — he has increased productivity by up to 20 percent in some cases. Morley-Smith believes we can apply this thinking to every aspect of our lives. “It doesn’t matter what is impairing you from reaching your goals,” he says. “Reframe them so they are no longer a disability, and they might just be the advantage you need.”

Naia Izumi performs his own song, “Soft Spoken,” the elegantly complex tune that won him the 2018 NPR Tiny Desk Contest, during the TED Salon: The Next Wave. (Photo: Ryan Lash / TED)

An electric, genre-bending performance. Singer and guitarist Naia Izumi has had quite a year — while the Georgia native was busking on the streets of Los Angeles, he submitted to the 2018 NPR Tiny Desk Contest, and he won! He’s now busily on tour along the East Coast, and he swung by the TED office to share his winning song. Encouraging the audience to join in the beat, Izumi played his song “Soft Spoken,” a soulful, genre-hopping tune that draws from his personal story and his musical roots, and features his innovative, percussive guitar style under heavenly vocals.

Ensuring our right to cognitive liberty. Brain reading tech is on the horizon, says bioethicist Nita A. Farahany, and we need to be prepared. The technology to translate thoughts is advancing every day; using electroencephalography (EEG) monitors similar to the fitness wristbands that track heart rate and sleep, we can decode thoughts of shapes and numbers — and even track emotional states. Real-world applications of this tech are already in practice globally in the manufacturing, automotive and entertainment industries. While the potential for this technology is groundbreaking and thrilling, Farahany warns of a darker future, in which the government can surveil and criminalize certain thought patterns, and private interests can capture and sell our brain data. The right to cognitive liberty, she says, is a fundamental human right, alongside self-determination and freedom of speech. We need to demand and secure legal protections for our brain data, she concludes, because our right to thought privacy is too important to risk.

TEDHow to radically craft a stage design

It’s Friday afternoon, and TED staffers are cutting and folding strips of white felt, carefully sticking the little strips into grates of chicken wire stapled to wooden frames. On the floor are five large wood panels and some metal pans filled with paint. Just a normal day at TED’s headquarters.

In less than a week, we’re hosting a design salon, Radical Craft, in the TED World Theater at our office in Manhattan. With a theme like Radical Craft, the theater’s usual low-key stage design won’t do. So our design curator Chee Pearlman, working with Rockwell Group and graphic designer Stephen Doyle, collaborated with TED’s theater team to make something entirely new. Their brief: Taking inspiration from the graphic identity that TED’s design team created for the salon (which was, in turn, inspired by a Scott Patt painting), bring something crafty, tactile, and handmade to life on stage. Where the white felt comes in? That’s yet to be seen, but there’s a lot of enthusiasm in the room. Nothing like a craft project on a Friday afternoon.

On Friday afternoon, these TED staffers are cutting, folding and placing strips of felt into a chicken-wire grid.

On Monday morning, when I walk into work, it smells just faintly like fresh paint. The five wooden panels, now standing up on the stage, have been finger-painted with streaks of purple on emerald green, finger marks twisting and swirling from top to bottom. The artist behind the panels, Stephen Doyle, tells me he was inspired by Richard Long’s mud paintings: “He puts mud on the wall with his hands and leaves handprints. It’s very physical and it’s very human. There’s a craft-meets-humanism in the imperfections.” Seeing these panels painted literally by hand, I understand exactly what he means.

And where’s the white felt and chicken wire that we crafted on Friday? It’s standing onstage too, alternating between the painted panels like a lovely vertical bouquet. I tell Chee how incredible the stage looks, and she confides that the theater team, including my coworker Stephen Robbins, were here all weekend trying to get the look right. And they haven’t finished yet.

TED theater’s audio-video technician Stephen Robbins and design curator Chee Pearlman brainstorm over the painted panels. Their goal: to create a warm, handcrafted look for the stage that will also look great on video later on.

Tuesday afternoon. I’m sitting in the theater with Donna Pallotta, Art Director at Rockwell Group, and Laurie House, head of the theater team at TED. Their focus now is on lighting. How can our felt panels be lit and colored to achieve the exact look Donna envisioned? After some trial and error, it’s decided that lighting the felt from behind is the way to go, with Chroma-Q Color Force LED batten range lights that can pulse and change color between each talk.

The jewel-toned light, shining up from the floor, turns the felt into a memorizing, glowing backdrop that creates a sense of depth between the finger-painted flats. Donna examines the scene, hands on hips, her well-trained eye scanning what’s in front of her. When I ask what she’s thinking, she says, “I love the idea that the background can be changeable, and you might have a palimpsest of different lighting.” I watch as the light turns from green to blue to pink. It’s all coming together.

Hot pink lighting turns the swirls of felt into a stunning textured backdrop for the hand-painted panels.

Wednesday midday. It’s the day before the event, and the theater is bustling. Wires are coiled and uncoiled, boxes and carts are moving in and out, and the theater team is running around with the purposeful energy of dress rehearsal day, checking and re-checking every detail. It looks great, but there’s still that minor question hanging in the air: Will all these design choices make sense together when the speakers are on stage and the audience is in their seats?

Thursday night: the design salon. As the audience walks in, they see the stage, with the painted panels, the felt, the lights and the graphics all working together, for the first time as a single cohesive thing. And it looks amazing, a celebration of craft and stagecraft — and also a celebration of what can happen within a week when brilliant minds come together.

As the salon starts, something from David Rockwell (the head of Rockwell Group, whose vision inspired this project) pops into my head. It was his response when I asked what “radical craft” meant to him. “The term ‘craft’ tends to bring to mind a finely wrought object that retains the presence of the maker’s hand. But to us, craft is really a collaborative process,” he said. “Craft is about groups of people solving big challenges on the fly and creating the unexpected out of simplicity.”

During the show, the conference graphic is projected on the side walls of the theater. Inspired by a Scott Patt painting, the graphic in turn inspired the multi-layered stage design — which looks great both live and on video behind the band Crush Club.

TEDSociety 5.0: Talks from TED and Samsung

Carmel Coscia, vice president of B2B marketing for Samsung Electronics America, welcomes the audience to TEDSalon: Society 5.0, held at Samsung’s 837 Space in New York, September 26, 2018. (Photo: Ryan Lash / TED)

We live in an interconnected world where boundaries between physical and digital spaces are blurring. We can no longer think about innovation in isolation, but must consider how emerging technologies — like artificial intelligence, augmented reality, the Internet of Things, 5G networks, robotics and the decentralized web — will combine to create (we hope!) a super-smart society.

At TEDSalon: Society 5.0, presented by TED and Samsung, seven leaders and visionaries explored the new era of interconnectivity and how it will reshape our world.

Do you know how your data is being used? We tap on apps and devices all day long, not quite grasping that our usage is based on a “power imbalance,” says Finn Lützow-Holm Myrstad, director of digital policy at the Norwegian Consumer Council. Most of us automatically click “yes” to terms and conditions without realizing we have agreed to let companies collect our personal information and use it on a scale we could never imagine, he explains. To demonstrate, Myrstad introduces Cayla, a Bluetooth-connected doll. According to Cayla’s terms, its manufacturer can use the recordings of children and relatives who play with the doll for advertising, and any information it gathers can be shared with third parties. Myrstad and his team also looked at the terms for a dating app, finding that users had unwittingly forked over their entire dating history — photos, chats and interactions — to the app creator forever. After the Council’s investigations, Cayla was pulled from retailers and the app changed its policies, but as Myrstad points out, “Organizations such as mine … can’t be everywhere, nor can consumers fix this on their own.” Correcting the situation requires ongoing vigilance and intention. Companies must prioritize trust, and governments should constantly update and enforce rules. For the rest of us, he says: “Be the voice that constantly reminds the world that technology will only truly benefit society if it respects basic rights.”

Aruna Srinivasan, executive director for the mobile communication trade group GSMA, believes the Internet of Things will improve our quality of life — from tackling pollution to optimizing food production. She speaks at TEDSalon: Society 5.0. (Photo: Ryan Lash / TED)

How the Internet of Things is solving real problems. You’re surrounded by things connected to the internet — from cars and smart elevators to parking meters and industrial machines used for manufacturing. How can we use the data created by all of these connected devices to make the world safer and healthier? Aruna Srinivasan, executive director at the mobile communication trade group GSMA, shows how the Internet of Things (IoT) is helping to solve two pressing issues: pollution and food production. Using small IoT-connected sensors on garbage trucks in London, Srinivasan and her team created a detailed map showing pollution hotspots and the times of day when pollution was worst. Now, the data is helping the city introduce new traffic patterns, like one-way streets, and create bicycle paths outside of the most highly polluted areas. In the countryside, IoT-enabled sensors are being used to measure soil moisture, pH and other crop conditions in real time. Srinivasan and her team are working with China Agricultural University, China Mobile and Rothamsted Research to use the information gathered by these sensors to improve the harvest of grapes and wheat. The goal: help farmers be more precise, increasing food production while preventing things like water scarcity. “The magic of the IoT comes from the health and security it can provide us,” Srinivasan says. “The Internet of Things is going to transform our world and change our lives for the better.”

Web builder Tamas Kocsis is developing his own internet: a decentralized network powered and secured by the people. He speaks at TEDSalon: Society 5.0. (Photo: Ryan Lash / TED)

Internet by the people, for the people. Web builder Tamas Kocsis is worried about the future of the internet. In its current form, he says, the internet is trending toward centralization: large corporations are in control of our digital privacy and access to information. What’s more, these gatekeepers are vulnerable to attacks and surveillance, and they make online censorship easier. In China, for instance, where the government tightly controls its internet, web users are prohibited from criticizing the government or talking about protests. And the recent passage of EU copyright directive Article 13, which calls for some platforms to filter user-generated content, could limit our freedom to openly blog, discuss, share and link to content. In 2015, Kocsis began to counteract this centralization process by developing an alternative, decentralized network called ZeroNet. Instead of relying on centralized hosting companies, ZeroNet — which is powered by free and open-source software — allows users to help host websites by directly downloading them onto their own servers. The whole thing is secured by public key cryptography, ensuring no one can edit the websites but their owners — and protecting them from being taken down by one central source. In 2017, China began making moves to block Kocsis’s network, but that hasn’t deterred him, he says: “Building a decentralized network means creating a safe harbor, a space where the rules are not written by political parties and big corporations, but by the people.”

The augmented reality revolution. Entrepreneur Brian Mullins believes augmented reality (AR) is a more important technology than the internet — and even the printing press — because of the opportunities it offers for revolutionizing how we work and learn. At a gas turbine power plant in 2017, Mullins saw that when AR programs replaced traditional training measures, workers slashed their training and work time from 15.5 hours to an average of 50 minutes. Mullins predicts AR will bring a cognitive literacy to the world, helping us transition to new careers and workplaces and facilitating breakthroughs in the arts and sciences. Ultimately, Mullins says, AR won’t just change how we work — it’ll change the fundamentals of how we live.

MAI LAN rocks the stage with a performance of two songs, “Autopilote” and “Pumper,” at TEDSalon: Society 5.0. (Photo: Ryan Lash / TED)

A genre-bending performance. During a musical interlude, French-Vietnamese artist MAI LAN holds the audience rapt with a performance of “Autopilote” and “Pumper.” Alternating between French and English lyrics, lead singer Mai-Lan Chapiron sings over diffuse electronic beats and circular synths, bringing her cool charisma to the stage.

Researcher Kate Darling asks: What can our interactions with robots teach us about what it means to be human? She speaks at TEDSalon: Society 5.0. (Photo: Ryan Lash / TED)

Robotic reflections of our humanity. We’re far from developing robots that feel emotions, but we already feel for them, says researcher Kate Darling — and an instinct like that can have consequences. We’re biologically hardwired to project intent and life onto any movement that seems autonomous to us, which sometimes makes it difficult to treat machines (like a Roomba) any differently from the way we treat our own pets. But this emotional connection to robots, while illogical, could prove useful in better understanding ourselves. “My question for the coming era of human-robot interaction is not: ‘Do we empathize with robots?'” Darling says. “It’s: ‘Can robots change people’s empathy?'”

Humans belong in the digital future. Author, documentarian and technologist Douglas Rushkoff isn’t giving up on humans just yet. He believes humans deserve a place in the digital future, but he worries that the future has become “something we bet on in a zero-sum, winner-takes-all competition,” instead of something we work together to create. Humans, it sometimes seems to him, are no longer valued for their creativity but for their data; as he frames it, we’ve been conditioned to see humanity as the problem and technology as the solution. Instead, he urges us to focus on making technology work for us and our future, not the other way around. Believing in the potential and value of humans isn’t about rejecting technology, he says — it’s about bringing key values of our pre-digital world into the future with us. “Join Team Human. Find the others,” Rushkoff says. “Together let’s make the future that we always wanted.”

TEDRadical Craft: An electrifying evening of talks from the TED World Theater

TED’s Chee Pearlman (right) and Stephen DeBerry welcome the audience to the TED salon Radical Craft, held on November 8, 2018, at the TED World Theater in New York City. (Photo: Ryan Lash / TED)

Craft — in the timeless, universal sense of making — connects us all. We craft our environments, our tools and toys, our transport and communications, our world.

At Radical Craft — an evening of talks curated by TED’s design curator, Chee Pearlman, and co-hosted by Pearlman and Stephen DeBerry — seven designers, inventors, artists, musicians and storytellers took to the stage at the TED World Theater. They explored the world of radical making — and shared the beautiful, strange, puzzling and joyful  experiences they found there.

Stephen Doyle leads a double life: by day, he runs a much-lauded design firm, and after hours, he is the maker of radically inventive art. (Photo: Ryan Lash / TED)

A graphic designer who plays with words. Editors and designers are sometimes seen as belonging to separate tribes: the former speaks in the language of words, while the latter communicates in images. Stephen Doyle, a New York City–based graphic designer, happens to be bilingual — and his home is the spot on the Venn diagram where the two camps overlap. “I lift the words off the page and bring them into the three-dimensional world that we live in,” he says. This could mean making the letters on the cover of a Vladimir Nabokov book look like pinned specimens, slyly alluding to the author’s butterfly-hunting habit. Or, to mark the 75th anniversary of the 19th Amendment that gave women the right to vote, blowing up the letters of one of its sentences to be eight feet high, and pasting them on the floor of Grand Central Station for commuters to walk on and absorb. Doyle also delights in cutting up the words from books and reconfiguring them: a paper tank of text rises from the pages of Machiavelli’s The Prince, while a cloud of contagious prose is emitted from Albert Camus’s The Plague. “I get to build sculptures that ask questions, making monuments to language to focus on the profound power and incredible importance of words,” Doyle says, “because words matter.”

Perspective of the world from an astronaut’s point of view. What job is best for a young man who’s been a tennis ace, a cross-country traveler, a chemistry nerd and an NFL draftee? Why obviously: an astronaut. When he was a kid, Leland Melvin never thought he’d be “one of those moon guys,” but as he was presented new opportunities — each grander than the next — he began to see his world open up in the most magnificent ways. By accepting each challenge with an open mind, passion and curiosity, Melvin has lived a storied life on Earth — and in orbit, among the stars in the International Space Station. Traveling at 17,500 miles per hour (and watching the sunrise and sunset every 45 minutes) brought a holistic point of view to his life, one that he’s looking to share. On the TED stage, Melvin urges others to join him in broadening their horizons and appreciating the ways we’re all connected on Earth. “Perspective is something that we all get, that we all have,” he says. “It’s just how far do we open up our blinders to see that shift and change.”

Crush Club brought their funk-inflicted dance pop, driven by groovy guitar riffs and a chic vibe. (Photo: Ryan Lash / TED)

A fusion of funk, pop and Latin rhythms. On the heels of the Salon’s heady opening half hour, New York City’s Crush Club lay down some earthy, Studio 54-infused funk frosted with soaring falsetto vocals. Playing three songs — “My Man,” their new single “Trust” and “We Dance” — the band noticeably raises the temperature in the TED theater. New York-based DJ Jerome keeps the show moving with some electro-acoustic sampling, spinning tunes over the course of whole evening.

Gabby Rivera, the author of Marvel’s America Chavez series, is redefining the concept of superheroes. “That myth of having to go it alone and be tough is not serving us,” she says. (Photo: Ryan Lash / TED)

The superhero we need right now. With Marvel’s America Chavez, writer Gabby Rivera is penning a new kind of superhero — one that reflects the faces of her community in the Bronx and the idea that “soft is the new super.” Informed by her own childhood as a queer Latina in New York City surrounded by strong Puerto Rican women, Rivera built a narrative that resonates with people on the margins, slipping “love notes to [America] and all the other queer kids of color trying to be magnificent.” Throughout the series, Rivera has intentionally made space for America’s (super)humanity, giving her something she says the women of her family never had: the permission to be soft. So, while America is out punching Nazis and fighting off evil corporations, her mentors encourage her to take time to quiet her mind and teach her that asking for help is not weakness. “That myth of having to go it alone and be tough is not serving us,” Rivera says. “Even America Chavez, a whole entire superhero, needed a team of support to find herself … It’s that space where softness and vulnerability meet strength that we transcend our everyday selves.”

The strange, intellectually masochistic and incredibly joyful world of puzzles. What do a video of a chicken-suit-wearing dancer, crowds of LEGO people looking at LEGO versions of famous artworks, and the replica of a WWII cryptographic device built out of cardboard have in common? They’re all examples of the diabolically difficult puzzles in what Alex Rosenthal calls “the Olympics meets Burning Man” for super-nerds: the MIT Mystery Hunt. A marathon puzzle-solving competition, the MIT Mystery Hunt takes place over dozens of sleepless hours, with teams drawn from more than 2,000 scientists, explorers, composers, cryptographers and other thinkers. The teams gather to extract information buried within a puzzle that is “obtuse enough to make you work for it, but elegant enough so that you can get to the ‘aha’ moment where everything clicks into place,” says Rosenthal. It’s this “aha” moment — an almost physical high inspired by a instant mental clarity — that is the true prize of the competition. Humans love puzzles, but solving a challenging conundrum brings us more than mere satisfaction. According to Rosenthal, successful puzzles help build teams, reveal new perspectives, expand your mind — and just may infuse your world with more joy.

Architect Débora Mesa Molina uses standard elements in nonstandard ways, rethinking how overlooked materials can be made into architecture. (Photo: Ryan Lash / TED)

Radical architecture. Architect Débora Mesa Molina and her firm Ensamble Studio transform prosaic, undervalued, overlooked materials into breathtaking bespoke structures. Architecture is a balance between following the rules and making room for experimentation, Mesa Molina says — a mixture that characterizes many of her firm’s projects. A cultural building in Santiago de Compostela, for instance, incorporates scavenged chunks of industrial granite — a material required by the city’s building codes — into a bustling urban park. Mesa Molina employed a similar approach for her family’s home in Madrid, using industrial materials to create a comfortable and cozy feel. When the family moved across the Atlantic to Brookline, Massachusetts, they again became their own clients, building a family home from parts they prefabricated themselves from low-cost materials, transforming a parking structure into a home. Mesa Molina finishes her talk with a stunning look at Ensamble’s recent project for the Tippet Rise Art Center, just completed on a 10,000-acre ranch in Montana. Their vision? To create a constellation of spaces across the land, meant to immerse visitors in the surrounding wilderness. “By using the resources at our disposal in radical ways, by making a space for experimentation, we are able to bring to light architectures that find the beauty latent in the raw and imperfect things that surround us,” she says, “that elevate them and let them speak their own language.”

CryptogramDistributing Malware By Becoming an Admin on an Open-Source Project

The module "event-stream" was infected with malware by an anonymous someone who became an admin on the project.

Cory Doctorow points out that this is a clever new attack vector:

Many open source projects attain a level of "maturity" where no one really needs any new features and there aren't a lot of new bugs being found, and the contributors to these projects dwindle, often to a single maintainer who is generally grateful for developers who take an interest in these older projects and offer to share the choresome, intermittent work of keeping the projects alive.

Ironically, these are often projects with millions of users, who trust them specifically because of their stolid, unexciting maturity.

This presents a scary social-engineering vector for malware: A malicious person volunteers to help maintain the project, makes some small, positive contributions, gets commit access to the project, and releases a malicious patch, infecting millions of users and apps.

Worse Than FailureProject Scheduling by T-Shirt

In early 2002, Bert landed a job at Initech, which released its own protocol analyzer tool. Technically, they released a whole slate of protocol analyzers, data loggers, analytics tools, with overlapping features and business cases. Their product catalog had grown over the years, and was a bit of a thicket.

The team Bert joined was a decent mix of talent. Some, like him, were new to the industry. There were some more experienced devs, who knew the product and the low-level internals their software needed to navigate. And then there was Herb.

Herb was every stereotype of the 70s era hacker, aged up into the 00s. He had a collection of buckling spring keyboards, thought 64k of RAM was an incomprehensibly large amount, could code Assembly faster than most of the rest of the team could do C, and he knew every line of code in every product, and knew exactly what it did and why it was there.

Jack, the team's project lead, was Herb's polar opposite. Young, with a shiny new MBA, a focus on the kind of networking skills that didn't involve CAT5 cable, and absolutely no useful knowledge about anything. "Our team exists to serve the business," Jack was fond of saying. "So whatever the business needs, we do. No. Matter. What."

The business decided that their complicated product catalog was hurting their sales. Customers were confused about which product to purchase, some tools were receiving barely any updates, and there really wasn't enough opportunity to "upsell" additional functionality, since every product already had more functionality than most users needed. As part of this process, two older protocol analyzers and an unrelated data logger would be merged into a single product.

Well, the business needed something, and Jack was confident that his team would make it happen. Since this was "just" merging software together, it couldn't possibly be all that much work. It was nothing more than some mechanical repackaging, a little tweaking, and the biggest part of the work was probably updating the help files. Jack didn't need to talk to anyone on the development team to decide how they were going to serve the business.

The new product, Initech's INILYZER, would release in four months. Since it was replacing three existing products, those could be put into end-of-life. Since the INILYZER was definitely coming out in four months, they could be EOLed in four months as well.

Jack's next task was to communicate this to his team at the project kickoff meeting. Jack loved to turn project kickoffs into his own personal motivational speaking exercise, because "That's how you build team morale!" So the kickoff meeting launched with dramatic intro music (provided by a tiny CD player in the corner), a rousing speech, and then the pièce de résistance: freshly made t-shirts for the whole team, emblazoned with: "The INILYZER: August 30, 2002"

August 30th was Jack's predetermined release date.

"Well," Jack said, gleefully doing his best impression of a stadium t-shirt cannon, "does anyone have any questions before we go out and totally crush this awesome project?"

Most of the team cringed, except for Herb. He held up a shirt and pointed at the date. "Yeah. Where'd this timeline come from?"

"It's driven by business need," Jack said.

"Okay, but you're never going to hit this date."

"Um, Herb, we're doers at this company. We have a date, and we are going to hit that date."

This meeting was on a Friday. Over the weekend, Bert and the rest of the team chucked their t-shirts into the rag pile and basically forgot about them. But not Herb. On Monday, Herb walked into the office, proudly wearing his project shirt.

With a small modification, scratched in with red marker. It now read: "The INILYZER: August 30, 20023".

Jack didn't notice it until about 10AM, and when he did, it prompted a meltdown. He started screaming at Herb about insubordination, respect, and team spirit. "I want that shirt off, right now! Or you're fired!"

"I didn't bring anything to change into," Herb said.

Jack stomped off, fuming.

The project continued. August 30th came and went. Summer turned to autumn, autumn into winter. Six months after officially EOLing major products without having a replacement ready to go, there was a management purge throughout the company. Jack got fired, and there was much rejoicing.

Jack's replacement was Emma. It didn't take long for Emma to get a read for the new team, understand the source of the mess, and start working to get it as cleaned up as it could. When upper management started looking at Bert's team as another possible cut, it was Emma who made sure they understood that they were doing the best they could with an unrealistic timeline. Nobody else from the team got fired.

August 30th, 2003, the Initech INILYZER shipped. Emma, having heard about the now infamous t-shirt story, had a small plaque made up to celebrate Herb's accuracy.

Of course, with the unrealistic timeline, unrealistic goals, and management problems, the INILYZER shipped as a pile of barely usable crap. As it turns out, pretty much no customer wanted those products glued together in any way, making the whole effort pointless. It was a technical and commercial flop. The project to replace it started the very same day as its release.

Emma was the PM. Unlike her predecessor, she talked with the developers, especially the most experienced team members, to figure out what the timeline and scope actually were. The project kickoff involved no t-shirts.

[Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

Planet DebianDirk Eddelbuettel: RcppArmadillo

armadillo image

A new RcppArmadillo release arrived at CRAN overnight. The version is a minor upgrade and based on the new Armadillo bugfix release 9.200.5 from yesterday. I also just uploaded the Debian version.

Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 539 other packages on CRAN.

This release just brings one upstream bug fix, see below for details.

Changes in RcppArmadillo version (2018-11-09)

  • Upgraded to Armadillo release 9.200.5 (Carpe Noctem)

Courtesy of CRANberries, there is a diffstat report relative to previous release. More detailed information is on the RcppArmadillo page. Questions, comments etc should go to the rcpp-devel mailing list off the R-Forge page.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Planet DebianDaniel Lange: Security is hard, open source security unnecessarily harder

Now it is a commonplace that security is hard. It involves advanced mathematics and a single, tiny mistake or omission in implementation can spoil everything.

And the only sane IT security can be open source security. Because you need to assess the algorithms and their implementation and you need to be able to completely verify the implementation. You simply can't if you don't have the code and can compile it yourself to produce a trusted (ideally reproducible) build. A no-brainer for everybody in the field.

But we make it unbelievably hard for people to use security tools. Because these have grown over decades fostered by highly intelligent people with no interest in UX.
"It was hard to write, so it should be hard to use as well."
And then complain about adoption.

PGP / gpg has received quite some fire this year and the good news is this has resulted in funding for the sole gpg developer. Which will obviously not solve the UX problem.

But the much worse offender is OpenSSL. It is so hard to use that even experienced hackers fail.

IRC wallop on hackint

Now, securely encrypting a mass communication media like IRC is not possible at all. Read Trust is not transitive: or why IRC over SSL is pointless1.
Still it makes wiretapping harder and that may be a good thing these days.

LibreSSL has forked the OpenSSL code base "with goals of modernizing the codebase, improving security, and applying best practice development processes". No UX improvement. A cleaner code for the chosen few. Duh.

I predict the re-implementations and gradual improvement scenarios will fail. The nearly-impossible-to-use-right situation with both gpg and (much more importantly) OpenSSL cannot be fixed by gradual improvements and however thorough code reviews.

Now the "there's an App for this" security movement won't work out on a grand scale either:

  1. Most often not open source. Notable exceptions: ChatSecure, TextSecure.
  2. No reference implementations with excellent test servers and well documented test suites but products. "Use my App.", "No, use MY App!!!".
  3. Only secures chat or email. So the VC-powered ("next WhatsApp") mass-adoption markets but not the really interesting things to improve upon (CA, code signing, FDE, ...).
  4. While everybody is focusing on mobile adoption the heavy lifting is still on servers. We need sane libraries and APIs. No App for that.

So we need a new development, a new code, a new open source product. Sadly so the Core Infrastructure Initiative so far only funds existing open source projects in dire needs and people bug hunting.

It basically makes the bad solutions of today a bit more secure and ensures maintenance of decade old crufty code bases. That way it extends the suffering of everybody using the inadequate solutions of today.

That's inevitable until we have a better stack but we need to look into getting rid of gpg and OpenSSL and replacing it with something new. Something designed well from the ground up, technically and from a user experience perspective.

Now who's in for a five year funding plan? $2m annually. ROCE 0. But a very good chance to get the OBE awarded.

Keep calm and enjoy the silence


28.11.18: Changed the Quakenet link on why encrypting IRC is useless to an one as they have removed the original content.

13.03.17: Chris Wellons writes about why GPG is a failure and created a small portable application Enchive to replace it for asymmetric encryption.

24.02.17: Stefan Marsiske has written a blog article: On PGP. He argues about adversary models and when gpg is "probably" 2 still good enough to use. To me a security tool can never be a sane choice if the UI is so convoluted that only a chosen few stand at least a chance of using it correctly. Doesn't matter who or what your adversary is.
Stefan concludes his blog article:

PGP for encryption as in RFC 4880 should be retired, some sunk-cost-biases to be coped with, but we all should rejoice that the last 3-4 years had so much innovation in this field, that RFC 4880 is being rewritten[Citation needed] with many of the above in mind and that hopefully there'll be more and better tools. [..]

He gives an extensive list of tools he considers worth watching in his article. Go and check whether something in there looks like a possible replacement for gpg to you. Stefan also gave a talk on the OpenPGP conference 2016 with similar content, slides.

14.02.17: James Stanley has written up a nice account of his two hour venture to get encrypted email set up. The process is speckled with bugs and inconsistent nomenclature capable of confusing even a technically inclined person. There has been no progress in the last ~two years since I wrote this piece. We're all still riding dead horses. James summarizes:

Encrypted email is nothing new (PGP was initially released in 1991 - 26 years ago!), but it still has a huge barrier to entry for anyone who isn't already familiar with how to use it.

04.09.16: Greg Kroah-Hartman ends an analysis of the Evil32 PGP keyid collisions with:

gpg really is horrible to use and almost impossible to use correctly.

Scott Ruoti, Jeff Andersen, Daniel Zappala and Kent Seamons of BYU, Utah, have analysed the usability [local mirror, 173kB] of Mailvelope, a webmail PGP/GPG add-on based on a Javascript PGP implementation. They describe the results as "disheartening":

In our study of 20 participants, grouped into 10 pairs of participants who attempted to exchange encrypted email, only one pair was able to successfully complete the assigned tasks using Mailvelope. All other participants were unable to complete the assigned task in the one hour allotted to the study. Even though a decade has passed since the last formal study of PGP, our results show that Johnny has still not gotten any closer to encrypt his email using PGP.

  1. Quakenet has removed that article citing "near constant misrepresentation of the presented argument" sometime in 2018. The contents (not misrepresented) are still valid so I have added and Wayback machine link instead. 

  2. Stefan says "probably" five times in one paragraph. Probably needs an editor. The person not the application. 

CryptogramPropaganda and the Weakening of Trust in Government

On November 4, 2016, the hacker "Guccifer 2.0,: a front for Russia's military intelligence service, claimed in a blogpost that the Democrats were likely to use vulnerabilities to hack the presidential elections. On November 9, 2018, President Donald Trump started tweeting about the senatorial elections in Florida and Arizona. Without any evidence whatsoever, he said that Democrats were trying to steal the election through "FRAUD."

Cybersecurity experts would say that posts like Guccifer 2.0's are intended to undermine public confidence in voting: a cyber-attack against the US democratic system. Yet Donald Trump's actions are doing far more damage to democracy. So far, his tweets on the topic have been retweeted over 270,000 times, eroding confidence far more effectively than any foreign influence campaign.

We need new ideas to explain how public statements on the Internet can weaken American democracy. Cybersecurity today is not only about computer systems. It's also about the ways attackers can use computer systems to manipulate and undermine public expectations about democracy. Not only do we need to rethink attacks against democracy; we also need to rethink the attackers as well.

This is one key reason why we wrote a new research paper which uses ideas from computer security to understand the relationship between democracy and information. These ideas help us understand attacks which destabilize confidence in democratic institutions or debate.

Our research implies that insider attacks from within American politics can be more pernicious than attacks from other countries. They are more sophisticated, employ tools that are harder to defend against, and lead to harsh political tradeoffs. The US can threaten charges or impose sanctions when Russian trolling agencies attack its democratic system. But what punishments can it use when the attacker is the US president?

People who think about cybersecurity build on ideas about confrontations between states during the Cold War. Intellectuals such as Thomas Schelling developed deterrence theory, which explained how the US and USSR could maneuver to limit each other's options without ever actually going to war. Deterrence theory, and related concepts about the relative ease of attack and defense, seemed to explain the tradeoffs that the US and rival states faced, as they started to use cyber techniques to probe and compromise each others' information networks.

However, these ideas fail to acknowledge one key differences between the Cold War and today. Nearly all states -- whether democratic or authoritarian -- are entangled on the Internet. This creates both new tensions and new opportunities. The US assumed that the internet would help spread American liberal values, and that this was a good and uncontroversial thing. Illiberal states like Russia and China feared that Internet freedom was a direct threat to their own systems of rule. Opponents of the regime might use social media and online communication to coordinate among themselves, and appeal to the broader public, perhaps toppling their governments, as happened in Tunisia during the Arab Spring.

This led illiberal states to develop new domestic defenses against open information flows. As scholars like Molly Roberts have shown, states like China and Russia discovered how they could "flood" internet discussion with online nonsense and distraction, making it impossible for their opponents to talk to each other, or even to distinguish between truth and falsehood. These flooding techniques stabilized authoritarian regimes, because they demoralized and confused the regime's opponents. Libertarians often argue that the best antidote to bad speech is more speech. What Vladimir Putin discovered was that the best antidote to more speech was bad speech.

Russia saw the Arab Spring and efforts to encourage democracy in its neighborhood as direct threats, and began experimenting with counter-offensive techniques. When a Russia-friendly government in Ukraine collapsed due to popular protests, Russia tried to destabilize new, democratic elections by hacking the system through which the election results would be announced. The clear intention was to discredit the election results by announcing fake voting numbers that would throw public discussion into disarray.

This attack on public confidence in election results was thwarted at the last moment. Even so, it provided the model for a new kind of attack. Hackers don't have to secretly alter people's votes to affect elections. All they need to do is to damage public confidence that the votes were counted fairly. As researchers have argued, "simply put, the attacker might not care who wins; the losing side believing that the election was stolen from them may be equally, if not more, valuable."

These two kinds of attacks -- "flooding" attacks aimed at destabilizing public discourse, and "confidence" attacks aimed at undermining public belief in elections -- were weaponized against the US in 2016. Russian social media trolls, hired by the "Internet Research Agency," flooded online political discussions with rumors and counter-rumors in order to create confusion and political division. Peter Pomerantsev describes how in Russia, "one moment [Putin's media wizard] Surkov would fund civic forums and human rights NGOs, the next he would quietly support nationalist movements that accuse the NGOs of being tools of the West." Similarly, Russian trolls tried to get Black Lives Matter protesters and anti-Black Lives Matter protesters to march at the same time and place, to create conflict and the appearance of chaos. Guccifer 2.0's blog post was surely intended to undermine confidence in the vote, preparing the ground for a wider destabilization campaign after Hillary Clinton won the election. Neither Putin nor anyone else anticipated that Trump would win, ushering in chaos on a vastly greater scale.

We do not know how successful these attacks were. A new book by John Sides, Michael Tesler and Lynn Vavreck suggests that Russian efforts had no measurable long-term consequences. Detailed research on the flow of news articles through social media by Yochai Benker, Robert Farris, and Hal Roberts agrees, showing that Fox News was far more influential in the spread of false news stories than any Russian effort.

However, global adversaries like the Russians aren't the only actors who can use flooding and confidence attacks. US actors can use just the same techniques. Indeed, they can arguably use them better, since they have a better understanding of US politics, more resources, and are far more difficult for the government to counter without raising First Amendment issues.

For example, when the Federal Communication Commission asked for comments on its proposal to get rid of "net neutrality," it was flooded by fake comments supporting the proposal. Nearly every real person who commented was in favor of net neutrality, but their arguments were drowned out by a flood of spurious comments purportedly made by identities stolen from porn sites, by people whose names and email addresses had been harvested without their permission, and, in some cases, from dead people. This was done not just to generate fake support for the FCC's controversial proposal. It was to devalue public comments in general, making the general public's support for net neutrality politically irrelevant. FCC decision making on issues like net neutrality used to be dominated by industry insiders, and many would like to go back to the old regime.

Trump's efforts to undermine confidence in the Florida and Arizona votes work on a much larger scale. There are clear short-term benefits to asserting fraud where no fraud exists. This may sway judges or other public officials to make concessions to the Republicans to preserve their legitimacy. Yet they also destabilize American democracy in the long term. If Republicans are convinced that Democrats win by cheating, they will feel that their own manipulation of the system (by purging voter rolls, making voting more difficult and so on) are legitimate, and very probably cheat even more flagrantly in the future. This will trash collective institutions and leave everyone worse off.

It is notable that some Arizonan Republicans -- including Martha McSally -- have so far stayed firm against pressure from the White House and the Republican National Committee to claim that cheating is happening. They presumably see more long term value from preserving existing institutions than undermining them. Very plausibly, Donald Trump has exactly the opposite incentives. By weakening public confidence in the vote today, he makes it easier to claim fraud and perhaps plunge American politics into chaos if he is defeated in 2020.

If experts who see Russian flooding and confidence measures as cyberattacks on US democracy are right, then these attacks are just as dangerous -- and perhaps more dangerous -- when they are used by domestic actors. The risk is that over time they will destabilize American democracy so that it comes closer to Russia's managed democracy -- where nothing is real any more, and ordinary people feel a mixture of paranoia, helplessness and disgust when they think about politics. Paradoxically, Russian interference is far too ineffectual to get us there -- but domestically mounted attacks by all-American political actors might.

To protect against that possibility, we need to start thinking more systematically about the relationship between democracy and information. Our paper provides one way to do this, highlighting the vulnerabilities of democracy against certain kinds of information attack. More generally, we need to build levees against flooding while shoring up public confidence in voting and other public information systems that are necessary to democracy.

The first may require radical changes in how we regulate social media companies. Modernization of government commenting platforms to make them robust against flooding is only a very minimal first step. Up until very recently, companies like Twitter have won market advantage from bot infestations -- even when it couldn't make a profit, it seemed that user numbers were growing. CEOs like Mark Zuckerberg have begun to worry about democracy, but their worries will likely only go so far. It is difficult to get a man to understand something when his business model depends on not understanding it. Sharp -- and legally enforceable -- limits on automated accounts are a first step. Radical redesign of networks and of trending indicators so that flooding attacks are less effective may be a second.

The second requires general standards for voting at the federal level, and a constitutional guarantee of the right to vote. Technical experts nearly universally favor robust voting systems that would combine paper records with random post-election auditing, to prevent fraud and secure public confidence in voting. Other steps to ensure proper ballot design, and standardize vote counting and reporting will take more time and discussion -- yet the record of other countries show that they are not impossible.

The US is nearly unique among major democracies in the persistent flaws of its election machinery. Yet voting is not the only important form of democratic information. Apparent efforts to deliberately skew the US census against counting undocumented immigrants show the need for a more general audit of the political information systems that we need if democracy is to function properly.

It's easier to respond to Russian hackers through sanctions, counter-attacks and the like than to domestic political attacks that undermine US democracy. To preserve the basic political freedoms of democracy requires recognizing that these freedoms are sometimes going to be abused by politicians such as Donald Trump. The best that we can do is to minimize the possibilities of abuse up to the point where they encroach on basic freedoms and harden the general institutions that secure democratic information against attacks intended to undermine them.

This essay was co-authored with Henry Farrell, and previously appeared on Motherboard, with a terrible headline that I was unable to get changed.


Planet DebianReproducible builds folks: Reproducible Builds: Weekly report #187

Here’s what happened in the Reproducible Builds effort between Sunday November 18 and Saturday November 24 2018:

Packages reviewed and fixed, and bugs filed

Test framework development

There were a number of updates to our Jenkins-based testing framework that powers this week, including:

  • Chris Lamb:
    • Add support for calculating a PureOS package set. []
  • Eli Schwartz:
    • Provide an even-better explanation for a sed(1) command in the Archlinux support. []
  • Jelle van der Waa:
    • Set LANG/LC_ALL in build 1 in the Archlinux support. []
  • Niko Tyni:
  • Simon McVittie:
  • Holger Levsen:
    • Explicitly also install GnuPG. []
    • Perform some node maintenance. []
    • reviewed, merged and deployed the above commits.

This week’s edition was written by Bernhard M. Wiedemann, Chris Lamb, Vagrant Cascadian & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Worse Than FailureA Big Change

Circa 2009, Marylou took a position at an e-commerce firm. It was a small company, which had done its startup phase right in the midst of the DotCom Crash, but somehow made it out the other end with a steady revenue stream.

That itself turned out to be a problem, as once you turn a profit, investors stop investing. The company founders spent the next few years looking for investment to expand, and when they finally got it, they went on a hiring spree. That's where Marylou came in.

The company had been founded by developers, but over the years, they took on more and more leadership responsibilities, and handed off the development responsibilities to Joel. Joel was Marylou's new boss.

"So, the first thing you'll want to do is install our CVS client and our Eclipse plugin," Joel explained, working with Marylou to get her development box set up.

Marylou reached for the Eclipse plugin manager and started searching for a CVS plugin.

"No, no," Joel said. "Our CVS client and plugin. I forked CVS so we can use a customized version."

Marylou paused, waiting for the punchline. Joel took this silence as an opportunity to steal the mouse and start clicking around on her machine for her. "Y'see, we needed a system that let us easily stage releases before going into production. So I built one."

"Um… most organizations use a separate tool that sits on top of source control for that."

"Yeah, but this way, it's integrated!"

Once Marylou was set up, and had the code pulled to her machine, Joel started showing off some of his "clever" solutions. "Like, I wrote this using recursion!"

while(someMethod()) { // Do bunch of stuff }

"That… that isn't recursion," Marylou said.

"Well, it's like recursion."

"Right. So… what should I start working on?"

Joel pointed her to a configuration tool he'd built. Instead of building an admin page into the web UI ("That'd be too risky to expose to the Internet!"), he'd written a Java Swing GUI which connected directly to the database. It was a mess of tabs, most of which looked basically identical, did basically the same thing, but were just different enough to absolutely confuse and befuddle any user.

"So, we just need to change the behavior a little bit when someone clicks the save button," Joel explained. The change was a small alteration to one of the verification rules.

Marylou made the change that afternoon, and fired up the application to test. She quickly discovered that she hadn't made the change she thought she had. During Joel's tour of the code and highlights of the bits she'd need to change, she had gotten the absurd idea that all these panels shared a common codebase and inherited from a base class. That, of course, was a crazy idea. Joel had written the code to power one panel, and then copy/pasted it into the next panel, with minor changes. Rinse, repeat, and suddenly you've got a UI with 15 panels that all basically do the same thing but use copy/pasted variations on the code. To change the behavior of the save button required going to each and every panel and making the change. In total, there were 30,000 lines of code that were essentially duplicates of each other.

Marylou made the change, and got it set up through the broken CVS staging system for review. Then she went back, and looked through the duplicated panels. And then started refactoring. And refactoring. It took, in total, about a month of picking apart Joel's mess to build something that acted as a reusable widget with all the required features, which she kept plugging away at while working on all the other code. The 30KLoC shrunk to a "mere" 3KLoC. 15 unique widgets collapsed into one single class which could be dropped onto any screen. Future changes could easily be made.

It was a huge change, and it involved some serious changes to the class hierarchy. It was big enough that when Marylou shipped it off for Joel to code review, she expected it would take him awhile to look at, and would probably receive some pushback.

It was a reasonable expectation, but Joel had his own style. Minutes after she sent the request, Joel approved it, and filled in the required "Code Review Comment" field with "Looks great."

His glowing recommendation didn't help Marylou's confidence about the change, so she tracked down another peer, Chris, who had been hired in the same spree, but had a bit more industry experience. They sat down, went through the code together, and spent a few hours walking through the reasoning behind the changes and the actual implementation thereof. With Chris's seal of approval, Marylou felt much more confident in her changes.

This, of course, proves why Joel led the team. It took Marylou and Chris hours to decide that a massive refactoring "looks great," while Joel could tell at a glance. That's experience.

[Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

Planet DebianNorbert Preining: Onyx Boox Firmware 2.0

Onyx Boox Note is a great device for reading, writing, note taking. I have written about my first impressions with this device here, and since then I have used the device heavily. I don’t even remember when I last took my Kobo GloHD in hand since I got the Boox. Onyx has announced a new firmware version (2.0) with a flashy video. The firmware is not generally available, but a hint in the forums tells that switching to Chinese will get you the latest firmware.

Well, I have tried it, and after installation of the latest version switched back to English. Here are my experiences with the new firmware.

The new library page (front page) has changed considerably. Instead of the big cover of the last read book and much smaller covers of the recently read books, all are arranged in the same size. Further information like the format of the book and the progress are overlaid on top of the cover. The icons on the top right allow for filtering, searching, creation of sub-libraries (folders). The bottom shows the total number of books and libraries. I prefer this layout a lot over the previous as it gives me immediate access to most of the recently read books.

There is a new shop available, but for now it seems most books are in Chinese only, which doesn’t help me a lot. I haven’t really checked out and searched books there for now, but I guess over time and with the general availability of the firmware in the next months better support for (at least) English books is to be expected. There is also a new AppStore (link to image) but again, most of the apps are in Chinese so not very helpful. I hope that in the similar vein with the above, a global release will improve this situation.

The storage page is quite bare, a simple file manager. I don’t think anything has changed from the previous firmware. One can explore the content of the device, copy/move/delete files etc. All very much in usual Android style.

The application page (not shown here, link to image) hasn’t changed a lot, but allows now for per-app optimization as shown on the left. There is an Onyx-specific app store with applications optimized for the Boox devices, but most apps installed via Google Play (or any other method) aren’t optimized. This screen seems to allow for various tweaks to optimize appearance of apps that are not made for grey-scale screens. I haven’t used many of the non-native apps by now, though.

The settings screen got a complete renewal with several new items appearing there.

Most of the items are no new functionality, but there is one new seriously niWell, I have tried it, and after installation of the latest version switched back to English. Here are my experiences with the new firmware.ce feature – synchronization of notes taken. There are several providers, most importantly Dropbox and some Chinese typical services. And with Wifi on the notes are saved nicely into my Dropbox account, which makes the tedious connecting to computer and copying a thing of the past. Thanks!

Let us finally go to the Notes application, which got the biggest update in this round. The entry page of the application hasn’t changed a lot, allowing for sorting of notes, creation of folders etc.

What is interesting is the ability to edit hand-written notes: select, copy, paste, resize, transform. It allows also to type text everywhere (see the teaser video linked at the top for details). Another feature that is presented in the teaser video is the text recognition and search in the content of hand-written notes. I have tried this a few times, but it seems my hand-writing is so bad that it wasn’t recognized.

The Notes application got a lot of new settings, most prominently the AI recognition settings which allows selecting the main language of hand-writing recognition. The language support seems to be impressive, including Japanese, but as I said, I didn’t manage by now to actually get it to find one of my notes. Another item is that search takes quite some time to go through all notes. Maybe only the first time, though.

One last new feature I found while digging through the menus is a Wifi Hotspot to allow for up/download of files from mobiles or other Wifi client devices. Not sure whether I will have use for it, but it might be a nice way to share books to friends without using a computer.

All in all I think after some polishing (the English translations are currently horrible at times) and bug fixing, this firmware is a great addition and step forward for the Onyx devices. There is only one really strange thing I experienced during the upgrade to version 2.0, namely that some of my books got corrupted during the process, and the NeoReader couldn’t open them anymore. I have no idea why some books were affected and some not, but it is not a matter of format I found. Removing them from the device and reloading them from Calibre fixed these problems.

Last comment for today: during writing this blog I switched to Chinese again and got a new version via OTA update (2018-11-22_10-36_2.0.3dcbcf5). Not sure what has changed, though.


Google Adsense[VIDEO] User-generated content

Our new video takes a deeper dive into our User-generated content policy and describes how this policy helps to enable a healthy digital advertising ecosystem for users, advertisers, and publishers.

Click the video below to learn more:
We hope this video helps you to better understand our User-generated content policy. For more information, you can learn more about AdSense policies in our help center.

John Brown
Head of Publisher Policy Communications

Krebs on SecurityHalf of all Phishing Sites Now Have the Padlock

Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. Unfortunately, this has never been more useless advice. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the padlock and begins with “https://”.

A live Paypal phishing site that uses https:// (has the green padlock).

Recent data from anti-phishing company PhishLabs shows that 49 percent of all phishing sites in the third quarter of 2018 bore the padlock security icon next to the phishing site domain name as displayed in a browser address bar. That’s up from 25 percent just one year ago, and from 35 percent in the second quarter of 2018.

This alarming shift is notable because a majority of Internet users have taken the age-old “look for the lock” advice to heart, and still associate the lock icon with legitimate sites. A PhishLabs survey conducted last year found more than 80% of respondents believed the green lock indicated a website was either legitimate and/or safe.

In reality, the https:// part of the address (also called “Secure Sockets Layer” or SSL) merely signifies the data being transmitted back and forth between your browser and the site is encrypted and can’t be read by third parties. The presence of the padlock does not mean the site is legitimate, nor is it any proof the site has been security-hardened against intrusion from hackers.

A live Facebook phish that uses SSL (has the green padlock).

Most of the battle to combat cybercrime involves defenders responding to offensive moves made by attackers. But the rapidly increasing adoption of SSL by phishers is a good example in which fraudsters are taking their cue from legitimate sites.

“PhishLabs believes that this can be attributed to both the continued use of SSL certificates by phishers who register their own domain names and create certificates for them, as well as a general increase in SSL due to the Google Chrome browser now displaying ‘Not secure’ for web sites that do not use SSL,” said John LaCour, chief technology officer for the company. “The bottom line is that the presence or lack of SSL doesn’t tell you anything about a site’s legitimacy.”

The major Web browser makers work with a number of security organizations to index and block new phishing sites, often serving bright red warning pages that flag the page of a phishing scam and seek to discourage people from visiting the sites. But not all phishing scams get flagged so quickly.

I spent a few minutes browsing for phishing sites that use SSL, and found this cleverly crafted page that attempts to phish credentials from users of Bibox, a cryptocurrency exchange. Click the image below and see if you can spot what’s going on with this Web address:

This live phish targets users of cryptocurrency exchange Bibox. Look carefully at the URL in the address bar, and you’ll notice a squiggly mark over the “i” in Bibox. This is an internationalized domain name, and the real address is https://www.xn--bbox-vw5a[.]com/login

Load the live phishing page at https://www.xn--bbox-vw5a[.]com/login (that link has been hobbled on purpose) in Google Chrome and you’ll get a red “Deceptive Site Ahead” warning. Load the address above — known as “punycode” — in Mozilla Firefox and the page renders just fine, at least as of this writing.

This phishing site takes advantage of internationalized domain names (IDNs) to introduce visual confusion. In this case, the “i” in is rendered as the Vietnamese character “ỉ,” which is extremely difficult to distinguish in a URL address bar.

As KrebsOnSecurity noted in March, while Chrome, Safari and recent versions of Microsoft’s Internet Explorer and Edge browsers all render IDNs in their clunky punycode state, Firefox will happily convert the code to the look-alike domain as displayed in the address bar.

If you’re a Firefox (or Tor) user and would like Firefox to always render IDNs as their punycode equivalent when displayed in the browser address bar, type “about:config” without the quotes into a Firefox address bar.

Then in the “search:” box type “punycode,” and you should see one or two options there. The one you want is called “network.IDN_show_punycode.” By default, it is set to “false”; double-clicking that entry should change that setting to “true.”

CryptogramHow Surveillance Inhibits Freedom of Expression

In my book Data and Goliath, I write about the value of privacy. I talk about how it is essential for political liberty and justice, and for commercial fairness and equality. I talk about how it increases personal freedom and individual autonomy, and how the lack of it makes us all less secure. But this is probably the most important argument as to why society as a whole must protect privacy: it allows society to progress.

We know that surveillance has a chilling effect on freedom. People change their behavior when they live their lives under surveillance. They are less likely to speak freely and act individually. They self-censor. They become conformist. This is obviously true for government surveillance, but is true for corporate surveillance as well. We simply aren't as willing to be our individual selves when others are watching.

Let's take an example: hearing that parents and children are being separated as they cross the US border, you want to learn more. You visit the website of an international immigrants' rights group, a fact that is available to the government through mass Internet surveillance. You sign up for the group's mailing list, another fact that is potentially available to the government. The group then calls or e-mails to invite you to a local meeting. Same. Your license plates can be collected as you drive to the meeting; your face can be scanned and identified as you walk into and out of the meeting. If, instead of visiting the website, you visit the group's Facebook page, Facebook knows that you did and that feeds into its profile of you, available to advertisers and political activists alike. Ditto if you like their page, share a link with your friends, or just post about the issue.

Maybe you are an immigrant yourself, documented or not. Or maybe some of your family is. Or maybe you have friends or coworkers who are. How likely are you to get involved if you know that your interest and concern can be gathered and used by government and corporate actors? What if the issue you are interested in is pro- or anti-gun control, anti-police violence or in support of the police? Does that make a difference?

Maybe the issue doesn't matter, and you would never be afraid to be identified and tracked based on your political or social interests. But even if you are so fearless, you probably know someone who has more to lose, and thus more to fear, from their personal, sexual, or political beliefs being exposed.

This isn't just hypothetical. In the months and years after the 9/11 terrorist attacks, many of us censored what we spoke about on social media or what we searched on the Internet. We know from a 2013 PEN study that writers in the United States self-censored their browsing habits out of fear the government was watching. And this isn't exclusively an American event; Internet self-censorship is prevalent across the globe, China being a prime example.

Ultimately, this fear stagnates society in two ways. The first is that the presence of surveillance means society cannot experiment with new things without fear of reprisal, and that means those experiments­ -- if found to be inoffensive or even essential to society -- ­cannot slowly become commonplace, moral, and then legal. If surveillance nips that process in the bud, change never happens. All social progress­ -- from ending slavery to fighting for women's rights­ -- began as ideas that were, quite literally, dangerous to assert. Yet without the ability to safely develop, discuss, and eventually act on those assertions, our society would not have been able to further its democratic values in the way that it has.

Consider the decades-long fight for gay rights around the world. Within our lifetimes we have made enormous strides to combat homophobia and increase acceptance of queer folks' right to marry. Queer relationships slowly progressed from being viewed as immoral and illegal, to being viewed as somewhat moral and tolerated, to finally being accepted as moral and legal.

In the end, it was the public nature of those activities that eventually slayed the bigoted beast, but the ability to act in private was essential in the beginning for the early experimentation, community building, and organizing.

Marijuana legalization is going through the same process: it's currently sitting between somewhat moral, and­ -- depending on the state or country in question -- ­tolerated and legal. But, again, for this to have happened, someone decades ago had to try pot and realize that it wasn't really harmful, either to themselves or to those around them. Then it had to become a counterculture, and finally a social and political movement. If pervasive surveillance meant that those early pot smokers would have been arrested for doing something illegal, the movement would have been squashed before inception. Of course the story is more complicated than that, but the ability for members of society to privately smoke weed was essential for putting it on the path to legalization.

We don't yet know which subversive ideas and illegal acts of today will become political causes and positive social change tomorrow, but they're around. And they require privacy to germinate. Take away that privacy, and we'll have a much harder time breaking down our inherited moral assumptions.

The second way surveillance hurts our democratic values is that it encourages society to make more things illegal. Consider the things you do­ -- the different things each of us does­ -- that portions of society find immoral. Not just recreational drugs and gay sex, but gambling, dancing, public displays of affection. All of us do things that are deemed immoral by some groups, but are not illegal because they don't harm anyone. But it's important that these things can be done out of the disapproving gaze of those who would otherwise rally against such practices.

If there is no privacy, there will be pressure to change. Some people will recognize that their morality isn't necessarily the morality of everyone­ -- and that that's okay. But others will start demanding legislative change, or using less legal and more violent means, to force others to match their idea of morality.

It's easy to imagine the more conservative (in the small-c sense, not in the sense of the named political party) among us getting enough power to make illegal what they would otherwise be forced to witness. In this way, privacy helps protect the rights of the minority from the tyranny of the majority.

This is how we got Prohibition in the 1920s, and if we had had today's surveillance capabilities in the 1920s, it would have been far more effectively enforced. Recipes for making your own spirits would have been much harder to distribute. Speakeasies would have been impossible to keep secret. The criminal trade in illegal alcohol would also have been more effectively suppressed. There would have been less discussion about the harms of Prohibition, less "what if we didn't?" thinking. Political organizing might have been difficult. In that world, the law might have stuck to this day.

China serves as a cautionary tale. The country has long been a world leader in the ubiquitous surveillance of its citizens, with the goal not of crime prevention but of social control. They are about to further enhance their system, giving every citizen a "social credit" rating. The details are yet unclear, but the general concept is that people will be rated based on their activities, both online and off. Their political comments, their friends and associates, and everything else will be assessed and scored. Those who are conforming, obedient, and apolitical will be given high scores. People without those scores will be denied privileges like access to certain schools and foreign travel. If the program is half as far-reaching as early reports indicate, the subsequent pressure to conform will be enormous. This social surveillance system is precisely the sort of surveillance designed to maintain the status quo.

For social norms to change, people need to deviate from these inherited norms. People need the space to try alternate ways of living without risking arrest or social ostracization. People need to be able to read critiques of those norms without anyone's knowledge, discuss them without their opinions being recorded, and write about their experiences without their names attached to their words. People need to be able to do things that others find distasteful, or even immoral. The minority needs protection from the tyranny of the majority.

Privacy makes all of this possible. Privacy encourages social progress by giving the few room to experiment free from the watchful eye of the many. Even if you are not personally chilled by ubiquitous surveillance, the society you live in is, and the personal costs are unequivocal.

This essay originally appeared in McSweeney's issue #54: "The End of Trust." It was reprinted on

Planet DebianDaniel Pocock: UN Forum on Business and Human Rights

This week I'm at the UN Forum on Business and Human Rights in Geneva.

What is the level of influence that businesses exert in the free software community? Do we need to be more transparent about it? Does it pose a risk to our volunteers and contributors?

Worse Than FailureRepresentative Line: Without a Parent

Rob M caught a ticket for a bug in a C# application. Specifically, when the user picked an item off a menu, that item wouldn't get highlighted, thus defeating the purpose of the menu. Strangely, the code hadn't been touched since its first commit, back in 2015.

var sortedParentChildItems = matchedMenuItems.OrderBy(x => x.ParentID ?? x.ParentID).ThenBy(x => x.ParentID);

Somehow, this particular line made it through code review, which was notable because management was extremely proud about how "rigorously enforced" their code review process was. The "rigorous enforcement" took the form of someone filling out forms and running a meeting that hopefully contained more programmers than managers. It created a lot of hours on the time-sheet marked "code review", so it must be rigorous.

In this case, this line has several steps of silliness. The ?? is the null coalescing operator- if the left-hand operand is null, use the right one. So, we'll sort by the ParentID of a menu item, unless it's null, in which case we sort by the ParentID. Once they're sorted by ParentID, we'll sort within that list, by ParentID. If it's null this time, enh, whatever, we don't care.

Arguably, the root cause of this bug was a null value snuck into ParentID somewhere, and that broke the sort order. Realistically, the root cause was a process which was more focused on having a process than doing a useful code review.

[Advertisement] Ensure your software is built only once and then deployed consistently across environments, by packaging your applications and components. Learn how today!

Planet DebianNorbert Preining: On Lars Wirzenius, Fun, and Debian

Some time ago I got flamed by Lars Wirzenius, because I dared to write on my blog

The last point by Linus is what I criticize most on Debian nowdays, it has become a sterilized over-governed entity, where most fun is gone.

One of the things he said was

I do feel it is important to make it clear to the people reading Planet Debian, where both Preining’s and my blogs are published, that his opinions are not mainstream in the Debian project, and that despite what he says, Debian development continues to be fun.
– Lars Wirzenius, On Norbert Preining, Sarah Sharp, and Debian

Well, as it turned out he got tired of Debian and doesn’t consider it fun anymore:

I’ve had a rough year, and Debian has also stopped being fun for me.
– Lars Wirzenius, Retiring from Debian

Times are a changin‘! Despite the difference of our opinions, thanks for your hard work on Debian!


Planet DebianDirk Eddelbuettel: RQuantLib 0.4.6: Updated upstream, and calls for help

The new 0.4.6 release of RQuantLib arrived on CRAN and Debian earlier today. It is two-fold update: catching up QuantLib 1.14 while also updating to Boost 1.67 (and newer).

A special thanks goes to Josh for updating to the binary windows library in the rwinlib repository allowing us a seamless CRAN update.

The package needs some help, though. There are two open issues. First, while it builds on Windows, many functions currently throw errors. This may be related to upstream switching to a choice of C++11 or Boost smart pointers though this throws no spanners on Linux. So it may simply be that some of the old curve-building code shows its age. It could also be something completely different—but we need something with a bit of time, debugging stamina, at least a little C++ knowledge and a working Windows setup for testing. I have a few of the former attributes and can help, but no suitable windows (or mac, see below) machine. If you are, or can be, the person to help on Windows, please get in touch at this issue ticket.

Second, we simply have no macOS build. Simon has a similar binary repo but no time himself to work on building QuantLib for macOS with the required R-compatible toolchains. If you are on macOS, care about RQuantLib, and know how to build R packages (and how to deal with compilers etc in general) please consider helping. A little more is at this issue ticket.

Otherwise, this release was mostly about internal plus a little helper for holidays. The complete set of changes is listed below:

Changes in RQuantLib version 0.4.6 (2018-11-25)

  • Changes in RQuantLib code:

    • The code was updated for release 1.14 of QuantLib.

    • The code was updated for Boost 1.67 or later (#120 fixing #119).

    • Fewer examples and tests are running on Windows.

    • Several bond prixing examples corrected to use dayCounter.

    • Two new functions were added to add and remove (custom) holidays (#115).

    • The continuous integration setup was rewritten for containers.

Courtesy of CRANberries, there is also a diffstat report for the this release. As always, more detailed information is on the RQuantLib page. Questions, comments etc should go to the rquantlib-devel mailing list off the R-Forge page. Issue tickets can be filed at the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.


Planet DebianBálint Réczey: Migrating from Bazaar to Git on Launchpad just got easier!

Debian recently switched from Alioth to Salsa offering only Git hosting from now on and that simplifies the work of exiting contributors and also helps newcomers who are most likely already familiar with Git if they know at least one version control system. (Thanks to everyone involved in the transition!)

On Ubuntu’s side, most Ubuntu-specific packages and big part of Ubuntu’s infrastructure used to be maintained in Bazaar repositories in the past. Since then Git became the most widely used version control system but the Bazaar repositories did not fully disappear.

There are still hundreds of packages maintained in Bazaar in Ubuntu (packaging repositories in Bazaar by team) and Debian (lintian report) and maintaining them in Git instead could be easier in the long term.

Launchpad already supports Git and there are guidelines for converting Bazaar repositories to Git (1,2),  but if you would like to make the switch I suggest taking a look at bzr-git-mass-convert based on bzr fast-export (verifying the result with git-remote-bzr). It is a simple tool for merging multiple Bazaar branches to a single git repository set up for pushing it back to Launchpad.

We (at the Foundations Team) use it for migrating our repositories and there is also a wiki page for tracking the migration schedule of popular repositories.

Planet DebianDirk Eddelbuettel: RcppEigen

Another minor release of RcppEigen arrived on CRAN today (and just went to Debian too) bringing support for Eigen 3.3.5 to R.

As we now carry our small set of patches to Eigen as diff in our repo, it was fairly straightforward to bring these few changes to the new upstream version. I added one trivial fix of changing a return value to void as this is also already in the upstream repo. Other than that, we were fortunate to get two nice and focussed PRs since the last release. Ralf allowed us to use larger index values by using R_xlen_t, and Michael corrected use of RcppArmadillo in a benchmarking example script.

Next, it bears repeating what we said in February when we release

One additional and recent change was the accomodation of a recent CRAN Policy change to not allow gcc or clang to mess with diagnostic messages. A word of caution: this may make your compilation of packages uses RcppEigen very noisy so consider adding -Wno-ignored-attributes to the compiler flags added in your ~/.R/Makevars.

It’s still super-noise, but hey, CRAN made us do it …

The complete NEWS file entry follows.

Changes in RcppEigen version (2018-11-24)

  • Updated to version 3.3.5 of Eigen (Dirk in #65)

  • Long vectors are now supported via R_xlen_t (Ralf Stubner in #55 fixing #54).

  • The benchmarking example was updated in its use of RcppArmadillo (Michael Weylandt in #56).

Courtesy of CRANberries, there is also a diffstat report for the most recent release.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.


Krebs on SecurityHow to Shop Online Like a Security Pro

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here’s a quick refresher course on how to make it through the next few weeks without getting snookered online.

Adopting a shopping strategy of simply buying from the online merchant with the lowest advertised prices can be a bit like playing Russian Roulette with your wallet, for the simple reason that there are tons of completely fake e-commerce sites out there looking to separate the unwary from their credit card details.

Even people who shop mainly at big-name online stores can get scammed if they’re not wary of too-good-to-be-true offers. For example, KrebsOnSecurity got taken for hundreds of dollars just last year after trying to buy a pricey Sonos speaker from an established Amazon merchant who was selling it new and unboxed at huge discount.

I later received an email from the seller, who said his Amazon account had been hacked and abused by scammers to create fake sales. Amazon ultimately refunded the money, but if this happens to you around the holidays it could derail plans to get all your shopping done before the expected gift-giving day arrives.

Here are some other safety and security tips to keep in mind when shopping online:

-WHEN IN DOUBT, CHECK ‘EM OUT: If you don’t know much about the online merchant that has the item you wish to buy, take a few minutes to investigate its reputation. After all, it’s not uncommon for bargain basement phantom Web sites to materialize during the holiday season, and then vanish forever not long afterward.

If you’re buying from an online store that is brand new, the risk that you will get scammed increases significantly.  How do you know the lifespan of a site selling that must-have gadget at the lowest price? One easy way to get a quick idea is to run a basic WHOIS search on the site’s domain name. The more recent the site’s “created” date, the more likely it is a phantom store.

-USE A CREDIT CARD: It’s nearly impossible for consumers to tell how secure a main street or online merchant is, and safety seals or attestations that something is “hacker safe” are a guarantee of nothing. In my experience, such sites are just as likely to be compromised as e-commerce sites without these dubious security seals.

No, it’s best just to shop as if they’re all compromised. With that in mind, if you have the choice between using a credit or debit card, shop with your credit card.

Sure, the card associations and your bank are quick to point out that you’re not liable for fraudulent charges that you report in a timely manner, whether it’s debit or a credit card. But this assurance may ring hollow if you wake up one morning to find your checking accounts emptied by card thieves after shopping at a breached merchant with a debit card.

Who pays for the fees levied against you by different merchants when your checks bounce? You do. Does the bank reimburse you when your credit score takes a ding because your mortgage or car payment was late? Don’t hold your breath.

-PADLOCK, SCHMADLOCK: For years, consumers have been told to look for the padlock when shopping online. Maybe this was once sound advice. But to my mind, the “look for the lock” mantra has created a false sense of security for many Internet users, and has contributed to a dangerous and widespread misunderstanding about what the lock icon is really meant to convey.

To be clear, you absolutely should run away from any e-commerce site that does not include the padlock (i.e., its Web address does not begin with “https://”).  But the presence of a padlock icon next to the Web site name in your browser’s address bar does not mean the site is legitimate. Nor is it any sort of testimonial that the site has been security-hardened against intrusion from hackers.

The https:// part of the address merely signifies that the data being transmitted back and forth between your browser and the site is encrypted and can’t be read by third parties. Even so, anti-phishing company PhishLabs found in a survey last year that more than 80% of respondents believed the green lock indicated that a website was either legitimate and/or safe.

Now that anyone can get SSL certificates for free, phishers and other scammers that ply their trade via fake Web sites are starting to up their game. In December 2017, PhishLabs estimated that a quarter of all phishing Web sites were outfitting their scam pages with SSL certificates to make them appear more trustworthy. According to PhishLabs, roughly half of all phishing sites now feature the padlock. 


Often times, items that are advertised at steeper discounts than other online stores make up for it by charging way more than normal for shipping and handling.

Be careful what you agree to: Check to make sure you know how long the item will take to be shipped, and that you understand the store’s return policies. Also, keep an eye out for hidden surcharges, and be wary of blithely clicking “ok” during the checkout process.


Be on guard against phishing and malware schemes that take advantage of shopper distraction and frenzy during the holidays. In years past we’ve seen both leverage emails crafted to look like they were sent from a name-brand store claiming that there was a problem with your order or some component of the shipping process.

One perennial phishing and malware scam that seems to kick into high gear around the holidays is spam that purports to have been sent by the U.S. Postal Service, FedEx, UPS or some other shipping service, warning of a wayward package.

When in doubt about such a message, visit the e-commerce or shipping site directly, and avoid clicking on links or attachments in email — particularly missives that warn of some dire consequences unless you act quickly. Phishers and malware purveyors typically seize upon some kind of emergency to create a false alarm that often causes recipients to temporarily let their guard down.


Some credit card companies offer cardholders that ability to use “virtual credit cards” — apps that generate a unique, ephemeral credit card number that is good for just one purchase or for a short period of time. The idea being that if fraudsters compromise the virtual card number, your bank doesn’t have to issue you a new card and you won’t have the headache that comes with entering new card details at all of the sites where you’ve set up automatic monthly payments.

These virtual cards are nice in theory, but I’ve never been a big fan. Probably because in many cases they require users to have risky add-ons installed and enabled — like Java or Flash Player. But, hey, if this works for you, great.

Most importantly, keep a close eye on your monthly statements. If I were a fraudster, I’d most definitely wait until the holidays to cram through a bunch of unauthorized charges on stolen cards, so that the bogus purchases would get buried amid a flurry of other legitimate transactions. That’s why it’s key to closely review your credit card bill and to quickly dispute any charges you didn’t authorize.


If you’re planning to spend time with friends and family this holiday season, consider giving the gift of your time and helping out with a security checkup. This might involve making sure that new or old PC has up-to-date security software and the requisite software patches, or locking down their wireless router by enabling security features and disabling risky ones.

If you’re visiting parents or older relatives, consider helping them plant their flags at various online sites and services if they haven’t already done so, such as at the Social Security Administration, the U.S. Postal Service, or their wireless phone provider and/or Internet Service Provider (ISP).

You’d definitely make it off of Santa’s naughty list if you helped your loved ones take stock of which online accounts could benefit from more robust multi-factor authentication — and perhaps even guiding them away from SMS/text messages for multifactor toward more secure app- or key-based options, where available. You might even take a minute to explain the perils of re-using passwords across multiple sites, and see if they’re interested in using a password manager.

While you’re at it, ask your friends and family if they’ve frozen their credit files at the major consumer credit bureaus. If not, talk with them about what this entails and how it can help ward off identity theft. If they’re game, you might even consider helping them set it up and ensuring that freeze PINs are securely stored so the information is easily available when and if their credit files ever need to be thawed.

CryptogramFriday Squid Blogging: Good Squid Fishing in the Exmouth Gulf

The conditions are ideal for squid fishing in the Exmouth Gulf in West Australia.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

CryptogramUsing Machine Learning to Create Fake Fingerprints

Researchers are able to create fake fingerprints that result in a 20% false-positive rate.

The problem is that these sensors obtain only partial images of users' fingerprints -- at the points where they make contact with the scanner. The paper noted that since partial prints are not as distinctive as complete prints, the chances of one partial print getting matched with another is high.

The artificially generated prints, dubbed DeepMasterPrints by the researchers, capitalize on the aforementioned vulnerability to accurately imitate one in five fingerprints in a database. The database was originally supposed to have only an error rate of one in a thousand.

Another vulnerability exploited by the researchers was the high prevalence of some natural fingerprint features such as loops and whorls, compared to others. With this understanding, the team generated some prints that contain several of these common features. They found that these artificial prints were more likely to match with other prints than would be normally possible.

If this result is robust -- and I assume it will be improved upon over the coming years -- it will make the current generation of fingerprint readers obsolete as secure biometrics. It also opens a new chapter in the arms race between biometric authentication systems and fake biometrics that can fool them.

More interestingly, I wonder if similar techniques can be brought to bear against other biometrics are well.

Research paper.

Slashdot thread

Worse Than FailureCodeSOD: Classic WTF: A Spoonful of Sugar

It's Black Friday in the US, which is a fancy way of saying that we're all busy murdering each other in WalMart over PS4s. In case we don't survive, remember us by this classic article about Cold Fusion. Original -- Remy

John S. was doing some work on the search feature of a client's website when he noticed that he would receive a 500 Server Error if he tested against the API with an empty string.

This struck John as being pretty strange since not only had the search feature had been in place for years, but also, he could go to the search page, click on the "Search" button without entering anything and receive an "Item Not Found" response.

Curious, John poked around the underlying web code behind the search page and found that a previous developer had been aware of the error and had implemented a quite precocious workaround.

<cfif Trim(url.searchText) EQ "">
<!--- empty string will cause an error --->
<cfset searchString="supercalifragilisticexpialidocious">

[Advertisement] ProGet supports your applications, Docker containers, and third-party packages, allowing you to enforce quality standards across all components. Download and see how!


Worse Than FailureCodeSOD: Classic WTF: zzGeneralFunctions

It's Thanksgiving in the US today, so we're running a classic WTF. What are you thankful for? How about not needing to support this application. Original --Remy

A codefile whose name is prefixed with “zz” can be one of two things. It's either a file that someone wanted to get rid of but was afraid to delete, or it's an intentional naming scheme to keep the file at the bottom as part of some crude code-organization technique. There used to be a third option - the file's a part of an application commissioned by a certain American rock trio known for their beards and cheap sunglasses - but the band dropped that requirement a long time ago.

However, when Mark Arnott stumbled across "zzGeneralFunctions.asp" as part of a maintenance project he was assigned, it was pretty clear why the file existed. Its first line contained the following comment:

' If you do something more than once, put it in a function here.

After a quick skim through the tens of thousands of lines of code, it was fairly obvious that, while the developers followed that "more than once" comment to the letter, they didn't follow the implied advice: before you put a function here, check if that function already exists. Take, for example, calculating a given month's name.

function MonthName(mNum)
	dim m
	on error resume next
	'if IsDate(mNum) then m=month(mNum)
	if m=1 then MonthName="January"
	if m=2 then MonthName="February"
	if m=3 then MonthName="March"
	if m=4 then MonthName="April"
	if m=5 then MonthName="May"
	if m=6 then MonthName="June"
	if m=7 then MonthName="July"
	if m=8 then MonthName="August"
	if m=9 then MonthName="September"
	if m=10 then MonthName="October"
	if m=11 then MonthName="November"
	if m=12 then MonthName="December"
end function

Ignoring the fact that there's already a built-in VBScript function that does just that, and that the built-in function is also named MonthName, this code seems perfectly logical. In fact, so logical that it was repeated a few lines down.

function GetMonthName(thisNum)
	dim m
	on error resume next
	'if IsDate(thisNum) then m=month(thisNum)
	if m=1 then GetMonthName="January"
	if m=2 then GetMonthName="February"
	if m=3 then GetMonthName="March"
	if m=4 then GetMonthName="April"
	if m=5 then GetMonthName="May"
	if m=6 then GetMonthName="June"
	if m=7 then GetMonthName="July"
	if m=8 then GetMonthName="August"
	if m=9 then GetMonthName="September"
	if m=10 then GetMonthName="October"
	if m=11 then GetMonthName="November"
	if m=12 then GetMonthName="December"
end function

And then there was this function which did mostly the same thing, and also replaced the built-in functionality of VBScript's MonthName.

function MonthAbbr(m)
	on error resume next
	if IsDate(m) then m=month(m)
	if m=1 then MonthAbbr="Jan."
	if m=2 then MonthAbbr="Feb."
	if m=3 then MonthAbbr="Mar."
	if m=4 then MonthAbbr="Apr."
	if m=5 then MonthAbbr="May"
	if m=6 then MonthAbbr="Jun."
	if m=7 then MonthAbbr="Jul."
	if m=8 then MonthAbbr="Aug."
	if m=9 then MonthAbbr="Sep."
	if m=10 then MonthAbbr="Oct."
	if m=11 then MonthAbbr="Nov."
	if m=12 then MonthAbbr="Dec."
end function

The combinations and permutations of almost identically named and functioning date/time methods were astonishing. At some point, functions names started to end with a number. And then came the prefixes.

function zzFormatDate4(thisdate)
	dim tmp, m
	on error resume next
	tmp = ""
	if (IsDate(thisdate)) then
		m = month(thisdate)
		tmp = ""
		if m=1 then tmp="January"
		if m=2 then tmp="February"
		if m=3 then tmp="March"
		if m=4 then tmp="April"
		if m=5 then tmp="May"
		if m=6 then tmp="June"
		if m=7 then tmp="July"
		if m=8 then tmp="August"
		if m=9 then tmp="September"
		if m=10 then tmp="October"
		if m=11 then tmp="November"
		if m=12 then tmp="December"
		tmp = tmp & " "
		tmp = tmp & right("00" & day(thisdate),2)
		tmp = tmp & ", "
		tmp = tmp & year(thisdate)
	end if
	zzFormatDate4 = tmp
end function

By the time Mark got to zzFormatDate4, he just gave up looking. It was going to be a very long maintenance project.

[Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

Planet Linux AustraliaPeter Lieverdink: Dark Doodad

It's been a while since I did a blog, so after twiddling the way the front page of the site displays, it's time to post a new one. The attached photo is of my favourite dark nebula, "The Dark Doodad". What looks like a long thin nebula is apparently a sheet over 40 light years wide that we happen to be seeing edge-on. On the left you can see a few dark tendrils that are par of the coal sack nebula. The Dark Doodad This is one of the first images created from a stack of subs I took using AstroDSLR. Each exposure is 2 minutes and I stacked 20 of them. My polar alignment was pretty decent, I think!

Planet Linux AustraliaRobert Norris: Simple Design and Unique Pattern: Replica Bvlgari Serpenti Blue Chain Bag

I actually didn’t know the types of leather, and think leather accessories are smooth and delicate. It was not until the party that I saw my friend’s snakeskin bag, which was immediately attracted by this beautiful personality pattern. I inquire about this kind of leather, and then I bought a snakeskin bag for myself– Bvlgari Serpenti bag with gold chain, which is a imitated bag with high quality snakeskin leather.

I chose a blue flip-top shoulder bag with a snake-head jewel. The size of the bag(25cm x 19cm x 5cm) is suitable for person. As I need a daily bag that have not much demand for the size, then this standard version bag is selected. The interior is a main space that can store some necessities. There is also a zippered flat pocket on the back side of the bag to prevent more expensive and smaller items. The jewelry decoration process of the bag is very particular, which has the same appearance as the real one. The leather body with a gold chain shoulder strap is very stylish and luxurious. I like it very much. I rarely know about this type of leather, so I have collected some relevant knowledge and shared it with friends who like this bag.

Snakeskin features
The snakeskin is like a human fingerprint with unique uniqueness! Each snake is unique, so each piece is unique!

Snakeskin scales are neatly arranged in leopard-like spots, which is dense and natural.
Each scale is accompanied by one-third of the skin that is not skinned that is not mimicked by other materials.

The three-dimensional scale is the most important feature of snakeskin. Snakeskin is light, delicate, soft and elastic. Dry scales retain the true touch of leather, giving the fingertips the most beautiful feeling.

The best way to maintain this material is to keep it dry. The most feared of leather is the humid environment, and snakeskin is no exception. A damp environment can make leather prone to mold and bacteria. Some snakeskin treatments are semi-folded. If the preservation environment is too moist, it will not allow the lining to naturally appear in a half-turn state, or even stick to the leather. Therefore, dry preservation environment is really important for snakeskin.

Snakeskin should not be cleaned with any cleaning oil. Only use a clean and dry cloth to wipe the dirt off. Keep in mind that people must use the eraser in the direction of the snake skin, or it will destroy the texture of the entire snakeskin.

It is a very basic storage method when the bag is stuffed with dehumidification paper during storage, which can absorb moisture much and the shape can be maintained in a certain state.

Planet Linux AustraliaRobert Norris: Simple Design and Unique Pattern: Replica Bvlgari Serpenti Blue Chain Bag

I actually didn’t know the types of leather, and think leather accessories are smooth and delicate. It was not until the party that I saw my friend’s snakeskin bag, which was immediately attracted by this beautiful personality pattern. I inquire about this kind of leather, and then I bought a snakeskin bag for myself– Bvlgari Serpenti bag with gold chain, which is a imitated bag with high quality snakeskin leather.

I chose a blue flip-top shoulder bag with a snake-head jewel. The size of the bag(25cm x 19cm x 5cm) is suitable for person. As I need a daily bag that have not much demand for the size, then this standard version bag is selected. The interior is a main space that can store some necessities. There is also a zippered flat pocket on the back side of the bag to prevent more expensive and smaller items. The jewelry decoration process of the bag is very particular, which has the same appearance as the real one. The leather body with a gold chain shoulder strap is very stylish and luxurious. I like it very much. I rarely know about this type of leather, so I have collected some relevant knowledge and shared it with friends who like this bag.

Snakeskin features
The snakeskin is like a human fingerprint with unique uniqueness! Each snake is unique, so each piece is unique!

Snakeskin scales are neatly arranged in leopard-like spots, which is dense and natural.
Each scale is accompanied by one-third of the skin that is not skinned that is not mimicked by other materials.

The three-dimensional scale is the most important feature of snakeskin. Snakeskin is light, delicate, soft and elastic. Dry scales retain the true touch of leather, giving the fingertips the most beautiful feeling.

The best way to maintain this material is to keep it dry. The most feared of leather is the humid environment, and snakeskin is no exception. A damp environment can make leather prone to mold and bacteria. Some snakeskin treatments are semi-folded. If the preservation environment is too moist, it will not allow the lining to naturally appear in a half-turn state, or even stick to the leather. Therefore, dry preservation environment is really important for snakeskin.

Snakeskin should not be cleaned with any cleaning oil. Only use a clean and dry cloth to wipe the dirt off. Keep in mind that people must use the eraser in the direction of the snake skin, or it will destroy the texture of the entire snakeskin.

It is a very basic storage method when the bag is stuffed with dehumidification paper during storage, which can absorb moisture much and the shape can be maintained in a certain state.


Krebs on SecurityUSPS Site Exposed Data on 60 Million Users

U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at to view account details for some 60 million other users, and in some cases to modify account details on their behalf.


KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. The researcher said he informed the USPS about his finding more than a year ago yet never received a response. After confirming his findings, this author contacted the USPS, which promptly addressed the issue.

The problem stemmed from an authentication weakness in a USPS Web component known as an “application program interface,” or API — basically, a set of tools defining how various parts of an online application such as databases and Web pages should interact with one another.

The API in question was tied to a Postal Service initiative called “Informed Visibility,” which according to the USPS is designed to let businesses, advertisers and other bulk mail senders “make better business decisions by providing them with access to near real-time tracking data” about mail campaigns and packages.

In addition to exposing near real-time data about packages and mail being sent by USPS commercial customers, the flaw let any logged-in user query the system for account details belonging to any other users, such as email address, username, user ID, account number, street address, phone number, authorized users, mailing campaign data and other information.

Many of the API’s features accepted “wildcard” search parameters, meaning they could be made to return all records for a given data set without the need to search for specific terms. No special hacking tools were needed to pull this data, other than knowledge of how to view and modify data elements processed by a regular Web browser like Chrome or Firefox.

A USPS brochure advertising the features and benefits of Informed Visibility.

In cases where multiple accounts shared a common data element — such as a street address — using the API to search for one specific data element often brought up multiple records. For example, a search on the email addresses for readers who volunteered to help with this research turned up multiple accounts when those users had more than one user signed up at the same physical address.

“This is not good,” said one anonymous reader who volunteered to help with this research, after viewing a cut-and-paste of his USPS account details looked up via his email address. “Especially since we moved due to being threatened by a neighbor.”

Nicholas Weaver, a researcher at the International Computer Science Institute and lecturer at UC Berkeley, said the API should have validated that the account making the request had permission to read the data requested.

“This is not even Information Security 101, this is Information Security 1, which is to implement access control,” Weaver said. “It seems like the only access control they had in place was that you were logged in at all. And if you can access other peoples’ data because they aren’t enforcing access controls on reading that data, it’s catastrophically bad and I’m willing to bet they’re not enforcing controls on writing to that data as well.”

A cursory review by KrebsOnSecurity indicates the promiscuous API let any user request account changes for any other user, such as email address, phone number or other key details.

Fortunately, the USPS appears to have included a validation step to prevent unauthorized changes — at least with some data fields. Attempts to modify the email address associated with my USPS account via the API prompted a confirmation message sent to the email address tied to that account (which required clicking a link in the email to complete the change).

It does not appear USPS account passwords were exposed via this API, although KrebsOnSecurity conducted only a very brief and limited review of the API’s rather broad functionality before reporting the issue to the USPS. The API at issue resides here; a copy of the API prior to its modification on Nov. 20 by the USPS is available here as a text file.

The ability to modify database entries related to Informed Visibility user accounts could create problems for the USPS’s largest customers — think companies like Netflix and others that get discounted rates for high volumes. For instance, the API allowed any user to convert regular accounts to Informed Visibility business accounts, and vice versa.

Spammers and email scam artists also could have a field day with this USPS vulnerability, said Robert Hansen, chief technology officer at Bit Discovery, a security firm in Austin, Texas.

“This could easily be leveraged to build up mass targeted spam or spear phishing,” Hansen said. “It should have been protected via authentication and validated against the logged in user in question.”

In a statement shared with KrebsOnSecurity, the USPS said it currently has no information that this vulnerability was leveraged to exploit customer records, and that the information shared with the USPS allowed it to quickly mitigate the vulnerability. Here’s the rest of their statement:

“Computer networks are constantly under attack from criminals who try to exploit vulnerabilities to illegally obtain information.  Similar to other companies, the Postal Service’s Information Security program and the Inspection Service uses industry best practices to constantly monitor our network for suspicious activity.”

“Any information suggesting criminals have tried to exploit potential vulnerabilities in our network is taken very seriously. Out of an abundance of caution, the Postal Service is further investigating to ensure that anyone who may have sought to access our systems inappropriately is pursued to the fullest extent of the law.”

According to a somewhat redacted vulnerability assessment of Informed Visibility (PDF) published in October 2018 by the USPS’s Office of Inspector General (OIG), auditors found a number of authentication and encryption weaknesses in the service. But they seemed to have overlooked this rather glaring security problem. The USPS told the OIG it had addressed the authentication problems raised in the audit report, which appear to have been related to how data was encrypted in transit.

The API vulnerability is the latest security stumble for the Postal Service’s efforts to modernize operations. The Informed Visibility program is the sister initiative to the USPS’s Informed Delivery service, which lets residents view scanned images of all incoming mail. The API vulnerability affected all users, including some 13 million Informed Delivery users.

As detailed in numerous stories here, Informed Delivery has struggled to implement security features that might prevent abuse of the system by identity thieves and other ne’er-do-wells.

Earlier this month, KrebsOnSecurity broke the news that the U.S. Secret Service issued an internal memo about identity thieves abusing Informed Delivery to aid in mail theft. The story cited cases in multiple states involving scammers who ordered new credit cards in the names of victims, and then signed up as those victims at Informed Delivery once the cards were sent — thereby allowing the thieves to tell exactly when the new credit cards would be arriving in the mail.

Although fixing information disclosure and authentication weaknesses is often quite simple, it’s remarkable how many organizations that should know better don’t invest the resources needed to find and address them. In September, this author detailed how a company used by thousands of state and local governments to accept online payments was leaking more than 14 million records.

In August, KrebsOnSecurity disclosed a similar flaw at work across hundreds of small bank Web sites run by Fiserv, a major provider of technology services to financial institutions.

In July, identity theft protection service LifeLock corrected an information disclosure flaw that exposed the email address of millions of subscribers. And in April 2018, remedied a weakness exposing millions of customer names, email and physical addresses, birthdays and partial credit card numbers.

Got a tip about a security vulnerability similar to those detailed above, or perhaps something more serious? Please drop me a note at krebsonsecurity @

Update, 3:49 p.m. ET: Updated the story to include an official statement from the USPS.

CryptogramInformation Attacks against Democracies

Democracy is an information system.

That's the starting place of our new paper: "Common-Knowledge Attacks on Democracy." In it, we look at democracy through the lens of information security, trying to understand the current waves of Internet disinformation attacks. Specifically, we wanted to explain why the same disinformation campaigns that act as a stabilizing influence in Russia are destabilizing in the United States.

The answer revolves around the different ways autocracies and democracies work as information systems. We start by differentiating between two types of knowledge that societies use in their political systems. The first is common political knowledge, which is the body of information that people in a society broadly agree on. People agree on who the rulers are and what their claim to legitimacy is. People agree broadly on how their government works, even if they don't like it. In a democracy, people agree about how elections work: how districts are created and defined, how candidates are chosen, and that their votes count­ -- even if only roughly and imperfectly.

We contrast this with a very different form of knowledge that we call contested political knowledge, which is, broadly, things that people in society disagree about. Examples are easy to bring to mind: how much of a role the government should play in the economy, what the tax rules should be, what sorts of regulations are beneficial and what sorts are harmful, and so on.

This seems basic, but it gets interesting when we contrast both of these forms of knowledge across autocracies and democracies. These two forms of government have incompatible needs for common and contested political knowledge.

For example, democracies draw upon the disagreements within their population to solve problems. Different political groups have different ideas of how to govern, and those groups vie for political influence by persuading voters. There is also long-term uncertainty about who will be in charge and able to set policy goals. Ideally, this is the mechanism through which a polity can harness the diversity of perspectives of its members to better solve complex policy problems. When no-one knows who is going to be in charge after the next election, different parties and candidates will vie to persuade voters of the benefits of different policy proposals.

But in order for this to work, there needs to be common knowledge both of how government functions and how political leaders are chosen. There also needs to be common knowledge of who the political actors are, what they and their parties stand for, and how they clash with each other. Furthermore, this knowledge is decentralized across a wide variety of actors­ -- an essential element, since ordinary citizens play a significant role in political decision making.

Contrast this with an autocracy. There, common political knowledge about who is in charge over the long term and what their policy goals are is a basic condition of stability. Autocracies do not require common political knowledge about the efficacy and fairness of elections, and strive to maintain a monopoly on other forms of common political knowledge. They actively suppress common political knowledge about potential groupings within their society, their levels of popular support, and how they might form coalitions with each other. On the other hand, they benefit from contested political knowledge about nongovernmental groups and actors in society. If no one really knows which other political parties might form, what they might stand for, and what support they might get, that itself is a significant barrier to those parties ever forming.

This difference has important consequences for security. Authoritarian regimes are vulnerable to information attacks that challenge their monopoly on common political knowledge. They are vulnerable to outside information that demonstrates that the government is manipulating common political knowledge to their own benefit. And they are vulnerable to attacks that turn contested political knowledge­ -- uncertainty about potential adversaries of the ruling regime, their popular levels of support and their ability to form coalitions­ -- into common political knowledge. As such, they are vulnerable to tools that allow people to communicate and organize more easily, as well as tools that provide citizens with outside information and perspectives.

For example, before the first stirrings of the Arab Spring, the Tunisian government had extensive control over common knowledge. It required everyone to publicly support the regime, making it hard for citizens to know how many other people hated it, and it prevented potential anti-regime coalitions from organizing. However, it didn't pay attention in time to Facebook, which allowed citizens to talk more easily about how much they detested their rulers, and, when an initial incident sparked a protest, to rapidly organize mass demonstrations against the regime. The Arab Spring faltered in many countries, but it is no surprise that countries like Russia see the Internet openness agenda as a knife at their throats.

Democracies, in contrast, are vulnerable to information attacks that turn common political knowledge into contested political knowledge. If people disagree on the results of an election, or whether a census process is accurate, then democracy suffers. Similarly, if people lose any sense of what the other perspectives in society are, who is real and who is not real, then the debate and argument that democracy thrives on will be degraded. This is what seems to be Russia's aims in their information campaigns against the US: to weaken our collective trust in the institutions and systems that hold our country together. This is also the situation that writers like Adrien Chen and Peter Pomerantsev describe in today's Russia, where no one knows which parties or voices are genuine, and which are puppets of the regime, creating general paranoia and despair.

This difference explains how the same policy measure can increase the stability of one form of regime and decrease the stability of the other. We have already seen that open information flows have benefited democracies while at the same time threatening autocracies. In our language, they transform regime-supporting contested political knowledge into regime-undermining common political knowledge. And much more recently, we have seen other uses of the same information flows undermining democracies by turning regime-supported common political knowledge into regime-undermining contested political knowledge.

In other words, the same fake news techniques that benefit autocracies by making everyone unsure about political alternatives undermine democracies by making people question the common political systems that bind their society.

This framework not only helps us understand how different political systems are vulnerable and how they can be attacked, but also how to bolster security in democracies. First, we need to better defend the common political knowledge that democracies need to function. That is, we need to bolster public confidence in the institutions and systems that maintain a democracy. Second, we need to make it harder for outside political groups to cooperate with inside political groups and organize disinformation attacks, through measures like transparency in political funding and spending. And finally, we need to treat attacks on common political knowledge by insiders as being just as threatening as the same attacks by foreigners.

There's a lot more in the paper.

This essay was co-authored by Henry Farrell, and previously appeared on

Worse Than FailureCodeSOD: Classic WTF: Let Me Sleep On It

We're starting our Thanksgiving break a day early this year. To make up for it, we're dipping back into the archives for a classic WTF. Original

"Perl is a language for getting your job done," is the underlying philosophy of the language. The only right way to write a Perl program is whatever way works. The ultimate flexibility of Perl is a breeding ground for WTFs . That's doubly true when you're new to the language, like Dave once was.

To get Dave started with Perl, his boss paired him up with Alvin, the veteran Perl programmer. He'd been using Perl since version 4, and had a reputation for wielding regexes like a scalpel. After Dave had a few days of ramp up, Alvin started sending him code from their codebase so that Dave could try and understand how their applications worked.

Alvin's style might have used a lot of doSomething(foo) unless condition; constructs , but his coding style was fairly consistent and clear. Dave followed his code pretty well- although one convention really confused him:

#after writing a bunch of stuff to a file

Every close had a matching sleep. Dave couldn't help but ask Alvin, "Um… why is that sleep there? "

Alvin gave Dave the Stare™- that alpha-nerd, hairy-eyeball that makes you wonder, "Did I just say something incredibly stupid?" Just before Dave caved in and said "never mind", Alvin replied. "It's to make sure the file handle is really closed before the program continues."

"I don't think close works that way," Dave said.

"I'm pretty sure it does," Alvin said.

"I don't think so," Dave said. He made a copy of the script in question and with what little regex-fu he had learned so far, he replaced all the close/sleep pairs with just a plain old close. He ran the script, and as you might expect, it worked flawlessly and took about 15 seconds fewer to run. "See?" Dave said, "You don't really need those."

"Apparently," Alvin said.

They spent the rest of the afternoon tracking down major places where there were close/sleep pairs. Alvin grudgingly let Dave remove them and check the changes into CVS after testing them to prove it still worked. Dave went home feeling pretty clever. He really was learning this Perl stuff.

Dave slept on it, and he felt pretty good about everything until he got into work the next day. Over night, Alvin had gone back through the code and added in each and every one of those sleeps, and he made them all one second longer. Dave stopped down at Alvin's cube. "Hey, about those sleeps- you put them back?"

Alvin gave Dave the Stare™. And he didn't stop until Dave retreated to his cube. Apparently, those sleeps really were important to the application.

[Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

Planet Linux Australiasthbrx - a POWER technical blog: OpenPOWER Summit Europe 2018: A Software Developer's Introduction to OpenCAPI

Last month, I was in Amsterdam at OpenPOWER Summit Europe. It was great to see so much interest in OpenPOWER, with a particularly strong contingent of researchers sharing how they're exploiting the unique advantages of OpenPOWER platforms, and a number of OpenPOWER hardware partners announcing products.

(It was also my first time visiting Europe, so I had a lot of fun exploring Amsterdam, taking a few days off in Vienna, then meeting some of my IBM Linux Technology Centre colleagues in Toulouse. I also now appreciate just what ~50 hours on planes does to you!)

One particular area which got a lot of attention at the Summit was OpenCAPI, an open coherent high-performance bus interface designed for accelerators, which is supported on POWER9. We had plenty of talks about OpenCAPI and the interesting work that is already happening with OpenCAPI accelerators.

I was invited to present on the Linux Technology Centre's work on enabling OpenCAPI from the software side. In this talk, I outline the OpenCAPI software stack and how you can interface with an OpenCAPI device through the ocxl kernel driver and the libocxl userspace library.

My slides are available, though you'll want to watch the presentation for context.

Apart from myself, the OzLabs team were well represented at the Summit:

Unfortunately none of their videos are up yet, but they'll be there over the next few weeks. Keep an eye on the Summit website and the Summit YouTube playlist, where you'll find all the rest of the Summit content.

If you've got any questions about OpenCAPI feel free to leave a comment!


TEDKashmir Hill and Surya Mattu win Tech in Journalism Award and more TED news

It’s been a busy few weeks for the TED community. Below, our favorite highlights.

Meet 2018’s Technology in Journalism Honorees. Journalists Kashmir Hill and Surya Mattu received this year’s Technology in Journalism Award from the National Press Foundation for their work on “The House That Spied On Me.” The article details how they transformed Hill’s apartment into a fully operational smart home by installing 18 different internet-connected appliances and devices. They tracked and monitored the data each device collected on Hill’s habits with fascinating, even scary, insights for digital home improvement. A hearty congratulations to the both of them! (Watch Hill and Mattu’s TED Talk.)

10 nights of women-led storytelling. Activist Halima Aden, researcher Brené Brown, comedian Maysoon Zayid, model Geena Rocero, artist Cleo Wade and creator Luvvie Ajayi will be featured at Together Live, a touring storytelling event celebrating women through “raw, hilarious, vulnerable, authentic stories.” This year will feature 30 women across 10 cities; the program is produced in collaboration with hellosunshine, a media company founded by Reese Witherspoon. (Watch Aden’s, Brown’s, Zayid’s, Rocero’s, Wade’s and Ajayi’s TED Talks.)

A new documentary on the extraordinary life of Halima Aden. Al Jazeera has released a 25-minute documentary on Halima Aden, exploring the model’s life, ambitions and her mainstream impact in the face of Islamophobia. Aden was born in Kenya’s Kakuma refugee camp before relocating to Minnesota; she shot to fame as the first hijab-wearing model in the Miss USA pageant. In an interview with Star Tribune, Halima says, “I also do think being black, being Muslim, being Somali, being American on top of that, a lot of different people relate to different parts of my story.” (Watch Aden’s TED Talk.)

Radical hope and laughter. LitHub’s Daniel Asa Rose interviewed writer Anne Lamott on her 18th book, Almost Everything: Notes on Hope. They discussed how to find resounding happiness despite the world’s many miseries. “We need laughter in our lives. Laughter is carbonated holiness,” she says, “I celebrate that we’re all crazy and damaged and we’re all sort of floundering and flailing, and yet we stick together. We take care of each other the best we can. And that is so touching it fills me with hope.” (Watch Lamott’s TED Talk.)

A new cartoon brand launches. Cartoonist Bob Mankoff retired from the New Yorker in May but he hasn’t slowed down — he’s just launched a new cartoon company, Cartoon Collections. To form Cartoon Collections Mankoff merged Cartoon Bank, the cartoon archive he started in the early ’90s, with another archive called CartoonStock. “When you really want to communicate a point in a meaningful way, I think single-panel cartoons can do that better than anything.” he says in an interview with Folio Mag. (Watch Mankoff’s TED Talk.)


Rondam RamblingsLock her up!

From the Washington post comes the news that Ivanka Trump used a personal email account to send hundreds of emails about government business last year.  So, do you think that Donald Trump is going to call for Ivanka's prosecution and imprisonment?  I'll give you long odds against.

Rondam RamblingsCan Jeff Flake really be this naive?

Outgoing senator Jeff Flake of Arizona has expressed bewilderment: that his Republican colleagues are not moving with more dispatch to protect Bob Mueller's investigation.  “How in the world my colleagues don’t see this as a priority now I just don’t understand,” Flake said on CNN’s “State of the Union.” I find it hard to believe that Jeff Flake could really be that naive, but I have an equally

Rondam RamblingsGod doesn't have very good aim

I would not have thought it possible in light of recent events, but Republicans continue to plumb new depths of ignorance and stupidity.  An Ohio Republican party chairman has opined that the Camp Fire, the deadliest and most destructive fire in California history, was "God’s punishment to liberal California".  If that's true, then God needs to update his database: the Camp fire is in

Sociological ImagesIn Mapping, Size Matters

Recent news on climate change is deeply troubling, and people around the world are mobilizing to call for immediate action. This unique global problem means we all have to get better at understanding global inequality, but the first step to this might just be getting a more accurate view of the globe itself.

I love this classic clip from The West Wing about the problems with the Mercator Projection—the way we typically draw maps of the world.

About a month ago, data scientist Neil Kaye made a popular animation correcting the Mercator Projection to countries’ true sizes. Watch how dramatically the northern hemisphere shrinks, and the points from Cartographers for Social Equality seem even more serious.

One of the most striking parts of this animation for me is that many of the regions that are most vulnerable to extreme early changes don’t shrink much. If it is true that people attribute importance to size, these maps are an important reminder that we may not have the best mental pictures for thinking about both old trends in economic and political inequality and new trends in climate risk.

Evan Stewart is a Ph.D. candidate in sociology at the University of Minnesota. You can follow him on Twitter.

(View original at

CryptogramWorst-Case Thinking Breeds Fear and Irrationality

Here's a crazy story from the UK. Basically, someone sees a man and a little girl leaving a shopping center. Instead of thinking "it must be a father and daughter, which happens millions of times a day and is perfectly normal," he thinks "this is obviously a case of child abduction and I must alert the authorities immediately." And the police, instead of thinking "why in the world would this be a kidnapping and not a normal parental activity," thinks "oh my god, we must all panic immediately." And they do, scrambling helicopters, searching cars leaving the shopping center, and going door-to-door looking for clues. Seven hours later, the police eventually came to realize that she was safe asleep in bed.

Lenore Skenazy writes further:

Can we agree that something is wrong when we leap to the worst possible conclusion upon seeing something that is actually nice? In an email Furedi added that now, "Some fathers told me that they think and look around before they kiss their kids in public. Society is all too ready to interpret the most innocent of gestures as a prelude to abusing a child."

So our job is to try to push the re-set button.

If you see an adult with a child in plain daylight, it is not irresponsible to assume they are caregiver and child. Remember the stat from David Finkelhor, head of the Crimes Against Children Research Center at the University of New Hampshire. He has heard of NO CASE of a child kidnapped from its parents in public and sold into sex trafficking.

We are wired to see "Taken" when we're actually witnessing something far less exciting called Everyday Life. Let's tune in to reality.

This is the problem with the "see something, say something" mentality. As I wrote back in 2007:

If you ask amateurs to act as front-line security personnel, you shouldn't be surprised when you get amateur security.

And the police need to understand the base-rate fallacy better.

CryptogramThe PCLOB Needs a Director

The US Privacy and Civil Liberties Oversight Board is looking for a director. Among other things, this board has some oversight role over the NSA. More precisely, it can examine what any executive-branch agency is doing about counterterrorism. So it can examine the program of TSA watchlists, NSA anti-terrorism surveillance, and FBI counterterrorism activities.

The PCLOB was established in 2004 (when it didn't do much), disappeared from 2007-2012, and reconstituted in 2012. It issued a major report on NSA surveillance in 2014. It has dwindled since then, having as few as one member. Last month, the Senate confirmed three new members, including Ed Felten.

So, potentially an important job if anyone out there is interested.

Worse Than FailureCodeSOD: Class Warfare

Setting aside cross-browser quirks, CSS is a fiendishly complicated specification. There’s a lot to it. From styling rules and how they interact with the DOM hierarchy, to the complexities of using selectors to navigate the DOM- it’s a complex tool that is also very powerful. I mean, it’s Turing complete.

Shiv works with a self-proclaimed “CSS Ninja”- yes, that was actually in their resume when they got hired. They were hired on the strength of their portfolio- it looked very nice. Unfortunately, the implementation left something to be desired.

For example, imagine you had twenty elements on a page which needed to be styled the same. You might choose to apply a class attribute to them, and create a single styling rule for that entire class. But that’s not what a CSS ninja does.

.placeholder1, .placeholder2, .placeholder3, .placeholder4, 
.placeholder5, .placeholder6, .placeholder7, .placeholder8, .placeholder9, .placeholder10, 
.placeholder11, .placeholder12, .placeholder13, .placeholder14, .placeholder15, 
.placeholder16, .placeholder17, .placeholder18, .placeholder19, .placeholder20 {
	border-top: 1px solid #333333;
	color: #FFFFFF;
	height: 180px;
	padding-top: 15px;
	width: 140px;

That’s right, a true CSS Ninja creates a unique class for every single element you want styled, and then creates a stylesheet rule that selects all of those unique elements. It’s brilliant, because this way, if the style for .placeholder6 ever needs to change, you can just make a new rule for that one.

Bonus Ninja points for using absolute units for sizes and dimensions, which I’m certain is never going to cause a problem rendering on different display sizes.

[Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

Planet Linux AustraliaDavid Rowe: LPCNet meets Codec 2

The previous post described my attempts to come up to speed with NN based speech synthesis, with the kind help of Jean-Marc Valin and his LPCNet system.

As an exercise, I have adapted LPCNet to use Codec 2 features, and have managed to synthesise high quality speech at a sample rate of 8kHz. Here are the output speech samples:

Sample original LPCNet Codec 2
cq_ref Listen Listen
hts1a Listen Listen
hts2a Listen Listen
mmt1 Listen Listen
morig Listen Listen
speech_orig Listen Listen

I’m happy with all of the samples except cq_ref. That sample has a lot of low freq energy (like the pitch fundamental) which may not have been well represented in the training database. mmt1 has some artefacts, but this system already does better than any other low rate codec on this sample.

This is not quite a quantised speech codec, as I used unquantised Codec 2 parameters (10 Line Spectral Pairs, pitch, energy, and a binary voicing flag). However it does show how LPCNet (and indeed NN synthesis in general) can be trained to use different sets of input features, and the system I have built is close to an open source version of the Codec 2/NN system presented by Kleijn et al.

Why 8kHz rather than the higher quality 16 kHz? Well LPCNet requires a set of Linear Prediction Coefficients (LPCs). The LPCs dumped by Codec 2 are sampled at 8kHz. It’s possible, but not straight forward, to resample the LPC spectra at 16 kHz, but I chose to avoid that step for now.


My initial attempts led to good quality speech using samples from within the training database, but poor quality on speech samples (like the venerable hts1a) from outside the training database. In Machine Learning land, this suggests “not enough training data”. So I dug up an old TIMIT speech sample database, and did a bunch of filtering on my speech samples to simulate what I have seen from microphones in my Codec 2 adventures. It’s all described in gory detail here (Training Tips section). Then, much to my surprise, it worked! Clean, good quality speech from all sorts of samples.

Further Work

  • Add code to generate 16 kHz LPCs from 8 kHz LPCs and try for 16 kHz synthesised speech
  • Use quantised Codec 2 parameters from say Codec 2 2400 or 1300 and see how it sounds.
  • Help Jean-Marc convert LPCNet to C and get it running in real time on commodity hardware.
  • Make a real world, over the air contact using NN based speech synthesis and FreeDV.
  • A computationally large part of the LPCNet (and indeed any *Net speech synthesis system) is dedicated to handling periodic pitch information. The harmonic sinusoidal model used in Codec 2 can remove this information and hence much of the CPU load. So a dramatic further reduction in the number of weights (and hence CPU load) is possible, although this may result in some quality reduction. Another way of looking at this (as highlighted by Jean-Marc’s LPCNet paper) is “how do we model the excitation” in source/filter type speech systems.
  • The Kleijn et al paper had the remarkable result that we can synthesise high quality speech from low bit rate Codec 2 features. What is quality trade off between the bit rate of the features and the speech quality? How coarsely can we quantise the speech features and still get high quality speech? How much of the quality is due to the NN, and how much the speech features?

Reading Further

Jean Marc’s blog post on LPCNet, including links to LPCNet source code and his ICASSP 2019 paper.
WaveNet and Codec 2
Source Code for my Codec 2 version of LPCNet

Planet Linux AustraliaDavid Rowe: LPCNet – Open Source Neural Net Speech Synthesis

Jean-Marc Valin has been working on Neural Network (NN) based speech synthesis in his project called LPCNet. It has similar speech quality to Wavenet, but is based on an architecture called WaveRNN, and includes many new innovations.

Jean-Marc’s work is aimed at reducing the synthesis CPU load down to the level of a modern CPU, for example a mobile phone or Raspberry Pi, and he has made significant progress in that direction.

As well as being useful for his research – this code is a working, open source reference system for Neural Net (NN) based synthesis projects. He has also written an ICASSP 2019 paper on LPCNet, which explains many of the finer details of NN speech synthesis. Fantastic resources for other people coming up to speed in NN synthesis. Well done Jean-Marc!

Over the past few weeks Jean-Marc has kindly answered many NN-noob questions from me. I have used the answers to comment his code and add to his README. There are still many aspects of how this code works that I do not understand. However I can drive his software well enough to synthesise high quality speech:

The first sample was from inside the training database, the second outside.

The network is driven by some speech codec like parameters, but it’s not actually running as a speech codec at present. However it’s a great starting point for high quality speech (de)coding, or indeed speech synthesis.

How I trained

My GTX1060 GPU isn’t quite up to spec, so for training I had to reduce the batch_size to 16, and run for 60 epochs. I used the TSP speech database discussed in the LPCNet README, and followed Jean-Marc’s suggestion of resampling it twice (once at +5% Fs, once at -5% Fs), to get 3x the training data. It took 14 hours for me to train. Synthesis runs 10 times slower than real time on my GPU, however much of this is overhead. If the Keras code was ported to C – it would be close to real time on a modern laptop/phone CPU.


Jean Marc’s blog post on LPCNet, including links to LPCNet source code and his ICASSP 2019 paper.
WaveNet and Codec 2
FFTNet, some good figures that helped me get my head around the idea of sampling a probability distribution.


CryptogramWhat Happened to Cyber 9/11?

A recent article in the Atlantic asks why we haven't seen a"cyber 9/11" in the past fifteen or so years. (I, too, remember the increasingly frantic and fearful warnings of a "cyber Peal Harbor," "cyber Katrina" -- when that was a thing -- or "cyber 9/11." I made fun of those warnings back then.) The author's answer:

Three main barriers are likely preventing this. For one, cyberattacks can lack the kind of drama and immediate physical carnage that terrorists seek. Identifying the specific perpetrator of a cyberattack can also be difficult, meaning terrorists might have trouble reaping the propaganda benefits of clear attribution. Finally, and most simply, it's possible that they just can't pull it off.

Commenting on the article, Rob Graham adds:

I think there are lots of warning from so-called "experts" who aren't qualified to make such warnings, that the press errs on the side of giving such warnings credibility instead of challenging them.

I think mostly the reason why cyberterrorism doesn't happen is that which motivates violent people is different than what which motivates technical people, pulling apart the groups who would want to commit cyberterrorism from those who can.

These are all good reasons, but I think both authors missed the most important one: there simply aren't a lot of terrorists out there. Let's ask the question more generally: why hasn't there been another 9/11 since 2001? I also remember dire predictions that large-scale terrorism was the new normal, and that we would see 9/11-scale attacks regularly. But since then, nothing. We could credit the fantastic counterterrorism work of the US and other countries, but a more reasonable explanation is that there are very few terrorists and even fewer organized ones. Our fear of terrorism is far greater than the actual risk.

This isn't to say that cyberterrorism can never happen. Of course it will, sooner or later. But I don't foresee it becoming a preferred terrorism method anytime soon. Graham again:

In the end, if your goal is to cause major power blackouts, your best bet is to bomb power lines and distribution centers, rather than hack them.

Worse Than FailureCodeSOD: A Clever Switch

Today's anonymous submitter has this to say about this code: "It works fine, it's just... clever."

I'm not certain about the relative cleverness of this solution, myself.

switch (true) { case (d <= 15000): m.values[0]++; break; case (d > 15000 && d <= 30000): m.values[1]++; break; case (d > 30000 && d <= 45000): m.values[2]++; break; default: m.values[3]++; break; }

This JavaScript lives in a web dashboard for monitoring an internal system. Like most such systems, it was slapped together in a rush with no real thought, and nobody actually cares too much about it so long as all the indicator lights on the dashboard stay green.

The obvious thing about this switch is that it should be an if. Arguably, it should even be a loop, which would allow you to iterate across a series of breakpoints, so that you could have a histogram with an arbitrary number of buckets. Perhaps that's premature abstraction, but at least this should be an if.

I'd suggest that maybe they were trying to play some code-golf, since case (...) : is shorter than else if (...) {, but all those savings are lost if you count the break.

That said, I have an idea to make it worse. This is JavaScript, so you could actually do this instead:

m.values[0] += d <= 15000; m.values[1] += d > 15000 && d <= 30000; m.values[2] += d > 30000 && d <= 45000; m.values[3] += d > 45000;

It's less efficient, as you check every case every time, but look at how much more compact it is. And this is for a web page, nobody cares about efficiency in web development anymore. Just look at how clever it is in its (ab)use of the JavaScript type system!

May the gods save us from "clever" programmers.

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!


CryptogramIsraeli Surveillance Gear

The Israeli Defense Force mounted a botched raid in Gaza. They were attempting to install surveillance gear, which they ended up leaving behind. (There are photos -- scroll past the video.) Israeli media is claiming that the capture of this gear by Hamas causes major damage to Israeli electronic surveillance capabilities. The Israelis themselves destroyed the vehicle the commandos used to enter Gaza. I'm guessing they did so because there was more gear in it they didn't want falling into the Palestinians' hands.

Can anyone intelligently speculate about what the photos shows? And if there are other photos on the Internet, please post them.


Cory DoctorowSole and Despotic Dominion: my story about the future of private property for Reason

Reason’s December issue celebrates the magazine’s 50th anniversary with a series of commissioned pieces on the past and future of the magazine’s subjects: freedom, markets, property rights, privacy and similar matters: I contributed a short story to the issue called Sole and Despotic Dominion, which takes the form of a support chat between a dishwasher owner and its manufacturer’s rep, who has the unhappy job of describing why the dishwasher won’t accept his dishes.

The story is part of a series of thought-experiments/science fiction tales about appliances that follow the Iphone App Store model of limiting interoperability to manufacturer-approved items; it started with the 2015 story “If Dishwashers Were Iphones,” and it followed up in my novella “Unauthorized Bread,” which will be published in my 2019 book Radicalized (Unauthorized Bread is also being developed for TV).

I am using Disher dishes. The ones I bought in Dubai.

Sir yes thank you. Please stand by while I investigate your account.


Sir thank you I am back. I see from your IP address and other telemetry that you are in Melstone, Montana. Is that correct?

Yes. I took a new job and got relocated here.

Sir thank you I see your problem. Your dishes were sold for use within Shia territories in the Middle East and Asian regions. They are not authorized for use in the USA.

What? Are you crazy? They’re Disher dishes, this is a Disher dishwasher!

Sir I am sorry you are unhappy. However, I must correct you. Please allow me to offer this frequently asked question:


A. NO.

The trademarks and other intellectual property in the products sold by different Disher affiliated companies through the regional Kitchen Stores are licensed for use on a territory-by-territory basis. In many cases, different territorial licensors own the exclusive right to manufacture and distribute different brands in the Kitchen Store, and part of Disher’s commitment to respecting international laws and intellectual property is our use of the sensors in Disher Speckless systems to optimize your Disher experience by ensuring that our devices do not violate these important contractual arrangements.

You’re joking.

Sir I’m afraid it’s not a joke. Please allow me to offer this frequently asked question:

Sole and Despotic Dominion [Cory Doctorow/Reason]


CryptogramFriday Squid Blogging: Squid Sculptures


As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

CryptogramMailing Tech Support a Bomb

I understand his frustration, but this is extreme:

When police asked Cryptopay what could have motivated Salonen to send the company a pipe bomb ­ or, rather, two pipe bombs, which is what investigators found when they picked apart the explosive package ­ the only thing the company could think of was that it had declined his request for a password change.

In August 2017, Salonen, a customer of Cryptopay, emailed their customer services team to ask for a new password. They refused, given that it was against the company's privacy policy.

A fair point, as it's never a good idea to send a new password in an email. A password-reset link is safer all round, although it's not clear if Cryptopay offered this option to Salonen.

CryptogramHidden Cameras in Streetlights

Both the US Drug Enforcement Administration (DEA) and Immigration and Customs Enforcement (ICE) are hiding surveillance cameras in streetlights.

According to government procurement data, the DEA has paid a Houston, Texas company called Cowboy Streetlight Concealments LLC roughly $22,000 since June 2018 for "video recording and reproducing equipment." ICE paid out about $28,000 to Cowboy Streetlight Concealments over the same period of time.

It's unclear where the DEA and ICE streetlight cameras have been installed, or where the next deployments will take place. ICE offices in Dallas, Houston, and San Antonio have provided funding for recent acquisitions from Cowboy Streetlight Concealments; the DEA's most recent purchases were funded by the agency's Office of Investigative Technology, which is located in Lorton, Virginia.

Fifty thousand dollars doesn't buy a lot of streetlight surveillance cameras, so either this is a pilot program or there are a lot more procurements elsewhere that we don't know about.

Worse Than FailureError'd: A Right to Remain Ever Conscious Blooms

Eion R wrote, "Sure Google Voice, that is exactly what I was looking for."


"One might think this game is titled 'Alpha Blending and the Revenge of Floating Point' but it's not. It's just broken," writes Ashley A.


Bryan S. wrote, "I just hope that whoever created this survey doens't work on their online banking app."


"Now that it's the end of the day, I'm pretty sure I've walked some finite, non-negative number of steps," Drew C. writes.


"Why yes, I am interested in supporting the https project on Indiegogo. I think it'll be a big hit," writes Adam R.


"I guess I can't fault the hotel for trying to make some of its money back by including ads in their 'goodbye' note," wrote Andreas R.


[Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

Planet Linux AustraliaRobert Norris: Hidden in The High-end Jewelry Feast of Wild Pop: Bulgari Serpenti Forever Flap Cover Bag

Bulgari new Wild Pop jewelry collection was released in Peking, China, on November 8th after it was released in Rome. The Wild Pop jewellery collection is inspired by the enthusiasm and pop art of the 1980s, bringing people into the wild 80s and enjoying the Italian style of “Larger Than Life”. Bulgari CEO Jean-Christophe Babin, Bulgari brand spokesperson Shu Qi and Jolin Tsai, with brand ambassador Lady Kitty Spencer attended the feast .

Lady Bagty Spencer, the Bulgari brand ambassador

Jolin Tsai, Bulgari brand spokesperson

Variety ShuFanny uses colored gemstones with high-quality jewellery and black dresses to chase pure self and feel the boldness and beauty of the new high-end jewellery collection. And the green Bulgari Serpenti Forever flip bag in her hand adds a touch of colour to her decoration.

Bulgari jewelry is perfect. The brand will inject enthusiasm into the new accessories collection, adding a unique color to the exquisite leather with colorful tones and unparalleled craftsmanship. The perfect combination of high-end jewelry makes every bag unique. The control of color for Bulgari is also quite eye-catching, and its exquisite Italian craftsmanship is also known. Bulgari accessories redefine the modern paradigm of Italian aesthetics with fine leather, which has elegant shapes and quality materials.

The spring and summer of 2017 accessories Serpenti series and BVLGARI BVLGARI series have the perfect craftsmanship, and the jeweler’s fascinating ingenuity enriches its connotation well. They are the two most iconic collections of Bulgari, showcasing the bold and fearless soul of brand, blending luxury with avant-garde skills, and creating each luxury item with Bulgari’s unique creativity. Today we followed this green Bulgari Serpenti Forever bag belongs to ShuFanny into the classic Serpenti collection.

Since 2011, Bulgari launched the Serpenti Forever series high-end bags. And then this classic snake head that is inlaid with jewelry has become the logo of brand. This bag is sought after, not only because of its stylish appearance, but also because it has the exquisite elegance of jewelry.

The brand combines the rigorous craftsmanship of the watchmaking with the bold creativity of making jewelry, giving the bag a delicate heart under the simple appearance. In addition to the decoration of the flap belongs to the lovely bag is unforgettable. This leather bag with beautiful lines is complemented by a gold metal chain shoulder strap. It looks quite slender but solid, and people can hold it or carry it across the body. However, it must be said that this shoulder strap is really inconvenient to use in the summer, which invisibly increases the force to shoulder. Therefore, the autumn and winter is the seasons that are very suitable for this chain shoulder strap. And the metallic luster will add a lot of fashion to the overall wear.

Planet Linux AustraliaRobert Norris: Hidden in The High-end Jewelry Feast of Wild Pop: Bulgari Serpenti Forever Flap Cover Bag

Bulgari new Wild Pop jewelry collection was released in Peking, China, on November 8th after it was released in Rome. The Wild Pop jewellery collection is inspired by the enthusiasm and pop art of the 1980s, bringing people into the wild 80s and enjoying the Italian style of “Larger Than Life”. Bulgari CEO Jean-Christophe Babin, Bulgari brand spokesperson Shu Qi and Jolin Tsai, with brand ambassador Lady Kitty Spencer attended the feast .

Lady Bagty Spencer, the Bulgari brand ambassador

Jolin Tsai, Bulgari brand spokesperson

Variety ShuFanny uses colored gemstones with high-quality jewellery and black dresses to chase pure self and feel the boldness and beauty of the new high-end jewellery collection. And the green Bulgari Serpenti Forever flip bag in her hand adds a touch of colour to her decoration.

Bulgari jewelry is perfect. The brand will inject enthusiasm into the new accessories collection, adding a unique color to the exquisite leather with colorful tones and unparalleled craftsmanship. The perfect combination of high-end jewelry makes every bag unique. The control of color for Bulgari is also quite eye-catching, and its exquisite Italian craftsmanship is also known. Bulgari accessories redefine the modern paradigm of Italian aesthetics with fine leather, which has elegant shapes and quality materials.

The spring and summer of 2017 accessories Serpenti series and BVLGARI BVLGARI series have the perfect craftsmanship, and the jeweler’s fascinating ingenuity enriches its connotation well. They are the two most iconic collections of Bulgari, showcasing the bold and fearless soul of brand, blending luxury with avant-garde skills, and creating each luxury item with Bulgari’s unique creativity. Today we followed this green Bulgari Serpenti Forever bag belongs to ShuFanny into the classic Serpenti collection.

Since 2011, Bulgari launched the Serpenti Forever series high-end bags. And then this classic snake head that is inlaid with jewelry has become the logo of brand. This bag is sought after, not only because of its stylish appearance, but also because it has the exquisite elegance of jewelry.

The brand combines the rigorous craftsmanship of the watchmaking with the bold creativity of making jewelry, giving the bag a delicate heart under the simple appearance. In addition to the decoration of the flap belongs to the lovely bag is unforgettable. This leather bag with beautiful lines is complemented by a gold metal chain shoulder strap. It looks quite slender but solid, and people can hold it or carry it across the body. However, it must be said that this shoulder strap is really inconvenient to use in the summer, which invisibly increases the force to shoulder. Therefore, the autumn and winter is the seasons that are very suitable for this chain shoulder strap. And the metallic luster will add a lot of fashion to the overall wear.