Planet Russell

,

Rondam RamblingsWhatever happened to "no collusion"?

Funny how fast the "no collusion" slogan evaporated after the recent revelations about Trump trying to shake down the president of Ukraine to fabricate a smear campaign about Joe Biden.  Two years of hand-wringing about the Mueller report are suddenly moot.  Instead of "no collusion" it's now, "Sure I colluded, but it was for a good cause.  Collusion with a foreign government is perfectly

Planet DebianNorbert Preining: RIP (for now) Calibre in Debian

The current purge of all Python2 related packages has a direct impact on Calibre. The latest version of Calibre requires Python modules that are not (anymore) available for Python 2, which means that Calibre >= 4.0 will for the foreseeable future not be available in Debian.

I just have uploaded a version of 3.48 which is the last version that can run on Debian. From now on until upstream Calibre switches to Python 3, this will be the last version of Calibre in Debian.

In case you need newer features (including the occasional security fixes), I recommend switching to the upstream installer which is rather clean (installing into /opt/calibre, creating some links to the startup programs, and installing completions for zsh and bash. It also prepares an uninstaller that reverts these changes.

Enjoy.

,

Planet DebianReproducible Builds: Reproducible Builds in September 2019

Welcome to the September 2019 report from the Reproducible Builds project!

In these reports we outline the most important things that we have been up over the past month. As a quick refresher of what our project is about, whilst anyone can inspect the source code of free software for malicious changes, most software is distributed to end users or servers as precompiled binaries. The motivation behind the reproducible builds effort is to ensure zero changes have been introduced during these compilation processes. This is achieved by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

In September’s report, we cover:

  • Media coverage & eventsmore presentations, preventing Stuxnet, etc.
  • Upstream newskernel reproducibility, grafana, systemd, etc.
  • Distribution workreproducible images in Arch Linux, policy changes in Debian, etc.
  • Software developmentyet more work on diffoscope, upstream patches, etc.
  • Misc news & getting in touchfrom our mailing list how to contribute, etc

If you are interested in contributing to our project, please visit our Contribute page on our website.


Media coverage & events

This month Vagrant Cascadian attended the 2019 GNU Tools Cauldron in Montréal, Canada and gave a presentation entitled Reproducible Toolchains for the Win (video).

In addition, our project was highlighted as part of a presentation by Andrew Martin at the All Systems Go conference in Berlin titled Rootless, Reproducible & Hermetic: Secure Container Build Showdown, and Björn Michaelsen from the Document Foundation presented at the 2019 LibreOffice Conference in Almería in Spain on the status of reproducible builds in the LibreOffice office suite.

In academia, Anastasis Keliris and Michail Maniatakos from the New York University Tandon School of Engineering published a paper titled ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries (PDF) that speaks to concerns regarding the security of Industrial Control Systems (ICS) such as those attacked via Stuxnet. The paper outlines their ICSREF tool for reverse-engineering binaries from such systems and furthermore demonstrates a scenario whereby a commercial smartphone equipped with ICSREF could be easily used to compromise such infrastructure.

Lastly, It was announced that Vagrant Cascadian will present a talk at SeaGL in Seattle, Washington during November titled There and Back Again, Reproducibly.


2019 Summit

Registration for our fifth annual Reproducible Builds summit that will take place between 1st → 8th December in Marrakesh, Morocco has opened and personal invitations have been sent out.

Similar to previous incarnations of the event, the heart of the workshop will be three days of moderated sessions with surrounding “hacking” days and will include a huge diversity of participants from Arch Linux, coreboot, Debian, F-Droid, GNU Guix, Google, Huawei, in-toto, MirageOS, NYU, openSUSE, OpenWrt, Tails, Tor Project and many more. If you would like to learn more about the event and how to register, please visit our our dedicated event page.


Upstream news

Ben Hutchings added documentation to the Linux kernel regarding how to make the build reproducible. As he mentioned in the commit message, the kernel is “actually” reproducible but the end-to-end process was not previously documented in one place and thus Ben describes the workflow and environment needed to ensure a reproducible build.

Daniel Edgecumbe submitted a pull request which was subsequently merged to the logging/journaling component of systemd in order that the output of e.g. journalctl --update-catalog does not differ between subsequent runs despite there being no changes in the input files.

Jelle van der Waa noticed that if the grafana monitoring tool was built within a source tree devoid of Git metadata then the current timestamp was used instead, leading to an unreproducible build. To avoid this, Jelle submitted a pull request in order that it use SOURCE_DATE_EPOCH if available.

Mes (a Scheme-based compiler for our “sister” bootstrappable builds effort) announced their 0.20 release.


Distribution work

Bernhard M. Wiedemann posted his monthly Reproducible Builds status update for the openSUSE distribution. Thunderbird and kernel-vanilla packages will be among the larger ones to become reproducible soon and there were additional Python patches to help reproducibility issues of modules written in this language that have C bindings.

OpenWrt is a Linux-based operating system targeting embedded devices such as wireless network routers. This month, Paul Spooren (aparcar) switched the toolchain the use the GCC version 8 by default in order to support the -ffile-prefix-map= which permits a varying build path without affecting the binary result of the build []. In addition, Paul updated the kernel-defaults package to ensure that the SOURCE_DATE_EPOCH environment variable is considered when creating the the /init directory.

Alexander “lynxis” Couzens began work on working on a set of build scripts for creating firmware and operating system artifacts in the coreboot distribution.

Lukas Pühringer prepared an upload which was sponsored by Holger Levsen of python-securesystemslib version 0.11.3-1 to Debian unstable. python-securesystemslib is a dependency of in-toto, a framework to protect the integrity of software supply chains.

Arch Linux

The mkinitcpio component of Arch Linux was updated by Daniel Edgecumbe in order that it generates reproducible initramfs images by default, meaning that two subsequent runs of mkinitcpio produces two files that are identical at the binary level. The commit message elaborates on its methodology:

Timestamps within the initramfs are set to the Unix epoch of 1970-01-01. Note that in order for the build to be fully reproducible, the compressor specified (e.g. gzip, xz) must also produce reproducible archives. At the time of writing, as an inexhaustive example, the lzop compressor is incapable of producing reproducible archives due to the insertion of a runtime timestamp.

In addition, a bug was created to track progress on making the Arch Linux ISO images reproducible.

Debian

In July, Holger Levsen filed a bug against the underlying tool that maintains the Debian archive (“dak”) after he noticed that .buildinfo metadata files were not being automatically propagated in the case that packages had to be manually approved in “NEW queue”. After it was pointed out that the files were being retained in a separate location, Benjamin Hof proposed a patch for the issue that was merged and deployed this month.

Aurélien Jarno filed a bug against the Debian Policy (#940234) to request a section be added regarding the reproducibility of source packages. Whilst there is already a section about reproducibility in the Policy, it only mentions binary packages. Aurélien suggest that it:

… might be a good idea to add a new requirement that repeatedly building the source package in the same environment produces identical .dsc files.

In addition, 51 reviews of Debian packages were added, 22 were updated and 47 were removed this month adding to our knowledge about identified issues. Many issue types were added by Chris Lamb including buildpath_in_code_generated_by_bison, buildpath_in_postgres_opcodes and ghc_captures_build_path_via_tempdir.

Software development

Upstream patches

The Reproducible Builds project detects, dissects and attempts to fix as many currently-unreproducible packages as possible. We endeavour to send all of our patches upstream where appropriate. This month, we wrote a large number of such patches, including:

Diffoscope

diffoscope is our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues. It is run countless times a day on our testing infrastructure and is essential for identifying fixes and causes of non-deterministic behaviour.

This month, Chris Lamb uploaded versions 123, 124 and 125 and made the following changes:

  • New features:

    • Add /srv/diffoscope/bin to the Docker image path. (#70)
    • When skipping tests due to the lack of installed tool, print the package that might provide it. []
    • Update the “no progressbar” logging message to match the parallel missing tlsh module warnings. []
    • Update “requires foo” messages to clarify that they are referring to Python modules. []
  • Testsuite updates:

    • The test_libmix_differences ELF binary test requires the xxd tool. (#940645)
    • Build the OCaml test input files on-demand rather than shipping them with the package in order to prevent test failures with OCaml 4.08. (#67)
    • Also conditionally skip the identification and “no differences” tests as we require the Ocaml compiler to be present when building the test files themselves. (#940471)
    • Rebuild our test squashfs images to exclude the character device as they requires root or fakeroot to extract. (#65)
  • Many code cleanups, including dropping some unnecessary control flow [], dropping unnecessary pass statements [] and dropping explicitly inheriting from object class as it unnecessary in Python 3 [].

In addition, Marc Herbert completely overhauled the handling of ELF binaries particularly around many assumptions that were previously being made via file extensions, etc. [][][] and updated the testsuite to support a never version of the coreboot utilities. []. Mattia Rizzolo then ensured that diffoscope does not crash when the progress bar module is missing but the functionality was requested [] and made our version checking code more lenient []. Lastly, Vagrant Cascadian not only updated diffoscope to versions 123 and 125, he enabled a more complete test suite in the GNU Guix distribution. [][][][][][]

Project website

There was yet more effort put into our our website this month, including:

In addition, Cindy Kim added in-toto to our “Who is Involved?” page, James Fenn updated our homepage to fix a number of spelling and grammar issues [] and Peter Conrad added BitShares to our list of projects interested in Reproducible Builds [].

strip-nondeterminism

strip-nondeterminism is our tool to remove specific non-deterministic results from successful builds. This month, Marc Herbert made a huge number of changes including:

  • GNU ar handler:
    • Don’t corrupt the pseudo file mode of the symbols table.
    • Add test files for “symtab” (/) and long names (//).
    • Don’t corrupt the SystemV/GNU table of long filenames.
  • Add a new $File::StripNondeterminism::verbose global and, if enabled, tell the user that ar(1) could not set the symbol table’s mtime.

In addition, Chris Lamb performed some issue investigation with the Debian Perl Team regarding issues in the Archive::Zip module including a problem with corruption of members that use bzip compression as well as a regression whereby various metadata fields were not being updated that was reported in/around Debian bug #940973.

Test framework

We operate a comprehensive Jenkins-based testing framework that powers tests.reproducible-builds.org.

  • Alexander “lynxis” Couzens:
    • Fix missing .xcompile in the build system. []
    • Install the GNAT Ada compiler on all builders. []
    • Don’t install the iasl ACPI power management compiler/decompiler. []
  • Holger Levsen:
    • Correctly handle the $DEBUG variable in OpenWrt builds. []
    • Fefactor and notify the #archlinux-reproducible IRC channel for problems in this distribution. []
    • Ensure that only one mail is sent when rebooting nodes. []
    • Unclutter the output of a Debian maintenance job. []
    • Drop a “todo” entry as we vary on a merged /usr for some time now. []

In addition, Paul Spooren added an OpenWrt snapshot build script which downloads .buildinfo and related checksums from the relevant download server and attempts to rebuild and then validate them for reproducibility. []

The usual node maintenance was performed by Holger Levsen [][][], Mattia Rizzolo [] and Vagrant Cascadian [][].

reprotest

reprotest is our end-user tool to build same source code twice in different environments and then check the binaries produced by each build for differences. This month, a change by Dmitry Shachnev was merged to not use the faketime wrapper at all when asked to not vary time [] and Holger Levsen subsequently released this as version 0.7.9 as dramatically overhauling the packaging [][].


Misc news & getting in touch

On our mailing list Rebecca N. Palmer started a thread titled Addresses in IPython output which points out and attempts to find a solution to a problem with Python packages, whereby objects that don’t have an explicit string representation have a default one that includes their memory address. This causes problems with reproducible builds if/when such output appears in generated documentation.

If you are interested in contributing the Reproducible Builds project, please visit our Contribute page on our website. However, you can get in touch with us via:



This month’s report was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Jelle van der Waa, Mattia Rizzolo and Vagrant Cascadian. It was subsequently reviewed by a bunch of Reproducible Builds folks on IRC and the mailing list.

,

Planet DebianJohn Goerzen: Resurrecting Ancient Operating Systems on Debian, Raspberry Pi, and Docker

I wrote recently about my son playing Zork on a serial terminal hooked up to a PDP-11, and how I eventually bought a vt420 (ok, some vt420s and vt510s, I couldn’t stop at one) and hooked it up to a Raspberry Pi.

This led me down another path: there is a whole set of hardware and software that I’ve never used. For some, it fell out of favor before I could read (and for others, before I was even born).

The thing is – so many of these old systems have a legacy that we live in today. So much so, in fact, that we are now seeing articles about how modern CPUs are fast PDP-11 emulators in a sense. The PDP-11, and its close association with early Unix, lives on in the sense that its design influenced microprocessors and operating systems to this day. The DEC vt100 terminal is, nowadays, known far better as that thing that is emulated, but it was, in fact, a physical thing. Some goes back into even mistier times; Emacs, for instance, grew out of the MIT ITS project but was later ported to TOPS-20 before being associated with Unix. vi grew up in 2BSD, and according to wikipedia, was so large it could barely fit in the memory of a PDP-11/70. Also in 2BSD, a buggy version of Zork appeared — so buggy, in fact, that the save game option was broken. All of this happened in the late 70s.

When we think about the major developments in computing, we often hear of companies like IBM, Microsoft, and Apple. Of course their contributions are undeniable, and emulators for old versions of DOS are easily available for every major operating system, plus many phones and tablets. But as the world is moving heavily towards Unix-based systems, the Unix heritage is far more difficult to access.

My plan with purchasing and setting up an old vt420 wasn’t just to do that and then leave. It was to make it useful for modern software, and also to run some of these old systems under emulation.

To that end, I have released my vintage computing collection – both a script for setting up on a system, and a docker image. You can run Emacs and TECO on TOPS-20, zork and vi on 2BSD, even Unix versions 5, 6, and 7 on a PDP-11. And for something particularly rare, RDOS on a Data General Nova. I threw in some old software compiled for modern systems: Zork, Colossal Cave, and Gopher among them. The bsdgames collection and some others are included as well.

I hope you enjoy playing with the emulated big-iron systems of the 70s and 80s. And in a dramatic turnabout of scale and cost, those machines which used to cost hundreds of thousands of dollars can now be run far faster under emulation on a $35 Raspberry Pi.

CryptogramFriday Squid Blogging: Hawaiian Bobtail Squid Squirts Researcher

Cute video.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Cory Doctorow“Martian Chronicles”: Escape Pod releases a reading of my YA story about rich sociopaths colonizing Mars


Back in 2011, I wrote a young adult novella called “Martian Chronicles,” which I podcasted as it was in progress; it’s a story about the second wave of wealthy colonists lifting off from climate-wracked, inequality-riven Earth to live in a libertarian utopia on Mars.

The story (part of a series of stories that use titles of famous stories as jumping off points) was published in Jonathan Strahan’s excellent YA anthology Life on Mars: Tales from the New Frontier.

Now, it’s getting a second life in podcast form, as the wonderful and venerable Escape Pod has produced a reading by Adam Pracht, whose first installment has just gone live (MP3). It came in via my podcatcher last night and I was so pleased with it. Now I’m on tenterhooks for part II!

They say you can’t smell anything through a launch-hood, but I still smelled the pove in the next seat as the space-attendants strapped us into our acceleration couches and shone lights in our eyes and triple-checked the medical readouts on our wristlets to make sure our hearts wouldn’t explode when the rocket boosted us into orbit for transfer to the *Eagle* and the long, long trip to Mars.

He was skinny, but not normal-skinny, the kind of skinny you get from playing a lot of sports and taking the metabolism pills your parents got for you so you wouldn’t get teased at school. He was kind of pot-bellied with scrawny arms and sunken cheeks and he was brown-brown, like the brown Mom used to slather on after a day at the beach covered in factor-500 sunblock. Only he was the kind of all-over-even brown that you only got by being *born* brown.

He gave me a holy-crap-I’m-going-to-MARS smile and a brave thumbs-up and I couldn’t bring myself to snub him because he looked so damned happy about it. So I gave him the same thumbs up, rotating my wrist in the strap that held it onto the arm-rest so that I didn’t accidentally break my nose with my own hand when we “clawed our way out of the gravity well” (this was a phrase from the briefing seminars that they liked to repeat a lot. It had a lot of macho going for it).

The pove smelled like garbage. There, I said it. No nice way of saying it. Like the smell out of the trash-chute at the end of our property line. It had been my job to haul our monster-sized tie-and-toss bags to the curb every day and toss them down that chute and into the tunnel-system that took them out to the Spruce Sunset Meadows recycling center, which was actually *outside* the Spruce Sunset Meadows wall, all the way in Springville, where there was a gigantic mega-prison. The prisoners sorted all our trash for us, which was good for the environment, since they sorted it into about 400 different categories for recycling; and good for us because it meant we didn’t have to do all that separating in our kitchen. On the other hand, it did mean that we had to have a double cross-cut shredder for anything like a bill or a legal document so that some crim didn’t use it to steal our identities when he got out of jail. I always wondered how they handled the confetti that came out of the shredder, if they had to pick up each little dot of it with their fingernails and drop it into a big hopper labelled “paper.”

Escape Pod 700: Martian Chronicles (Part 1 of 2) [Escape Pod]

CryptogramMore Cryptanalysis of Solitaire

In 1999, I invented the Solitaire encryption algorithm, designed to manually encrypt data using a deck of cards. It was written into the plot of Neal Stephenson's novel Cryptonomicon, and I even wrote an afterward to the book describing the cipher.

I don't talk about it much, mostly because I made a dumb mistake that resulted in the algorithm not being reversible. Still, for the short message lengths you're likely to use a manual cipher for, it's still secure and will likely remain secure.

Here's some new cryptanalysis:

Abstract: The Solitaire cipher was designed by Bruce Schneier as a plot point in the novel Cryptonomicon by Neal Stephenson. The cipher is intended to fit the archetype of a modern stream cipher whilst being implementable by hand using a standard deck of cards with two jokers. We find a model for repetitions in the keystream in the stream cipher Solitaire that accounts for the large majority of the repetition bias. Other phenomena merit further investigation. We have proposed modifications to the cipher that would reduce the repetition bias, but at the cost of increasing the complexity of the cipher (probably beyond the goal of allowing manual implementation). We have argued that the state update function is unlikely to lead to cycles significantly shorter than those of a random bijection.

Sociological ImagesHarder, Better, Faster, Stronger

And the hits start coming and they don’t stop coming. Research published in Royal Society Open Science (thanks to @MattGrossmann for sharing on Twitter) compared music charts in the US, the UK, Germany, and the Netherlands. The authors found that more albums are climbing these charts faster than they did in the past.

Schneider, Lukas and Claudius Gros. “Five Decades of US, UK, German and Dutch Music Charts Show That Cultural Processes Are Accelerating.” Royal Society Open Science 6(8):190944.

Last week we looked at cultural hybridity and the mixing of music genres. Here, the authors point out that these trends indicate cultural acceleration as more hits happen in a shorter time. This creates new pressures on the music production side. From the article:

In the past, essentially no number one album would start at the top of a chart. Reaching the top was instead a tedious climbing process that would take on the average an entire month, or more. Nowadays, the situation is the opposite. If an album is not the number one the first week of its listing, it has only a marginal chance to climb to the top later on.

This cultural acceleration is having a big impact on the kinds of hits we end up hearing, because creativity always happens in a particular social context. One of my favorite episodes of the Switched on Pop podcast recently looked at how songwriting is changing in the era of the quick streaming hit, including the rise of the “pop overture.” What’s a pop overture, you ask? Lizzo can tell you.

Evan Stewart is an assistant professor of sociology at University of Massachusetts Boston. You can follow him on Twitter.

(View original at https://thesocietypages.org/socimages)

Planet DebianBen Hutchings: Kernel Recipes 2019, part 2

This conference only has a single track, so I attended almost all the talks. This time I didn't take notes but I've summarised all the talks I attended. This is the second and last part of that; see part 1 if you missed it.

XDP closer integration with network stack

Speaker: Jesper Dangaard Brouer

Details and slides: https://kernel-recipes.org/en/2019/xdp-closer-integration-with-network-stack/

Video: Youtube

The speaker introduced XDP and how it can improve network performance.

The Linux network stack is extremely flexible and configurable, but this comes at some performance cost. The kernel has to generate a lot of metadata about every packet and check many different control hooks while handling it.

The eXpress Data Path (XDP) was introduced a few years ago to provide a standard API for doing some receive packet handling earlier, in a driver or in hardware (where possible). XDP rules can drop unwanted packets, forward them, pass them directly to user-space, or allow them to continue through the network stack as normal.

He went on to talk about how recent and proposed future extensions to XDP allow re-using parts of the standard network stack selectively.

This talk was supposed to be meant for kernel developers in general, but I don't think it would be understandable without some prior knowledge of the Linux network stack.

Faster IO through io_uring

Speaker: Jens Axboe

Details and slides: https://kernel-recipes.org/en/2019/talks/faster-io-through-io_uring/

Video: Youtube. (This is part way through the talk, but the earlier part is missing audio.)

The normal APIs for file I/O, such as read() and write(), are blocking, i.e. they make the calling thread sleep until I/O is complete. There is a separate kernel API and library for asynchronous I/O (AIO), but it is very restricted; in particular it only supports direct (uncached) I/O. It also requires two system calls per operation, whereas blocking I/O only requires one.

Recently the io_uring API was introduced as an entirely new API for asynchronous I/O. It uses ring buffers, similar to hardware DMA rings, to communicate operations and completion status between user-space and the kernel, which is far more efficient. It also removes most of the restrictions of the current AIO API.

The speaker went into the details of this API and showed performance comparisons.

The Next Steps toward Software Freedom for Linux

Speaker: Bradley Kuhn

Details: https://kernel-recipes.org/en/2019/talks/the-next-steps-toward-software-freedom-for-linux/

Slides: http://ebb.org/bkuhn/talks/Kernel-Recipes-2019/kernel-recipes.html

Video: Youtube

The speaker talked about the importance of the GNU GPL to the development of Linux, in particular the ability of individual developers to get complete source code and to modify it to their local needs.

He described how, for a large proportion of devices running Linux, the complete source for the kernel is not made available, even though this is required by the GPL. So there is a need for GPL enforcement—demanding full sources from distributors of Linux and other works covered by GPL, and if necessary suing to obtain them. This is one of the activities of his employer, Software Freedom Conservancy, and has been carried out by others, particularly Harald Welte.

In one notable case, the Linksys WRT54G, the release of source after a lawsuit led to the creation of the OpenWRT project. This is still going many years later and supports a wide range of networking devices. He proposed that the Conservancy's enforcement activity should, in the short term, concentrate on a particular class of device where there would likely be interest in creating a similar project.

Suricata and XDP

Speaker: Eric Leblond

Details and slides: https://kernel-recipes.org/en/2019/talks/suricata-and-xdp/

Video: Youtube

The speaker described briefly how an Intrusion Detection System (IDS) interfaces to a network, and why it's important to be able to receive and inspect all relevant packets.

He then described how the Suricata IDS uses eXpress Data Path (XDP, explained in an earlier talk) to filter and direct packets, improving its ability to handle very high packet rates.

CVEs are dead, long live the CVE!

Speaker: Greg Kroah-Hartman

Details and slides: https://kernel-recipes.org/en/2019/talks/cves-are-dead-long-live-the-cve/

Video: Youtube

Common Vulnerabilities and Exposures Identifiers (CVE IDs) are a standard, compact way to refer to specific software and hardware security flaws.

The speaker explained problems with the way CVE IDs are currently assigned and described, including assignments for bugs that don't impact security, lack of assignment for many bugs that do, incorrect severity scores, and missing information about the changes required to fix the issue. (My work on CIP's kernel CVE tracker addresses some of these problems.)

The average time between assignment of a CVE ID and a fix being published is apparently negative for the kernel, because most such IDs are being assigned retrospectively.

He proposed to replace CVE IDs with "change IDs" (i.e. abbreviated git commit hashes) identifying bug fixes.

Driving the industry toward upstream first

Speaker: Enric Balletbo i Serra

Details snd slides: https://kernel-recipes.org/en/2019/talks/driving-the-industry-toward-upstream-first/

Video: Youtube

The speaker talked about how the Chrome OS developers have tried to reduce the difference between the kernels running on Chromebooks, and the upstream kernel versions they are based on. This has succeeded to the point that it is possible to run a current mainline kernel on at least some Chromebooks (which he demonstrated).

Formal modeling made easy

Speaker: Daniel Bristot de Oliveira

Details and slides: https://kernel-recipes.org/en/2019/talks/formal-modeling-made-easy/

Video: Youtube

The speaker explained how formal modelling of (parts of) the kernel could be valuable. A formal model will describe how some part of the kernel works, in a way that can be analysed and proven to have certain properties. It is also necessary to verify that the model actually matches the kernel's implementation.

He explained the methodology he used for modelling the real-time scheduler provided by the PREEMPT_RT patch set. The model used a number of finite state machines (automata), with conditions on state transitions that could refer to other state machines. He added (I think) tracepoints for all state transitions in the actual code and a kernel module that verified that at each such transition the model's conditions were met.

In the process of this he found a number of bugs in the scheduler.

Kernel documentation: past, present, and future

Speaker: Jonathan Corbet

Details and slides: https://kernel-recipes.org/en/2019/kernel-documentation-past-present-and-future/

Video: Youtube

The speaker is the maintainer of the Linux kernel's in-tree documentation. He spoke about how the documentation has been reorganised and reformatted in the past few years, and what work is still to be done.

GNU poke, an extensible editor for structured binary data

Speaker: Jose E Marchesi

Details and slides: https://kernel-recipes.org/en/2019/talks/gnu-poke-an-extensible-editor-for-structured-binary-data/

Video: Youtube

The speaker introduced and demonstrated his project, the "poke" binary editor, which he thinks is approaching a first release. It has a fairly powerful and expressive language which is used for both interactive commands and scripts. Type definitions are somewhat C-like, but poke adds constraints, offset/size types with units, and types of arbitrary bit width.

The expected usage seems to be that you write a script ("pickle") that defines the structure of a binary file format, use poke interactively or through another script to map the structures onto a specific file, and then read or edit specific fields in the file.

CryptogramTracking by Smart TVs

Long Twitter thread about the tracking embedded in modern digital televisions. The thread references three academic papers.

Planet DebianNorbert Preining: TensorFlow 2.0 with GPU on Debian/sid

Some time ago I have been written about how to get Tensorflow (1.x) running on current Debian/sid back then. It turned out that this isn’t correct anymore and needs an update, so here it is, getting the most uptodate TensorFlow 2.0 running with nVidia support running on Debian/sid.

Step 1: Install CUDA 10.0

Follow more or less the instructions here and do

wget -O- https://developer.download.nvidia.com/compute/cuda/repos/ubuntu1804/x86_64/7fa2af80.pub | sudo tee /etc/apt/trusted.gpg.d/nvidia-cuda.asc
echo "deb http://developer.download.nvidia.com/compute/cuda/repos/ubuntu1804/x86_64/ /" | sudo tee /etc/apt/sources.list.d/nvidia-cuda.list
sudo apt-get update
sudo apt-get install cuda-libraries-10-0

Warning! Don’t install the 10-1 version since the TensorFlow binaries need 10.0.

This will install lots of libs into /usr/local/cuda-10.0 and add the respective directory to the ld.so path by creating a file /etc/ld.so.conf.d/cuda-10-0.conf.

Step 2: Install CUDA 10.0 CuDNN

One difficult to satisfy dependency are the CuDNN libraries. In our case we need the version 7 library for CUDA 10.0. To download these files one needs to have a NVIDIA developer account, which is quick and painless. After that go to the CuDNN page where one needs to select Download cuDNN v7.N.N (xxxx NN, YYYY), for CUDA 10.0 and then cuDNN Runtime Library for Ubuntu18.04 (Deb).

At the moment (as of today) this will download a file libcudnn7_7.6.4.38-1+cuda10.0_amd64.deb which needs to be installed with dpkg -i libcudnn7_7.6.4.38-1+cuda10.0_amd64.deb.

Step 3: Install Tensorflow for GPU

This is the easiest one and can be done as explained on the TensorFlow installation page using

pip3 install --upgrade tensorflow-gpu

This will install several other dependencies, too.

Step 4: Check that everything works

Last but not least, make sure that TensorFlow can be loaded and find your GPU. This can be done with the following one-liner, and in my case gives the following output:

$ python3 -c "import tensorflow as tf;print(tf.reduce_sum(tf.random.normal([1000, 1000])))"
....(lots of output)
2019-10-04 17:29:26.020013: I tensorflow/core/common_runtime/gpu/gpu_device.cc:1304] Created TensorFlow device (/job:localhost/replica:0/task:0/device:GPU:0 with 3390 MB memory) -> physical GPU (device: 0, name: GeForce GTX 1050 Ti, pci bus id: 0000:01:00.0, compute capability: 6.1)
tf.Tensor(444.98087, shape=(), dtype=float32)
$

I haven’t tried to get R working with the newest TensorFlow/Keras combination, though. Hope the above helps.

Worse Than FailureError'd: An Error Storm of Monstrous Proportions

"Move over NOAA, Google News shows us, unfortunately after the fact that The Daily Beast is the TRUEST hurricane prognosticator," Alejandro D. writes.

 

"Um...So, these are so my car can listen to music, wirelessly, because its mirrors are its...er...ears??" Paul writes.

 

Jyri B. wrote, "You know, it's really nice to see that the Eurovision people are embracing all the European languages."

 

"Wow! Maltese looks like a tough language to learn. Glad I don't have to know it. Thank YOU Google Translate!" Peter K. writes.

 

"At Gamestop, you can pre-order figurines of all your favoirte characters from MSI!" wrote Chris A.

 

Mikkel H. writes, "I don't want to hear about timezone issues. The only thing possible that happened here was that my FedEx package was teleported from Beijing to Anchorage and back again."

 

[Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!

Planet DebianMatthew Garrett: Investigating the security of Lime scooters

(Note: to be clear, this vulnerability does not exist in the current version of the software on these scooters. Also, this is not the topic of my Kawaiicon talk.)

I've been looking at the security of the Lime escooters. These caught my attention because:
(1) There's a whole bunch of them outside my building, and
(2) I can see them via Bluetooth from my sofa
which, given that I'm extremely lazy, made them more attractive targets than something that would actually require me to leave my home. I did some digging. Limes run Linux and have a single running app that's responsible for scooter management. They have an internal debug port that exposes USB and which, until this happened, ran adb (as root!) over this USB. As a result, there's a fair amount of information available in various places, which made it easier to start figuring out how they work.

The obvious attack surface is Bluetooth (Limes have wifi, but only appear to use it to upload lists of nearby wifi networks, presumably for geolocation if they can't get a GPS fix). Each Lime broadcasts its name as Lime-12345678 where 12345678 is 8 digits of hex. They implement Bluetooth Low Energy and expose a custom service with various attributes. One of these attributes (0x35 on at least some of them) sends Bluetooth traffic to the application processor, which then parses it. This is where things get a little more interesting. The app has a core event loop that can take commands from multiple sources and then makes a decision about which component to dispatch them to. Each command is of the following form:

AT+type,password,time,sequence,data$

where type is one of either ATH, QRY, CMD or DBG. The password is a TOTP derived from the IMEI of the scooter, the time is simply the current date and time of day, the sequence is a monotonically increasing counter and the data is a blob of JSON. The command is terminated with a $ sign. The code is fairly agnostic about where the command came from, which means that you can send the same commands over Bluetooth as you can over the cellular network that the Limes are connected to. Since locking and unlocking is triggered by one of these commands being sent over the network, it ought to be possible to do the same by pushing a command over Bluetooth.

Unfortunately for nefarious individuals, all commands sent over Bluetooth are ignored until an authentication step is performed. The code I looked at had two ways of performing authentication - you could send an authentication token that was derived from the scooter's IMEI and the current time and some other stuff, or you could send a token that was just an HMAC of the IMEI and a static secret. Doing the latter was more appealing, both because it's simpler and because doing so flipped the scooter into manufacturing mode at which point all other command validation was also disabled (bye bye having to generate a TOTP). But how do we get the IMEI? There's actually two approaches:

1) Read it off the sticker that's on the side of the scooter (obvious, uninteresting)
2) Take advantage of how the scooter's Bluetooth name is generated

Remember the 8 digits of hex I mentioned earlier? They're generated by taking the IMEI, encrypting it using DES and a static key (0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88), discarding the first 4 bytes of the output and turning the last 4 bytes into 8 digits of hex. Since we're discarding information, there's no way to immediately reverse the process - but IMEIs for a given manufacturer are all allocated from the same range, so we can just take the entire possible IMEI space for the modem chipset Lime use, encrypt all of them and end up with a mapping of name to IMEI (it turns out this doesn't guarantee that the mapping is unique - for around 0.01%, the same name maps to two different IMEIs). So we now have enough information to generate an authentication token that we can send over Bluetooth, which disables all further authentication and enables us to send further commands to disconnect the scooter from the network (so we can't be tracked) and then unlock and enable the scooter.

(Note: these are actual crimes)

This all seemed very exciting, but then a shock twist occurred - earlier this year, Lime updated their authentication method and now there's actual asymmetric cryptography involved and you'd need to engage in rather more actual crimes to obtain the key material necessary to authenticate over Bluetooth, and all of this research becomes much less interesting other than as an example of how other companies probably shouldn't do it.

In any case, congratulations to Lime on actually implementing security!

comment count unavailable comments

Dave HallAnnouncing the DrupalSouth Diversity Scholarship

Over the years I have benefited greatly from the generosity of the Drupal Community. In 2011 people sponsored me to write lines of code to get me to DrupalCon Chicago.

Today Dave Hall Consulting is a very successful small business. We have contributed code, time and content to Drupal. It is time for us to give back in more concrete terms.

We want to help someone from an under represented group take their career to the next level. This year we will provide a Diversity Scholarship for one person to attend DrupalSouth, our 2 day Gettin’ Git training course and 5 nights at the conference hotel. This will allow this person to attend the premier Drupal event in the region while also learning everything there is to know about git.

To apply for the scholarship, fill out the form by 23:59 AEST 12 October 2019 to be considered.

Sky CroeserTeaching with, and about, the Internet

In a recent talk at the AoIR 2019 conference, I suggested that it would be helpful to have some kind of collaborative guidelines, similar to the AoIR ethics guidelines, around teaching in Internet Studies and related fields. (For more on my reasoning, see the bite-sized Twitter version of talk.)

In the period after giving the talk, I realised that…maybe I should try to take on some of the labour involved in sparking (or at least checking if there’s broader interest in) the kinds of guidelines I was hoping for. (With a little prompt from Jeremy Hunsinger, thanks!) In some useful-but-hurried conversations over morning tea, I realised that it might be helpful to suggest some general parameters for what the guidelines could focus on.

As someone pointed out, AoIR is the Internet Research Association, not the Internet teaching association. So why have guidelines about teaching at all?

Not all teachers do research, and not all researchers teach, but teaching and research cross-fertilise and depend on each other in important ways in academia today. Drawing on research in Internet Studies, including around data privacy and platform capitalism, might help us to better understand and articulate concerns about how we teach about, and with, the Internet.

There’s plenty of work available about how we teach with the Internet. There’s also some work about how we teach about the Internet (although, I think, a bit less). There are some other areas, like the Platform Pedagogies group, that I need to dig into more deeply. There seems to be room to bring together some of this work with other research being done around the impact of the Internet to provide guidelines or resources that could help us to understand how digital technologies, including learning management systems, extension management systems, Turnitin, and other platforms used in teaching, work. How do they use data? How do they make money? How do they structure and monitor our teaching, and students’ learning? And with a better understanding of these technologies, how might we draw on shared resources to resist or reshape universities’ use of them?

Potentially, Internet Studies teaching guidelines might also do other things, like outline research on assessment or suggest ways of developing more inclusive curriculum. Such research and praxis already exists, but not necessarily with the authority that AoIR support might provide.

 

,

Planet DebianJoey Hess: Project 62 Valencia Floor Lamp review

From Target, this brass finish floor lamp evokes 60's modernism, updated for the mid-Anthropocene with a touch plate switch.

The integrated microcontroller consumes a mere 2.2 watts while the lamp is turned off, in order to allow you to turn the lamp on with a stylish flick. With a 5 watt LED bulb (sold separately), the lamp will total a mere 7.2 watts while on, making it extremely energy efficient. While off, the lamp consumes a mere 19 kilowatt-hours per year.

clamp multimeter reading 0.02 amps AC, connected to a small circuit board with a yellow capacitor, a coil, and a heat sinked IC visible lamp from rear; a small round rocker switch has been added to the top of its half-globe shade

Though the lamp shade at first appears perhaps flimsy, while you are drilling a hole in it to add a physical switch, you will discover metal, though not brass all the way through. Indeed, this lamp should last for generations, should the planet continue to support human life for that long.

As an additional bonus, the small plastic project box that comes free in this lamp will delight any electrical enthusiast. As will the approximately 1 hour conversion process to delete the touch switch phantom load. The 2 cubic foot of syrofoam packaging is less delightful.

Two allen screws attach the pole to the base; one was missing in my lamp. Also, while the base is very heavily weighted, the lamp still rocks a bit when using the aftermarket switch. So I am forced to give it a mere 4 out of 5 stars.

front view of lit lamp beside a bookcase

Planet DebianMolly de Blanc: Free software activities (September 2019)

September marked the end of summer and the end of my summer travel.  Paid and non-paid activities focused on catching up with things I fell behind on while traveling. Towards the middle of September, the world of FOSS blew up, and then blew up again, and then blew up again.

A photo of a river with the New York skyline in the background.

Free software activities: Personal

  • I caught up on some Debian Community Team emails I’ve been behind on. The CT is in search of new team members. If you think you might be interested in joining, please contact us.
  • After much deliberation, the OSI decided to appoint two directors to the board. We will decide who they will be in October, and are welcoming nominations.
  • On that note, the OSI had a board meeting.
  • Wrote a blog post on rights and freedoms to create a shared vocabulary for future writing concerning user rights. I also wrote a bit about leadership in free software.
  • I gave out a few pep talks. If you need a pep talk, hmu.

Free software activities: Professional

  • Wrote and published the September Friends of GNOME Update.
  • Interviewed Sammy Fung for the GNOME Engagement Blog.
  • Did a lot of behind the scenes work for GNOME, that you will hopefully see more of soon!
  • I spent a lot of time fighting with CiviCRM.
  • I attended GitLab Commit on behalf of GNOME, to discuss how we implement GitLab.

 

Planet DebianThorsten Alteholz: My Debian Activities in September 2019

FTP master

This month I accepted 246 packages and rejected 28. The overall number of packages that got accepted was 303.

Debian LTS

This was my sixty third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 23.75h. During that time I did LTS uploads of:

    [DLA 1911-1] exim4 security update for one CVE
    [DLA 1936-1] cups security update for one CVE
    [DLA 1935-1] e2fsprogs security update for one CVE
    [DLA 1934-1] cimg security update for 8 CVEs
    [DLA 1939-1] poppler security update for 3 CVEs

I also started to work on opendmarc and spip but did not finish testing yet.
Last but not least I did some days of frontdesk duties.

Debian ELTS

This month was the sixteenth ELTS month.

During my allocated time I uploaded:

  • ELA-160-1 of exim4
  • ELA-166-1 of libpng
  • ELA-167-1 of cups
  • ELA-169-1 of openldap
  • ELA-170-1 of e2fsprogs

I also did some days of frontdesk duties.

Other stuff

This month I uploaded new packages of …

I also uploaded new upstream versions of …

I improved packaging of …

On my Go challenge I uploaded golang-github-rivo-uniseg, golang-github-bruth-assert, golang-github-xlab-handysort, golang-github-paypal-gatt.

I also sponsored the following packages: golang-gopkg-libgit2-git2go.v28.

CryptogramMeasuring the Security of IoT Devices

In August, CyberITL completed a large-scale survey of software security practices in the IoT environment, by looking at the compiled software.

Data Collected:

  • 22 Vendors
  • 1,294 Products
  • 4,956 Firmware versions
  • 3,333,411 Binaries analyzed
  • Date range of data: 2003-03-24 to 2019-01-24 (varies by vendor, most up to 2018 releases)

[...]

This dataset contains products such as home routers, enterprise equipment, smart cameras, security devices, and more. It represents a wide range of either found in the home, enterprise or government deployments.

Vendors are Asus, Belkin, DLink, Linksys, Moxa, Tenda, Trendnet, and Ubiquiti.

CyberITL's methodology is not source code analysis. They look at the actual firmware. And they don't look for vulnerabilities; they look for secure coding practices that indicate that the company is taking security seriously, and whose lack pretty much guarantees that there will be vulnerabilities. These include address space layout randomization and stack guards.

A summary of their results.

CITL identified a number of important takeaways from this study:

  • On average, updates were more likely to remove hardening features than add them.
  • Within our 15 year data set, there have been no positive trends from any one vendor.
  • MIPS is both the most common CPU architecture and least hardened on average.
  • There are a large number of duplicate binaries across multiple vendors, indicating a common build system or toolchain.

Their website contains the raw data.

Planet DebianBirger Schacht: Installing and running Signal on Tails

Because the topic comes up every now and then, I thought I’d write down how to install and run Signal on Tails. These instructions are based on the 2nd Beta of Tails 4.0 - the 4.0 release is scheduled for October 22nd. I’m not sure if these steps also work on Tails 3.x, I seem to remember having some problems with installing flatpaks on Debian Stretch.

The first thing to do is to enable the Additional Software feature of Tails persistence (the Personal Data feature is also required, but that one is enabled by default when configuring persistence). Don’t forget to reboot afterwards. When logging in after the reboot, please set an Administration Password.

The approach I use to run Signal on Tails is using flatpak, so install flatpak either via Synaptic or via commandline:

sudo apt install flatpak

Tails then asks if you want to add flatpak to your additional software and I recommend doing so. The list of additional software can be checked via Applications → System Tools → Additional Software. The next thing you need to do is set up the directories- flatpak installs the software packages either system-wide in $prefix/var/lib/flatpak/[1] or per user in $HOME/.local/share/flatpak/ (the latter lets you manage your flatpaks without having to use elevated permissions). User specific data of the apps goes into $HOME/.var/app. This means we have to create directories on our Peristent folder for those two locations and then link them to their targets in /home/amnesia.

I recommend putting these commands into a script (i.e. /home/amnesia/Persistent/flatpak-setup.sh) and making it executable (chmod +x /home/amnesia/Persistent/flatpak-setup.sh):

#!/bin/sh

mkdir -p /home/amnesia/Persistent/flatpak
mkdir -p /home/amnesia/.local/share
ln -s /home/amnesia/Persistent/flatpak /home/amnesia/.local/share/flatpak
mkdir -p /home/amnesia/Persistent/app
mkdir -p /home/amnesia/.var
ln -s /home/amnesia/Persistent/app /home/amnesia/.var/app

Now you need to add a flatpak remote and install signal:

amnesia@amnesia:~$ torify flatpak remote-add --user --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
amnesia@amnesia:~$ torify flatpak install flathub org.signal.Signal

This will take a couple of minutes.

To show Signal the way to the next whiskey bar through Tor the HTTP_PROXY and HTTPS_PROXY environment variables have to be set. I recommend again to put this into a script (i.e. /home/amnesia/Persistent/signal.sh)

#!/bin/sh

export HTTP_PROXY=socks://127.0.0.1:9050
export HTTPS_PROXY=socks://127.0.0.1:9050
flatpak run org.signal.Signal

Screenshot of Signal on Tails 4 Yay it works!

To update signal you have to run

amnesia@amnesia:~$ torify flatpak update

To make the whole thing a bit more comfortably, the folder softlinks can be automatically created on login using a Gnome autostart script. For that to work you have to have the Dotfiles feature of Tails enabled. Then you can create a /live/persistence/TailsData_unlocked/dotfiles/.config/autostart/FlatpakSetup.desktop file:

[Desktop Entry]
Name=FlatpakSetup
GenericName=Setup Flatpak on Tails
Comment=This script runs the flatpak-setup.sh script on start of the user session
Exec=/live/persistence/TailsData_unlocked/Persistent/flatpak-setup.sh
Terminal=false
Type=Application

By adding /live/persistence/TailsData_unlocked/dotfiles/.local/share/applications/Signal.desktop file to the dotfiles folder, Signal also shows as part of the Gnome applications with a nice Signal icon:

[Desktop Entry]
Name=Signal
GenericName=Signal Desktop Messenger
Exec=/home/amnesia/Persistent/signal.sh
Terminal=false
Type=Application
Icon=/home/amnesia/.local/share/flatpak/app/org.signal.Signal/current/active/files/share/icons/hicolor/128x128/apps/org.signal.Signal.png

Screenshot of Signal Application Icon Tails 4


  1. It is also possible to configure additional system wide installation locations, details are documented in flatpak-installation(5) [return]

Planet DebianMike Gabriel: Debian Edu FAI

Over the past month I worked on re-scripting the installation process of a Debian Edu system (minimal installation profile and workstation installation profile for now) by utilizing FAI [1].

My goal on this is to get the Debian Edu FAI config space into Debian bullseye (as package: debian-edu-fai) and provide an easy setup method for the FAI installation server on an existing Debian Edu site.

Note: I do not intend to bootstrap a complete Debian Edu site via FAI. The use case is: get your Debian Edu main server up and running, add host faiserver.intern and install all your site's client systems via this FAI installation server.

Debian Edu Installation Methods (until today)

Currently, we only have a D-I based installation method (over PXE or ISO image) at hand with several disadvantages:

  • requires interaction
  • not really customizable
  • comparingly slow (now that I have seen FAI do these things)

All of the above problems can be solved by installing Debian Edu via a FAI configuration.

Debian Edu Installation via FAI ( This rocks so much!!! )

As you may guess, but I need to repeat the above (because I am so excited about it), here are the advantages of installing Debian Edu via FAI:

  • Debian Edu installation via FAI is incredibly fast
  • Customization: drop in some more files into the FAI config space and you have a customized setup. [2]
  • FAI supports zero-click installs, so no more interaction is required except from booting via PXE
  • FAI supports stuffing the FAI installation bootstrap system into a bootable ISO image

Get it!

The whole setup process of a FAI server on a Debian Edu network still requires some documentation and testing, but the config space for FAI, I have already provided on Debian's GitLab server:

     https://salsa.debian.org/debian-edu/debian-edu-fai/

Have fun with this and provide feedback, if you try this out. Thanks!

light+love
Mike

References and Footnotes

  • [1] https://fai-project.org
  • [2] For our local "IT-Zukunft Schule" project I added several FAI config extensions without having to touch the Debian Edu FAI configuration files.

Worse Than FailureThe Windows Update

Every change breaks someones workflow.

A few years ago, Ian started at one of the many investment banks based out of London. This particular bank was quite proud of how they integrated “the latest technology” into all their processes, “favoring the bleeding edge,” and “are always focusing on Agile methods, and cross-functional collaboration.”

That last bit is why every software developer was on a tech support rotation. Every two weeks, they’d have to spend a day sitting with the end users, watching them work. Ostensibly, by seeing how the software was actually used, the developers would have a better sense of the users’ needs. In practice, they mostly showed people how to delete emails or recover files from the recycling bin.

Unfortunately, these end users also directly or indirectly controlled the bank’s budgeting process, so keeping them happy was a big part of ensuring continued employment. Not just service, but service with a smile- or else.

Ian’s problem customer was Jacob. Jacob had been with the bank at least thirty years, and still longed for the days of lunchtime brandy and casual sexual harassment. He did not like computers. He did not like the people who serviced his computer. He did not like it when a web page displayed incorrectly, and he especially did not like it when you explained that you couldn’t edit the web page you didn’t own, and couldn’t tell Microsoft to change Internet Explorer to work with that particular website.

“I understand you smart technical kids are just a cost of doing business,” Jacob would often say, “but your budget is out of control. Something must be done!”

Various IT projects proceeded apace. Jacob continued to try and cut their budget. And then the Windows 7 rollout happened.

This was a massive effort. They had been on Windows XP. A variety of intranet and proprietary applications didn’t work on Windows 7, and needed to be upgraded. Even with those upgrades, everyone knew that there would be more problems. These big changes never came without unexpected side effects.

The day Jacob got Windows 7 imaged onto his computer also happened to be the day Ian was on helldesk duty. Ian got a frantic email:

My screen is broken! Everything is wrong! COME TO MY DESK RIGHT NOW, YOUNG MAN

Ian had already prepared, and went right ahead and changed Jacob’s desktop settings so that they as closely mimicked Windows XP as possible.

“That’s all fine and good,” Jacob said, “but it’s still broken.”

Ian looked at the computer. Nothing was broken. “What… what exactly is the problem?”

“Internet Explorer is broken!”

Ian double clicked the IE icon. The browser launched just fine, and pulled up the company home page.

“No! Close that window, and look at the desktop!”

Ian did so, waiting for Jacob to explain the problem. Jacob waited for Ian to see the problem. They both sat there, waiting, no one willing to move until the other had gone.

Jacob broke first. “The icon is wrong!”

Ah, yes, the big-blue-E of Windows XP had been replaced by the big-blue-E of Windows 7.

“This is unacceptable!” Jacob said.

Ian had already been here for most of the morning, so a few more minutes made no difference. He fired up image search, grabbed the first image which was an XP era IE icon, and then set that as the icon on the desktop.

Jacob squinted. “Nope. No, I don't like that. It’s too smooth.”

Of course. Ian had grabbed the first image, which was much higher resolution than the original icon file. “I… see. Give me a minute.”

Ian went back to his desk, resized the image, threw it on a network share, went back to Jacob’s desk, and changed the icon.

“There we are,” Jacob said. “At least someone on your team knows how to support their users. It’s not just about making changes willy-nilly, you know. Good work!”

That was the first and only honest compliment Jacob ever gave Ian. Two years later, Ian moved on to a new job, leaving Jacob with his old IE icon, sitting at the same desk he’d been since before the Internet was even a “thing”.

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!

,

Planet DebianGunnar Wolf: Presenting a webinar: Privacy and anonymity: Requisites for individuals' security online

I was invited by the Mexican Chapter of the Internet Society (ISOC MX) to present a webinar session addressing the topics that motivated the project I have been involved for the past two years — And presenting some results, what we are doing, where we are heading.

ISOC's webinars are usually held via the Zoom platform. However, I felt it directly adversarial to what we are doing; we don't need to register with a videoconference provider if we can use Jitsi! So, the webinar will be held at https://meet.jit.si/WebinarISOC. Of course, I am aware that if we reach a given threshold, Jitsi will stop giving a quality service — So I will also mirror it to a "YouTube live" thingy. I am not sure if this will be the right URL, but I think it will be here.

Of course, I will later download the video and publish it in a site that tracks users less than YouTube :-]

So, if you are interested — See you there on 2019.10.16, 19:00 (GMT-5).

AttachmentSize
webinario1609FINAL.jpg134.71 KB

CryptogramNew Research into Russian Malware

There's some interesting new research about Russian APT malware:

The Russian government has fostered competition among the three agencies, which operate independently from one another, and compete for funds. This, in turn, has resulted in each group developing and hoarding its tools, rather than sharing toolkits with their counterparts, a common sight among Chinese and North Korean state-sponsored hackers.

"Every actor or organization under the Russain APT umbrella has its own dedicated malware development teams, working for years in parallel on similar malware toolkits and frameworks," researchers said.

"While each actor does reuse its code in different operations and between different malware families, there is no single tool, library or framework that is shared between different actors."

Researchers say these findings suggest that Russia's cyber-espionage apparatus is investing a lot of effort into its operational security.

"By avoiding different organizations re-using the same tools on a wide range of targets, they overcome the risk that one compromised operation will expose other active operations," researchers said.

This is no different from the US. The NSA malware released by the Shadow Brokers looked nothing like the CIA "Vault 7" malware released by WikiLeaks.

The work was done by Check Point and Intezer Labs. They have a website with an interactive map.

Planet DebianMike Gabriel: My Work on Debian LTS/ELTS (September 2019)

In September 2019, I have worked on the Debian LTS project for 11 hours (of 12 hours planned) and on the Debian ELTS project for another 2 hours (of 12 hours planned) as a paid contributor. I have given back the 10 ELTS hours, but will keep the 1 LTS hour and move it over to October. As I will be gone on family vacation during two weeks of Octobre I have reduced my workload for the coming months accordingly (10 hours LTS, 5 hours ELTS).

LTS Work

  • Patch review on qemu (regarding DLA-1927-1)
  • Perform regression tests on previous LTS uploads of 389-ds-base (see [1,2] for results/statements)
  • Upload netty 3.2.6.Final-2+deb8u1 to jessie-security (DLA-1941-1 [3]), fixing 1 CVE
  • Triage nghttp2, probably not affected by CVE-2019-9511 and CVE-2019-9513. The code base is really different around the passages where the fixing patches have been applied by upstream. I left a comment in dla-needed.txt plus asked for a second opinion. [4]
  • Go over all 2019 LTS announcements in the webwml.git repository and ping LTS team members (including myself) on missing webwml DLAs.
  • Upload phpbb3 3.0.12-5+deb8u4 to jessie-security (DLA-1942-1 [5]), fixing 1 (or 2) CVE(s). Regarding the phpbb3 upload, Sylvain Beucler and I are currently discussing [6] whether CVE-2019-13376 got actually fixed with this upload or not. There will be some sort of follow-up announcement on this matter soon.

ELTS Work

  • Upload netty 3.2.6.Final-2+deb7u1 to wheezy-lts (ELA-168-1 [7]), fixing 1 CVE

References

Sam VargheseHigh time for Michael Cheika to stop whinging about referees

When Australia loses a rugby match, it is generally put down to some external factor like refereeing. This is the response of both the so-called experts and the coach, Michael Cheika, whose middle name should be “whinging”.

Thus when Wales beat Australia in a pool game in the Rugby World Cup last week, a match that is very likely to decide the winner of that pool and condemn Australia to meet England in the quarter-finals, the reaction was no different.

Cheika is helped in his whinging by the former players who act as “experts” on telecasts of the game. The coach complained about a penalty awarded against centre Samu Kerevi by French referee Romain Poite when the Australian forward’s forearm slid up to touch the throat of Welsh standoff Dan Bigger.

Complaining that he no longer knew what the rules were, Cheika kept quiet about the fact that all coaches had been advised before the start of the tournament that any hits to the head region, intentional or accidental, would be strongly penalised.

The bodies that govern all contact sports are wary of lawsuits from concussion-related injuries after the NFL had to pay out billions to players. World rugby does not have that kind of money to dish out; hence, the caution is understandable.

Perhaps Cheika was frustrated by his selections for the match; he brought in Bernard Foley and Nic White as standoff and scrum-half respectively, after a lack-lustre performance by Christian Lealiifano and Will Genia in those roles in the first pool game. Both Foley and Genia played poorly.

Cheika should have, instead, played Matt Toomua in the role of playmaker after he had put on a strong showing against Fiji when he came on in the second half. Toomua added some much-needed sharpness to the attack against Wales too, but by then it was too late.

Some commentators also mumbled about the intercept try that Welsh scrum-half Gareth Davies scored, but this complaint had no basis. A look at the match video shows Davies clearly onside at the moment when Genia flung the pass. In fact, Genia took so many steps before passing that only a blind man would have been unable to judge his intentions.

In the first game, Cheika whinged about the penalty handed out to winger Reece Hodge, for a tackle on Fijian flanker Peceli Yato. It left the big islander concussed and he was unable to play any further part in the game. Until that point, Yato had been Fiji’s best player by a mile.

Hodge escaped any penalty during the game but was cited and then banned for three games by the disciplinary panel.

Australia fails to recognise that by constantly complaining referees, they are annoying the officials no end. Cheika could learn a lesson or two from New Zealand coach Steve Hansen.

In 2017, when the British and Irish Lions toured New Zealand, French referee Jérôme Garcès sent off centre Sonny Bill Williams during the second Test. The Kiwis had won the first Test, and as a result of playing with 14 men, New Zealand were beaten in the second game.

In the third game, a tight one, where Poite was the referee, the scores were level 15-all with a few minutes left to play when a high ball bounced off a Lions player directly into the hands of replacement hooker Ken Owens.

Owens caught the ball and then, realising he was offside, quickly threw it away.

Poite awarded New Zealand a penalty in a position from which fly-half Beauden Barrett could have easily converted it. But then Garcès stepped up to him, and the two men conversed in French for a while.

After that Poite said, “we will make a deal”, claimed it was an “accidental offside” and awarded New Zealand a scrum. This resulted in the game ending in a draw, which meant the series was drawn 1-1.

Hansen did not complain a great deal about this, only saying: “Romain’s instinct was it was a penalty. If he had gone with his instincts he would have made the right decision. But he got caught up in over-thinking it. I bet he is not feeling good about that.

“He is a good man, Romain. He hasn’t done it deliberately. You just have to accept it, as much as it can be frustrating and annoying. It is part of sport.”

Cheika would do well to learn from that example.

Worse Than FailureCodeSOD: An Updated Version

Some folks were perplexed by the fact that Microsoft skipped Windows 9 and went straight to Windows 10. The urban legend is that so many old applications checked which version of Windows was running by doing something like version.startsWith("Windows 9") to see if they were on 95 or 98, that Microsoft risked breaking otherwise working code if they released Windows 9.

But gone are those days of doing string munging to check which version of an OS we’re running on. We’ve got much better ways to check what features and functionality are available without having to parse strings out, right?

John D found some TypeScript code in a Ionic app that needs to adapt to different versions of iOS:

private iOS13Device(): boolean {
		// fix for ios 13 pan end issue
		if (
			this.isIOS13Device === undefined &&
			this.deviceService.isiOS &&
			this.deviceInfoService.deviceInfo &&
			this.deviceInfoService.deviceInfo.osVersion &&
			this.deviceInfoService.deviceInfo.osVersion.indexOf('_') &&
			this.deviceInfoService.deviceInfo.osVersion.split('_') &&
			this.deviceInfoService.deviceInfo.osVersion.split('_')[0] &&
			this.deviceInfoService.deviceInfo.osVersion.split('_')[0] === '11'
		) {
			this.isIOS13Device = true;
			return this.isIOS13Device;
		} else {
			this.isIOS13Device = false;
			return this.isIOS13Device;
		}
	}

Well, at least they’re caching the result.

Also, I’m no expert on iOS device strings, but this seems to imply that an iOS13Device (an OS which just came out recently) reports its OS version number as a string starting with 11. Maybe that’s correct, but in either case, that seems like a bonus WTF.

[Advertisement] ProGet can centralize your organization's software applications and components to provide uniform access to developers and servers. Check it out!

,

TEDWe the Future 2019: Talks from TED, the Skoll Foundation and the United Nations Foundation

Hosts Rajesh Mirchandani and Chee Pearlman wave to “We The Future” attendees who watched the salon live from around the world through TED World Theater technology. (Photo: Ryan Lash / TED)

At “We the Future,” a day of talks from TED, the Skoll Foundation and the United Nations Foundation at the TED World Theater in New York City, 18 speakers and performers shared daring ideas, deep analysis, cautionary tales and behavior-changing strategies aimed at meeting the UN Sustainable Development Goals (SDGs), the global goals created in partnership with individuals around the world and adopted at the United Nations in 2015.

The event: We the Future, presented by TED, the Skoll Foundation and the United Nations Foundation to share ingenious efforts of people from every corner of the globe

When and where: Tuesday, September 24, 2019, at the TED World Theater in New York, NY

Music: Queen Esther with Hilliard Greene and Jeff McGlaughlin, performing the jazzy “Blow Blossoms” and the protest song “All That We Are”

The talks in brief:


David Wallace-Wells, journalist

Big idea: The climate crisis is too vast and complicated to solve with a silver bullet. We need a shift in how we live: a whole new politics, economics and relationship to technology and nature.

Why? The climate crisis isn’t the legacy of our ancestors, but the work of a single generation — ours, says Wallace-Wells. Half of all the emissions from the burning of fossil fuels in the history of humanity were produced in the last 30 years. We clearly have immense power over the climate, and it’s put us on the brink of catastrophe — but it also means we’re the ones writing the story of our planet’s future. If we are to survive, we’ll need to reshape society as we know it — from building entirely new electric grids, planes and infrastructures to rethinking the way the global community comes together to support those hit hardest by climate change. In we do that, we just might build a new world that’s livable, prosperous and green.

Quote of the talk: “We won’t be able to beat climate change — only live with it and limit it.”


“When the cost of inaction is that innocent children are left unprotected, unvaccinated, unable to go to school … trapped in a cycle of poverty, exclusion and invisibility, it’s on us to take this issue out of darkness and into the light,” says legal identity expert Kristen Wenz. She speaks at “We The Future” on September 24, 2019, at the TED World Theater in New York, NY. (Photo: Ryan Lash / TED)

Kristen Wenz, legal identity expert

Big idea: More than one billion people — mostly children — don’t have legal identities or birth certificates, which means they can’t get vital government services like health care and schooling. It’s a massive human rights violation we need to fix.

How? There are five key approaches to ensuring children are registered and protected — reduce distance, reduce cost, simplify the process, remove discrimination and increase demand. In Tanzania, the government helped make it easier for new parents to register their child by creating an online registration system and opening up registration hubs in communities. The results were dramatic: the number of children with birth certificates went from 16 to 83 percent in just a few years. By designing solutions with these approaches in mind, we can provide better protection and brighter opportunities for children across the world.

Quote of the talk: “When the cost of inaction is that innocent children are left unprotected, unvaccinated, unable to go to school … trapped in a cycle of poverty, exclusion and invisibility, it’s on us to take this issue out of darkness and into the light.”


Don Gips, CEO of the Skoll Foundation, in conversation with TEDWomen curator and author Pat Michell

Big idea: Don Gips turned away from careers in both government and business and became CEO of the Skoll Foundation for one reason: the opportunity to take charge of investing in solutions to the most urgent issues humanity faces. Now, it’s the foundation’s mission to identify the investments that will spark the greatest changes.

How?

By reaching deeper into communities and discovering and investing in social entrepreneurs and other changemakers, the Skoll Foundation supports promising solutions to urgent global problems. As their investments yield positive results, Gips hopes to inspire the rest of the philanthropic community to find better ways to direct their resources.

Quote of the interview: “We don’t tell the changemaker what the solution is. We invest in their solution, and go along on the journey with them.”


“By making aesthetic, some might say beautiful, arrangements out of the world’s waste, I hope to hook the viewer, to draw in those that are numb to the horrors of the world, and give them a different way to understand what is happening,” says artist Alejandro Durán. He speaks at “We The Future” on September 24, 2019, at the TED World Theater in New York, NY. (Photo: Ryan Lash / TED)

Alejandro Durán, artist

Big Idea: Art can spotlight the environmental atrocities happening to our oceans — leaving viewers both mesmerized and shocked.

Why? From prosthetic legs to bottle caps, artist Alejandro Durán makes ephemeral environmental artworks out of objects he finds polluting the waters of his native region of Sian Ka’an, Mexico. He meticulously organizes materials by color and curates them into site-specific work. Durán put on his first “Museo de La Basura or Museum of Garbage exhibition in 2015, which spoke to the horrors of the Great Pacific Garbage Patch, and he’s still making art that speaks to the problem of ocean trash. By endlessly reusing objects in his art, Durán creates new works that engage communities in environmental art-making, attempting to depict the reality of our current environmental predicament and make the invisible visible.

Quote of the talk: “By making aesthetic, some might say beautiful, arrangements out of the world’s waste, I hope to hook the viewer, to draw in those that are numb to the horrors of the world, and give them a different way to understand what is happening.”


Andrew Forrest, entrepreneur, in conversation with head of TED Chris Anderson

Big idea: The true — and achievable! — business case for investing in plastic recycling.

How? Since earning his PhD in marine ecology, Forrest has dedicated his time and money to solving the global plastic problem, which is choking our waterways and oceans with toxic material that never biodegrades. “I learned a lot about marine life,” he says of his academic experience. “But it taught me more about marine death.” To save ourselves and our underwater neighbors from death by nanoplastics, Forrest says we need the big corporations of the world to fund a massive environmental transition that includes increasing the price of plastic and turning the tide on the recycling industry.

Quote of the talk: “[Plastic] is an incredible substance designed for the economy. It’s the worst substance possible for the environment.”


Raj Panjabi, cofounder of medical NGO Last Mile Health

Big idea: Community health workers armed with training and technology are our first line of defense against deadly viral surges. If we are to fully protect the world from killer diseases, we must ensure that people living in the most remote areas of the planet are never far from a community health worker trained to throttle epidemics at their outset.

How? In December 2013, Ebola broke out in West Africa and began a transborder spread that threatened to wipe out millions of people. Disease fighters across Africa joined the battle to stop it — including Liberian health workers trained by Last Mile Health and armed with the technology, knowledge and support necessary to serve their communities. With their help, Ebola was stopped (for now), after killing 11,000 people. Panjabi believes that if we train and pay more community health workers, their presence in underserved areas will not only stop epidemics but also save the lives of the millions of people threatened by diseases like malaria, pneumonia and diarrhea.

Quote of the talk:We dream of a future when millions of people … can gain dignified jobs as community health workers, so they can serve their neighbors in the forest communities of West Africa to the fishing villages of the Amazon; from the hilltops of Appalachia to the mountains of Afghanistan.”


“Indigenous people have the answer. If we want to save the Amazon, we have to act now,” says Tashka Yawanawá, speaking at “We The Future” with his wife, Laura, on September 24, 2019, at the TED World Theater in New York, NY. (Photo: Ryan Lash / TED)

Tashka and Laura Yawanawá, leaders of the Yawanawá in Acre, Brazil

Big idea: To save the Amazon rainforest, let’s empower indigenous people who have been coexisting with the rainforest for centuries.

Why? Tashka Yawanawá is chief of the Yawanawá people in Acre, Brazil, leading 900 people who steward 400,000 acres of Brazilian Amazon rainforest. As footage of the Amazon burning shocks the world’s conscious, Tashka and his wife, Laura, call for us to transform this moment into an opportunity to support indigenous people who have the experience, knowledge and tools to protect the land.

Quote of the talk: “Indigenous people have the answer. If we want to save the Amazon, we have to act now.”


Alasdair Harris, ocean conservationist

Big idea: To the impoverished fishers that rely on the sea for their food, and who comprise 90 percent of the world’s fishing fleet, outside interference by scientists and marine managers can seem like just another barrier to their survival. Could the world rejuvenate its marine life and replenish its fish stocks by inspiring coastal communities rather than simply regulating them?

How? When he first went to Madagascar, marine biologist Alasdair Harris failed to convince local leaders to agree to a years-long plan to close their threatened coral reefs to fishing. But when a contained plan to preserve a breeding ground for an important local species of octopus led to rapid growth in catches six months later, the same elders banded together with leaders across Madagascar to spearhead a conservation revolution. Today, Harris’s organization Blue Ventures works to help coastal communities worldwide take control of their own ecosystems.

Quote of the talk: When we design it right, marine conservation reaps dividends that go far beyond protecting nature — improving catches, driving waves of social change along entire coastlines, strengthening confidence, cooperation and the resilience of communities to face the injustice of poverty and climate change.”


Bright Simons, social entrepreneur and product security expert

Big idea: A global breakdown of the trustworthiness of markets and regulatory institutions has led to a flurry of counterfeit drugs, mislabeled food and defective parts. Africa has been dealing with counterfeit goods for years, and entrepreneurs like Bright Simons have developed myriad ways consumers can confirm that their food and drug purchases are genuine. Why are these methods ignored in the rest of the world?

How? Bright Simons demonstrates some of the innovative solutions Africans use to restore trust in their life-giving staples, such as text hotlines to confirm medications are real and seed databases to certify the authenticity of crops. Yet in the developed world, these solutions are often overlooked because they “don’t scale” — an attitude Simons calls “mental latitude imperialism.” It’s time to champion “intellectual justice” — and look at these supposedly non-scalable innovations with new respect.

Quote of the talk: “It just so happens that today, the most advanced and most progressive solutions to these problems are being innovated in the developing world.”


“Water is life. It is the spirit that binds us from sickness, death and destruction,” says LaToya Ruby Frazier. She speaks at “We The Future” on September 24, 2019, at the TED World Theater in New York, NY. (Photo: Ryan Lash / TED)

LaToya Ruby Frazier, artist 

Big Idea: LaToya Ruby Frazier’s powerful portraits of women in Flint, Michigan document the reality of the Flint water crisis, bringing awareness to the ongoing issue and creating real, positive change.

How? Frazier’s portraits of the daily lives of women affected by the Flint water crisis are striking reminders that, after all the news crews were gone, the people of Flint still did not have clean water. For one photo series, she closely followed the lives of Amber Hasan and Shea Cobb — two activists, poets and best friends — who were working to educate the public about the water crisis. Frazier has continued collaborating with Hasan and Cobb to seek justice and relief for those suffering in Flint. In 2019, they helped raise funds for an atmospheric water generator that provided 120,000 gallons of water to Flint residents. 

Quote of the talk: “Water is life. It is the spirit that binds us from sickness, death and destruction. Imagine how many millions of lives we could save if [the atmospheric water generator] were in places like Newark, New Jersey, South Africa and India — with compassion instead of profit motives.”


Cassie Flynn, global climate change advisor

Big idea: We need a new way to get citizen consensus on climate change and connect them with governments and global leaders.

How? The United Nations is taking on an entirely new model of reaching the masses: mobile phone games. Flynn shares how their game “Mission 1.5” can help people learn about their policy choices on climate change by allowing them to play as heads of state. From there, the outcomes of their gameplay will be compiled and shared with their national leaders and the public. Flynn foresees this as a fresh, feasible way to meet citizens where they are, to educate them about climate change and to better connect them to the people who are making those tough decisions.

Quote of the talk: “Right now, world leaders are faced with the biggest and most impactful decisions of their entire lives. What they decide to do on climate change will either lead to a riskier, more unstable planet or a future that is more prosperous and sustainable for us all.”


Wanjira Mathai, entrepreneur

Big Idea: Corruption is a constant threat in Kenya. To defeat it there and anywhere, we need to steer youth towards integrity through education and help them understand the power of the individual.

Why? In 1989, the Karura Forest, a green public oasis in Nairobi, Kenya, was almost taken away by a corrupt government until political activist Wangari Maathai, Nobel Prize recipient and founder of the Greenbelt Movement, fought back fiercely and won. Continuing Maathai’s legacy, her daughter Wanjira explains how corruption is still very much alive in Kenya — a country that loses a third of its state budget to corruption every year. “Human beings are not born corrupt. At some point these behaviors are fostered by a culture that promotes individual gain over collective progress,” she says. She shares a three-pronged strategy for fighting corruption before it takes root by addressing why it happens, modeling integrity and teaching leadership skills.

Quote of the talk: “We cannot complain forever. We either decide that we are going to live with it, or we are going to change it. And if we are going to change it, we know that today, most of the world’s problems are caused by corruption and greed and selfishness.”

TEDThe terrifying now of big data and surveillance: A conversation with Jennifer Granick

Jennifer Granick speaking at TEDxStandford.

Concerns are growing around privacy and government surveillance in today’s hyper-connected world. Technology is smarter and faster than ever — and so are government strategies for listening in. As a lawyer for the ACLU, Jennifer Granick (TED Talk: How the US government spies on people who protest — including you) works to demystify the murky legal landscape of privacy civil rights, protecting our freedom of privacy against government and private interests. We spoke with her about the battle against government surveillance, how you can keep your data safe and why legal transparency — and legal action — is vital. 

In your talk at TEDxStanford, you detail some of the history and methods of government surveillance in the United States. Can you elaborate on how these methods have evolved as technology has advanced?

As Supreme Court Justice John Roberts put it, it’s the difference between “a ride on horseback [and] a flight to the moon.” The amount of information that’s available about us is exponentially more; the ease of accessing it and analyzing it, because of big data tools, storage and machine searching, is categorically different. At the same time, the laws that are intended to protect our privacy have been downgraded repeatedly, most recently in the name of the War on Terror. Everything is bigger; there’s just so much more out there.

In your talk, you mentioned that Section 702 of the FISA amendments (which allows US government agencies to surveil “foreign terrorist threats”) expired in 2017. What kind of impact will that have on the landscape of surveillance?

There was a long political battle about 702 and trying to amend it. What ended up happening is that Congress just reauthorized it, and passed it as part of a larger bill with no real reform. The movement to try to do something about it utterly failed. What it means is that right now, with more confidence than ever before, the intelligence community and [its] agencies can gather information in the name of targeting foreigners and store all of that information. So, they can search through conversations we’re having with people overseas. The news that’s happened since then shows that there are still mistakes and problems with the way these intelligence agencies are handling the information, and that they’re regularly breaking the rules. There was a recent story about the FBI violating the 702 rules. There’s no accountability to comply with the law; weak as it is, it’s basically not a concern.

What role do tech companies like Amazon and Facebook play in perpetuating these surveillance efforts?

Companies don’t want to comply with a whole bunch of legal processes, but when they do, they want it to be clear what they’re supposed to do, and they don’t want any liability for it. The companies have had some comments about wanting to restrain government surveillance to legitimate purposes to reassure their non-American users, and they’ve pushed for some sort of clarity and regularity in how surveillance is going to happen. They came out in favor of a more controlled exercise of 702, but no real reform. They also supported the Cloud Act which is a recent law that basically enables foreign governments to access information stored here in the US without meeting the higher standard of US legal process. They’re not consistently civil libertarians or privacy advocates.

—————

If you care about any political issue — whether it’s tax reform or Black Lives Matter — we need to ensure these people can operate freely in the political world.

—————

Facial recognition technology like Amazon’s “Rekognition” is being used by law enforcement across the country. What are the concerns and possible consequences around the use of this technology? 

Face identification connected to surveillance cameras is particular dystopian, but the ACLU of Northern California’s test of Rekognition shows that even the more pedestrian uses of the technology are dangerous. In tests, the software incorrectly identified 28 members of Congress as people who have been arrested for a crime and disproportionately flagged members of the Congressional Black Caucus. The problem is both that the tool is inaccurate and discriminatory, and also that it gives unprecedented power to police.

In an always-connected world with smart tech in our homes, cars and  pockets, how can we prepare for and avoid intrusive surveillance? 

Number one: use encryption. Encrypting your data is getting easier and easier, and there are communications services out there that protect your communications. iMessage is one for iPhone users. There’s WhatsApp, too. I use Signal, which is a text messaging program. Encrypting your data is easier and easier. For many of us, one of the biggest challenges isn’t necessarily the government — it’s hackers, too, so always turn on multi-factor authentication. This is so that it’s not like somebody can bust into your account with a password; they will also need to have some other kind of hardware token. That’s a good thing to do, and it’s actually very little additional work.

—————

This idea that you can be manipulated into seeing, believing, buying and thinking things that aren’t what you normally would do — and nobody knows about it because nobody knows what I see is different from what you see — is scary.

—————

Don’t use technology that doesn’t need to be connected to the internet. If you don’t need that internet-connected baby thermometer, don’t buy it. It’s going to send your data to some company, and that company is going to sell it to marketers, and it’ll be a source of access for law enforcement. In particular, I don’t like those home assistants like the Alexa or Google Home because I think that eventually, those machines can be used to eavesdrop on people. Why would we invite a ready-made surveillance device into our home?

Everybody likes new, fun stuff — I know lots of people who have those in-home assistants. I have a cell phone, I love the internet and I use Facebook. I think one of the things people really should do is push for better laws. That’s what the law is there for. It’s supposed to protect us and allow us to participate in the modern economy.

At the end of your talk, you close by saying we need to demand transparency. What does transparency mean to you, and how we can reach it?

There’s so much we don’t know about surveillance right now. In the criminal context, we don’t know how many particular surveillance orders are issued. We don’t know what kind of information they’re getting with them. We don’t know what they’re forcing companies to do. We don’t know if they’re potentially subverting security measures in order to facilitate spying on us. It’s much worse in the intelligence context where we have this FISA court that operates and issues opinions behind closed doors. They’re supposed to be publishing these opinions, but we very rarely see them. Any new and novel interpretations of law are meant to be published, but ever since that edict went into law, we haven’t had any FISA court opinions declassified. We find out way after the fact about things, like the FBI’s most recent violation of Section 702 rules, which meant agents had access to data and information they weren’t supposed to see. We find out about these problems years later. There’s just so much that we don’t know. 

Transparency is the first step, but it’s not an end unto itself. There’s a Privacy and Civil Liberties Oversight Board, and that board has only recently confirmed members, and now there’s a quorum again. For a long time, that oversight board, which is expected to provide some narrow review of intelligence programs, wasn’t even in operation. We’re behind. Only a few senators and representatives care because the population isn’t coming forward and saying, “This is really important to us.” But they should be. 

There’s no more obvious reason why you should care about surveillance than the Trump administration. In the past, people who have been blasé about surveillance had an assumption that if you weren’t doing anything wrong then you didn’t have anything to worry about — police would follow the rule of law, and everybody was operating with good faith. But today, you have the extremity of the immigration situation; today, you have the way that the Trump administration is punishing people who are coming to this country by kidnapping their children. There’s rampant sexism and anti-Semitism and racism, and this idea that people are “Black identity extremists” who should be surveilled — which just means the government is surveilling civil rights activists and communities of color. And so there’s this situation where this immense amount of technical power is in the hands of people who are operating in bad faith, based on the most base of motives.

What does it mean that all this information has been gathered and can be accessed, manipulated and sold? And how do you speak to those who aren’t concerned and believe they have nothing to hide?

There’s two things. One is that everybody has committed crimes. The amount of behavior that’s covered by criminal laws is huge — whether it’s smoking pot or lying on your taxes, there’s just so many ways that you can transgress the law. Nobody is 100 percent clean. If somebody wanted to go after you and they knew everything about you, there would be ample information to do that. It’s not just criminal stuff; it’s foolish things you’ve said in the past or people you were friends with who turned out to be crooked. There’s all kinds of things that can be used to tarnish your reputation with your employer or your friends or your spouse. 

The second thing I tell people is that it’s not about you. You may be of no interest, but there are people out there who are challenging the status quo, and these people stick out in order to try to make change. And the powers that be don’t necessarily want change. They like the way things are because they’re the ones in control. So if you care about any political issue — whether it’s tax reform or Black Lives Matter — we need to ensure these people can operate freely in the political world. The ability to do that is greatly reduced if someone has to be afraid that the police are going to come after their undocumented relatives. People need to be concerned about information gathering on the private side because that’s one of the main avenues that information gets to law enforcement. There’s so much incentive on the private side to collect it. That incentive is based on the advertising model: the more that companies know about us, the more targeted the advertising can be and the more money they make. 

—————

The real thing to start worrying about is what we’re seeing in China, where they’re using face-surveillance to identify people, follow them out on the street and assign them a social score.

—————

Once you have that much information, people can be manipulated against their best interest. [Social media] sites are designed to be addictive, and in order to keep people clicking, they keep showing you more and more outrageous stuff. This totally skews your sense of the world and skews your facts so you don’t know what’s actually going on in the world. It makes you associate only with like-minded people and puts you into this filter bubble. This idea that you can be manipulated into seeing, believing, buying and thinking things that aren’t what you normally would do — and nobody knows about it because nobody knows that what I see is different from what you see — is scary.

Once you have that data, there’s sociological or systemic problems, because there are certain decisions made based on that data about things, like who’s going to qualify for welfare benefits, what housing ads are shown to me based on my race, what job listings are shown to me based on my gender. These are other kinds of ways in which data can instantiate prejudice or discrimination. It’s not like there wasn’t prejudice or discrimination before big data — the fear is that it’s less obvious that it’s happening, and that makes it much more powerful.

What does the future of surveillance and privacy look like? Is something like Google’s Smart City neighborhood in Toronto going to be the norm?

I think that’s one possible outcome — that not just our communications data but data about our bodies, homes, relationships, shopping and more will be collected and will interact with each other far more than they are now. I think that’s definitely a trend. The real thing to start worrying about is what we’re seeing in China, where they’re using face-surveillance to identify people, follow them out on the street and assign them a social score, which is made up of factors like their law-abidingness, their job and their financials. This score that apparently dictates whether or not they’re good citizens follows them everywhere, enabling government and private entities to discriminate and make decisions about these people based on their rankings. That’s a really terrifying situation to have people be labeled and treated accordingly. That’s very Brave New World.

Krebs on SecurityMariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges.

NiceHash CTO Matjaž “Iserdo” Škorjanc, as pictured on the front page of a recent edition of the Slovenian daily Delo.si, is being held by German authorities on a US arrest warrant for operating the destructive “Mariposa” botnet and founding the infamous Darkode cybercrime forum.

The Slovenian Press Agency reported today that German police arrested Matjaž “Iserdo” Škorjanc last week, in response to a U.S.-issued international arrest warrant for his extradition.

In December 2013, a Slovenian court sentenced Škorjanc to four years and ten months in prison for creating the malware that powered the ‘Mariposa‘ botnet. Spanish for “Butterfly,” Mariposa was a potent crime machine first spotted in 2008. Very soon after its inception, Mariposa was estimated to have infected more than 1 million hacked computers — making it one of the largest botnets ever created.

An advertisement for the ButterFly Bot.

Škorjanc and his hacker handle Iserdo were initially named in a Justice Department indictment from 2011 (PDF) along with two other men who allegedly wrote and sold the Mariposa botnet code. But in June 2019, the DOJ unsealed an updated indictment (PDF) naming Škorjanc, the original two other defendants, and a fourth man (from the United States) in a conspiracy to make and market Mariposa and to run the Darkode crime forum.

More recently, Škorjanc served as chief technology officer at NiceHash, a Slovenian company that lets users sell their computing power to help others mine virtual currencies like bitcoin. In December 2017, approximately USD $52 million worth of bitcoin mysteriously disappeared from the coffers of NiceHash. Slovenian police are reportedly still investigating that incident.

The “sellers” page on the Darkode cybercrime forum, circa 2013.

It will be interesting to see what happens with the fourth and sole U.S.-based defendant added in the latest DOJ charges — Thomas K. McCormick, a.k.a “fubar” — allegedly one of the last administrators of Darkode. Prosecutors say McCormick also was a reseller of the Mariposa botnet, the ZeuS banking trojan, and a bot malware he allegedly helped create called “Ngrbot.”

Between 2010 and 2013, Fubar would randomly chat me up on instant messenger apropos of nothing to trade information about the latest goings-on in the malware and cybercrime forum scene.

Fubar frequently knew before anyone else about upcoming improvements to or new features of ZeuS, and discussed at length his interactions with Iserdo/Škorjanc. Every so often, I would reach out to Fubar to see if he could convince one of his forum members to call off an attack against KrebsOnSecurity.com, an activity that had become something of a rite of passage for new Darkode members.

On Dec. 5, 2013, federal investigators visited McCormick at his University of Massachusetts dorm room. According to a memo filed by FBI agents investigating the case, in that interview McCormick acknowledged using the “fubar” identity on Darkode, but said he’d quit the whole forum scene years ago, and that he’d even interned at Microsoft for several summers and at Cisco for one summer.

A subsequent search warrant executed on his dorm room revealed multiple removable drives that held tens of thousands of stolen credit card records. For whatever reason, however, McCormick wasn’t arrested or charged until December 2018.

According to the FBI, back in that December 2013 interview McCormick voluntarily told them a great deal about his various businesses and online personas. He also apparently told investigators he talked with KrebsOnSecurity quite a bit, and that he’d tipped me off to some important developments in the malware scene. For example:

“TM had found the email address of the Spyeye author in an old fake antivirus affiliate program database and that TM was able to find the true name of the Spyeye author from searching online for an individual that used the email address,” the memo states. “TM passed this information on to Brian Krebs.”

Read more of the FBI’s interview with McCormick here (PDF).

News of Škorjanc’s arrest comes amid other cybercrime takedowns in Germany this past week. On Friday, German authorities announced they’d arrested seven people and were investigating six more in connection with the raid of a Dark Web hosting operation that allegedly supported multiple child porn, cybercrime and drug markets with hundreds of servers buried inside a heavily fortified military bunker.

Cory DoctorowOne way to determine whether your publisher is happy with your work

Planet DebianBen Hutchings: Debian LTS work, September 2019

I was assigned 20 hours of work by Freexian's Debian LTS initiative and worked all those hours this month.

I prepared and, after review, released Linux 3.16.74, including various security and other fixes. I then rebased the Debian package onto that. I uploaded that with a small number of other fixes and issued DLA-1930-1.

I backported the latest security update for Linux 4.9 from stretch to jessie and issued DLA-1940-1 for that.

Planet DebianMike Gabriel: Install ActivInspire Smart Board Software on Debian 10

From one of my customers, I received the request to figure out an installation pathway for ActivInspire, the Promethean smart board software suite. ActivInspire is offered as DEB builds for Ubuntu 18.04. On a Debian 10 (aka buster) system the installation requires some hack-around (utilizing packages from Debian jessie LTS).

Here is the quick-n-dirty recipe:

APT Key for "Promethean Ltd <support@prometheanworld.com>"

The APT key you need for downloading packages from Promethean's package archive can be obtained like this:

$ gpg --search-keys 0x300035F2484C6FED
$ gpg --export -a 0x300035F2484C6FED | sudo apt-key add -

Afterwards, you should find the key added to APT's GnuPG keyring. Verify that:

$ sudo apt-key adv --fingerprint D3CDA26CC37F568DD4A8DE68300035F2484C6FED
Executing: /tmp/user/0/apt-key-gpghome.HMo8gCMGUG/gpg.1.sh --fingerprint D3CDA26CC37F568DD4A8DE68300035F2484C6FED
pub   rsa4096 2017-03-02 [SC]
      D3CD A26C C37F 568D D4A8  DE68 3000 35F2 484C 6FED
uid        [ unbekannt ] PrometheanLtd <support@prometheanworld.com>
sub   rsa4096 2017-03-02 [E]

Tweak APT's Installation Sources

Next, add the below lines to a new file called /etc/apt/sources.list.d/promethean.list. The software will require to grab some packages (e.g. libssl1.0.0) from Debian jessie:

deb http://deb.debian.org/debian/ jessie main non-free contrib
deb http://security.debian.org/ jessie/updates main contrib non-free
deb http://activsoftware.co.uk/linux/repos/driver/ubuntu/ bionic non-oss oss

Note that security support for Debian jessie LTS will end on 23rd June 2020. Until then, you should be safe with package dependencies from Debian jessie LTS, after that you are on your own. (One might try to grab libssl1.0.0 from Ubuntu 18.04, which should receive security support until April 2023).

Install ActivDriver and ActivTools

Now you can install the ActivInspire smart board sofware:

$ sudo apt install activdriver activtools

Optional: Disable jessie Package Source again

If you are scared of more packages pouring in from Debian jessie LTS, you can safely comment out the lines in /etc/apt/sources.lists.d/promethean.list again now that the smart board software has been installed. (You will not get security updates then anymore for packages that activdriver and activtools pulled in from Debian jessie LTS, though).

Disclaimer

That things worked out here does not mean that they will work for you. Neither is this an official Promethean post / documentation. Don't ping me for support on this, unless you are ready to book me for commercial support.

Have fun!
Mike Gabriel (aka sunweaver at debian.org)

CryptogramNSA on the Future of National Cybersecurity

Glenn Gerstell, the General Counsel of the NSA, wrote a long and interesting op-ed for the New York Times where he outlined a long list of cyber risks facing the US.

There are four key implications of this revolution that policymakers in the national security sector will need to address:

The first is that the unprecedented scale and pace of technological change will outstrip our ability to effectively adapt to it. Second, we will be in a world of ceaseless and pervasive cyberinsecurity and cyberconflict against nation-states, businesses and individuals. Third, the flood of data about human and machine activity will put such extraordinary economic and political power in the hands of the private sector that it will transform the fundamental relationship, at least in the Western world, between government and the private sector. Finally, and perhaps most ominously, the digital revolution has the potential for a pernicious effect on the very legitimacy and thus stability of our governmental and societal structures.

He then goes on to explain these four implications. It's all interesting, and it's the sort of stuff you don't generally hear from the NSA. He talks about technological changes causing social changes, and the need for people who understand that. (Hooray for public-interest technologists.) He talks about national security infrastructure in private hands, at least in the US. He talks about a massive geopolitical restructuring -- a fundamental change in the relationship between private tech corporations and government. He talks about recalibrating the Fourth Amendment (of course).

The essay is more about the problems than the solutions, but there is a bit at the end:

The first imperative is that our national security agencies must quickly accept this forthcoming reality and embrace the need for significant changes to address these challenges. This will have to be done in short order, since the digital revolution's pace will soon outstrip our ability to deal with it, and it will have to be done at a time when our national security agencies are confronted with complex new geopolitical threats.

Much of what needs to be done is easy to see -- developing the requisite new technologies and attracting and retaining the expertise needed for that forthcoming reality. What is difficult is executing the solution to those challenges, most notably including whether our nation has the resources and political will to effect that solution. The roughly $60 billion our nation spends annually on the intelligence community might have to be significantly increased during a time of intense competition over the federal budget. Even if the amount is indeed so increased, spending additional vast sums to meet the challenges in an effective way will be a daunting undertaking. Fortunately, the same digital revolution that presents these novel challenges also sometimes provides the new tools (A.I., for example) to deal with them.

The second imperative is we must adapt to the unavoidable conclusion that the fundamental relationship between government and the private sector will be greatly altered. The national security agencies must have a vital role in reshaping that balance if they are to succeed in their mission to protect our democracy and keep our citizens safe. While there will be good reasons to increase the resources devoted to the intelligence community, other factors will suggest that an increasing portion of the mission should be handled by the private sector. In short, addressing the challenges will not necessarily mean that the national security sector will become massively large, with the associated risks of inefficiency, insufficient coordination and excessively intrusive surveillance and data retention.

A smarter approach would be to recognize that as the capabilities of the private sector increase, the scope of activities of the national security agencies could become significantly more focused, undertaking only those activities in which government either has a recognized advantage or must be the only actor. A greater burden would then be borne by the private sector.

It's an extraordinary essay, less for its contents and more for the speaker. This is not the sort of thing the NSA publishes. The NSA doesn't opine on broad technological trends and their social implications. It doesn't publicly try to predict the future. It doesn't philosophize for 6000 unclassified words. And, given how hard it would be to get something like this approved for public release, I am left to wonder what the purpose of the essay is. Is the NSA trying to lay the groundwork for some policy initiative ? Some legislation? A budget request? What?

Charlie Warzel has a snarky response. His conclusion about the purpose:

He argues that the piece "is not in the spirit of forecasting doom, but rather to sound an alarm." Translated: Congress, wake up. Pay attention. We've seen the future and it is a sweaty, pulsing cyber night terror. So please give us money (the word "money" doesn't appear in the text, but the word "resources" appears eight times and "investment" shows up 11 times).

Susan Landau has a more considered response, which is well worth reading. She calls the essay a proposal for a moonshot (which is another way of saying "they want money"). And she has some important pushbacks on the specifics.

I don't expect the general counsel and I will agree on what the answers to these questions should be. But I strongly concur on the importance of the questions and that the United States does not have time to waste in responding to them. And I thank him for raising these issues in so public a way.

I agree with Landau.

Slashdot thread.

Planet DebianJunichi Uekawa: From today, value added tax rate increased in Japan.

From today, value added tax rate increased in Japan. First time with variable tax rate depending on how you consume it, inside the restaurant or outside.

Worse Than FailureWhen Unique Isn't Unique

Palm III 24

Gather 'round, young'uns, for a tale from the Dark Ages of mobile programming: the days before the iPhone launched. Despite what Apple might have you believe, the iPhone wasn't the first portable computing device. Today's submitter, Jack, was working for a company that streamed music to these non-iPhone devices, such as the Palm Treo or the Samsung Blackjack. As launch day approached for the new client for Windows Mobile 6, our submitter realized that he'd yet to try the client on a non-phone device (called a PDA, for those of you too young to recall). So he tracked down an HP iPaq on eBay just so he could verify that it worked on a device without the phone API.

The device arrived a few days out from launch, after QA had already approved the build on other devices. It should've been a quick test: sideload the app, stream a few tracks, log in, log out. But when Jack opened the app for the first time on the new device, it was already logged into someone's account! He closed it and relaunched, only to find himself in a different, also inappropriate account. What on earth?!

The only thing Jack could find in common between the users he was logged in as was that they were running the same model of PDA. That was the crucial key to resolving the issue. To distinguish which device was making the calls to the streaming service, Jack used a call in Windows Mobile that would return a unique ID for each mobile device. In most devices, it would base this identifier on the IMEI, ensuring uniqueness—but not on the HP iPaq. All HP devices could automatically log into the account of the most recently used iPaq, providing the user logged out and back in, as it would generate a recent-user record with the device ID.

Jack had read the documentation many times, and it always stated that the ID was guaranteed to be unique. Either HP had a different definition of "unique" than anyone else, or they had a major security bug!

Jack emailed HP, but they had no plans to fix the issue, so he had to whip up an alternate method of generating a UUID in the case that the user was on this device. The launch had to be pushed back to accommodate it, but the hole was plugged, and life went on as usual.

[Advertisement] ProGet can centralize your organization's software applications and components to provide uniform access to developers and servers. Check it out!

Planet DebianAbhijith PA: Debian packaging session

Hello web,

Group photo

Last week I conducted a workshop on Debian packaging at MES College of Engineering, Kuttipuram in accordance with Frisbee 19, yearly conference by IEEE cell of this college. Thanks to Anupa from ICFOSS who contacted and arranged me to take this session. I was accompanied by Subin and Abhijith from FOSSers. The time span was from 9:30 AM to 04:30 PM. Since it was a big time slot we took from the Free software evangelism –> GNU/Linux –> Debian –> how contributing to community projects can help your career.

Subin introduced Debian history, philosophy and release processes to the students. I started with a hello world program packaging and later to ruby gem packaging with gem2deb. Abhijith helped students who got stuck while packaging. At the end of the session we did a small quiz and gifted them with debian stickers and conference merchandises.

Thanks to the volunteers for setting up the prerequisites.

Planet DebianNorbert Preining: 10 years in Japan

Exactly 10 years ago, on October 1, 2009, I started my work at the Japan Advanced Institute of Science and Technology (JAIST), arriving the previous day in a place not completely unknown, but with a completely different outlook: I had a position as Associate Professor, and somehow was looking forward to an interesting and challenging time. Much has changed since then, and I thought a bit of reflection is necessary

Four years ago I wrote a similar blog, 6 years in Japan. Rereading it today it, there is a considerable overlap:

6 years later I am still here at the JAIST, but things have changed considerably, and my future is even less clear than 6 years ago.

How true it was back then, what did I know that within a few months after posting this, the JAIST, in a move to promote internationalization, has purged all but one western foreigner from the faculty (outside the English department), and I found myself unemployed, with a new-born child, not knowing what to do and where to go. It relates cleanly to the paragraph on The biggest disappointment. How much can I laugh now looking at what I considered my biggest disappointment back then, and how I felt half a year later.

The biggest disappoinment

Asked today about the biggest disappointment, it would be clearly the Japanese academic environment. I have never seen such selfish and reckless scientist – maybe better careless – having no interest in the fate of colleagues with whom they have worked for years. Having found myself with a new-born child in unemployment in Japan, guess how many of my colleagues dared to even once ask how I am doing!? The answer is an impressive zero, naught.

Comparing this with the academic environment in which I have grown up in Vienna, I was left dumbfounded: Till now I try to search for work places for those that have been employed in my projects, the group in Vienna always tried to help each other even in hard times, bridging over holes by shifting between projects. I can’t imagine any of my colleagues from my home university to not even ask a colleague in troubles.

Well that is Japan academics, I lost every trust and faith in them.

The happiest thing

Back then I wrote that despite many hardships, the happiest thing was that I found a lovely, beautiful, and caring wife. To topple that, we got a lovely (and lively, but also challenging, at times nasty, etc etc) daughter that changed our life considerably. The three+ years since she is with us, many things got considerably more difficult, and bringing up a child brings out cultural differences and disagreements much more than living in two. But the love and fun we are receiving from our time together is for sure the happiest thing (for now, until I write another blog in 10 years?).

Present and future

After loosing my job at JAIST, and six months of unemployment, a lucky coincidence gifted me with a great job at an IT company in Tokyo, that allows me to work remotely from my home. I am incredibly thankful to everyone there who helped made this happen. It is a complete new world for me. After 25 years in academics being thrown into a Japanese company (all Japanese, I am the only foreigner), with business meetings, client support, etc was something unexpected for me. Maybe I count it as one of the big achievements that I manage to function properly in this kind of environment.

I still try to keep up my research work, publishing articles every year, and as far as possible attending conferences. My OSS activities haven’t changed a lot, and I try to keep up with the projects for which I am responsible.

What the future brings is even less unclear: Now that we have to think about the education of our daughter, moving is getting more and more a point of discussion. I really detest Japanese education system, in particular junior high school which I consider a childhood and personality killer. OTOH, we have settled into a very nice place here in Ishikawa, and at my age moving is getting more and more burdensome, not to speak of another job change. So I feel torn between returning to Europe, or remaining here in Japan. Let us see what the future brings.

Planet DebianRuss Allbery: Review: This Is How You Lose the Time War

Review: This Is How You Lose the Time War, by Amal El-Mohtar & Max Gladstone

Publisher: Saga
Copyright: 2019
ISBN: 1-5344-3101-2
Format: Kindle
Pages: 200

Red is the most effective operative of the Agency. She darts through time's threads, finds threats to the future, eliminates them, and delights in the work. She rarely encounters the operatives of her enemy directly; they prefer painstaking work in the shadows. But there is one opponent who has a different style. Audacious. Risky.

In the midst of a dead battlefield, Red finds a letter.

Blue is Garden's operative, moving from mission to mission, exerting exactly the right pressure or force at a critical moment to shift the strands of the future. She decided to leave a letter taunting her adversary, but also expressing gratitude at the challenge, the requirement that she give the war her full attention, the relief from boredom. She wasn't sure whether to expect a reply, but she received one.

This Is How You Lose the Time War is an epistolary novel, told in short action sequences by Red or Blue followed by the inevitable discovered letter. At first, they taunt each other and delight in their victories while expressing admiration of their opponent. Blue has the smoother and more comfortable writing style. Red has to research the form of letters and writes like a conversation, sharp and informal. Both threaten and tease the other with the consequences if their superiors discover this exchange.

In word play, cultural references, sincerely-shared preferences, open curiosity, and audacious puns, the letters turn into something more than a taunting game.

The time war is a long-standing SF trope. This one reminds me the most of Fritz Leiber's The Big Time: a two-sided war between far-future civilizations, neither of which are clearly superior in either capabilities or morality. Unlike Leiber's Spiders and Snakes, though, El-Mohtar and Gladstone's Agency and Garden have some solid world-building behind them. Red's Agency is technological, cybernetic, and run by what feels like machine intelligence. Blue's Garden is the biological flip-side, a timeline of crafted life culminating in stars with eyes and a living universe, focus on growth and poison, absorbing and reshaping. To the reader, they alternate between incomprehensible and awful, although Red and Blue are comfortable with their sides at the start. Don't expect detailed or believable descriptions of the technology of either side; this is well into "indistinguishable from magic" territory throughout.

Despite its nature as a time travel story, the plot structure of this story is straightforward and somewhat predictable. You're unlikely to be surprised by the outcome; the enjoyment is in how the story gets there. The relationship didn't quite ring true to me, mostly because it develops so quickly, although some of that has to be forgiven for the format. (I have some experience with epistolary relationships; they're much more rambling and involve far, far more words than this one does.) But the letters themselves are playful, delightful, and occasionally moving, and the resolution, although expected, delivers on the emotional hooks the story was setting up.

I wasn't blown away by this, partly I think because it's too tight, focused, and stylized. Red and Blue are the only true characters in the story and the only people who feel real, which undermines the world-building and means the story can't sprawl into its surroundings or let the reader imagine other ways of living in this world. At 200 pages, it's more of a novella than a novel, and it's structured with the single-minded thrust of short fiction. The dynamic between the two characters is well-done, but there is a limit to how much characterization one can do with only a single other character to interact with. Since Red and Blue can define themselves only in relation to each other, they felt two-dimensional and I was unable to fully embrace either of them as a character.

That said, I read the whole story in an afternoon and did not regret it. I have a weakness for epistolary stories that this satisfied nicely. It hit, at least for me, the sweet spot of recognizing most of the cultural references while being surprised I recognized them, which was oddly satisfying. And the whole book is worth it for the growing tendency they both have for seeing and writing about each other's colors in everything.

I think this is more of an afternoon's entertainment than something you'll remember for a long time, but if you like time travel stories or characters writing letters to each other, recommended.

Rating: 7 out of 10

,

Planet DebianJohn Goerzen: Connecting A Physical DEC vt420 to Linux

John and Oliver trip to Vintage Computer Festival Midwest 2019. Oliver playing Zork on the Micro PDP-11

Inspired by a weekend visit to Vintage Computer Festival Midwest at which my son got to play Zork on an amber console hooked up to a MicroPDP-11 running 2BSD, I decided it was time to act on my long-held plan to get a real old serial console hooked up to Linux.

Not being satisfied with just doing it for the kicks, I wanted to make it actually usable. 30-year-old DEC hardware meets Raspberry Pi. I thought this would be pretty easy, but it turns out is was a lot more complicated than I realized, involving everything from nonstandard serial connectors to long-standing kernel bugs!

Selecting a Terminal — And Finding Parts

I wanted something in amber for that old-school feel. Sadly I didn’t have the forethought to save any back in the 90s when they were all being thrown out, because now they’re rare and can be expensive. Search eBay and pretty soon you find a scattering of DEC terminals, the odd Bull or Honeywell, some Sperrys, and assorted oddballs that don’t speak any kind of standard protocol. I figured, might as well get a vt, since we’re still all emulating them now, 40+ years later. Plus, my old boss from my university days always had stories about DEC. I wish he were still around to see this.

I selected the vt420 because I was able to find them, and it has several options for font size, letting more than 24 lines fit on a screen.

Now comes the challenge: most of the vt420s never had a DB25 RS-232 port. The VT420-J, an apparently-rare international model, did, but it is exceptionally rare. The rest use a DEC-specific port called the MMJ. Thankfully, it is electrically compatible with RS-232, and I managed to find the DEC H8571-J adapter as well as a BC16E MMJ cable that I need.

I also found a vt510 (with “paperwhite” instead of amber) in unknown condition. I purchased it, and thankfully it is also working. The vt510 is an interesting device; for that model, they switched to using a PS/2 keyboard connector, and it can accept either a DEC VT keyboard or a PC keyboard. It also supports full key remapping, so Control can be left of A as nature intended. However, there’s something about amber that is just so amazing to use again.

Preparing the Linux System

I thought I would use a Raspberry Pi as a gateway for this. With built-in wifi, that would let me ssh to other machines in my house without needing to plug in a serial cable – I could put the terminal wherever. Alternatively, I can plug in a USB-to-serial adapter to my laptop and just plug the terminal into it when I want. I wound up with a Raspberry Pi 4 kit that included some heatsinks.

I had two USB-to-serial adapters laying around: a Keyspan USA-19HS and a Digi I/O Edgeport/1. I started with the Keyspan on a Raspberry Pi 4 on the grounds that I didn’t have the needed Edgeport/1 firmware file laying about already. The Raspberry Pi does have serial capability integrated, but it doesn’t use RS-232 voltages and there have been reports of it dropping characters sometimes, so I figured the easy path would be a USB adapter. That turned out to be only partially right.

Serial Terminals with systemd

I have never set up a serial getty with systemd — it has, in fact, been quite a long while since I’ve done anything involving serial other than the occasional serial console (which is a bit different purpose).

It would have taken a LONG time to figure this out, but thanks to an article about the topic, it was actually pretty easy in the end. I didn’t set it up as a serial console, but spawning a serial getty did the trick. I wound up modifying the command like this:

ExecStart=-/sbin/agetty -8 -o '-p -- \\u' %I 19200 vt420

The vt420 supports speeds up to 38400 and the vt510 supports up to 115200bps. However, neither can process plain text at faster than 19200 so there is no point to higher speeds. And, as you are about to see, they can’t necessarily even muster 19200 all the time.

Flow Control: Oh My

The unfortunate reality with these old terminals is that the processor in them isn’t actually able to keep up with line speeds. Any speed above 4800bps can exceed processor capabilities when “expensive” escape sequences are sent. That means that proper flow control is a must. Unfortunately, the vt420 doesn’t support any form of hardware flow control. XON/XOFF is all it’ll do. Yeah, that stinks.

So I hooked the thing up to my desktop PC with a null-modem cable, and started to tinker. I should be able to send a Ctrl-S down the line and the output from the pi should immediately stop. It didn’t. Huh. I verified it was indeed seeing the Ctrl-S (open emacs, send Ctrl-S, and it goes into search mode). So something, somehow, was interfering.

After a considerable amount of head scratching, I finally busted out the kernel source. I discovered that the XON/XOFF support is part of the serial driver in Linux, and that — ugh — the keyspan serial driver never actually got around to implementing it. Oops. That’s a wee bit of a bug. I plugged in the Edgeport/1 instead of the Keyspan and magically XON/XOFF started working.

Well, for a bit.

You see, flow control is a property of the terminal that can be altered by programs on a running system. It turns out that a lot of programs have opinions about it, and those opinions generally run along the lines of “nobody could possibly be using XON/XOFF, so I’m going to turn it off.” Emacs is an offender here, but it can be configured. Unfortunately, the most nasty offender here is ssh, which contains this code that is ALWAYS run when using a pty to connect to a remote system (which is for every interactive session):

tio.c_iflag &= ~(ISTRIP | INLCR | IGNCR | ICRNL | IXON | IXANY | IXOFF);

Yes, so when you use ssh, your local terminal no longer does flow control. If you are particularly lucky, the remote end may recognize your XON/XOFF characters and process them. Unfortunately, the added latency and buffering in going through ssh and the network is likely to cause bursts of text to exceed the vt420’s measly 100-ish-byte buffer. You just can’t let the remote end handle flow control with ssh. I managed to solve this via GNU Screen; more on that later.

The vt510 supports hardware flow control! Unfortunately, it doesn’t use CTS/RTS pins, but rather DTR/DSR. This was a reasonably common method in the day, but appears to be totally unsupported in Linux. Bother. I see some mentions that FreeBSD supports DTR/DSR flow (dtrflow and dsrflow in stty outputs). It definitely looks like the Linux kernel has never plumbed out the reaches of RS-232 very well. It should be possible to build a cable to swap DTR/DSR over to CTS/RTS, but since the vt420 doesn’t support any of this anyhow, I haven’t bothered.

Character Sets

Back when the vt420 was made, it was pretty hot stuff that it was one of the first systems to support the new ISO-8859-1 standard. DEC was rather proud of this. It goes without saying that the terminal knows nothing of UTF-8.

Nowadays, of course, we live in a Unicode world. A lot of software crashes on ISO-8859-1 input (I’m looking at you, Python 3). Although I have old files from old systems that have ISO-8859-1 encoding, they are few and far between, and UTF-8 rules the roost now.

I can, of course, just set LANG=en_US and that will do — well, something. man, for instance, renders using ISO-8859-1 characters. But that setting doesn’t imply that any layer of the tty system actually converts output from UTF-8 to ISO-8859-1. For instance, if I have a file with a German character in it and use ls, nothing is going to convert it from UTF-8 to ISO-8859-1.

GNU Screen also, as it happens, mostly solves this.

GNU Screen to the rescue, somewhat

It turns out that GNU Screen has features that can address both of these issues. Here’s how I used it.

First, in my .bashrc, I set this:


if [ `tty` = "/dev/ttyUSB0" ]; then
stty -iutf8
export LANG=en_US
export MANOPT="-E ascii"
fi

Then, in my .screenrc, I put this:


defflow on
defencoding UTF-8

This tells screen that the default flow control mode is on, and that the default encoding for the pty that screen creates is UTF-8. It determines the encoding for the physical terminal for the environment, and correctly figures it to be ISO-8859-1. It then maps between the two! Yes!

My little ssh connecting script then does just this:

exec screen ssh "$@"

Which nicely takes care of the flow control issue and (most of) the encoding issue. I say “most” because now things like man will try to render with fancy em-dashes and the like, which have no representation in iso8859-1, so they come out as question marks. (Setting MANOPT=”-E ascii” fixes this) But no matter, it works to ssh to my workstation and read my email! (mu4e in emacs)

What screen doesn’t help with are things that have no ISO-8859-1 versions; em-dashes are the most frequent problems, and are replaced with unsightly question marks.

termcaps, terminfos, and weird things

So pretty soon you start diving down the terminal rabbit hole, and you realize there’s a lot of weird stuff out there. For instance, one solution to the problem of slow processors in terminals was padding: ncurses would know how long it would take the terminal to execute some commands, and would send it NULLs for that amount of time. That calculation, of course, requires knowledge of line speed, which one wouldn’t have in this era of ssh. Thankfully the vt420 doesn’t fall into that category.

But it does have a ton of modes. The Emacs On Terminal page discusses some of the interesting bits: 7-bit or 8-bit control characters, no ESC key, Alt key not working, etc, etc. I believe some of these are addressed by the vt510 (at least in PC mode). I wonder whether Emacs or vim keybindings would be best here…

Helpful Resources

CryptogramSupply-Chain Security and Trust

The United States government's continuing disagreement with the Chinese company Huawei underscores a much larger problem with computer technologies in general: We have no choice but to trust them completely, and it's impossible to verify that they're trustworthy. Solving this problem ­ which is increasingly a national security issue ­ will require us to both make major policy changes and invent new technologies.

The Huawei problem is simple to explain. The company is based in China and subject to the rules and dictates of the Chinese government. The government could require Huawei to install back doors into the 5G routers it sells abroad, allowing the government to eavesdrop on communications or ­-- even worse ­-- take control of the routers during wartime. Since the United States will rely on those routers for all of its communications, we become vulnerable by building our 5G backbone on Huawei equipment.

It's obvious that we can't trust computer equipment from a country we don't trust, but the problem is much more pervasive than that. The computers and smartphones you use are not built in the United States. Their chips aren't made in the United States. The engineers who design and program them come from over a hundred countries. Thousands of people have the opportunity, acting alone, to slip a back door into the final product.

There's more. Open-source software packages are increasingly targeted by groups installing back doors. Fake apps in the Google Play store illustrate vulnerabilities in our software distribution systems. The NotPetya worm was distributed by a fraudulent update to a popular Ukranian accounting package, illustrating vulnerabilities in our update systems. Hardware chips can be back-doored at the point of fabrication, even if the design is secure. The National Security Agency exploited the shipping process to subvert Cisco routers intended for the Syrian telephone company. The overall problem is that of supply-chain security, because every part of the supply chain can be attacked.

And while nation-state threats like China and Huawei ­-- or Russia and the antivirus company Kaspersky a couple of years earlier ­-- make the news, many of the vulnerabilities I described above are being exploited by cybercriminals.

Policy solutions involve forcing companies to open their technical details to inspection, including the source code of their products and the designs of their hardware. Huawei and Kaspersky have offered this sort of openness as a way to demonstrate that they are trustworthy. This is not a worthless gesture, and it helps, but it's not nearly enough. Too many back doors can evade this kind of inspection.

Technical solutions fall into two basic categories, both currently beyond our reach. One is to improve the technical inspection processes for products whose designers provide source code and hardware design specifications, and for products that arrive without any transparency information at all. In both cases, we want to verify that the end product is secure and free of back doors. Sometimes we can do this for some classes of back doors: We can inspect source code ­ this is how a Linux back door was discovered and removed in 2003 ­ or the hardware design, which becomes a cleverness battle between attacker and defender.

This is an area that needs more research. Today, the advantage goes to the attacker. It's hard to ensure that the hardware and software you examine is the same as what you get, and it's too easy to create back doors that slip past inspection. And while we can find and correct some of these supply-chain attacks, we won't find them all. It's a needle-in-a-haystack problem, except we don't know what a needle looks like. We need technologies, possibly based on artificial intelligence, that can inspect systems more thoroughly and faster than humans can do. We need them quickly.

The other solution is to build a secure system, even though any of its parts can be subverted. This is what the former Deputy Director of National Intelligence Sue Gordon meant in April when she said about 5G, "You have to presume a dirty network." Or more precisely, can we solve this by building trustworthy systems out of untrustworthy parts?

It sounds ridiculous on its face, but the Internet itself was a solution to a similar problem: a reliable network built out of unreliable parts. This was the result of decades of research. That research continues today, and it's how we can have highly resilient distributed systems like Google's network even though none of the individual components are particularly good. It's also the philosophy behind much of the cybersecurity industry today: systems watching one another, looking for vulnerabilities and signs of attack.

Security is a lot harder than reliability. We don't even really know how to build secure systems out of secure parts, let alone out of parts and processes that we can't trust and that are almost certainly being subverted by governments and criminals around the world. Current security technologies are nowhere near good enough, though, to defend against these increasingly sophisticated attacks. So while this is an important part of the solution, and something we need to focus research on, it's not going to solve our near-term problems.

At the same time, all of these problems are getting worse as computers and networks become more critical to personal and national security. The value of 5G isn't for you to watch videos faster; it's for things talking to things without bothering you. These things ­-- cars, appliances, power plants, smart cities --­ increasingly affect the world in a direct physical manner. They're increasingly autonomous, using A.I. and other technologies to make decisions without human intervention. The risk from Chinese back doors into our networks and computers isn't that their government will listen in on our conversations; it's that they'll turn the power off or make all the cars crash into one another.

All of this doesn't leave us with many options for today's supply-chain problems. We still have to presume a dirty network ­-- as well as back-doored computers and phones -- and we can clean up only a fraction of the vulnerabilities. Citing the lack of non-Chinese alternatives for some of the communications hardware, already some are calling to abandon attempts to secure 5G from Chinese back doors and work on having secure American or European alternatives for 6G networks. It's not nearly enough to solve the problem, but it's a start.


Perhaps these half-solutions are the best we can do. Live with the problem today, and accelerate research to solve the problem for the future. These are research projects on a par with the Internet itself. They need government funding, like the Internet itself. And, also like the Internet, they're critical to national security.

Critically, these systems must be as secure as we can make them. As former FCC Commissioner Tom Wheeler has explained, there's a lot more to securing 5G than keeping Chinese equipment out of the network. This means we have to give up the fantasy that law enforcement can have back doors to aid criminal investigations without also weakening these systems. The world uses one network, and there can only be one answer: Either everyone gets to spy, or no one gets to spy. And as these systems become more critical to national security, a network secure from all eavesdroppers becomes more important.

This essay previously appeared in the New York Times.

Planet DebianJonathan McDowell: Life with a Yubikey

Vertically mounted 2U server

At the past two DebConfs Thomas Goirand of infomaniak has run a workshop on using a Yubikey, and been generous enough to provide a number of devices for Debian folk. Last year I was fortunate enough to get hold of one of the devices on offer.

My primary use for the device is to hold my PGP key. Generally my OpenPGP hardware token of choice is the Gnuk, which features a completely Free software stack and an open hardware design, but the commonly available devices suffer from being a bit more fragile than I’d like to regularly carry around with me. The Yubikey has a much more robust design, being a slim plastic encapsulated device. I finally set it up properly with my PGP key last November, and while I haven’t attached it to my keyring I’ve been carrying it with me regularly.

Firstly, it’s been perfectly fine from a physical robustness point of view. I don’t worry about it being in my pocket with keys or change, it gets thrown into my bag at the end of the day when I go home, it kicks around my desk and occasionally gets stuff dropped on it. I haven’t tried to break it deliberately and I’m not careless with it, but it’s not treated with kid gloves. And it’s still around nearly a year later. So that’s good.

Secondly, I find my initial expected use case (holding my PGP subkeys and using the auth subkey for SSH access) is the major use I have for the key. I occasionally use the signing subkey for doing Debian uploads, I rarely use the encryption subkey, but I use the auth subkey most days. I’ve also setup U2F for any site I use that supports it, but generally once I’m logged in there on trusted machines I don’t need to regularly re-use it. It’s nice to have though, and something the Gnuk doesn’t offer.

On the down side, I still want a device that requires a physical key press for any signing operation. My preferred use case is leaving the key plugged into the machine to handle SSH logins, but the U2F use case seems to be to insert the key only when needed, and then press the key. OpenPGP operation with the Yubikey doesn’t require a physical touch. I get round some of this by enabling the confirm option with gpg-agent, but I’d still be happier with something on the token itself. The Yubikey also doesn’t do ECC keys, but it does do 4096-bit RSA so it’s not terrible, just results in larger keys than ideal.

Overall I’m happy with the device, and grateful to Thomas and infomaniak for providing me with it, though I’m hopeful about a new version of the Gnuk with a more robust form factor/casing. (If you’re looking for discussion on how to setup the token with GPG subkeys then I recommend Thomas’ presentation from 2018, which covers all the steps required.)

Update: It’s been pointed out to me by several people that the Yubikey can be configured to require a touch for OpenPGP usage; either using ykman or yubitouch.

TEDUnlock: The talks of TED@BCG 2019

Seema Bansal hosts Session 2 of TED@BCG: Unlock — a day of talks and performances exploring how we can reach our full potential — at the Grand Hyatt Mumbai on September 24, 2019 in Mumbai, India. (Photo: Amit Madheshiya / TED)

To succeed in the next decade and beyond, we can’t just optimize what we know. We need to keep learning, imagining, inventing. In a day of talks and performances, 16 speakers and performers explored how we can unlock our full potential — human, technological and natural — to accomplish things we never thought possible.

The event: TED@BCG, the eighth time TED and BCG have partnered to bring leaders, innovators and changemakers to the stage to share ideas for solving society’s biggest challenges. Hosted by TED’s Corey Hajim and BCG’s Seema Bansal.

When and where: Tuesday, September 24, 2019, at the Grand Hyatt in Mumbai, India

Music: Performances by Gingger Shankar and Dee MC

Open and closing remarks: Rich Lesser, CEO of BCG

The talks in brief:

“Look around and find the people that inspire you to co-conspire. I promise you that your empathy and your courage will change someone’s life and may even change the world,” says Ipsita Dasgupta. She speaks at TED@BCG at the Grand Hyatt Mumbai on September 24, 2019 in Mumbai, India. (Photo: Amit Madheshiya / TED)

Ipsita Dasgupta, co-conspirator

Big idea: The world needs “co-conspirators”: people willing to bend or break the rules and challenge the status quo and societal norms.

Why? In the face of constant change and complexity, we need unconventional people making decisions at the table. These co-conspirators — which Dasgupta shares through three exemplary stories, including a mother insistent on forgoing some traditional gender roles — can help create new ways of thinking, acting and questioning why we do and how we do it.

Quote of the talk: “To achieve great heights or change the world, no matter how smart we are, we all need people.”


Jean-Manuel Izaret, pricing strategist

Big idea: Because of their huge per-patient cost, medications that could drastically reduce rates of deadly diseases like hepatitis C are often reserved for only the sickest patients, while many others go untreated. Is there a way to pay for these drugs so that every patient can get them, and drug companies can still finance their development?

How? The pricing model for pharmaceuticals is typically based on the cost per patient treated — and it’s a broken model, says Izaret. He explains that a subscription-like payment system (similar to the one pioneered by Netflix) could distribute costs over time and across an entire population of patient subscribers. By combining the savings of early treatment with the lower costs of a larger patient pool, healthcare providers could improve outcomes and remain profitable.

Quote of the talk: “I think we don’t really have a price point problem — I think we have a pricing model problem. I think the problem is not the number, but the unit by which we price.”


Sougwen Chung, artist and researcher

Big Idea: The future of creative collaboration between humans and machines is limitless — with beauty latent in our shared imperfections.

Why? As the world strives towards precision and perfection, Chung creates collaborative art with robots that explores what automation means for the future of human creativity. Through machine learning, Chung “taught” her own artistic style to her nonhuman collaborator, a robot called Drawing Operations Unit: Generation (DOUG). DOUG’s initial goal was to mimic her line as she drew, but they made an unexpected discovery along the way: robots make mistakes too. “Our imperfections became what was beautiful about the interaction,” Chung says. “Maybe part of the beauty of human and machine systems is their inherent, shared fallibility.” Chung recently launched a lab called Scilicet, where artists and researchers are welcome to join her in contributing to the future of human and AI creativity.

Quote of the talk: “By teaching machines to do the work traditionally done by humans, we can explore and evolve our criteria of what’s made possible by the human hand — and part of that journey is embracing the imperfections, recognizing the fallibility of both human and machine, in order to expand the potential of both.”


Kavita Gupta thinks a global, decentralized currency would lead us to “true financial and economic inclusivity, where every citizen in this world has the same choice, same dignity and same opportunity.” She speaks at TED@BCG at the Grand Hyatt Mumbai on September 24, 2019 in Mumbai, India. (Photo: Amit Madheshiya / TED)

Kavita Gupta, currency globalist

Big idea: The world should share one stable, decentralized currency.

How, and why? Blockchain and cryptocurrencies could provide better data privacy than anything we use today. They would be immune to global disruptions incited by local unrest or inefficient politicians while offering a global marketplace that “would not just be a way for the elite to diversify their portfolio, but also for the average person to increase sustainable wealth,” Gupta says. With real-world examples that root her perspective in the possible and achievable, she weaves a framework for a united future.

Quote of the talk: “All of this inches us toward a more stable, secure place — to true financial and economic inclusivity, where every citizen in this world has the same choice, same dignity and same opportunity.”


Markus Mutz, supply chain hacker

Big idea: We need clarity on how consumer products are made and where they come from in order to make ethical and informed decisions before purchase.

How? Over the past two years, Mutz and his team founded OpenSC (SC = supply chain) and partnered with the World Wide Fund for Nature to bring transparency and traceability to the supply chain process. Together, Mutz believes their efforts will help revolutionize the way we buy and create products. It’ll happen with three straightforward steps: by verifying production claims, tracing products throughout their supply chains and sharing information that will allow consumers to make decisions more aligned with their values — all with the aid of blockchain.

Quote of the talk: “If we have reliable and trustworthy information, and the right systems that make use of it, consumers will support those who are doing the right thing by producing products in a sustainable and ethical way.”


“I firmly believe that if there is any public system in any country that is in inertia, then you have to bring back the motivation. And a great way to trigger motivation is to increase transparency to the citizen,” says public sector strategist Abhishek Gopalka. He speaks at TED@BCG at the Grand Hyatt Mumbai on September 24, 2019 in Mumbai, India. (Photo: Amit Madheshiya / TED)

Abhishek Gopalka, public sector strategist

Big Idea: How do we motivate people working in public sectors like healthcare to feel accountable for providing quality care? With transparency.

Why? Internal, data-driven reviews aren’t enough to keep people accountable, says Gopalka. Instead, we need to move people to do better by sparking their competitive sides — making actions transparent so they either shine or fail in the public eye. In Rajasthan, a state in India that’s home to more than 80 million people, Gopalka has helped to significantly improve the public health system in just two years. How? Public health centers now publicly promise to provide citizens with free care, medicine and diagnosis, resulting in an increase in doctor availability, readily available drugs and, ultimately, patient visits. If applied elsewhere, transparency could benefit many broken systems. Because the first step to solving any complex issue is motivation.

Quote of the talk: “Motivation is a tricky thing. If you’ve led a team, raised a child or tried to change a personal habit, you know that motivation doesn’t just appear. Something needs to change to make you care. And if there’s one thing that all of us humans care about, it’s an inherent desire to shine in front of society.”


Gaby Barrios, marketing expert

Big Idea: By focusing less on gender when marketing products to consumers, we can build better brands — and a better world.

How? Companies often advertise to consumers by appealing to gender stereotypes, but this kind of shortcut isn’t just bad for society — it’s bad for business, says Barrios. Research shows that gender doesn’t drive choice nearly as much as companies assume, yet many still rely on outdated, condescending stereotypes to reach consumers. By looking at variables outside of gender, like location and financial status, companies can develop more nuanced campaigns, grow their brands and reach the customers they want.

Quote of the talk: “Growth is not going to come from using an outdated lens like gender. Let’s stop doing what’s easy and go for what’s right. At this point, it’s not just for your business — it’s for society.”


Sylvain Duranton, AI bureaucracy buster

Big idea: Artificial intelligence can streamline businesses, but it can also miss human nuances in disastrous ways. To avoid this, we need to use AI systems alongside humans, not instead of them. 

How? For companies, deploying AI alongside human teams can be harder and more expensive than relying on AI alone. But this dynamic is necessary to ensure that business decisions take human needs and ethics into account, says Duranton. AI bases decisions on data sets and strict rules, but it can’t quite tell the difference between “right” and “wrong” — which means that AI mistakes can be severe, even fatal. By pairing AI with human teams, we can use AI’s efficiency and human knowledge to create business strategies that are successful, smart and ethical.

Quote of the talk: “Winning organizations will invest in human knowledge, not just AI and data.”


Akiko Busch, author

Big idea: In a world where transparency and self-promotion are glorified, let’s not forget the power and beauty of invisibility.

Why? Invisible cloaks, invisible ink, invisible friends — from the time we’re kids, invisibility gives us a sense of protection, knowledge and security. Akiko Busch thinks it’s time for us to reconsider the power of invisibility. When we disappear into nature, listen without responding, lose ourselves in the primal collectivity of concerts — in all cases, we become more creative and feel more connected to each other and ourselves. In an age where “visibility rules the day,” she says, there is beauty in stepping out of the spotlight, disappearing and existing — if only briefly — invisibly. 

Quote of the talk: Being unseen takes us from self-interest to a larger sense of inclusion in the human family.”


Evolutionary biologist Toby Kiers shares what fungi networks and relationships reveal about human economies — and what they can tell us about how extreme inequalities grow. She speaks at TED@BCG at the Grand Hyatt Mumbai on September 24, 2019 in Mumbai, India. (Photo: Amit Madheshiya / TED)

Toby Kiers, evolutionary biologist

Big idea: By studying fungi networks and relationships, we can learn more about how human economies work and how extreme inequalities grow.

How? Extreme inequality is one of humanity’s greatest challenges — but it’s not a uniquely human phenomenon. Like us, fungi can strategically trade, steal and withhold resources (though they do all this without cognitive thought, of course). Whereas human systems are built with an understanding of morals, fungi networks have evolved to be ruthless and solely opportunistic. The parallels are remarkable: for example, Kiers found that supply-and-demand economics still held true in fungi relationships. Examining these relationships gives us the chance to better diagnose problems within our own systems and even borrow solutions from the fungi. Kiers’s team is now studying the parallels between fungal network flow patterns and computer algorithms — and there’s even more ahead.

Quote of the talk: “The [fungal] trade system provides us with a benchmark to study what an economy looks like when it’s been shaped by natural selection for hundreds of millions of years, in the absence of morality, when strategies are just based on the gathering and processing of information.”


Chris Kutarna, writer and philosopher

Big idea: Facebook, Twitter and their disruptive cousins have upended our notions of truth. Social media’s assault on simple veracity has led many to cry for its regulation — but philosopher Chris Kutarna believes that we should “let social media run wild, because the truths it breaks … need to be broken.”

How? Kutarna argues that it was the age of mass media that birthed the notion that truth exists in concise, marketable chunks — and this idea does not mirror reality. Promoting a concept like “globalization” as an unassailable axiom rather than as a complex idea with many conflicting currents is reductive and dangerous. If we were to embrace social media’s multiplicity of voices and perspectives rather than enforce a single standard for truth, we could initiate a search for truths too complex for a single perspective to contain. 

Quote of the talk: “What is truth? I don’t know. I can’t know because truth is supposed to be the reality that is bigger than ourselves. To find truth, we need to get together and go and search for it together. Without that search … we’re trapped in our own perspective.”


“Leaders should not impose their will; leaders should act by shaping the context rather than control,” says management consultant Fang Ruan. She speaks at TED@BCG at the Grand Hyatt Mumbai on September 24, 2019 in Mumbai, India. (Photo: Amit Madheshiya / TED)

Fang Ruan, management consultant

Big idea: Influenced by ancient Chinese philosophy, Chinese businesses are shifting towards management techniques that foster more collaborative, spontaneous environments.

How? Enjoying a delicious plate of dumplings one night, Fang Ruan was intrigued as she watched how the business was run. To her surprise, she found a “two hat” strategy: front-line managers were given new responsibilities beyond their current scope, and ideas were welcomed from people at all steps of the career ladder. This approach varies from China’s dominant, Confucianism-influenced business strategy, which values authority and seniority and has served as a time-tested formula for precise execution at a large scale. Now, as tech companies disrupt traditional industries and millennials make up a larger share of the workforce, new ways of management have emerged, Ruan says. Unconventional management is on the rise — characterized by more collaborative, innovative strategies that resemble the philosophy of Taoism, which believes things work to perfection when their natural state is supported rather than controlled.

Quote of the talk: “Leaders should not impose their will; leaders should act by shaping the context rather than control.”


Amane Dannouni shares what digital marketplaces in the developing world can teach us about how to preserve jobs and local economies. He speaks at TED@BCG at the Grand Hyatt Mumbai on September 24, 2019 in Mumbai, India. (Photo: Amit Madheshiya / TED)

Amane Dannouni, digital business strategist

Big idea: Disruptive startups like Uber, Amazon and Airbnb have reinvented entire industries. Their digital disruption of existing services has provided game-changing benefits for their users and affiliates — but it’s also led to big losses for those whose livelihoods depended on the old, physical business models. Amane Dannouni believes that digital marketplaces in the developing world can teach us valuable lessons about how to preserve jobs and local economies.

How? Companies like Gojek in Indonesia, Jumia in Nigeria and Grab in Singapore have reinvigorated the economic landscapes that spawned them, and in the process energized their surrounding communities. They did this not by ignoring their competitors but by integrating community businesses into their own platforms, and by giving their users support — like insurance and online education — that go above and beyond simply linking providers to their patrons. 

Quote of the talk: “What all these [online marketplaces] have in common is that they transition this basic functionality of matching sellers and buyers from the physical world to the digital world and, by doing so, they can find better matches, do it faster, and ultimately unlock more value for everyone.”


Lorna Davis, business leader

Big idea: We need to break our obsession with heroes. Real change can only happen when we work together.

How? “In a world as complex and interconnected as the one we live in, the idea that one person has the answer is ludicrous,” says Davis. What we really need is “radical interdependence,” shaped by leaders who set different goals and ask others to help them solve big problems. Here’s the difference: whereas “hero” leaders see everyone else as a competitor or a follower, interdependent leaders understand that they need others and genuinely want input. Likewise, heroes set goals that can be delivered through individual results, while interdependent leaders set goals that one person or organization cannot possibly achieve alone. At TED@BCG, Davis sets an “interdependent” goal of her own — calling on the world to help her in her work to end rhino poaching.

Quote of the talk: “We don’t need heroes. We need radical interdependence — which is just another way of saying: we need each other.”

LongNowHow to Avoid a Negative Climate Future for the World’s Oceans

On September 25th, the UN-led Intergovernmental Panel on Climate Change (IPCC) released a landmark report on the impact of climate change on the world’s oceans. Over 100 authors from 36 countries analyzed the latest scientific findings on the cryosphere in a changing climate. The picture the report paints is dire, writes Robinson Meyer in The Atlantic:

While the report covers how climate change is reshaping the oceans and ice sheets, its deeper focus is how water, in all its forms, is closely tied to human flourishing. If our water-related problems are relatively easy to manage, then the problem of self-government is also easier. But if we keep spewing carbon pollution into the air, then the resulting planetary upheaval would constitute “a major strike against the human endeavor,” says Michael Oppenheimer, a lead author of the report and a professor of geosciences and international affairs at Princeton.

“We can adapt to this problem up to a point,” Oppenheimer told me. “But that point is determined by how strongly we mitigate greenhouse-gas emissions.”

If humanity manages to quickly lower its carbon pollution in the next few decades, then sea-level rise by 2100 may never exceed about one foot, the report says. This will be tough but manageable, Oppenheimer said. But if carbon pollution continues rising through the middle of the century, then sea-level rise by 2100 could exceed 2 feet 9 inches. Then “the job will be too big,” he said. “It will be an unmanageable problem.”

[…]

The headline finding of this report is that sea-level rise could be worse than we thought. The report’s projection of worst-case sea-level rise by 2100 is about 10 percent higher than the IPCC predicted five years ago. The IPCC has been steadily ratcheting up its sea-level-rise projections since its 2001 report, and it is likely to increase the numbers further in the 2021 report, when the IPCC runs a new round of global climate models.

The cascade of consequences related to sea-level rise include a decline in seafood safety, extreme flooding for coastal areas, a decline in biodiversity in the oceans, and the melting of glaciers in the United States, including ones major cities rely upon for water.

Unless policies are enacted to reduce carbon emissions now, many of the worst case scenarios outlined in the report might come to pass.

A new paper in Science details a “no-regrets to-do list” of ocean climate proposals that could be set in motion today. The proposals are based on another just-released report from the High Level Panel (HLP) for a Sustainable Ocean Economy that, the authors say, “provide hope and a path forward.”

The paper focuses on five areas of action mentioned in the report: renewable energy; shipping and transport; protection and restoration of coastal and marine ecosystems; fisheries, aquaculture, and shifting diets; and carbon storage in the seabed.

These five areas were identified, quantified, and evaluated relative to achieving the 2030 Agenda for Sustainable Development. The report concludes that these actions (in the right policy, investment, and technology environments) could reduce global GHG emissions by up to 4 billion tonnes of carbon dioxide equivalents in 2030 and by up to 11 billion tonnes in 2050. This could contribute as much as 21% of the emission reduction required in 2050 to limit warming to 1.5°C and 25% for a 2°C target. Reductions of this magnitude are larger than the annual emissions from all current coal-fired power plants worldwide.

The paper offers short-term and long-term proposals around these five action areas, and include setting “clear national targets for increasing the share of ocean-based renewable energy”; improving the fuel efficiency of ships; restoring coastal “blue carbon” ecosystems;  introducing seaweed to diets of sheep and cattle; encouraging diet shifts in humans to include more sources of sustainable low-carbon protein from the ocean,” and more.

“Make no mistake: These actions are ambitious,” the paper admits. “But we argue that they are necessary, could pay major dividends toward closing the emissions gap in coming decades, and achieve other co-benefits along the way.”

Another path forward was put forth earlier this summer by Revive & Restore. Its 200-page report provides the first-of-its-kind assessment of genomic and biotech innovations to complement, enhance, and accelerate today’s marine conservation strategies.

Revive & Restore’s mission is to enhance biodiversity through the genetic rescue of endangered and extinct species. In pursuit of this and in response to global threats to marine ecosystems, the organization conducted an Ocean Genomics Horizon Scan – interviewing almost 100 marine biologists, conservationists, and technologists representing over 60 institutions. Each was challenged to identify ways that rapid advances in genomics could be applied to address marine conservation needs. The resulting report is a first-of-its-kind assessment of  highlighting the opportunities to bring genomic insight and biotechnology innovations to complement current and future marine conservation.

Our research has shown that we now have the opportunity to apply biotechnology tools to help solve some of the most intractable problems in ocean conservation resulting from: overfishing, invasive species, biodiversity loss, habitat destruction, and climate change. This report presents the most current genomic solutions to these threats and develops 10 “Big Ideas” – which, if funded, can help build transformative change and be catalytic for marine health.

Learn More

Planet DebianBen Hutchings: Kernel Recipes 2019, part 1

This conference only has a single track, so I attended almost all the talks. This time I didn't take notes but I've summarised all the talks I attended.

Updated: Noted slides are available for all talks. Added links to the video streams.

ftrace: Where modifying a running kernel all started

Speaker: Steven Rostedt

Details and slides: https://kernel-recipes.org/en/2019/talks/ftrace-where-modifying-a-running-kernel-all-started/

Video: Youtube

This talk explains how the kernel's function tracing mechanism (ftrace) works, and describes some of its development history.

It was quite interesting, but you probably don't need to know this stuff unless you're touching the ftrace implementation.

Analyzing changes to the binary interface exposed by the Kernel to its modules

Speakers: Dodji Seketeli, Jessica Yu, Matthias Männich

Details and slides: https://kernel-recipes.org/en/2019/talks/analyzing-changes-to-the-binary-interface-exposed-by-the-kernel-to-its-modules/

Video: Youtube

The upstream kernel does not have a stable ABI (or API) for use by modules, but OS distributors often want to support the use of out-of-tree modules by ensuring that at least some subset of the kernel ABI remains stable within a given OS release.

Currently the kernel build process generates a "version" or "CRC" for each exported symbol by parsing the relevant type definitions. There is a load-time ABI check based on comparing these, and distributors can compare them at build time to detect ABI breaks. However this doesn't work that well and it's hard to work out what caused a change.

The speaker develops the "libabigail" library and tools. These can extract ABI definitions from standard debug information (DWARF), and then analyse and compare ABIs for different versions of a shared libraries, or of the Linux kernel and modules. They are likely to replace the kernel's current symbol versioning approach at some point. He talked about the capabilities of libabigail, plans for improving it, and some limitations of C ABI checkers.

BPF at Facebook

Speaker: Alexei Starovoitov

Details and slides: https://kernel-recipes.org/en/2019/talks/bpf-at-facebook/

Video: Youtube

The Berkeley Packet Filter (BPF) is a simple virtual machine implemented by several kernels. It allows user-space to add code that runs in kernel context, without compromising the integrity of the kernel.

In recent years Linux has extended this virtual machine architecture to create eBPF, which is expressive enough to be targeted by general-purpose compilers such as Clang and (in the near future) gcc. eBPF can be used for filtering network packets (the original purpose of BPF), tracing events, and many other purposes.

The speaker talked about practical experiences using eBPF with tracing at Facebook. These mainly involved investigating performance problems. He also talked about the difficulties of doing this on production servers without developer tools installed, and how this is being addressed.

Kernel hacking behind closed doors

Speaker: Thomas Gleixner

Details and slides: https://kernel-recipes.org/en/2019/talks/kernel-hacking-behind-closed-doors/

Video: Youtube

The speaker talked about how kernel developers and hardware vendors have been handling speculative execution vulnerabilities, and the friction between how the vendors' preferred process and the usual kernel development processes.

He described the mailing list manager he wrote to support discussion of security issues with a long embargo period, which sends and receives encrypted messages in both S/MIME and PGP/MIME formats (depending on the subscriber).

Finally he talked about the process that has been settled on for handling future issues of this time with minimal legal paperwork.

This was somewhat marred by a lawyer joke and a generally combative attitude to hardware vendors.

What To Do When Your Device Depends on Another One

Speaker: Rafael Wysocki

Details and slides: https://kernel-recipes.org/en/2019/talks/what-to-do-when-your-device-depends-on-another-one/

Video: Youtube

The Linux device model represents all devices as a simple hierarchy. Driver binding and unbinding (probe/remove), and power management operations, are sequenced based on the assumption that a device only depends on its parent in the device model.

On PCs, additional dependencies are often hidden behind abstractions such as ACPI, so that Linux does not need to be aware of them. On most embedded systems, however, such abstractions are usually missing and Linux does need to be aware of additional dependencies.

(A few years ago, the device driver core gained support for an error code from probe (-EPROBE_DEFER) that indicates that some dependency is not yet bound, and causes the device to be re-probed later. But this is an incomplete, stop-gap solution.)

The speaker described the new "device links" API which provides a way to record additional dependencies in the device model. The device driver core will use this information to sequence operations on multiple devices correctly.

Metrics are money

Speaker: Aurélien Rougemont

Details and slides: https://kernel-recipes.org/en/2019/metrics-are-money/

Video: Youtube

The speaker talked about several instances from his experience where system metrics were used to justify buying or rejecting new hardware. In some cases, these metrics were not accurate or consistent, which could lead to bad decisions. He made a plea for better documentation of metrics reported by the Linux kernel.

No NMI? No Problem! – Implementing Arm64 Pseudo-NMI

Speaker: Julien Thierry

Details and slides: https://kernel-recipes.org/en/2019/talks/no-nmi-no-problem-implementing-arm64-pseudo-nmi/

Video: Youtube

Linux typically uses Non-Maskable Interrupts (NMIs) for Performance Monitoring Unit (PMU) interrupts. NMIs are (almost) never disabled, so this allows interrupt handlers and other code that runs with interrupts disabled to be profiled accurately. On architectures that do not have NMIs, typically Linux can use the highest interrupt priority for this instead, and only mask the lower priorities.

On the Arm architecture, there is no NMI but there are two architectural interrupt priority levels (IRQ and FIQ). However on 64-bit Arm systems FIQ is typically reserved to system firmware so Linux only uses IRQ. This results in inaccurate profiling.

The speaker described the implementation of a pseudo-NMI for 64-bit Arm. This is done by leaving IRQs enabled on the CPU and masking them selectively on the Arm generic interrupt controller (GIC), which supports many more priority levels. However this effectively requires GIC v3 or v4 because these operations are prohibitively slow on earlier versions.

Marvels of Memory Auto-configuration (SPD)

Speaker: Jean Delvare

Details and slides: https://kernel-recipes.org/en/2019/marvels-of-memory-auto-configuration-also-known-as-spd/

Video: Youtube

The speaker talked about the history of standardised DRAM modules (SIMMs and DIMMs) and how system firmware can detect them and find out their size and timing requirements.

DIMMs expose this information through Serial Presence Detect (SPD) which until recently used standard 256-byte I²C EEPROMs.

For the latest generation of DIMMs (DDR4), the configuration information can be larger than 256 bytes and a new interface was required. Jean described and criticised this interfaces.

He also talked about the Linux drivers and utilities that can be used to read the SPD EEPROMs.

Planet DebianSylvain Beucler: RenPyWeb - one year

One year ago I posted a little entry in Ren'Py Jam 2018, which was the first-ever Ren'Py game directly playable in the browser :)

The Question Tutorial

Big thanks to Ren'Py's author who immediately showed full support for the project, and to all the other patrons who joined the effort!

One year later, RenPyWeb is officially integrated in Ren'Py with a one-click build, performances improved, countless little fixes to the Emscripten technology stack provided stability, and more than 60 games of all sizes were published for the web.

RenPyWeb

What's next? I have plans to download resources on-demand (rather than downloading the whole game on start-up), to improve support for mobile browsers, and of course to continue the myriad of little changes that make RenPyWeb more and more robust. I'm also wondering about making our web stack more widely accessible to Pygame, so as to bring more devs in the wonderful world of python-in-the-browser and improve the tech ecosystem - let me know if you're interested.

Hoping to see great new Visual Novels on the web this coming year :)

Planet DebianScarlett Gately Moore: Akademy! 2019 Edition

KDE Akademy 2019KDE Akademy 2019

 

I am happy to report yet another successful KDE Akademy! This will make my 5th Akademy 🙂 This year akademy was held in beautiful Milan, Italy. As usual we had so many great talks, you can read all about them here:

https://dot.kde.org/2019/09/10/akademy-2019-talks-heres-what-you-missed

My trip was shortened again due to flight availability, but I still got in some great BoF sessions. We were able to achieve some tasks and goals with the Fundraising Working Group. I hung out with the Neon team for a few, and it was decided I will continue the Debian merge and continue to keep the delta between Debian and neon as minimal as possible. This helps all deb based distributions in the end. I was also happy to see snaps are coming along nicely! There was a great BoF on user support, where we discussed trying to get users connected with the people that can answer questions. I believe we landed on Discourse, we are on the technical stage of making that happen.

The core of what makes Akademy so important is the networking of course. I was able to see many old friends and meet many new ones. I was so happy to see so many new faces this year! With each year our bunch has become more and more diverse, which is always a good thing. Face to face collaboration is very important in an environment where we mostly see text all day.

Until next year! Happy hacking and see you all around in the interwebs.

Scarlett

P.S. Stay tuned and I will have another post with everything I have been up to in the last year.

 

Planet DebianChris Lamb: Free software activities in September 2019

Here is my monthly update covering what I have been doing in the free software world during September 2019 (previous month):

  • Attended the launch event of OpenUK, a new organisation with the purpose of supporting the growth of free software, hardware and data. It was hosted at the House of Commons of the United Kingdom and turned out to be quite the night to be attending Parliament.

  • As part of my duties of being on the board of directors of the Open Source Initiative and Software in the Public Interest I attended their respective monthy meetings and participated in various licensing and other discussions occurring on the internet, as well as the usual internal discussions regarding logistics, policy etc.

  • Made a number of changes to my tickle-me-email library to implement Gettings Things Done-like behaviours in IMAP inboxes including:

    • Add support for a sendmail-like command. [...]
    • Don't require specifying the target of sent items in the send-later command [...] and decode messages correctly for the same command [...].
  • Opened pull requests to make the build reproducible in:

  • Opened a pull request for the memcached distributed memory object caching system to... correct the spelling of "ensure". [...]

  • More work on the Lintian static analysis tool for Debian packages, releasing versions 2.20.0, 2.21.0, 2.22.0, 2.23.0 & 2.24.0 as well as:


Reproducible builds

Whilst anyone can inspect the source code of free software for malicious flaws almost all software is distributed pre-compiled to end users.

The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

The initiative is proud to be a member project of the Software Freedom Conservancy, a not-for-profit 501(c)(3) charity focused on ethical technology and user freedom.

Conservancy acts as a corporate umbrella, allowing projects to operate as non-profit initiatives without managing their own corporate structure. If you like the work of the Conservancy or the Reproducible Builds project, please consider becoming an official supporter.

This month I:


I also made the following changes to our tooling:

diffoscope

diffoscope is our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues.

  • New features:

    • Add /srv/diffoscope/bin to the Docker image path. (#70)
    • When skipping tests due to the lack of installed tool, print the package that might provide it. [...]
    • Update the "no progressbar" logging message to match the parallel "missing tlsh module" warnings. [...]
    • Update "requires foo" messages to clarify that they are referring to Python modules. [...]
  • Testsuite updates

    • The test_libmix_differences ELF binary test requires the xxd tool. (#940645)
    • Build the OCaml test input files on-demand rather than shipping them with the package in order to prevent test failures with OCaml 4.08. (#67)
    • Also conditionally skip the identification and "no differences" tests as we require the Ocaml compiler to be present when building the test files themselves. (#940471)
    • Rebuild our test squashfs images to exclude the character device as they requires root or fakeroot to extract. (#65) [...]
  • Code cleanups, including dropping some unnecessary control flow [...], dropping unnecessary pass statements [...] and dropping explicitly inheriting from object class as it unnecessary in Python 3 [...].



Debian


Debian LTS

This month I have worked 18 hours on Debian Long Term Support (LTS) and 12 hours on its sister Extended LTS project.

You can find out more about the projects via the following video:


Uploads

  • redis (5.0.6-1) — New upstream release

  • python-django:

  • aptfs:

    • 1.0.0:
      • Port to Python 3.x. (#936131)
      • Move to a native package and import external Debian packaging from into this repository.
      • Add a pyproject.toml and apply the black source code formatter to the source tree.
      • Drop TODO file; we use our code hosting platform's issue tracker now.
    • 1.0.1 — Fix opening/reading of files after Python 3.x migration.
  • gunicorn:

    • 19.9.0-2 — Drop support for Python 2.x; the gunicorn package now provides the Python 3.x version. (#936679)
    • 19.9.0-3 — Port autopkgtests to Python 3.x.
    • 19.9.0-4 — Add a /usr/bin/gunicorn3/usr/bin/gunicorn compatibility symlink. (#939409)
  • installation-birthday (13):

    • Don't use the deprecated platform library. (#940803)
    • Add a gitlab-ci.yml.
    • Misc coding updates, inculding use the logging module's own string interpolation, not inheriting from object etc.
  • libfiu:

    • 1.00-1:

    • 1.00-2 — Also drop Python 2 support in the autopkgtests.

    • 1.00-3 — Patch the upstream Makefile to not build the Python 2.x bindings to ensure the tests pass.

  • memcached:

    • 1.5.17-1:
      • Adopt package. (#939425)
      • New upstream release. (#924584#939337#879797#835456#789835)
      • Source /etc/default/memcached in /etc/init.d/memcached. (#934542)
      • Add a Pre-Depends on ${misc:Pre-Depends} to ensure a correct dependency on init-system-helpers for the --skip-systemd-native flag.
      • Install README.damemtop to /usr/share/doc/memcached instead of under /usr/share/memcached
    • 1.5.17-2:
      • In the systemd .service file, specify a PIDFile under /run.
      • Add missing ${perl:Depends} to binary dependencies.
    • 1.5.18-1 — New upstream release

New upstream releases of bfs (1.5.1-1), django-auto-one-to-one (3.2.0-1), python-daiquiri (1.6.0-1), python-hiredis (1.0.0-1) and python-redis (3.3.7-1).

Finally, I sponsored uploads of adminer (4.7.3-1) and python-pyocr (0.7.2-1).


FTP Team

As a Debian FTP assistant I ACCEPTed 33 packages: crypto-policies, firmware-tomu, gdmd, golang-github-bruth-assert, golang-github-paypal-gatt, golang-github-rivo-uniseg, golang-github-xlab-handysort, golang-gopkg-libgit2-git2go.v28, icingaweb2-module-audit, icingaweb2-module-boxydash, icingaweb2-module-businessprocess, icingaweb2-module-cube, icingaweb2-module-director, icingaweb2-module-eventdb, icingaweb2-module-graphite, icingaweb2-module-map, icingaweb2-module-nagvis, icingaweb2-module-pnp, icingaweb2-module-statusmap, icingaweb2-module-x509, lazygit, ldh-gui-suite, meep, minder, node-solid-jose, ocaml-charinfo-width, ocaml-stdcompat, ppxfind, ppxlib, printrun, python-securesystemslib, sshesame & tpm2-initramfs-tool.

I additionally filed 6 RC bugs against packages that had potentially-incomplete debian/copyright files against crypto-policies, golang-github-paypal-gatt, icingaweb2-module-graphite, icingaweb2-module-statusmap, minder & printrun.

Planet DebianJonathan Carter: Free Software Activities (2019-09)

It’s been a busy month on a personal level so there’s a bunch of my Debian projects that have been stagnant this month, I hope to fix that over October/November.

Upload sponsoring: This month, when sponsoring package uploads for Debian, I prioritised Python team uploads above mentors.debian.net uploads (where I usually spend my reviewing attention). The Python 2 deprecation is turning out to be a lot of work so I think the Python team can do with a lot more support from everyone at this point.

DebConf: I resigned from the DebConf Committee, I might consider joining again if there’s a position open again in the future. I’m not going to DC20 so it seems like a good to cut back a bit to help me focus more on my technical projects. I’ll still be involved in the DebConf team. Over the next DebConf cycle I’ll still be involved in bursaries and want to cover a whole bunch of documentation and policy improvements that are sorely needed. I also want to finish up the ToeTally integration with Voctomix for the video team and hopefully try it out at a minidebconf within the next year.

Debian Live: calamares-settings-debian has been updated for bullseye, although as of this time we don’t have new images available with that yet. I started looking in to the vmdebootstrap deprecation, it’s going to be more work than I originally thought, so there’s a good possibility we might be switching to FAI for generating live images. I have a script called debmower that works ok and creates good images, but it’s a somewhat hacky shell script and if I ever had the time to rewrite it in Python I might propose that too, but unfortunately finding the time too maintain more things is hard, so I think FAI is the way to go. Isabelle Simpkins created testing artwork so that Debian testing images are easier to differentiate from the last stable release. These will be replaced in Debian as soon as the next release artwork is available.

Activity log:

2019-09-09: Upload package gdisk (1.0.4-2) to debian unstable (Adopting package, closes #939421).

2019-09-09: Upload package calamares (3.2.13-1) to debian unstable.

2019-09-09: Upload package gnome-shell-extension-dash-to-panel (23-1) to debian unstable.

2019-09-09: Upload package toot (0.23.1) to debian unstable.

2019-09-09: File upstream bug for toot crash when launching in tui mode (Toot #124).

2019-09-10: Upload package bluefish (2.2.10-2) to debian unstable (Adopting package, Closes: #922891, #936220).

2019-09-10: Seek feedback on bugs #844449, #852733.

2019-09-11: File removal of pythonqt from debian unstable (BTS: #940025).

2019-09-11: Orphan package golang-gopkg-flosch-pongo2.v3 (BTS: #940030).

2019-09-16: Upload package python3-aniso8601 (8.0.0-1) to debian unstable.

2019-09-16: Upload package gnome-shell-extension-remove-dropdown-arrows (12-1) to debian unstable.

2019-09-16: Upload package bluefish (2.10-3) to debian unstable.

2019-09-16: Upload package gnome-shell-extension-move-clock (1.01-2) to debian unstable.

2019-06-16: Upload package tanglet (1.5.4-2) to debian unstable.

2019-09-16: Upload package gdisk (1.0.4-3) to debian unstable.

2019-09-16: Upload package tetzle (2.1.4+dfsg1-3) to debian unstable.

2019-09-16: Upload package bcachefs-tools (0.1+git20190829.aa2a42b-1~exp1) to debian unstable.

2019-09-16: Review package python-flask-jwt-extended (3.21.0-1) (needs some work) (mentors.debian.net request).

2019-09-16: Sponsor package flask-jwt-simple (0.0.3-1) for debian unstable (mentors.debian.net request, RFS: #940102).

2019-09-16: Sponsor package python3-fastentrypoints (0.12-1) for debian experimental (mentors.debian.net request, RFS: #934054).

2019-09-16: Sponsor package python3-netsnmpagent (0.6.0-1) for debian experimental (mentors.debian.net request, RFS: #934056).

2019-09-16: Review package pydevd (1.6.1+git20190712.1267523+dfsg) (mentors.debian.net request), recommend that another reviewer give it a second pass.

2019-09-16: Sponsor package python3-aiosqlite (0.10.0-1) for debian unstable (mentors.debian.net request, RFS: #927702).

2019-09-16: Upload package python3-flask-silk (0.2-14) to debian unstable.

2019-09-16: Sponsor package membernator (1.0.1-1) for debian unstable (Python team request).

2019-09-16: Sponsor package cosmiq (1.6.0-1) for debian unstable (mentors.debian.net request).

2019-09-16: Sponsor package micropython (1.11-1) for debian unstable (mentors.debian.net request, RFS: #939189).

2019-09-16: Sponsor package oomd (0.1.0-1) for debian unstable (mentors.debian.net request, RFS: #939096).

2019-09-16: Sponsor package python3-enc (0.4.0-5) for debian unstable (Python team request).

2019-09-16: Review package pcapy () (needs some more work) (Python team request).

2019-09-16: Review package impacket () (needs some more work) (Python team request).

2019-09-16: Sponsor package python-guizero (1.0.0+dfgs1-1) (Python team request).

2019-09-17: Sponsor package sentry-python (0.9..5-2) for debian unstable (Python team request).

2019-09-17: Sponsor package supysonic (0.4.1-1) for debian unstable (Python team request).

2019-09-17: Sponsor package python3-aiohttp-wsgi (0.8.2-2) for debian unstable (Python team request).

2019-09-17: Sponsor package python3-onedrivesdk (1.1.8-1) for debian experimental (Python team request).

2019-09-17: Review package python3-ptvsd (4.3.0+dfsg-1) (needs some more work) (Python team request).

2019-09-17: Review package python3-flask-jwt-extended (3.21.0-1) (needs some more work) (Python team request).

2019-09-17: Review package python3-pydevd (1.7.1+dfsg-1) (needs some more work) (Python team request).

2019-09-17: Sponsor package python3-bidict (0.18.2-1) for debian unstable (Python team request).

2019-09-18: Upload package python3-enc (0.4.0-4) to debian unstable.

2019-09-18: Sponsor package python3-pydevd (1.7.1+dfsg1) for debian unstable (Python team request).

2019-09-18: Sponsor package python-aiohttp (3.6.0-1) for debian unstable (Python team request).

2019-09-18: Review package py-postgresql (1.2.1+git20180803.ef7b9a9-1) (needs some more work) (Python team request).

2019-09-18: Review package irker (2.18+dfsg-4) (needs some more work) (Python team request).

2019-09-18: Sponsor package py-postgresql (1.2.1+git20180803.ef7b9a9-1) for debian unstable (Python team request).

2019-09-18: Upload package irker (2.18+dfsg-4) to debian unstable (team upload / Python team sponsor request).

2019-09-18: Sponsor package sphinx-autodoc-typehints (1.8.0-1) for debian unstable (Python team request).

2019-09-18: Sponsor package python3-sentry-sdk (0.12.0-1) for debian unstable (Python team request).

2019-09-19: Review package vonsh (1.0) (needs some more work) (mentors.debian.net request).

2019-09-19: Upload package live-tasks (11.0.1) to debian unstable (Closes: #932780, #936953, #934522).

2019-09-19: Upload package python3-flask-autoindex (0.6.2-2) to debian unstable (Closes: #936523).

2019-09-19: Upload package python3-flask-autoindex (0.6.2-3) to debian unstable (Re-opens: #936523).

2019-09-20: Upload package gamemode (1.5~git20190812-107d469-1~exp1) to debian experimental.

2019-09-20: Upload package gnome-shell-extension-remove-dropdown-arrows (13-1) to debian unstable.

2019-09-20: Sponsor package django-sortedm2m (2.0.0dfsg.1-1) for debian experimental (Python team request).

2019-09-20: Sponsor package python3-anosql (1.0.1-1) for debian unstable (Python team request).

2019-09-23: Upload package gnome-shell-extension-disconnect-wifi (21-1~exp1) to debian experimental.

2019-09-23: Upload package toot (0.24.0-1) to debian unstable.

2019-09-23: Upload package gamemode (1.5~git20190812-107d469-1~exp2) to debian experimental.

2019-09-23: Review package python3-pympler () (needs some more work) (Python team request).

2019-09-23: Close previously fixed bug #914044 in tuxpaint.

2019-09-23: Upload package kpmcore (4.0.0-1~exp1) to debian experimental.

2019-09-23: Upload package kpmcore (4.0.0-1~exp2) to debian experimental.

2019-09-25: Sponsor package assaultcube-data (1.2.0.2.1-3) for debian unstable (mentors.debian.net request).

2019-09-25: Sponsor package assaultcube (1.2.0.2.1-2) for debian unstable (mentors.debian.net request).

2019-09-25: Review package cpupower-gui (0.7.0-1) (needs some more work) (mentors.debian.net request).

2019-09-25: Sponsor package pympler (0.7+dfsg1-1~exp1) for debian experimental (Python team request).

2019-09-25: Sponsor package sentry-python (0.12.2-1) for debian unstable (Python team request).

2019-09-25: Sponsor package python-aiohttp (3.6.1-1) for debian unstable (Python team request).

2019-09-25: Upload package calamares-settings-debian (11.0.1-1) to debian unstable.

2019-09-25: Merge MR#2 for live-wrapper (Debian BTS: #866183).

2019-09-25: File bug #941131 against qa.debian.org (“Make oustanding MRs more visible in DDPO pages).

2019-09-25: Sponsor package color-theme-modern (0.0.2+4.g42a7926-1) for debian unstable (RFS: #905246) (mentors.debian.net request).

2019-09-26: Sponsor package python3-flask-jwt-extended for debian unstable (RFS:#940075) (mentors.debian.net request).

2019-09-26: Upload package tuxpaint (0.9.24~git20190922-f7d30d-1~exp1) to debian experimental.

2019-09:26: Review package python3-in-toto (0.4.0-1) (needs some more work) (mentors.debian.net request).

2019-09:30: Forward Calamares bug #941301 “write two random seeds to locations for urandom init script and systemd-random-seed service” to upstream bug #1252.

2019-09-30: Sponsor package color-theme-modern (0.0.2+4.g42a7926-1) for debian unstable (RFS: #905246) (mentors.debian.net request).

Planet DebianSylvain Beucler: Debian LTS and ELTS - September 2019

Debian LTS Logo

Here is my transparent report for my work on the Debian Long Term Support (LTS) and Debian Extended Long Term Support (ELTS), which extend the security support for past Debian releases, as a paid contributor.

In September, the monthly sponsored hours were split evenly among contributors depending on their max availability - I was assigned 23.75h for LTS (out of 30 max) and 20h for ELTS (max).

I was again able to factor out some time between LTS and ELTS.

The qemu update required more testing than I expected, as it's used with lots of different CPU and disk backends.

ELTS - Wheezy

  • CVE-2019-13626/libsdl1.2: triage: mark postponed so it doesn't stay in the triage list
  • freetype: CVE-2015-9381,CVE-2015-9382,CVE-2015-9383 security upload
  • freetype: de-dup TEMP-0773084-4AB1FB / CVE-2014-9659
  • CVE-2019-13232/unzip: regression update (zipbomb)
  • CVE-2019-5481/curl: triage: not-affected
  • CVE-2019-1549/openssl: triage: not-affected
  • CVE-2019-16163/libonig: security upload
  • CVE-2019-2180/cups: triage: was fixed prior CVE assignment, no other significant vulnerability to fix, no upload
  • tomcat7: investigate upgrading to upstream stable version, so as to fix the currently failing testsuite; decide not to when realizing that means applying all upstream changes since 2012
  • CVE-2019-3689/nfs-utils: triage, contact package maintainer
  • CVE-2019-16935/python*: help Ola triage and assess severity

LTS - Jessie

  • freetype: CVE-2015-9381,CVE-2015-9382,CVE-2015-9383 security upload
  • radare2: triage: clarify status, add reference to ML discussion about its support
  • unzip: untriage: false-positive
  • CVE-2019-16163/libonig: security upload
  • qemu:
    • check status of unpublished prepared update for CVE-2016-5126,CVE-2016-5403,CVE-2017-9375,CVE-2017-15124,CVE-2019-12155
    • CVE-2017-11334: triage: clarify, keep postponed (known regression)
    • CVE-2017-13672: triage: ignored: minor issue, guest root DoS, too complex to backport
    • CVE-2017-15124: re-triage: ignored: identify regression in proposed update, too complex to backport; reference complementary VNC/SASL patch
    • CVE-2018-19665: triage: ignored: still no sanctioned patch, bluetooth subsystem deprecated
    • CVE-2018-15746: triage: ignored: non-default configuration, requires backported kernel and libseccomp
    • CVE-2019-12067: triage: postponed: no sanctioned patch
    • setup physical jessie box, test extensively (Xen, KVM, virt-manager/gnome-boxes, VNC, Spice, Windows, LVM, VirtIO, iSCSI...)
    • call for testing
    • security upload: pending update -CVE-2017-15124 +CVE-2019-12068,CVE-2019-13164,CVE-2019-14378,CVE-2019-15890

Documentation/Scripts

  • ASAN (Address Sanitizer): fix missing option and document limitations
  • tomcat: notes from last month about testing tomcat
  • qemu: summarize qemu top use cases
  • bin/contact-maintainers: fix Python 2 code leftover
  • Point out that the training / new member process could be more visible

Planet DebianNorbert Preining: TeX Live/Debian updates 20190930

TeX Live 2019 has seen already many updates since the initial upload to Debian, most of which I have never reported about. Today I have uploaded a new set of packages, based on the tlnet archives of 20190930.

The long list of updates is only from the last bunch, but contains a huge amount of stuff. If I would need to pick one interesting change that it is the introduction of development versions of LaTeX made accessible and testable.

Now for the full list of updates and new packages. Enjoy!

New packages

bxghost, circuit-macros, esindex, latex-amsmath-dev, latex-tools-dev, practicalreports, simpleoptics, step,

Updated packages

acro, algobox, almendra, amsmath, arara, axodraw2, babel, babel-french, beebe, biblatex, biblatex-apa, biblatex-bath, biblatex-oxref, biblatex-phys, bundledoc, caption, cellprops, checkcites, chemformula, chemmacros, circuitikz, clojure-pamphlet, ctanbib, datatool, datetime2-scottish, datetime2-serbian, ddphonism, derivative, dtk, ducksay, duckuments, ebgaramond-maths, e-french, etoolbox, exsheets, extract, filecontents, filecontentsdef, fncylab, gatherenum, glossaries, gnuplottex, harftex, hvfloat, hyperref, iodhbwm, ipaex, japanese-otf-uptex, japanese-otf-uptex-nonfree, jfmutil, jlreq, keyfloat, l3backend, l3build, l3experimental, l3kernel, latex-base-dev, latexbug, latexconfig, latex-graphics-dev, latexindent, libertinus-otf, listings, luaotfload, luatexja, luaxml, lwarp, marcellus, mathastext, mathfam256, mismath, newverbs, nicematrix, ocgx2, pdfpages, perltex, plantuml, platex-tools, plautopatch, poemscol, poormanlog, practicalreports, pythontex, scontents, skdoc, snapshot, spacingtricks, statistics, step, tagging, tcolorbox, testidx, tetex, tex4ht, texinfo, textcase, titlesec, tokcycle, tracklang, tuda-ci, unicode-math, updmap-map, upmethodology, uptex-base, xfakebold, xindex, xint, xits,

Worse Than FailureCodeSOD: Butting In

Initech is a large, international corporation. Any time you're doing business at a global scale, you're going to need to contend with a language barrier sooner or later. This makes employees who are multilingual valuable.

Dana recently joined Initech, and in the first week, was warned about Jerry. Jerry was the "chief" "architect" and team "lead", and was one of those special, valuable employees who spoke three languages. Correction, "spoke" needs scare quotes too, because Jerry was incomprehensible in every language he spoke, including his native tongue.

Jerry's emails were stuff of legend around the office. Punctuation was included, not to structure sentences, but as a kind of decoration, just to spice up his communiques. Capitalization was applied at random. Sentences weren't there to communicate a single thought or idea, but to express fragments of half considered dreams.

Despite being the "chief architect", Jerry's code was about as clear as his emails. His class definitions were rambling stretches of unrelated functionality, piled together into a ball of mud. Splattered through it all were blocks of commented out functionality. And 99.9% of his commits to master had syntax errors.

Why did his commits always have syntax errors? Jerry had never seen fit to install a C++ compiler on his machine, and instead pushed to master and let their CI system compile and find all his syntax errors. He'd then amend the commit to fix the errors, and woe betide anyone else working in the repo, because he'd next git push --force the amended commit. Then he'd fix the new round of syntax errors.

Their organization did have an official code review standard, but since no one understood any of Jerry's code, and Jerry was the "chief", Jerry reviewed his own code.

So, let's talk about enumerated types. A common practice in C++ enums is to include an extra value in the enum, just to make it easy to discover the size of the enum, like so:

enum Color { COLOR_RED, COLOR_BLACK, COLOR_BLUE, COLOR_SIZE }

COLOR_SIZE isn't actually a color value, but it tells you how many color values there are. This can be useful when working with a large team, as it's a sort of form of documentation. It also allows patterns like, `for (int i = 0; i < COLOR_SIZE; i++)…`. Of course, it only works when everyone follows the same convention.

Jerry couldn't remember the convention. So, in his native language, he invented a new one: he'd end all his enums with a _END instead of _SIZE. But Jerry also couldn't remember what the English word for "end" was. So he went off to Google Translate, and got an English translation.

Then he wrote code. Lots of code. No one got to review this code. Jerry touched everything, without worrying about what any other developer was doing.

This meant that before long, every enum in the system looked like this:

enum Color { COLOR_RED, COLOR_BLACK, COLOR_BLUE, COLOR_BUTT }

Eventually, Jerry left Initech. He'd found a position where he could be a CTO of a well-funded startup. The very same day, Dana submitted her largest pull request ever, where she removed every single one of Jerry's butts.

[Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

Planet DebianRuss Allbery: Haul post

It's been quite a while since I made one of these, and I... may have been supporting a lot of authors financially despite my huge to-read pile.

Louisa Alcott — Little Women (mainstream)
Louisa Alcott — Good Wives (mainstream)
Louisa Alcott — Little Men (mainstream)
Louisa Alcott — Jo's Boys (mainstream)
Ilona Andrews — Sweep of the Blade (sff)
Rachel Elise Barkow — Prisoners of Politics (nonfiction)
Becky Chambers — To Be Taught, If Fortunte (sff)
James Clear — Atomic Habits (nonfiction)
Michael Collins — Carrying the Fire (nonfiction)
Aliette de Bodard — In the Vanisher's Palace (sff)
Paul Dolan — Happy Ever After (nonfiction)
Benjamin Dreyer — Dreyer's English (nonfiction)
Amal El-Mohtar & Max Gladstone — This is How You Lose the Time War (sff)
Max Gladstone — Empress of Forever (sff)
Emily Guendelsberger — On the Clock (nonfiction)
Alix E. Harrow — The Ten Thousand Doors of January (sff)
Linda Hirshman — Reckoning (nonfiction)
Mike Isaac — Super Pumped (nonfiction)
E.K. Johnston — The Afterward (sff)
Jodi Kantor — She Said (nonfiction)
Guy Gavriel Kay — A Brightness Long Ago (sff)
Sarah Kendzior — The View from Flyover Country (nonfiction)
T. Kingfisher — Minor Mage (sff)
Karoliina Korhonen — Finnish Nightmares 2 (graphic novel)
Karoliina Korhonen — Matti in the Wallet (graphic novel)
Mary Robinette Kowal — The Fated Sky (sff)
Yoon Ha Lee — Hexarchate Stories (sff)
Mark Manson — The Subtle Art of Not Giving a F*ck (nonfiction)
Laurie J. Marks — Air Logic (sff)
Randall Munroe — How To (graphic novel)
Terry Pratchett — Lords and Ladies (sff)
Karl Schroeder — Stealing Worlds (sff)
Ryk E. Spoor — Challenges of the Deeps (sff)
J. Michael Straczynski — Becoming Superman (nonfiction)
P.L. Travers — Mary Poppins (children's)
P.L. Travers — Mary Poppins Comes Back (children's)
P.L. Travers — Mary Poppins Opens the Door (children's)
P.L. Travers — Mary Poppins in the Park (children's)
Jo Walton — Lent (sff)

Phew. I'm coming up on a vacation during which I'll have tons of time to read, but I still am buying books rather faster than reading them. Oh well, money into the pockets of authors, which is always a good thing.

There's a whole mess of non-fiction in there, since I've been in a mood of queuing up a lot of interesting-looking non-fiction to read. (I've resisted grabbing even more.) You might be able to tell that I've never made the transition to getting samples and only buying the book if the sample looks good. Or, for that matter, stopping reading a book if I'm not liking it.

There are also several new releases in there, which will probably be vacation reading, and a couple of books that I've already read but haven't written reviews of yet.

Planet DebianShirish Agarwal: India doesn’t need women or doctors

This is again going to be a long one hence I want to start by sharing some positive news first. Few days back, a vlogger Dhruv Rathee made a vlog review about Jatayu nature and park open in Kerala.

Now, why is it important and good. While it is a profitable initiative, it has been made by private money at the cost of INR 100 crores. It has been built which was a degraded barren land surrounded by forest. While one could argue that even such lands should not be disturbed and one perhaps might be right about that, the research I found seem to be inconclusive. I was looking at one study sometime back in which two adjacent plots of land were taken, both degraded, barren patches of land . One land was left alone while the other had some sort of stable, with animals in it, horses, pigs, donkey etc. and they left the land pretty much besides coming at intervals to see if the animal feed was good enough of them, veteniary medical checkups etc. At the end of couple of years, they checked the micro-nutrients of the soil to see which had more mico-nutrients. It was found out that the ones which had the animals was more fertile and had slightlly more/better ecosystem than the one which was left. IIRC, they published the result in some magazine like ‘Nature’ or some such peer-reviewed publication and other scientists were apply to replicate the results with varying degrees of success. While I remember the simplified version I am sure it is far more complex than I have described. One of the best things they have shared in the review, that the land has been leased from the State Govt. for a period of 30 years after which it will given back to the State of Kerala.

undefined

FWIW, Jatayu is the name of a mythological bird taken from Ramayana. Instead of wasting 3000 crores of taxpayer’s money for one single statue and instead invested in in health, education, safe drinking water, employment generation etc. it would have enriched not just the people benefiting from it, but also made x times productivity growth as it has been proved time and again that any improvement in people’s lives not just makes them better, but also enhances countries growth as well. I have given the number X as right now India has 0 people in its Statistical Commisson as the last two full-time membes resigned couple of years back. The only somewhat factual numbers that are in India are provided by CMIE which is a private institution and obviously doesn’t have neither the funds nor the reach that a Government body can. CMIE does share some interesting facts and figures but that probably is a story for another day. For those who might want to visit Jatayu can visit Jayatu Center website for the same. The image shared above is taken from keralatourism.org website and is copyrighted to them.

No Country for Women

While I have written on this topic a few times before, each time an incident happens and I feel do we really deserve women ? Many a times when a woman (young or old) goes to the police she is asked to present evidence. Now a young woman who was persistently blackmailed, raped by a person of the ruling party, a ‘Swami’ , a nomenclature reserved for a seer who is supposed to be beyond temptation presented 45 videos of the gentleman to the police. She also leaked couple in social media so that the videos don’t disappear into thin air and she and her family doesn’t get killed as was attempted in Unnao rape case. It is only because the facts came in public that the MLA accused in the Unnao rape case got expelled from the ruling partt, In fact, even the killers in Nirbhaya Rape case , even they haven’t been hanged.

Paper Clipping of Chinmayanand Rape Case

The sad part part is that in this case, even after evidence she has been asked to produce two witnesses who would say that she has been raped. I haven’t ever heard a more bizarre story while siding with the seer who has claimed that she was extorting money from him. The list goes just goes on and on, there were 6 women journalists who claimed sexual harassment against MJ Akbar. The case is on-going in the Supreme High Court where it will be heard now after Dusshera holidays. The last hearing was done on 9th September and will start anytime after 20th October when the Supreme Court starts. And there are several more cases, like the Kathua case rape, the Muzaffarpur Shelter home case, the case goes on and on. Sadly, we don’t even have latest stats as there are no statisticians in Indian Govt. and the only report we have is the 2016 NCRB report which does show the trend that there is rising crime in India. It is party to joblessness which is rampant, and partly perhaps of our conservative mindset towards sex, sex-education .

There were two good movies made in India on the subject, one which sank in Bollywood without a trace called Khandaani Shafakhana which more or less only talked about erectile dysfunction and tried to make few jokes about it. There was Vicky Donor which talked about sperm donation which did good business a while back. The movie which touched my heart recently was though was the malyalam movie called Peranmbu starring ever-green star Mammooty. While I don’t speak Malyalam, you may get the movie on netflix or Amazon prime with english subs. While I don’t want to give the whole story of the movie, there is one scene in which Mammooty visits a woman so he can hire a male escort for his daughter and gets slapped. Many people, especially boys didn’t like that scene and said why he had to go there, but as a viewer if you see the movie from a father’s eyes he did what any sane father who loves his child will do. While at the end, they didn’t give any solution to the issue or it got censored, when you see the movie you can imagine the plight of such children’s fathers, relatives etc. It is sad when such movies which make you think aren’t even part of the national discourse then how are people to grow their consciousness, their humanity. When I hear of such incidents as above, I genuinely, does India really need women ? Shouldn’t women coming from other countries to India be given travel advisories stating that they should either have black belt in Karate or some defence techniques and carry a deadly weapon with them all times to defend themselves from us. It seems we, Indian men have no control 😦

No Country for Doctors

India doesn’t seem to be a country for doctors as well. In 2017, in BRD Hospital at Gorakpur 63 children died due to oxygen supply issues. For this, four doctors and couple of staff were held responsible for their deaths. Dr. Kafeel Khan, Dr. RK Misra, Dr. Purnima Misra, Dr. Satish, Gajanand Jaiwal (pharmacist), Uday Pratap Sharma (Junior Clerk). All of them were put into jail. Few days back, only the three doctors have been put out on bail, all the others are still in jail. Now one of the local newspapers, Janata Ka reporter had done detailed investigative story which shows that the problems or issues were at top. In fact when they were appraised of the facts, Dr. Khan and all the accused together actually somehow scrapped together 500 oxygen cylinders out of their own money. This is when it was found out that the doctors were not paid salaries of 2-3 months. In fact, it has been a perennial issue and because of that more than 50-60% of the hospital staff posts were vacant, due to lack of money. When you see such news and reports, you feel that why doctors should study medicine after paying such high fees and practise in India. They should migrate to US and UK as many of their brethren do. They get better wages, better social security. Neither IMA came to their rescue nor anybody else. It was only local people, the patients, people who knew them and struggled for it. IMA has its own share of issues and politiking but that is perhaps best suited for another date. No wonder that the number of doctors emigrating overseas has risen and people do not want to go to remote posts. When motivated cases like these can happen in cities, then what hope the doctor has of justice or anything in villages. In fact, most doctors nowadays in India have multiple heatlh conditions due to work-related stresses and other things. It is by no perchance that we are most depressed country on earth. Not really the validation we are looking for, right.

,

TEDTrailblazers: A night of talks in partnership with The Macallan

Curators David Biello and Chee Pearlman host TED Salon: Trailblazers, in partnership with The Macallan, at the TED World Theater in New York City on June 27, 2019. (Photo: Photo: Ryan Lash / TED)

The event: TED Salon: Trailblazers, hosted by TED design and arts curator Chee Pearlman and TED science curator David Biello

When and where: Thursday, June 27, 2019, at the TED World Theater in New York City

The partner: The Macallan

Music: Sammy Rae & The Friends

The talks in brief:

Marcus Bullock, entrepreneur and justice reform advocate

  • Big idea: Over his eight-year prison sentence, Marcus Bullock was sustained by his mother’s love — and her photos of cheeseburgers. Years later, as an entrepreneur, he asked himself, “How can I help make it easier for other families to deliver love to their own incarcerated loved ones?”
    Communicating with prisoners is notoriously difficult and dominated by often-predatory telecommunications companies. By creating Flikshop — an app that allows inmates’ friends and families to send physical picture postcards into prison with the ease of texting — Marcus Bullock is bypassing the billion-dollar prison telecommunications industry and allowing hundreds of thousands of prisoners access to the same love and motivation that his mother gave him.
  • Quote of the talk: “I stand today with a felony, and just like millions of others around the country who also have that ‘F’ on their chest, just as my mom promised me many years ago, I wanted to show them that there was still life after prison.”

“It’s always better to collaborate with different communities rather than trying to speak for them,” says fashion designer Becca McCharen-Tran. She speaks at TED Salon: Trailblazers, in partnership with The Macallan, at the TED World Theater, June 27, 2019, New York, NY. (Photo: Ryan Lash / TED)

Becca McCharen-Tran, founder and creative director of bodywear line CHROMAT

  • Big idea: Fashion designers have a responsibility to create inclusive designs suited for all gender expressions, ages, ability levels, ethnicities and races — and by doing so, they can shatter our limited definition of beauty.
    From day one in school, fashion designers are taught to create for a certain type of body, painting “thin, white, cisgender, able-bodied, young models as the ideal,” says fashion designer Becca McCharen-Tran. This has made body-shaming a norm for so many who strive to assimilate to the illusion of perfection in fashion imagery. McCharen-Tran believes creators are responsible for reimagining and expanding what a “bikini body” is. Her swimwear focused clothing line CHROMAT celebrates beauty in all its forms. They unapologetically counter the narrative through inclusive, explosive designs that welcome all of the uniqueness that comes with being a human.
  • Quote of the talk: “Inclusivity means nothing if it’s only surface level … who is making the decisions behind the scenes is just as important. It’s imperative to include diverse decision-makers in the process, and it’s always better to collaborate with different communities rather than trying to speak for them.”

Amy Padnani, editor at the New York Times (or, as some of her friends call her, the “Angel of Death”)

  • Big idea: No one deserves to be overlooked in life, even in death.
    Padnani created “Overlooked,” a New York Times series that recognizes the stories of dismissed and marginalized people. Since 1851, the newspaper has published thousands of obituaries for individuals like heads of state and celebrities, but only a small amount of those obits chronicled the lives of women and people of color. With “Overlooked,” Padnani forged a path for the publication to right the wrongs of the past while refocusing society’s lens on who’s considered important. Powerful in its ability to perspective-shift and honor those once ignored, “Overlooked” is also on track to become a Netflix series.
  • Fun fact: Prior to Padnani’s breakout project, the New York Times had yet to publish obituaries on notable individuals in history such as Ida B. Wells, Sylvia Plath, Ada Lovelace and Alan Turing.

Sam Van Aken shares the work behind the “Tree of 40 Fruit,” an ongoing series of hybridized fruit trees that grow multiple varieties of stone fruit. He speaks at TED Salon: Trailblazers, in partnership with The Macallan, at the TED World Theater, June 27, 2019, New York, NY. (Photo: Ryan Lash / TED)

Sam Van Aken, multimedia contemporary artist, art professor at Syracuse University in New York and creator of the Tree of 40 Fruit

  • Big idea: Many of the fruits that have been grown in the US were originally brought there by immigrants. But due to industrialization, disease and climate change, American farmers produce just a fraction of the types available a century ago. Sam Van Aken has hand-grafted heirloom varieties of stone fruit — peaches, plums, apricots, nectarines and cherries — to make the “Tree of 40 Fruit.” What began as an art project to showcase their multi-hued blossoms has become a living archive of rare specimens and their histories; a hands-on (and delicious!) way to teach people about conservation and cultivation; and a vivid symbol of the need for biodiversity in order to ensure food security. Van Aken has created and planted his trees at museums and at people’s homes, and his largest project to date is the 50-tree Open Orchard — which, in total, will possess 200 varieties originated or historically grown in the region — on Governor’s Island in New York City.
  • Fun fact: One hundred years ago, there were over 2,000 varieties of peaches, nearly 2,000 varieties of plums, and nearly 800 named apple varieties grown in the United States.
  • Quote of the talk: “More than just food, embedded in these fruit is our culture. It’s the people who cared for and cultivated them, who valued them so much that they brought them here with them as a connection to their homes, and it’s the way they passed them on and shared them. In many ways, these fruit are our story.”

Removing his primetime-ready makeup, Lee Thomas shares his personal story of living with vitiligo. He speaks at TED Salon: Trailblazers, in partnership with The Macallan, at the TED World Theater, June 27, 2019, New York, NY. (Photo: Ryan Lash / TED)

Lee Thomas, broadcast journalist

  • Big idea: Despite having a disease that left him vulnerable to stares in public, Lee Thomas discovered he could respond to ignorance and fear with engagement and dialogue.
    As a news anchor, Lee Thomas used makeup to hide the effects of vitiligo, an autoimmune disorder that left large patches of his skin without pigmentation. But without makeup, he was vulnerable to derision — until he decided to counter misunderstanding with eye contact and conversation. Ultimately, an on-camera story on his condition led him to start a support group and join others in celebrating World Vitiligo Day.
  • Quote of the talk: “Positivity is something worth fighting for — and the fight is not with others, it’s internal. If you want to make positive changes in your life, you have to consistently be positive.”

TEDWeaving Community: Notes from Session 1 of TEDSummit 2019

Hosts Bruno Giussani and Helen Walters open Session 1: Weaving Community on July 21, 2019, Edinburgh, Scotland. (Photo: Bret Hartman / TED)

The stage is set for TEDSummit 2019: A Community Beyond Borders! During the opening session, speakers and performers explored themes of competition, political engagement and longing — and celebrated the TED communities (representing 84 countries) gathered in Edinburgh, Scotland to forge TED’s next chapter.

The event: TEDSummit 2019, Session 1: Weaving Community, hosted by Bruno Giussani and Helen Walters

When and where: Sunday, July 21, 2019, 5pm BST, at the Edinburgh Convention Centre in Edinburgh, Scotland

Speakers: Pico Iyer, Jochen Wegner, Hajer Sharief, Mariana Lin, Carole Cadwalladr, Susan Cain with Min Kym

Opening: A warm Scottish welcome from raconteur Mackenzie Dalrymple

Music: Findlay Napier and Gillian Frame performing selections from The Ledger, a series of Scottish folk songs

The talks in brief:

“Seeming happiness can stand in the way of true joy even more than misery does,” says writer Pico Iyer. (Photo: Ryan Lash / TED)

Pico Iyer, novelist and nonfiction author

Big idea: The opposite of winning isn’t losing; it’s failing to see the larger picture.

Why? As a child in England, Iyer believed the point of competition was to win, to vanquish one’s opponent. Now, some 50 years later and a resident of Japan, he’s realized that competition can be “more like an act of love.” A few times a week, he plays ping-pong at his local health club. Games are played as doubles, and partners are changed every five minutes. As a result, nobody ends up winning — or losing — for long. Iyer has found liberation and wisdom in this approach. Just as in a choir, he says, “Your only job is to play your small part perfectly, to hit your notes with feeling and by so doing help to create a beautiful harmony that’s much greater than the sum of its parts.”

Quote of the talk: “Seeming happiness can stand in the way of true joy even more than misery does.”


Jochen Wegner, journalist and editor of Zeit Online

Big idea: The spectrum of belief is as multifaceted as humanity itself. As social media segments us according to our interests, and as algorithms deliver us increasingly homogenous content that reinforces our beliefs, we become resistant to any ideas — or even facts — that contradict our worldview. The more we sequester ourselves, the more divided we become. How can we learn to bridge our differences?

How? Inspired by research showing that one-on-one conversations are a powerful tool for helping people learn to trust each other, Zeit Online built Germany Talks, a “Tinder for politics” that facilitates “political arguments” and face-to-face meetings between users in an attempt to bridge their points-of-view on issues ranging from immigration to same-sex marriage. With Germany Talks (and now My Country Talks and Europe Talks) Zeit has facilitated conversations between thousands of Europeans from 33 countries.

Quote of the talk: “What matters here is not the numbers, obviously. What matters here is whenever two people meet to talk in person for hours, without anyone else listening, they change — and so do our societies. They change, little by little, discussion by discussion.”


“The systems we have nowadays for political decision-making are not from the people for the people — they have been established by the few, for the few,” says activist Hajer Sharief. She speaks at TEDSummit: A Community Beyond Borders, July 21, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

Hajer Sharief, activist and cofounder of the Together We Build It Foundation

Big Idea: People of all genders, ages, races, beliefs and socioeconomic statuses should participate in politics.

Why? Hajer Sharief’s native Libya is recovering from 40 years of authoritarian rule and civil war. She sheds light on the way politics are involved in every aspect of life: “By not participating in it, you are literally allowing other people to decide what you can eat, wear, if you can have access to healthcare, free education, how much tax you pay, when can you retire, what is your pension,” she says. “Other people are also deciding whether your race is enough to consider you a criminal, or if your religion or nationality are enough to put you on a terrorist list.” When Sharief was growing up, her family held weekly meetings to discuss family issues, abiding by certain rules to ensured everyone was respectful and felt free to voice their thoughts. She recounts a meeting that went badly for her 10-year-old self, resulting in her boycotting them altogether for many years — until an issue came about which forced her to participate again. Rejoining the meetings was a political assertion, and it helped her realize an important lesson: you are never too young to use your voice — but you need to be present for it to work.

Quote of talk: “Politics is not only activism — it’s awareness, it’s keeping ourselves informed, it’s caring for facts. When it’s possible, it is casting a vote. Politics is the tool through which we structure ourselves as groups and societies.”


Mariana Lin, AI character designer and principal writer for Siri

Big idea: Let’s inject AI personalities with the essence of life: creativity, weirdness, curiosity, fun.

Why? Tech companies are going in two different directions when it comes to creating AI personas: they’re either building systems that are safe, flat, stripped of quirks and humor — or, worse, they’re building ones that are fully customizable, programmed to say just what you want to hear, just how you like to hear it. While this might sound nice at first, we’re losing part of what makes us human in the process: the friction and discomfort of relating with others, the hard work of building trusting relationships. Mariana Lin calls for tech companies to try harder to truly bring AI to life — in all its messy, complicated, uncomfortable glory. For starters, she says, companies can hire a diverse range of writers, creatives, artists and social thinkers to work on AI teams. If the people creating these personalities are as diverse as the people using it — from poets and philosophers to bankers and beekeepers — then the future of AI looks bright.

Quote of the talk: “If we do away with the discomfort of relating with others not exactly like us, with views not exactly like ours — we do away with what makes us human.”


In 2018, Carole Cadwalladr exposed Cambridge Analytica’s attempt to influence the UK Brexit vote and the 2016 US presidential election via personal data on Facebook. She’s still working to sound the alarm. She speaks at TEDSummit: A Community Beyond Borders, July 21, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

Carole Cadwalladr, investigative journalist, interviewed by TED curator Bruno Giussani

Big idea: Companies that collect and hoard our information, like Facebook, have become unthinkably powerful global players — perhaps more powerful than governments. It’s time for the public hold them accountable.

How? Tech companies with offices in different countries must obey the laws of those nations. It’s up to leaders to make sure those laws are enforced — and it’s up to citizens to pressure lawmakers to further tighten protections. Despite legal and personal threats from her adversaries, Carole Cadwalladr continues to explore the ways in which corporations and politicians manipulate data to consolidate their power.

Quote to remember: “In Britain, Brexit is this thing which is reported on as this British phenomenon, that’s all about what’s happening in Westminster. The fact that actually we are part of something which is happening globally — this rise of populism and authoritarianism — that’s just completely overlooked. These transatlantic links between what is going on in Trump’s America are very, very closely linked to what is going on in Britain.”


Susan Cain meditates on how the feeling of longing can guide us to a deeper understanding of ourselves, accompanied by Min Kym on violin, at TEDSummit: A Community Beyond Borders. July 21, 2019, Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Susan Cain, quiet revolutionary, with violinist Min Kym

Big idea: Life is steeped in sublime magic that you can tap into, opening a whole world filled with passion and delight.

How? By forgoing constant positivity for a state of mind more exquisite and fleeting — a place where light (joy) and darkness (sorrow) meet, known to us all as longing. Susan Cain weaves her journey in search for the sublime with the splendid sounds of Min Kym on violin, sharing how the feeling of yearning connects us to each other and helps us to better understand what moves us deep down.

Quote of the talk: “Follow your longing where it’s telling you to go, and may it carry you straight to the beating heart of the perfect and beautiful world.”

TEDStages of Life: Notes from Session 5 of TEDSummit 2019

Yilian Cañizares rocks the TED stage with a jubilant performance of her signature blend of classic jazz and Cuban rhythms. She performs at TEDSummit: A Community Beyond Borders, July 24, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

The penultimate session of TEDSummit 2019 had a bit of everything — new thoughts on aging, loneliness and happiness as well as breakthrough science, music and even a bit of comedy.

The event: TEDSummit 2019, Session 5: Stages of Life, hosted by Kelly Stoetzel and Alex Moura

When and where: Wednesday, July 24, 2019, 5pm BST, at the Edinburgh Convention Centre in Edinburgh, Scotland

Speakers: Nicola Sturgeon, Sonia Livingstone, Howard Taylor, Sara-Jane Dunn, Fay Bound Alberti, Carl Honoré

Opening: Raconteur Mackenzie Dalrymple telling the story of the Goodman of Ballengeich

Music: Yilian Cañizares and her band, rocking the TED stage with a jubilant performance that blends classic jazz and Cuban rhythms

Comedy: Amidst a head-spinning program of big (and often heavy) ideas, a welcomed break from comedian Omid Djalili, who lightens the session with a little self-deprecation and a few barbed cultural observations

The talks in brief:

“In the world we live in today, with growing divides and inequalities, with disaffection and alienation, it is more important than ever that we … promote a vision of society that has well-being, not just wealth, at its very heart,” says Nicola Sturgeon, First Minister of Scotland. She speaks at TEDSummit: A Community Beyond Borders, July 24, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Nicola Sturgeon, First Minister of Scotland

Big idea: It’s time to challenge the monolithic importance of GDP as a quality-of-life metric — and paint a broader picture that also encompasses well-being.

How? In 2018, Scotland, Iceland and New Zealand established the Wellbeing Economy Governments group to challenge the supremacy of GDP. The leaders of these countries — who are, incidentally, all women — believe policies that promote happiness (including equal pay, childcare and paternity rights) could help decrease alienation in its citizens and, in turn, build resolve to confront global challenges like inequality and climate change.

Quote of the talk: “Growth in GDP should not be pursued at any and all cost … The goal of economic policy should be collective well-being: how happy and healthy a population is, not just how wealthy a population is.”


Sonia Livingstone, social psychologist

Big idea: Parents often view technology as either a beacon of hope or a developmental poison, but the biggest influence on their children’s life choices is how they help them navigate this unavoidable digital landscape. Society as a whole can positively impact these efforts.

How? Sonia Livingstone’s own childhood was relatively analog, but her research has been focused on how families embrace new technology today. Changes abound in the past few decades — whether it’s intensified educational pressures, migration, or rising inequality — yet it’s the digital revolution that remains the focus of our collective apprehension. Livingstone’s research suggests that policing screen time isn’t the answer to raising a well-rounded child, especially at a time when parents are trying to live more democratically with their children by sharing decision-making around activities like gaming and exploring the internet. Leaders and institutions alike can support a positive digital future for children by partnering with parents to guide activities within and outside of the home. Instead of criticizing families for their digital activities, Livingstone thinks we should identify what real-world challenges they’re facing, what options are available to them and how we can support them better.

Quote of the talk: “Screen time advice is causing conflict in the family, and there’s no solid evidence that more screen time increases childhood problems — especially compared with socio-economic or psychological factors. Restricting children breeds resistance, while guiding them builds judgment.”


Howard Taylor, child safety advocate

Big idea: Violence against children is an endemic issue worldwide, with rates of reported incidence increasing in some countries. We are at a historical moment that presents us with a unique opportunity to end the epidemic, and some countries are already leading the way.

How? Howard Taylor draws attention to Sweden and Uganda, two very different countries that share an explicit commitment to ending violence against children. Through high-level political buy-in, data-driven strategy and tactical legislative initiatives, the two countries have already made progress on. These solutions and others are all part of INSPIRE, a set of strategies created by an alliance of global organizations as a roadmap to eliminating the problem. If we put in the work, Taylor says, a new normal will emerge: generations whose paths in life will be shaped by what they do — not what was done to them.

Quote of the talk: “What would it really mean if we actually end violence against children? Multiply the social, cultural and economic benefits of this change by every family, every community, village, town, city and country, and suddenly you have a new normal emerging. A generation would grow up without experiencing violence.”


“The first half of this century is going to be transformed by a new software revolution: the living software revolution. Its impact will be so enormous that it will make the first software revolution pale in comparison,” says computational biologist Sara-Jane Dunn. She speaks at TEDSummit: A Community Beyond Borders, July 24, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Sara-Jane Dunn, computational biologist

Big idea: In the 20th century, computer scientists inscribed machine-readable instructions on tiny silicon chips, completely revolutionizing our lives and workplaces. Today, a “living software” revolution centered around organisms built from programmable cells is poised to transform medicine, agriculture and energy in ways we can scarcely predict.

How? By studying how embryonic stem cells “decide” to become neurons, lung cells, bone cells or anything else in the body, Sara-Jane Dunn seeks to uncover the biological code that dictates cellular behavior. Using mathematical models, Dunn and her team analyze the expected function of a cellular system to determine the “genetic program” that leads to that result. While they’re still a long way from compiling living software, they’ve taken a crucial early step.

Quote of the talk: “We are at the beginning of a technological revolution. Understanding this ancient type of biological computation is the critical first step. And if we can realize this, we would enter into the era of an operating system that runs living software.”


Fay Bound Alberti, cultural historian

Big idea: We need to recognize the complexity of loneliness and its ever-transforming history. It’s not just an individual and psychological problem — it’s a social and physical one.

Why? Loneliness is a modern-day epidemic, with a history that’s often recognized solely as a product of the mind. Fay Bound Alberti believes that interpretation is limiting. “We’ve neglected [loneliness’s] physical effects — and loneliness is physical,” she says. She points to how crucial touch, smell, sound, human interaction and even nostalgic memories of sensory experiences are to coping with loneliness, making people feel important, seen and helping to produce endorphins. By reframing our perspective on this feeling of isolation, we can better understand how to heal it.

Quote of talk: “I am suggesting we need to turn to the physical body, we need to understand the physical and emotional experiences of loneliness to be able to tackle a modern epidemic. After all, it’s through our bodies, our sensory bodies, that we engage with the world.”

Fun fact: “Before 1800 there was no word for loneliness in the English language. There was something called: ‘oneliness’ and there were ‘lonely places,’ but both simply meant the state of being alone. There was no corresponding emotional lack and no modern state of loneliness.”


“Whatever age you are: own it — and then go out there and show the world what you can do!” says Carl Honoré. He speaks at TEDSummit: A Community Beyond Borders, July 24, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

Carl Honoré, writer, thinker and activist

Big idea: Stop the lazy thinking around age and the “cult of youth” — it’s not all downhill from 40.

How? We need to debunk the myths and stereotypes surrounding age — beliefs like “older people can’t learn new things” and “creativity belongs to the young.” There are plenty of trailblazers and changemakers who came into their own later in life, from artists and musicians to physicists and business leaders. Studies show that people who fear and feel bad about aging are more likely to suffer physical effects as if age is an actual affliction rather than just a number. The first step to getting past that is by creating new, more positive societal narratives. Honoré offers a set of simple solutions — the two most important being: check your language and own your age. Embrace aging as an adventure, a process of opening rather than closing doors. We need to feel better about aging in order to age better.

Quote of the talk: “Whatever age you are: own it — and then go out there and show the world what you can do!”

TEDAnthropo Impact: Notes from Session 2 of TEDSummit 2019

Radio Science Orchestra performs the musical odyssey “Prelude, Landing, Legacy” in celebration of the 50th anniversary of the Apollo 11 moon landing at TEDSummit: A Community Beyond Borders, July 22, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Session 2 of TEDSummit 2019 is all about impact: the actions we can take to solve humanity’s toughest challenges. Speakers and performers explore the perils — from melting glaciers to air pollution — along with some potential fixes — like ocean-going seaweed farms and radical proposals for how we can build the future.

The event: TEDSummit 2019, Session 2: Anthropo Impact, hosted by David Biello and Chee Pearlman

When and where: Monday, July 22, 2019, 5pm BST, at the Edinburgh Convention Centre in Edinburgh, Scotland

Speakers: Tshering Tobgay, María Neira, Tim Flannery, Kelly Wanser, Anthony Veneziale, Nicola Jones, Marwa Al-Sabouni, Ma Yansong

Music: Radio Science Orchestra, performing the musical odyssey “Prelude, Landing, Legacy” in celebration of the 50th anniversary of the Apollo 11 moon landing (and the 100th anniversary of the theremin’s invention)

… and something completely different: Improv maestro Anthony Veneziale, delivering a made-up-on-the-spot TED Talk based on a deck of slides he’d never seen and an audience-suggested topic: “the power of potatoes.” The result was … surprisingly profound.

The talks in brief:

Tshering Tobgay, politician, environmentalist and former Prime Minister of Bhutan

Big idea: We must save the Hindu Kush Himalayan glaciers from melting — or else face dire, irreversible consequences for one-fifth of the global population.

Why? The Hindu Kush Himalayan glaciers are the pulse of the planet: their rivers alone supply water to 1.6 billion people, and their melting would massively impact the 240 million people across eight countries within their reach. Think in extremes — more intense rains, flash floods and landslides along with unimaginable destruction and millions of climate refugees. Tshering Togbay telegraphs the future we’re headed towards unless we act fast, calling for a new intergovernmental agency: the Third Pole Council. This council would be tasked with monitoring the glaciers’ health, implementing policies to protect them and, by proxy, the billions of who depend of them.

Fun fact: The Hindu Kush Himalayan glaciers are the world’s third-largest repository of ice (after the North and South poles). They’re known as the “Third Pole” and the “Water Towers of Asia.”


Air pollution isn’t just bad for the environment — it’s also bad for our brains, says María Neira. She speaks at TEDSummit: A Community Beyond Borders, July 22, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

María Neira, public health leader

Big idea: Air pollution isn’t just bad for our lungs — it’s bad for our brains, too.

Why? Globally, poor air quality causes seven million premature deaths per year. And all this pollution isn’t just affecting our lungs, says María Neira. An emerging field of research is shedding a light on the link between air pollution and our central nervous systems. The fine particulate matter in air pollution travels through our bloodstreams to our major organs, including the brain — which can slow down neurological development in kids and speed up cognitive decline in adults. In short: air pollution is making us less intelligent. We all have a role to play in curbing air pollution — and we can start by reducing traffic in cities, investing in clean energy and changing the way we consume.

Quote of the talk: “We need to exercise our rights and put pressure on politicians to make sure they will tackle the causes of air pollution. This is the first thing we need to do to protect our health and our beautiful brains.”


Tim Flannery, environmentalist, explorer and professor

Big idea: Seaweed could help us drawdown atmospheric carbon and curb global warming.

How? You know the story: the blanket of CO2 above our heads is driving adverse climate changes and will continue to do so until we get it out of the air (a process known as “drawdown”). Tim Flannery thinks seaweed could help: it grows fast, is made out of productive, photosynthetic tissue and, when sunk more than a kilometer deep into the ocean, can lock up carbon long-term. If we cover nine percent of the ocean surface in seaweed farms, for instance, we could sequester the same amount of CO2 we currently put into the atmosphere. There’s still a lot to figure, Flannery notes —  like how growing seaweed at scale on the ocean surface will affect biodiversity down below — but the drawdown potential is too great to allow uncertainty to stymie progress.

Fun fact: Seaweed is the most ancient multicellular life known, with more genetic diversity than all other multicellular life combined.


Could cloud brightening help curb global warming? Kelly Wanser speaks at TEDSummit: A Community Beyond Borders, July 22, 2019, in Edinburgh, Scotland. Photo: Bret Hartman / TED

Kelly Wanser, geoengineering expert and executive director of SilverLining

Big idea: The practice of cloud brightening — seeding clouds with sea salt or other particulates to reflect sunshine back into space — could partially offset global warming, giving us crucial time while we figure out game-changing, long-term solutions.

How: Starting in 2020, new global regulations will require ships to cut emissions by 85 percent. This is a good thing, right? Not entirely, says Kelly Wanser. It turns out that when particulate emissions (like those from ships) mix with clouds, they make the clouds brighter — enabling them to reflect sunshine into space and temporarily cool our climate. (Think of it as the ibuprofen for our fevered climate.) Wanser’s team and others are coming up with experiments to see if “cloud-brightening” proves safe and effective; some scientists believe increasing the atmosphere’s reflectivity by one or two percent could offset the two degrees celsius of warming that’s been forecasted for earth. As with other climate interventions, there’s much yet to learn, but the potential benefits make those efforts worth it. 

An encouraging fact: The global community has rallied to pull off this kind of atmospheric intervention in the past, with the 1989 Montreal Protocol.


Nicola Jones, science journalist

Big idea: Noise in our oceans — from boat motors to seismic surveys — is an acute threat to underwater life. Unless we quiet down, we will irreparably damage marine ecosystems and may even drive some species to extinction.

How? We usually think of noise pollution as a problem in big cities on dry land. But ocean noise may be the culprit behind marine disruptions like whale strandings, fish kills and drops in plankton populations. Fortunately, compared to other climate change solutions, it’s relatively quick and easy to dial down our noise levels and keep our oceans quiet. Better ship propellor design, speed limits near harbors and quieter methods for oil and gas prospecting will all help humans restore peace and quiet to our neighbors in the sea.

Quote of the talk: “Sonar can be as loud as, or nearly as loud as, an underwater volcano. A supertanker can be as loud as the call of a blue whale.”


TED curator Chee Pearlman (left) speaks with architect Marwa Al-Sabouni at TEDSummit: A Community Beyond Borders. July 22, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

Marwa Al-Sabouni, architect, interviewed by TED curator Chee Pearlman

Big idea: Architecture can exacerbate the social disruptions that lead to armed conflict.

How? Since the time of the French Mandate, officials in Syria have shrunk the communal spaces that traditionally united citizens of varying backgrounds. This contributed to a sense of alienation and rootlessness — a volatile cocktail that built conditions for unrest and, eventually, war. Marwa Al-Sabouni, a resident of Homs, Syria, saw firsthand how this unraveled social fabric helped reduce the city to rubble during the civil war. Now, she’s taking part in the city’s slow reconstruction — conducted by citizens with little or no government aid. As she explains in her book The Battle for Home, architects have the power (and the responsibility) to connect a city’s residents to a shared urban identity, rather than to opposing sectarian groups.

Quote of the talk: “Syria had a very unfortunate destiny, but it should be a lesson for the rest of the world: to take notice of how our cities are making us very alienated from each other, and from the place we used to call home.”


“Architecture is no longer a function or a machine for living. It also reflects the nature around us. It also reflects our soul and the spirit,” says Ma Yansong. He speaks at TEDSummit: A Community Beyond Borders. July 22, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

Ma Yansong, architect and artist

Big Idea: By creating architecture that blends with nature, we can break free from the “matchbox” sameness of many city buildings.

How? Ma Yansong paints a vivid image of what happens when nature collides with architecture — from a pair of curvy skyscrapers that “dance” with each other to buildings that burst out of a village’s mountains like contour lines. Yansong embraces the shapes of nature — which never repeat themselves, he notes — and the randomness of hand-sketched designs, creating a kind of “emotional scenery.” When we think beyond the boxy geometry of modern cities, he says, the results can be breathtaking.

Quote of talk: “Architecture is no longer a function or a machine for living. It also reflects the nature around us. It also reflects our soul and the spirit.”

TEDThe Big Rethink: Notes from Session 3 of TEDSummit 2019

Marco Tempest and his quadcopters perform a mind-bending display that feels equal parts science and magic at TEDSummit: A Community Beyond Borders, July 23, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

In an incredible session, speakers and performers laid out the biggest problems facing the world — from political and economic catastrophe to rising violence and deepfakes — and some new thinking on solutions.

The event: TEDSummit 2019, Session 3: The Big Rethink, hosted by Corey Hajim and Cyndi Stivers

When and where: Tuesday, July 23, 2019, 5pm BST, at the Edinburgh Convention Centre in Edinburgh, Scotland

Speakers: George Monbiot, Nick Hanauer, Raghuram Rajan, Marco Tempest, Rachel Kleinfeld, Danielle Citron, Patrick Chappatte

Music: KT Tunstall sharing how she found her signature sound and playing her hits “Miniature Disasters,” “Black Horse and the Cherry Tree” and “Suddenly I See.”

The talks in brief:

“We are a society of altruists, but we are governed by psychopaths,” says George Monbiot. He speaks at TEDSummit: A Community Beyond Borders, July 23, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

George Monbiot, investigative journalist and self-described “professional troublemaker”

Big idea: To get out of the political mess we’re in, we need a new story that captures the minds of people across fault lines.

Why? “Welcome to neoliberalism, the zombie doctrine that never seems to die,” says George Monbiot. We have been induced by politicians and economists into accepting an ideology of extreme competition and individualism, weakening the social bonds that make our lives worth living. And despite the 2008 financial crisis, which exposed the blatant shortcomings of neoliberalism, it still dominates our lives. Why? We haven’t yet produced a new story to replace it — a new narrative to help us make sense of the present and guide the future. So, Monbiot proposes his own: the “politics of belonging,” founded on the belief that most people are fundamentally altruistic, empathetic and socially minded. If we can tap into our fundamental urge to cooperate — namely, by building generous, inclusive communities around the shared sphere of the commons — we can build a better world. With a new story to light the way, we just might make it there.

Quote of the talk: “We are a society of altruists, but we are governed by psychopaths.”


Nick Hanauer, entrepreneur and venture capitalist.

Big idea: Economics has ceased to be a rational science in the service of the “greater good” of society. It’s time to ditch neoliberal economics and create tools that address inequality and injustice.

How? Today, under the banner of unfettered growth through lower taxes, fewer regulations, and lower wages, economics has become a tool that enforces the growing gap between the rich and poor. Nick Hanauer thinks that we must recognize that our society functions not because it’s a ruthless competition between its economically fittest members but because cooperation between people and institutions produces innovation. Competition shouldn’t be between the powerful at the expense of everyone else but between ideas battling it out in a well-managed marketplace in which everyone can participate.

Quote of the talk: “Successful economies are not jungles, they’re gardens — which is to say that markets, like gardens, must be tended … Unconstrained by social norms or democratic regulation, markets inevitably create more problems than they solve.”


Raghuram Rajan shares his idea for “inclusive localism” — giving communities the tools to turn themselves around while establishing standards tp prevent discrimination and corruption — at TEDSummit: A Community Beyond Borders, July 23, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Raghuram Rajan, economist and former Governor of the Reserve Bank of India

Big idea: As markets grow and governments focus on solving economic problems from the top-down, small communities and neighborhoods are losing their voices — and their livelihoods. But if nations lack the tools to address local problems, it’s time to turn to grass-roots communities for solutions.

How? Raghuram Rajan believes that nations must exercise “inclusive localism”: giving communities the tools to turn themselves around while establishing standards tp prevent discrimination and corruption. As local leaders step forward, citizens become active, and communities receive needed resources from philanthropists and through economic incentives, neighborhoods will thrive and rebuild their social fabric.

Quote of the talk: “What we really need [are] bottom-up policies devised by the community itself to repair the links between the local community and the national — as well as thriving international — economies.”


Marco Tempest, cyber illusionist

Big idea: Illusions that set our imaginations soaring are created when magic and science come together.

Why? “Is it possible to create illusions in a world where technology makes anything possible?” asks techno-magician Marco Tempest, as he interacts with his group of small flying machines called quadcopters. The drones dance around him, reacting buoyantly to his gestures and making it easy to anthropomorphize or attribute personality traits. Tempest’s buzzing buddies swerve, hover and pause, moving in formation as he orchestrates them. His mind-bending display will have you asking yourself: Was that science or magic? Maybe it’s both.

Quote to remember: “Magicians are interesting, their illusions accomplish what technology cannot, but what happens when the technology of today seems almost magical?”


Rachel Kleinfeld, democracy advisor and author

Big idea: It’s possible to quell violence — in the wider world and in our own backyards — with democracy and a lot of political TLC.

How? Compassion-concentrated action. We need to dispel the idea that some people deserve violence because of where they live, the communities they’re a part of or their socio-economic background. Kleinfeld calls this particular, inequality-based vein of violence “privilege violence,” explaining how it evolves in stages and the ways we can eradicate it. By deprogramming how we view violence and its origins and victims, we can move forward and build safer, more secure societies.

Quote of the talk: “The most important thing we can do is abandon the notion that some lives are just worth less than others.”


“Not only do we believe fakes, we are starting to doubt the truth,” says Danielle Citron, revealing the threat deepfakes pose to the truth and democracy. She speaks at TEDSummit: A Community Beyond Borders, July 23, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Danielle Citron, professor of law and deepfake scholar

Big idea: Deepfakes — machine learning technology used to manipulate or fabricate audio and video content — can cause significant harm to individuals and society. We need a comprehensive legislative and educational approach to the problem.

How? The use of deepfake technology to manipulate video and audio for malicious purposes — whether it’s to stoke violence against minorities or to defame politicians and journalists — is becoming ubiquitous. With tools being made more accessible and their products more realistic, what becomes of that key ingredient for democratic processes: the truth? As Danielle Citron points out, “Not only do we believe fakes, we are starting to doubt the truth.” The fix, she suggests, cannot be merely technological. Legislation worldwide must be tailored to fighting digital impersonations that invade privacy and ruin lives. Educational initiatives are needed to teach the media how to identify fakes, persuade law enforcement that the perpetrators are worth prosecuting and convince the public at large that the future of democracy really is at stake.

Quote of the talk: “Technologists expect that advances in AI will soon make it impossible to distinguish a fake video and a real one. How can truths emerge in a deepfake ridden ‘marketplace of ideas?’ Will we take the path of least resistance and just believe what we want to believe, truth be damned?”


“Freedom of expression is not incompatible with dialogue and listening to each other, but it is incompatible with intolerance,” says editorial cartoonist Patrick Chappatte. He speaks at TEDSummit: A Community Beyond Borders, July 23, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Patrick Chappatte, editorial cartoonist and graphic journalist

Big idea: We need humor like we need the air we breathe. We shouldn’t risk compromising our freedom of speech by censoring ourselves in the name of political correctness.

How? Our social media-saturated world is both a blessing and a curse for political cartoonists like Patrick Chappatte, whose satirical work can go viral while also making them, and the publications they work for, a target. Be it a prison sentence, firing or the outright dissolution of cartoon features in newspapers, editorial cartoonists worldwide are increasingly penalized for their art. Chappatte emphasizes the importance of the art form in political discourse by guiding us through 20 years of editorial cartoons that are equal parts humorous and caustic. In an age where social media platforms often provide places for fury instead of debate, he suggests that traditional media shouldn’t shy away from these online kingdoms, and neither should we. Now is the time to resist preventative self-censorship; if we don’t, we risk waking up in a sanitized world without freedom of expression.

Quote of the talk: “Freedom of expression is not incompatible with dialogue and listening to each other, but it is incompatible with intolerance.”

TEDBusiness Unusual: Notes from Session 4 of TEDSummit 2019

ELEW and Marcus Miller blend jazz improvisation with rock in a musical cocktail of “rock-jazz.” They perform at TEDSummit: A Community Beyond Borders, July 24, 2019, in Edinburgh, Scotland. (Photo: Dian Lofton / TED)

To keep pace with our ever-changing world, we need out-of-the-box ideas that are bigger and more imaginative than ever. The speakers and performers from this session explore these possibilities, challenging us to think harder about the notions we’ve come to accept.

The event: TEDSummit 2019, Session 4: Business Unusual, hosted by Whitney Pennington Rodgers and Cloe Shasha

When and where: Wednesday, July 24, 2019, 9am BST, at the Edinburgh Convention Centre in Edinburgh, Scotland

Speakers: Margaret Heffernan, Bob Langert, Rose Mutiso, Mariana Mazzucato, Diego Prilusky

Music: A virtuosic violin performance by Min Kym, and a closing performance by ELEW featuring Marcus Miller, blending jazz improvisation with rock in a musical cocktail of “rock-jazz.”

The talks in brief:

“The more we let machines think for us, the less we can think for ourselves,” says Margaret Heffernan. She speaks at TEDSummit: A Community Beyond Borders, July 24, 2019, in Edinburgh, Scotland. (Photo: Dian Lofton / TED)

Margaret Heffernan, entrepreneur, former CEO and writer 

Big idea: The more we rely on technology to make us efficient, the fewer skills we have to confront the unexpected. That’s why we must start practicing “just-in-case” management — anticipating the events (climate catastrophes, epidemics, financial crises) that will almost certainly happen but are ambiguous in timing, scale and specifics. 

Why? In our complex, unpredictable world, changes can occur out of the blue and have outsize impacts. When governments, businesses and individuals prioritize efficiency above all else, it keeps them from responding quickly, effectively and creatively. That’s why we all need to focus on cultivating what Heffernan calls our “unpredictable, messy human skills.” These include exercising our social abilities to build strong relationships and coalitions; humility to admit we don’t have all the answers; imagination to dream up never-before-seen solutions; and bravery to keep experimenting.

Quote of the talk: “The harder, deeper truth is that the future is uncharted, that we can’t map it until we get there. But that’s OK because we have so much capacity for imagination — if we use it. We have deep talents for inventiveness and exploration — if we apply them. We are brave enough to invent things we’ve never seen before. Lose these skills and we are adrift. But hone and develop them, and we can make any future we choose.”


Bob Langert, sustainability expert and VP of sustainability at McDonald’s

Big idea: Adversaries can be your best allies.

How? Three simple steps: reach out, listen and learn. As a “corporate suit” (his words), Bob Langert collaborates with his company’s strongest critics to find business-friendly solutions for society. Instead of denying and pushing back, he tries to embrace their perspectives and suggestions. He encourages others in positions of power to do the same, driven by this mindset: assume the best intentions of your critics; focus on the truth, the science and facts; and be open and transparent in order to turn critics into allies. The worst-case scenario? You’ll become better, your organization will become better — and you might make some friends along the way.

Fun fact: After working with NGOs in the 1990s, McDonald’s reduced 300 million pounds of waste over 10 years.


“When we talk about providing energy for growth, it is not just about innovating the technology: it’s the slow and hard work of improving governance, institutions and a broader macro-environment,” says Rose Mutiso. She speaks at TEDSummit: A Community Beyond Borders, July 24, 2019, in Edinburgh, Scotland. (Photo: Dian Lofton / TED)

Rose Mutiso, energy scientist

Big Idea: In order to grow out of poverty, African countries need a steady supply of abundant and affordable electricity.

Why? Energy poverty, or the lack of access to electricity and other basic energy services, affects nearly two-thirds of Sub-Saharan Africa. As the region’s population continues to grow, we have the opportunity to build a new energy system — from scratch — to grow with it, says Rose Mutiso. It starts with naming the systemic holes that current solutions (solar, LED and battery technology) overlook: we don’t have a clear consensus on what energy poverty is; there’s too much reliance on quick fixes; and we’re misdirecting our climate change concerns. What we need, Mutiso says, is nuanced, large-scale solutions with a diverse range of energy sources. For instance, the region has significant hydroelectric potential, yet less than 10 percent of this potential is currently being utilized. If we work hard to find new solutions to our energy deficits now, everybody benefits.

Quote of talk:Countries cannot grow out of poverty without access to a steady supply of abundant, affordable and reliable energy to power these productive sectors — what I call energy for growth.”


Mariana Mazzucato, economist and policy influencer

Big idea: We’ve forgotten how to tell the difference between the value extractors in the C-suites and finance sectors and the value producers, the workers and taxpayers who actually fuel innovation and productivity. And recently we’ve neglected the importance of even questioning what the difference between the two.

How? Economists must redefine and recognize true value creators, envisioning a system that rewards them just as much as CEOs, investors and bankers. We need to rethink how we value education, childcare and other “free” services — which don’t have a price but clearly contribute to sustaining our economies. We need to make sure that our entire society not only shares risks but also rewards.

Quote of the talk: “[During the bank bailouts] we didn’t hear the taxpayers bragging that they were value creators. But, obviously, having bailed out the biggest ‘value-creating’ productive companies, perhaps they should have.”


Diego Prilusky demos his immersive storytelling technology, bringing Grease to the TED stage. He speaks at TEDSummit: A Community Beyond Borders, July 24, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

Diego Prilusky, video pioneer

Big idea: Get ready for the next revolution in visual storytelling: volumetric video, which aims to do nothing less than recreate reality as a cinematic experience.

How? Movies have been around for more than 100 years, but we’re still making (and watching) them in basically the same way. Can movies exist beyond the flat screen? Yes, says Diego Prilusky, but we’ll first need to completely rethink how they’re made. With his team at Intel Studios, Prilusky is pioneering volumetric video, a data-intensive medium powered by hundreds of sensors that capture light and motion from every possible direction. The result is like being inside a movie, which you could explore from different perspectives (or even through a character’s own eyes). In a live tech demo, Prilusky takes us inside a reshoot of an iconic dance number from the 1978 hit Grease. As actors twirl and sing “You’re the One That I Want,” he positions and repositions his perspective on the scene — moving, around, in front of and in between the performers. Film buffs can rest easy, though: the aim isn’t to replace traditional movies, he says, but to empower creators to tell stories in new ways, across multiple vantage points.

Quote of the talk: “We’re opening the gates for new possibilities of immersive storytelling.”

TEDNot All Is Broken: Notes from Session 6 of TEDSummit 2019

Raconteur Mackenzie Dalrymple regales the TEDSummit audience with a classic Scottish story. He speaks at TEDSummit: A Community Beyond Borders, July 25, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

In the final session of TEDSummit 2019, the themes from the week — our search for belonging and community, our digital future, our inextricable connection to the environment — ring out with clarity and insight. From the mysterious ways our emotions impact our biological hearts, to a tour-de-force talk on the languages we all speak, it’s a fitting close to a week of revelation, laughter, tears and wonder.

The event: TEDSummit 2019, Session 6: Not All Is Broken, hosted by Chris Anderson and Bruno Giussani

When and where: Thursday, July 25, 2019, 9am BST, at the Edinburgh Convention Centre in Edinburgh, Scotland

Speakers: Johann Hari, Sandeep Jauhar, Anna Piperal, Eli Pariser, Poet Ali

Interlude: Mackenzie Dalrymple sharing the tale of an uncle and nephew competing to become Lord of the Isles

Music: Djazia Satour, blending 1950s Chaabi (a genre of North African folk music) with modern grooves

The talks in brief:

Johann Hari, journalist

Big idea: The cultural narrative and definitions of depression and anxiety need to change.

Why? We need to talk less about chemical imbalances and more about imbalances in the way we live. Johann Hari met with experts around the world, boiling down his research into a surprisingly simple thesis: all humans have physical needs (food, shelter, water) as well as psychological needs (feeling that you belong, that your life has meaning and purpose). Though antidepressant drugs work for some, biology isn’t the whole picture, and any treatment must be paired with a social approach. Our best bet is to listen to the signals of our bodies, instead of dismissing them as signs of weakness or madness. If we take time to investigate our red flags of depression and anxiety — and take the time to reevaluate how we build meaning and purpose, especially through social connections — we can start to heal in a society deemed the loneliest in human history.

Quote of the talk: “If you’re depressed, if you’re anxious — you’re not weak. You’re not crazy. You’re not a machine with broken parts. You’re a human being with unmet needs.”


“Even if emotions are not contained inside our hearts, the emotional heart overlaps its biological counterpart in surprising and mysterious ways,” says cardiologist Sandeep Jauhar. He speaks at TEDSummit: A Community Beyond Borders, July 21-25, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Sandeep Jauhar, cardiologist

Big Idea: Emotional stress can be a matter of life and death. Let’s factor that into how we care for our hearts.

How? “The heart may not originate our feelings, but it is highly responsive to them,” says Sandeep Jauhar. In his practice as a cardiologist, he has seen extensive evidence of this: grief and fear can cause profound cardiac injury. “Takotsubo cardiomyopathy,” or broken heart syndrome, has been found to occur when the heart weakens after the death of a loved one or the stress of a large-scale natural disaster. It comes with none of the other usual symptoms of heart disease, and it can resolve in just a few weeks. But it can also prove fatal. In response, Jauhar says that we need a new paradigm of care, one that considers the heart as more than “a machine that can be manipulated and controlled” — and recognizes that emotional stress is as important as cholesterol.

Quote of the talk: “Even if emotions are not contained inside our hearts, the emotional heart overlaps its biological counterpart in surprising and mysterious ways.”


“In most countries, people don’t trust their governments, and the governments don’t trust them back. All the complicated paper-based formal procedures are supposed to solve that problem. Except that they don’t. They just make life more complicated,” says e-governance expert Anna Piperal. She speaks at TEDSummit: A Community Beyond Borders, July 25, 2019, in Edinburgh, Scotland. (Photo: Ryan Lash / TED)

Anna Piperal, e-governance expert 

Big idea: Bureaucracy can be eradicated by going digital — but we’ll need to build in commitment and trust.

How? Estonia is one of the most digital societies on earth. After gaining independence 30 years ago, and subsequently building itself up from scratch, the country decided not only to digitize existing bureaucracy but also to create an entirely new system. Now citizens can conduct everything online, from running a business to voting and managing their healthcare records, and only need to show up in person for literally three things: to claim their identity card, marry or divorce, or sell a property. Anna Piperal explains how, using a form of blockchain technology, e-Estonia builds trust through the “once-only” principle, through which the state cannot ask for information more than once nor store it in more than one place. The country is working to redefine bureaucracy by making it more efficient, granting citizens full ownership of their data — and serving as a model for the rest of the world to do the same.

Quote of the talk: “In most countries, people don’t trust their governments, and the governments don’t trust them back. All the complicated paper-based formal procedures are supposed to solve that problem. Except that they don’t. They just make life more complicated.”


Eli Pariser, CEO of Upworthy

Big idea: We can find ways to make our online spaces civil and safe, much like our best cities.

How? Social media is a chaotic and sometimes dangerous place. With its trolls, criminals and segregated spaces, it’s a lot like New York City in the 1970s. But like New York City, it’s also a vibrant space in which people can innovate and find new ideas. So Eli Pariser asks: What if we design social media like we design cities, taking cues from social scientists and urban planners like Jane Jacobs? Built around empowered communities, one-on-one interactions and public censure for those who act out, platforms could encourage trust and discourse, discourage antisocial behavior and diminish the sense of chaos that leads some to embrace authoritarianism.

Quote of the talk: “If online digital spaces are going to be our new home, let’s make them a comfortable, beautiful place to live — a place we all feel not just included, but actually some ownership of. A place we get to know each other. A place you’d actually want not just to visit, but to bring your kids.”


“Every language we learn is a portal by which we can access another language. The more you know, the more you can speak. … That’s why languages are so important, because they give us access to new worlds,” says Poet Ali. He speaks at at TEDSummit: A Community Beyond Borders, July 25, 2019, in Edinburgh, Scotland. (Photo: Bret Hartman / TED)

Poet Ali, architect of human connection

Big idea: You speak far more languages than you realize, with each language representing a gateway to understanding different societies, cultures and experiences.

How? Whether it’s the recognized tongue of your country or profession, or the social norms of your community, every “language” you speak is more than a lexicon of words: it also encompasses feelings like laughter, solidarity, even a sense of being left out. These latter languages are universal, and the more we embrace their commonality — and acknowledge our fluency in them — the more we can empathize with our fellow humans, regardless of our differences.

Quote of the talk: “Every language we learn is a portal by which we can access another language. The more you know, the more you can speak. … That’s why languages are so important, because they give us access to new worlds.”

TEDBorder Stories: A night of talks on immigration, justice and freedom

Hosts Anne Milgram and Juan Enriquez kick off the evening at TEDSalon: Border Stories at the TED World Theater in New York City on September 10, 2019. (Photo: Ryan Lash / TED)

Immigration can be a deeply polarizing topic. But at heart, immigration policies and practices reflect no less than our attitude towards humanity. At TEDSalon: Border Stories, we explored the reality of life at the US-Mexico border, the history of the US immigration policy and possible solutions for reform — and investigated what’s truly at stake.

The event: TEDSalon: Border Stories, hosted by criminal justice reformer Anne Milgram and author and academic Juan Enriquez

When and where: Tuesday, September 10, 2019, at the TED World Theater in New York City

Speakers: Paul A. Kramer, Luis H. Zayas, Erika Pinheiro, David J. Bier and Will Hurd

Music: From Morley and Martha Redbone

A special performance: Poet and thinker Maria Popova, reading an excerpt from her book Figuring. A stunning meditation on “the illusion of separateness, of otherness” — and on “the infinitely many kinds of beautiful lives” that inhabit this universe — accompanied by cellist Dave Eggar and guitarist Chris Bruce.

“There are infinitely many kinds of beautiful lives,” says Maria Popova, reading a selection of her work at TEDSalon: Border Stories. (Photo: Ryan Lash / TED)

The talks in brief:

Paul A. Kramer, historian, writer, professor of history

  • Big idea: It’s time we make the immigration conversation to reflect how the world really works.
  • How? We must rid ourselves of the outdated questions, born from nativist and nationalist sentiments, that have permeated the immigration debate for centuries: interrogations of usefulness and assimilation, of parasitic rhetoric aimed at dismantling any positive discussions around immigration. What gives these damaging queries traction and power, Kramer says, is how they tap into a seemingly harmless sense of national belonging — and ultimately activate, heighten and inflame it. Kramer maps out a way for us to redraw those mental, societal and political borders and give immigrants access to the rights and resources that their work, activism and home countries have already played a fundamental role in creating.
  • Quote of the talk: “[We need] to redraw the boundaries of who counts — whose life, whose rights and whose thriving matters. We need to redraw … the borders of us.”

Luis H. Zayas, social worker, psychologist, researcher

  • Big idea: Asylum seekers — especially children — face traumatizing conditions at the US-Mexico border. We need compassionate, humane practices that give them the care they need during arduous times.
  • Why? Under prolonged and intense stress, the young developing brain is harmed — plain and simple, says Luis H. Zayas. He details the distressing conditions immigrant families face on their way to the US, which have only escalated since children started being separated from their parents and held in detention centers. He urges the US to reframe its practices, replacing hostility and fear with safety and compassion. For instance: the US could open processing centers, where immigrants can find the support they need to start a new life. These facilities would be community-oriented, offering medical care, social support and the fundamental human right to respectful and dignified treatment.
  • Quote of the talk: “I hope we can agree on one thing: that none of us wants to look back at this moment in our history when we knew we were inflicting lifelong trauma on children, and that we sat back and did nothing. That would be the greatest tragedy of all.”

Immigration lawyer Erika Pinheiro discusses the hidden realities of the US immigration system. “Seeing these horrors day in and day out has changed me,” she says. (Photo: Ryan Lash / TED)

Erika Pinheiro, nonprofit litigation and policy director

  • Big idea: The current US administration’s mass separations of asylum-seeking families at the Mexican border shocked the conscience of the world — and the cruel realities of the immigration system have only gotten worse. We need a legal and social reckoning.
  • How? US immigration laws are broken, says Erika Pinheiro. Since 2017, US attorneys general have made sweeping changes to asylum law to ensure fewer people qualify for protection in the US. This includes all types of people fleeing persecution: Venezuelan activists, Russian dissidents, Chinese Muslims, climate change refugees — the list goes on. The US has simultaneously created a parallel legal system where migrants are detained indefinitely, often without access to legal help. Pinheiro issues a call to action: if you are against the cruel and inhumane treatment of migrants, then you need to get involved. You need to demand that your lawmakers expand the definition of refugees and amend laws to ensure immigrants have access to counsel and independent courts. Failing to act now threatens the inherent dignity of all humans.
  • Quote of the talk: “History shows us that the first population to be vilified and stripped of their rights is rarely the last.”

David J. Bier, immigration policy analyst

  • Big idea: We can solve the border crisis in a humane fashion. In fact, we’ve done so before.
  • How? Most migrants who travel illegally from Central America to the US do so because they have no way to enter the US legally. When these immigrants are caught, they find themselves in the grips of a cruel system of incarceration and dehumanization — but is inhumane treatment really necessary to protect our borders? Bier points us to the example of Mexican guest worker programs, which allow immigrants to cross borders and work the jobs they need to support their families. As legal opportunities to cross the border have increased, the number of illegal Mexican immigrants seized at the border has plummeted 98 percent. If we were to extend guest worker programs to Central Americans as well, Bier says, we could see a similar drop in the numbers of illegal immigrants.
  • Quote of the talk: “This belief that the only way to maintain order is with inhumane means is inaccurate — and, in fact, the opposite is true. Only a humane system will create order at the border.”

“Building a 30-foot-high concrete structure from sea to shining sea is the most expensive and least effective way to do border security,” says Congressman Will Hurd in a video interview with Anne Milgram at TEDSalon: Border Stories. (Photo: Ryan Lash / TED)

Will Hurd, US Representative for Texas’s 23rd congressional district

  • Big idea: Walls won’t solve our problems.
  • Why? Representing a massive district that encompasses 29 counties and two times zones and shares an 820-mile border with Mexico, Republican Congressman Will Hurd has a frontline perspective on illegal immigration in Texas. Legal immigration options and modernizing the Border Patrol (which still measures their response times to border incidents in hours and days) will be what ultimately stems the tide of illegal border crossings, Hurd says. Instead of investing in walls and separating families, the US should invest in their own defense forces — and, on the other side of the border, work to alleviate poverty and violence in Central American countries.
  • Quote of the talk: “When you’re debating your strategy, if somebody comes up with the idea of snatching a child out of their mother’s arms, you need to go back to the drawing board. This is not what the United States of America stands for. This is not a Republican or a Democrat or an Independent thing. This is a human decency thing.”

Juan Enriquez, author and academic

  • Big idea: If the US continues to divide groups of people into “us” and “them,” we open the door to inhumanity and atrocity — and not just at our borders.
  • How? Countries that survive and grow as the years go by are compassionate, kind, smart and brave; countries that don’t govern by cruelty and fear, says Juan Enriquez. In a personal talk, he calls on us to realize that deportation, imprisonment and dehumanization aren’t isolated phenomena directed at people crossing the border illegally but instead things are happening to the people who live and work by our sides in our communities. Now is the time to stand up and do something to stop our country’s slide into fear and division — whether it’s engaging in small acts of humanity, loud protests in the streets or activism directed at enacting legislative or policy changes.
  • Quote of the talk: “This is how you wipe out an economy. This isn’t about kids and borders, it’s about us. This is about who we are, who we the people are, as a nation and as individuals. This is not an abstract debate.”

TEDTransform: The talks of TED@DuPont

Hosts Briar Goldberg and David Biello open TED@DuPont at The Fillmore, September 12, 2019, in Philadelphia, Pennsylvania. (Photo: Ryan Lash / TED)

Transformation starts with the spark of something new. In a day of talks and performances about transformation, 16 speakers and performers explored exciting developments in science, technology and beyond — from the chemistry of everyday life to innovations in food, “smart” clothing, enzyme research and much more.

The event: TED@DuPont: Transform, hosted by TED’s David Biello and Briar Goldberg

When and where: Thursday, September 12, 2019, at The Fillmore in Philadelphia, PA

Music: Performances by Elliah Heifetz and Jane Bruce and Jeff Taylor, Matt Johnson and Jesske Hume

The talks in brief:

“The next time you send a text or take a selfie, think about all those atoms that are hard at work and the innovation that came before them,” says chemist Cathy Mulzer. She speaks at TED@DuPont at The Fillmore, September 12, 2019, in Philadelphia, Pennsylvania. (Photo: Ryan Lash / TED)

Cathy Mulzer, chemist and tech shrinker

Big idea: You owe a big thank you to chemistry for all that technology in your pocket.

Why? Almost every component that goes into creating a superpowered device like a smartphone or tablet exists because of a chemist — not the Silicon Valley entrepreneurs that come to most people’s minds. Chemistry is the real hero in our technological lives, Mulzer says — building up and shrinking down everything from vivid display screens and sleek bodies to nano-sized circuitries and long-lasting batteries.

Quote of talk: The next time you send a text or take a selfie, think about all those atoms that are hard at work and the innovation that came before them.”


Adam Garske, enzyme engineer

Big Idea: We can harness the power of new, scientifically modified enzymes to solve urgent problems across the world.

How? Enzymes are proteins that catalyze chemical reactions — turning milk into cheese, for example. Through a process called “directed evolution,” scientists can carefully edit and design the building blocks of enzymes for specific functions — to help treat diseases like diabetes, reduce CO2 in our laundry, break down plastics in the ocean and more. Enzyme evolution is already changing how we tackle health and environmental issues, Garske says, and there’s so much more ahead.

Quote of the talk: With enzymes, we can edit what nature wrote — or write our own stories.”


Henna-Maria Uusitupa, bioscientist

Big idea: Our bodies host an entire ecosystem of microorganisms that we’ve been cultivating since we were babies. And as it turns out, the bacteria we acquire as infants help keep us healthier as adults. Henna-Maria Uusitupa wants to ensure that every baby grows a healthy microbiome.

How? Babies must acquire the right balance of microbes in their bodies, but they must also receive them at the correct stages of their lives. C-sections and disruptions in breastfeeding can throw a baby’s microbiome out of balance. With a carefully curated blend of probiotics and other chemicals, scientists are devising ways to restore harmony — and beneficial microbes — to young bodies.

Quote of the talk: “I want to contribute to the unfolding of a future in which each baby has an equal starting point to be programmed for life-long health.”


Leon Marchal, innovation director 

Big Idea: Animals account for 50 to 80 percent of antibiotic consumption worldwide — a major contributing factor to the growing threat of antimicrobial resistance. To combat this, farmers can adopt a number of practices — like balanced, antibiotic-free nutrition for animals — on their farms.

Why: The UN predicts that antimicrobial resistance will become our biggest killer by 2050. To prevent that from happening, Marchal is working to transform a massive global industry: animal feed. Antibiotics are used in animal feed to keep animals healthy and to grow them faster and bigger. They can be found in the most unlikely places — like the treats we give our pets. This constant, low-dose exposure could lead some animals to develop antibiotic-resistant bugs, which could cause wide-ranging health problems for animals and humans alike. The solution? Antibiotic-free production — and it all starts with better hygiene. This means taking care of animal’s good bacteria with balanced nutrition and alterations to the food they eat, to keep their microbiomes more resilient.

Quote of the talk: “We have the knowledge on how to produce meat, eggs and milk without or with very low amounts of antibiotics. This is a small price to pay to avoid a future in which bacterial infections again become our biggest killer.”


Physical organic chemist Tina Arrowood shares a simple, eco-friendly proposal to protect our freshwater resources from future pollution. She speaks at TED@DuPont at TED@DuPont at The Fillmore, September 12, 2019, in Philadelphia, Pennsylvania. (Photo: Ryan Lash / TED)

Tina Arrowood, physical organic chemist

Big idea: Human activity is a threat to freshwater rivers. We can transform that risk into an environmental and economic reward.

How? A simple, eco-friendly proposal to protect our precious freshwater resources from future pollution. We’ve had technology that purifies industrial wastewaters for the last 50 years. Arrowood suggests that we go a step further: as we clean our rivers, we can sell the salt byproduct as a primary resource — to de-ice roads and for other chemical processing — rather than using the tons of salt we currently mine from the earth.

Fun fact: If you were to compare the relative volume of ocean water to fresh river water on our planet, the former would be an Olympic-sized swimming pool — and the latter would be a one-gallon jug.


“Why not transform clothing and make it a part of our digitized world, in a manner that shines continuous light into our health and well-being?” asks designer Janani Bhaskar. She speaks at TED@DuPont at The Fillmore, September 12, 2019, in Philadelphia, Pennsylvania. (Photo: Ryan Lash / TED)

Janani Bhaskar, smart clothing designer

Big Idea: By designing “smart” clothing with durable technologies, we can better keep track of health and well-being.

How? Using screen-printing technology, we can design and attach biometric “smart stickers” to any piece of clothing. These stickers are super durable, Bhaskar says: they can withstand anything our clothing can, including workouts and laundry. They’re customizable, too — athletes can use them to track blood pressure and heart rate, healthcare providers can use them to remotely monitor vital signs, and expecting parents can use them to receive information about their baby’s growth. By making sure this technology is affordable and accessible, our clothing — the “original wearables” — can help all of us better understand our bodies and our health.

Quote of the talk: “Why not transform clothing and make it a part of our digitized world, in a manner that shines continuous light into our health and well-being?”


Camilla Andersen, neuroscientist and food scientist

Big idea: We can create tastier, healthier foods with insights from people’s brain activity.

How? Our conscious experience of food — how much we enjoy a cup of coffee or how sweet we find a cookie to be, for example — is heavily influenced by hidden biases. Andersen provides an example: after her husband started buying a fancy coffee brand, she conducted a blind taste test with two cups of coffee. Her husband described the first cup as cheap and bitter, and raved about the second — only to find out that the two were actually the same kind of coffee. The taste difference was the result of his bias for the new, fancy coffee — the very kind of bias that can leave food scientists in the dark when testing out new products. But there’s a workaround: brain scans that can access the raw, unfiltered, unconscious taste information that’s often lost in people’s conscious assessments. With this kind of information, Andersen says, we can create healthier foods without sacrificing taste — like creating a zero-calorie milkshake that tastes just like the original.

Fun fact: The five basic tastes are universally accepted: sweet, salty, sour, bitter and umami. But, based on evidence from Andersen’s EEG experiments, there’s evidence of a new sixth basic taste: fat, which we may sense beyond its smell and texture. 


“Science is an integral part of our everyday lives, and I think we’re only at the tip of the iceberg in terms of harnessing all of the knowledge we have to create a better world,” says enzyme scientist Vicky Huang. She speaks at TED@DuPont at The Fillmore, September 12, 2019, in Philadelphia, Pennsylvania. (Photo: Ryan Lash / TED)

Vicky Huang, enzyme scientist

Big idea: Enzymes are unfamiliar to many of us, but they’re far more important in our day-to-day lives than we realize — and they might help us unlock eco-friendly solutions to everything from food spoilage to household cleaning problems. 

How? We were all taught in high school that enzymes are a critical part of digestion and, because of that, they’re also ideal for household cleaning. But enzymes can do much more than remove stains from our clothes, break down burnt-on food in our dishwashers and keep our baguettes soft. As scientists are able to engineer better enzymes, we’ll be able to cook and clean with less energy, less waste and fewer costs to our environment.

Quote of the talk: “Everywhere in your homes, items you use every day have had a host of engineers and scientists like me working on them and improving them. Just one part of this everyday science is using enzymes to make things more effective, convenient and environmentally sustainable.”


Geert van der Kraan, microbe detective

Big Idea: We can use microbial life in oil fields to make oil production safer and cleaner.

How? Microbial life is often a problem in oil fields, corroding steel pipes and tanks and producing toxic chemicals like dihydrogen sulfide. We can transform this challenge into a solution by studying the clues these microbes leave behind. By tracking the presence and activity of these microbes, we can see deep within these undergrounds fields, helping us create safer and smoother production processes.

Quote of the talk: “There are things we can learn from the microorganisms that call oil fields their homes, making oil field operations just a little cleaner. Who knows what other secrets they may hold for us?”


Lori Gottlieb, psychotherapist and author

Big idea: The stories we tell about our lives shape who we become. By editing our stories, we can transform our lives for the better.

How? When the stories we tell ourselves are incomplete, misleading or just plain wrong, we can get stuck. Think of a story you’re telling about your life that’s not serving you — maybe that everyone’s life is better than yours, that you’re an impostor, that you can’t trust people, that life would be better if only a certain someone would change. Try exploring this story from another point of view, or asking a friend if there’s an aspect of the story you might be leaving out. Rather than clinging to an old story that isn’t doing us any good, Gottlieb says, we can work to write the most beautiful story we can imagine, full of hard truths that lead to compassion and redemption — our own “personal Pulitzer Prize.” We get to choose what goes on the page in our minds that shapes our realities. So get out there and write your masterpiece.

Quote of the talk: “We talk a lot in our culture about ‘getting to know ourselves,’ but part of getting to know yourself is to unknow yourself: to let go of the one version of the story you’ve told yourself about who you are — so you can live your life, and not the story you’ve been telling yourself about your life.”


“I’m standing here before you because I have a vision for the future: one where technology keeps my daughter safe,” says tech evangelist Andrew Ho. He speaks at TED@DuPont at The Fillmore, September 12, 2019, in Philadelphia, Pennsylvania. (Photo: Ryan Lash / TED)

Andrew Ho, tech evangelist

Big idea: As technological devices become smaller, faster and cheaper, they make daily tasks more convenient. But they can also save lives.

How? For epilepsy patients like Andrew Ho’s daughter Hilarie, a typical day can bring dangerous — or even fatal — challenges. Medical devices currently under development could reduce the risk of seizures, but they’re bulky and fraught with risk. The more quickly developers can improve the speed and portability of these devices (and other medical technologies), the sooner we can help people with previously unmanageable diseases live normal lives.

Quote of the talk: Advances in technology are making it possible for people with different kinds of challenges and problems to lead normal lives. No longer will they feel isolated and marginalized. No longer will they live in the shadows, afraid, ashamed, humiliated and excluded. And when that happens, our world will be a much more diverse and inclusive place, a better place for all of us to live.”


“Learning from our mistakes is essential to improvement in many areas of our lives, so why not be intentional about it in our most risk-filled activity?” asks engineer Ed Paxton. He speaks at TED@DuPont at The Fillmore, September 12, 2019, in Philadelphia, Pennsylvania. (Photo: Ryan Lash / TED)

Ed Paxton, aircraft engineer and safety expert

Big idea: Many people fear flying but think nothing of driving their cars every day. Statistically, driving is far more dangerous than flying — in part because of common-sense principles pilots use to govern their behavior. Could these principles help us be safer on the road?

How? There’s a lot of talk about how autonomous vehicles will make traffic safer in the future. Ed Paxton shares three principles that can reduce accidents right now: “positive paranoia” (anticipating possible hazards or mishaps without anxiety), allowing feedback from passengers who might see things you don’t and learning from your mistakes (near-misses caused by driving while tired, for example).

Quote of the talk:  “Driving your car is probably the most dangerous activity that most of you do … it’s almost certain you know someone who’s been seriously injured or lost their life out on the road … Over the last ten years, seven billion people have boarded domestic airline flights, and there’s been just one fatality.”


Jennifer Vail, tribologist

Big idea: Complex systems lose much of their energy to friction; the more energy they lose, the more power we consume to keep them running. Tribology — or the study of friction and things that rub together — could unlock massive energy savings by reducing wear and alleviating friction in cars, wind turbines, motors and engines.

How? By studying the different ways surfaces rub together, and engineering those surfaces to create more or less friction, tribologists can tweak a surprising range of physical products, from dog food that cleans your pet’s teeth to cars that use less gas; from food that feels more appetizing in our mouth to fossil fuel turbines that waste less power. Some of these changes could have significant impacts on how much energy we consume.

Quote of the talk: “I have to admit that it’s a lot of fun when people ask me what I do for my job, because I tell them: ‘I literally rub things together.'”

Planet DebianMike Gabriel: Results produced while at "X2Go - The Gathering 2019" at LinuxHotel in Essen a.d.R., Germany

Over the past weekend I attended "X2Go - The Gathering 2019". This year's venue was LinuxHotel in Essen. It was good to come back here.

Things that I got DONE while at the Gathering

X2Go related topics I worked on...

  • Three informal talks about:
    • the new/alternative X2Go Kdrive graphics backend for X2Go
    • status report of my work on the X2Go Plugin for Remmina
    • brain storming session: accessing X2Go sessions from a web browser
  • Get Ubuntu Gnome Desktops (from 18.04 or later) working in X2Go (with X2Go Kdrive backend being used)
  • Hide color manager authentication dialog on session startup of Gnome-based sessions in X2Go by nastily tweaking colord's policy kit rule set
  • Discuss various issues around nx-libs with Ulrich Sibiller and Mihai Moldovan
  • Discuss Free Software and Civil Administration with Heinz-M. Graesing
  • Discuss Free Software solutions for schools with Heinz-M. Graesing
  • Discuss a Thin Client concept developed by Kjetil Fleten at fleten.net and deepen the partnership of our companies
  • Discuss the benefits of using Weblate for translating X2Go components with Juri Grabowski, providing him with a best practice workflow (ToDo -> Juri)
  • Discuss switching X2Go Git from plain SSH + Git bare repositories to Gitolite with Juri Grabowski (ToDo -> Juri)
  • Share various new developments with Nito Martinez and Juan Zea going on at Qindel
  • File a pull request (PR) against screenshoter [1] porting it to GDK v3 and making it build and run on recent Linux systems (we might need this for the X2Go WebUI implementation)
  • Attend the yearly members' meeting of ORCA e.V.
  • Write the protocol for the yearly members' meeting of ORCA e.V.
  • I got elected as 2nd chair into the board of the ORCA e.V.
  • Review 3 partially quite longish pull-requests (PR) by Ulrich Sibiller for nx-libs (all passed through) [2-4] and one by myself [5].

Non-X2Go related topics I worked on...

  • Upload 35 MATE Desktop Environment related packages to Debian unstable
  • Upload Veyon 4.2.5 to Debian unstable
  • Upload FusionDirectory to Debian unstable (+ as-is Argonaut source-only upload)
  • Upload TigerVNC 1.9.0+dfsg-4 to unstable (sponsored upload on behalf of Joachim Falk)

Credits

The main big thanks goes to Stefan Baur who did most of the event organizing work. Well done, again, Stefan. Thanks for making these events possible on a yearly basis. Much much appreciated.

Another big thanks goes to Mirko Glotz for doing video recordings of all talks and discussions during the event.

Thanks so much to everyone who attended the meeting. We have been 15 people this year! Awesome!

light+love
Mike

References

Planet DebianBen Hutchings: Linux Plumbers Conference 2019, part 3

Here's the last chunk of notes I took at Linux Plumbers Conference earlier this month. See part 1 and part 2 if you missed them.

Real-time track

Etherpad: https://etherpad.net/p/LPC2019_Real_Time/timeslider#4945

Core scheduling for RT

Speaker: Peter Zijlstra

Details: https://linuxplumbersconf.org/event/4/contributions/417/

LWN article: https://lwn.net/Articles/799454/

This was about restricting which tasks share a core on CPUs with SMT/hyperthreading. There is current interest in doing this as a mitigation for speculation leaks, instead of disabling SMT altogether.

SMT also makes single-thread processing speed quite unpredictable, which is bad for RT, so it would be useful to prevent scheduling any other tasks on the same core as an RT task.

Gen-Z Linux Sub-system

Speakers: Jim Hull and Betty Dall of HPE

Details: https://linuxplumbersconf.org/event/4/contributions/301/

Summary
  • New interconnect protocol developed by large consortium
  • Memory-like fabric scalable to large numbers of components
  • Multiple PHY types supported (PCIe gen4, 25/50 Gbit Ethernet PHYs) for different reach/bandwidth/latency trade-offs
  • Can support unmodified OS through "logical PCI devices" and ACPI device description

Connections are point-to-point between "components". Switch components provide fan-out.

Components can be subdivided into "resources" and also have "interfaces".

No requirement for a single root (like typical PCIe) and there can be redundant connections forming a mesh.

Fabric can span multiple logical computers (OS instances). Fabric manager assigns components and resources to them, and configures routing.

Protocol is reliable; all writes are acknowledged (by default). However it is not ordered by default.

Components have single control space (like config space?) and single data space (up to 2⁶⁴ bytes). Control space has a fixed header and then additional structures for optional and per-interface registers.

Each component has 12-bit component ID (CID) which may be combined with 16-bit subnet ID (SID) for 28-bit global component ID (GCID).

Coherence is managed by software.

Bridge from CPU to Gen-Z needs MMUs to map between local physical address space and fabric address space. Normally also has DMA engines ("data movers") that can send and receive all types of Gen-Z packets and not just read/write. These bridges are configured by the local OS instance, not the fabric manager.

Adding a Gen-Z subsystem

Needed to:

  • Enable native device drivers that know how to share resources
  • Enable user-space fabric managers and local management service

Should behave similarly to PCI and USB, so far as possible. Leave policy to user-space. Deal with the fact that most features are optional.

The Gen-Z subsystem needs to provide APIs for tracking PASIDs in IOMMU and ZMMU. Similar requirements in PCIe; should this be generic?

How can Gen-Z device memories be mapped with huge pages?

Undecided whether a generic kernel API for data movers is desirable. This would help kernel I/O drivers but not user-space I/O (like RDMA).

Interrupts work very differently from MSI. Bridge may generate interrupts for explicit interrupt packets, data mover completions, and Unsolicited Event Packets (link change, hotplug, …).

Device discovery

All nodes run local management services. On Linux these will be in user-space (LLaMaS).

(This means LLaMaS will need to be included in the initramfs if the boot device is attached through Gen-Z.)

Manager will use netlink to announce when resource has been assigned to the local node. Kernel then creates kernel device for it.

Live patching

Etherpad: https://etherpad.net/p/LPC2019_Live_Patching/timeslider#3799

Do we need a Livepatch Developers Guide?

Moderator: Joe Lawrence

Details: https://linuxplumbersconf.org/event/4/contributions/512/

Reflections on kernel development process, quality and testing

Speaker: Dmitry Vyukov

Details: https://linuxplumbersconf.org/event/4/contributions/554/

Slides: https://linuxplumbersconf.org/event/4/contributions/554/attachments/353/584/Reflections__Kernel_Summit_2019.pdf

Dmitry outlined how the current kernel development processes are failing:

  • Processes are inconsistent between subsystems, and often undocumented
  • Regressions don't consistently get fixed even when they are reported
  • Test coverage is poor and there are several independent automated testing initiatives, that partially overlap
  • Important fixes don't always get backported to the stable branches that need them

It takes a long time for new developers to become productive, or for developers to contribute to unfamiliar subsystems.

(None of this was new to me, but spelling out all these issues definitely had an impact.)

He advocates more consolidation and consistency, so that:

  • Tools can work with and report on proposed/committed changes across the kernel
  • Developers see all test results for a change in one place
  • There is less duplicated work on tools, testing, reporting

There was further discussion of this at the Kernel Maintainer Summit, reported in https://lwn.net/Articles/799134/.

Planet DebianMichael Stapelberg: Debian Code Search: positional index, TurboPFor-compressed

See the Conclusion for a summary if you’re impatient :-)

Motivation

Over the last few months, I have been developing a new index format for Debian Code Search. This required a lot of careful refactoring, re-implementation, debug tool creation and debugging.

Multiple factors motivated my work on a new index format:

  1. The existing index format has a 2G size limit, into which we have bumped a few times, requiring manual intervention to keep the system running.

  2. Debugging the existing system required creating ad-hoc debugging tools, which made debugging sessions unnecessarily lengthy and painful.

  3. I wanted to check whether switching to a different integer compression format would improve performance (it does not).

  4. I wanted to check whether storing positions with the posting lists would improve performance of identifier queries (= queries which are not using any regular expression features), which make up 78.2% of all Debian Code Search queries (it does).

I figured building a new index from scratch was the easiest approach, compared to refactoring the existing index to increase the size limit (point ①).

I also figured it would be a good idea to develop the debugging tool in lock step with the index format so that I can be sure the tool works and is useful (point ②).

Integer compression: TurboPFor

As a quick refresher, search engines typically store document IDs (representing source code files, in our case) in an ordered list (“posting list”). It usually makes sense to apply at least a rudimentary level of compression: our existing system used variable integer encoding.

TurboPFor, the self-proclaimed “Fastest Integer Compression” library, combines an advanced on-disk format with a carefully tuned SIMD implementation to reach better speeds (in micro benchmarks) at less disk usage than Russ Cox’s varint implementation in github.com/google/codesearch.

If you are curious about its inner workings, check out my “TurboPFor: an analysis”.

Applied on the Debian Code Search index, TurboPFor indeed compresses integers better:

Disk space

 
8.9G codesearch varint index

 
5.5G TurboPFor index

Switching to TurboPFor (via cgo) for storing and reading the index results in a slight speed-up of a dcs replay benchmark, which is more pronounced the more i/o is required.

Query speed (regexp, cold page cache)

 
18s codesearch varint index

 
14s TurboPFor index (cgo)

Query speed (regexp, warm page cache)

 
15s codesearch varint index

 
14s TurboPFor index (cgo)

Overall, TurboPFor is an all-around improvement in efficiency, albeit with a high cost in implementation complexity.

Positional index: trade more disk for faster queries

This section builds on the previous section: all figures come from the TurboPFor index, which can optionally support positions.

Conceptually, we’re going from:

type docid uint32
type index map[trigram][]docid

…to:

type occurrence struct {
    doc docid
    pos uint32 // byte offset in doc
}
type index map[trigram][]occurrence

The resulting index consumes more disk space, but can be queried faster:

  1. We can do fewer queries: instead of reading all the posting lists for all the trigrams, we can read the posting lists for the query’s first and last trigram only.
    This is one of the tricks described in the paper “AS-Index: A Structure For String Search Using n-grams and Algebraic Signatures” (PDF), and goes a long way without incurring the complexity, computational cost and additional disk usage of calculating algebraic signatures.

  2. Verifying the delta between the last and first position matches the length of the query term significantly reduces the number of files to read (lower false positive rate).

  3. The matching phase is quicker: instead of locating the query term in the file, we only need to compare a few bytes at a known offset for equality.

  4. More data is read sequentially (from the index), which is faster.

Disk space

A positional index consumes significantly more disk space, but not so much as to pose a challenge: a Hetzner EX61-NVME dedicated server (≈ 64 €/month) provides 1 TB worth of fast NVMe flash storage.

 
 6.5G non-positional

 
123G positional

 
  93G positional (posrel)

The idea behind the positional index (posrel) is to not store a (doc,pos) tuple on disk, but to store positions, accompanied by a stream of doc/pos relationship bits: 1 means this position belongs to the next document, 0 means this position belongs to the current document.

This is an easy way of saving some space without modifying the TurboPFor on-disk format: the posrel technique reduces the index size to about ¾.

With the increase in size, the Linux page cache hit ratio will be lower for the positional index, i.e. more data will need to be fetched from disk for querying the index.

As long as the disk can deliver data as fast as you can decompress posting lists, this only translates into one disk seek’s worth of additional latency. This is the case with modern NVMe disks that deliver thousands of MB/s, e.g. the Samsung 960 Pro (used in Hetzner’s aforementioned EX61-NVME server).

The values were measured by running dcs du -h /srv/dcs/shard*/full without and with the -pos argument.

Bytes read

A positional index requires fewer queries: reading only the first and last trigram’s posting lists and positions is sufficient to achieve a lower (!) false positive rate than evaluating all trigram’s posting lists in a non-positional index.

As a consequence, fewer files need to be read, resulting in fewer bytes required to read from disk overall.

As an additional bonus, in a positional index, more data is read sequentially (index), which is faster than random i/o, regardless of the underlying disk.

1.2G
19.8G
21.0G regexp queries

4.2G (index)
10.8G (files)
15.0G identifier queries

The values were measured by running iostat -d 25 just before running bench.zsh on an otherwise idle system.

Query speed

Even though the positional index is larger and requires more data to be read at query time (see above), thanks to the C TurboPFor library, the 2 queries on a positional index are roughly as fast as the n queries on a non-positional index (≈4s instead of ≈3s).

This is more than made up for by the combined i/o matching stage, which shrinks from ≈18.5s (7.1s i/o + 11.4s matching) to ≈1.3s.

3.3s (index)
7.1s (i/o)
11.4s (matching)
21.8s regexp queries

3.92s (index)
≈1.3s
5.22s identifier queries

Note that identifier query i/o was sped up not just by needing to read fewer bytes, but also by only having to verify bytes at a known offset instead of needing to locate the identifier within the file.

Conclusion

The new index format is overall slightly more efficient. This disk space efficiency allows us to introduce a positional index section for the first time.

Most Debian Code Search queries are positional queries (78.2%) and will be answered much quicker by leveraging the positions.

Bottomline, it is beneficial to use a positional index on disk over a non-positional index in RAM.

Sam VargheseRWC commentators need to be lined up and shot

While many people have raised questions about the quality of refereeing at the ongoing Rugby World Cup, nobody, surprisingly has questioned the quality of commentary that is available. If one were to compare the two, the commentators would lose by a mile.

There is a strange kind of logic that has prevailed in management circles for quite a while now, namely that a person who is good in one sector of an industry would also be equally good in another. It is this kind of logic (?) that leads managers to appoint rank and file employees to positions of leadership. It flies in the face of logic to argue that someone who is good at following orders would be equally good as a leader, but that’s the conventional wisdom that has prevailed and will never go away.

Some years ago, there was a class of person known as a professional commentator. Now this class of person was not one who had necessarily played the game on which he/she was commentating; the two are not connected. No, the commentator had a tremendous understand of the sport in question, an incredibly good vocabulary and a turn of phrase guaranteed to keep even the most of fidgety of individuals glued to their seats. John Arlott and Brian Johnston are two good examples of this class of person; neither had played Test cricket but find me someone who was better at the art of commentating on the game.

Alas, nowadays, there is no vetting of commentators and all seem to be appointed in you-scratch-my-back-and-I’ll-scratch yours deals. Some ex-players write well, a few, a very select few, have sufficient vocal skills to be good commentators. But the majority are mundane, idiots of the first order, with limited vocabularies, malaprops and generally prone to think that screaming out loud and displaying the behaviour of a baby in a basinet is the best way to commentate.

As a result, good players often earn the ire of the public and lose whatever goodwill they accumulated during their playing days. Take the case of Joel Stransky, fly-half in the victorious South African team of 1995. Before he became a commentator, Stransky was known as the man who won the Springboks their first Webb Ellis Trophy through a drop-goal in extra-time. But now he is known as an incompetent, biased commentator, who has an incredibly poor knowledge of English, is unable to speak three sentences without tripping over his tongue, and one who is close to the head of the queue vying for the title of Mr Malaprop.

Stransky also seems unaware that the job of an expert commentator is to provide something extra, something over and above what the commentator says, some analysis of what is going on on the field. He merely parrots what the commentator says and often leaves his sentences incomplete.

But it is not only the ex-players who lack any competence in the art of commentary. There is one Sean Maloney who is part of the commentary team for the ongoing Rugby World Cup who often does not know the names of players on teams in a match where he is the commentator. The other day, he said, “the ball goes to the number 15 from Tonga…” completely forgetting that this gentleman has a name. Remembering names and faces is one of the basics for commentators so how Malone got a gig is puzzling.

The television and radio networks that appoint incompetents to this job benefit too. For one, the people who are appointed are aware that they have received a favour and thus avoid criticising the network or the organisers. Ex-players try to promote their own favourites. A commentator is meant to function as a journalist, but the current crop act as toadies.

They may have learned to do from the case of Murray Mexted. The former All Black, who was an expert commentator on Fox Sports some years ago, was suddenly thrown out. All it took for Mexted to be punted was some mild criticism of the New Zealand Rugby Football Union, the organisation that runs the game in that country. NZRFU complained to Fox, and Mexted was shown the door. But Mexted was good at his job and what he did was the right thing; someone who is in a position that demands he/she function as a journalist should have no fear about criticising something that deserves to be criticised.

There are a few Australians, too, who have no business being on the commentary panel. Phil Kearns, Drew Mitchell and George Gregan were all good players in their time. But they are totally out of their depth when it comes to providing something incisive. They haul out all the old cliches and repeat them ad infinitum.

And this is supposed be the World Cup! When will Fox Sports ensure that professional commentators take over and do a decent job? Grant Nisbett, one of the better commentators and a man who has some 300 Tests under his belt, is nowhere to be seen. But then perhaps that’s because he’s a pro who does what a commentator should.

,

Krebs on SecurityGerman Cops Raid “Cyberbunker 2.0,” Arrest 7 in Child Porn, Dark Web Market Sting

German authorities said Friday they’d arrested seven people and were investigating six more in connection with the raid of a Dark Web hosting operation that allegedly supported multiple child porn, cybercrime and drug markets with hundreds of servers buried inside a heavily fortified military bunker. Incredibly, for at least two of the men accused in the scheme, this was their second bunker-based hosting business that was raided by cops and shut down for courting and supporting illegal activity online.

The latest busted cybercrime bunker is in Traben-Trarbach, a town on the Mosel River in western Germany. The Associated Press says investigators believe the 13-acre former military facility — dubbed the “CyberBunker” by its owners and occupants — served a number of dark web sites, including: the “Wall Street Market,” a sprawling, online bazaar for drugs, hacking tools and financial-theft wares before it was taken down earlier this year; the drug portal “Cannabis Road;” and the synthetic drug market “Orange Chemicals.”

German police reportedly seized $41 million worth of funds allegedly tied to these markets, and more than 200 servers that were operating throughout the underground temperature-controlled, ventilated and closely guarded facility.

The former military bunker in Germany that housed CyberBunker 2.0 and, according to authorities, plenty of very bad web sites.

The authorities in Germany haven’t named any of the people arrested or under investigation in connection with CyberBunker’s alleged activities, but said those arrested were apprehended outside of the bunker. Still, there are clues in the details released so far, and those clues have been corroborated by sources who know two of the key men allegedly involved.

We know the owner of the bunker hosting business has been described in media reports as a 59-year-old Dutchman who allegedly set it up as a “bulletproof” hosting provider that would provide Web site hosting to any business, no matter how illegal or unsavory.

We also know the German authorities seized at least two Web site domains in the raid, including the domain for ZYZTM Research in The Netherlands (zyztm[.]com), and cb3rob[.]org.

A “seizure” placeholder page left behind by German law enforcement agents after they seized cb3rob.org, an affiliate of the the CyberBunker bulletproof hosting facility owned by convicted Dutch cybercriminal Sven Kamphuis.

According to historic whois records maintained by Domaintools.com, Zyztm[.]com was originally registered to a Herman Johan Xennt in the Netherlands. Cb3rob[.]org was an organization hosted at CyberBunker registered to Sven Kamphuis, a self-described anarchist who was convicted several years ago for participating in a large-scale attack that briefly impaired the global Internet in some places.

Both 59-year-old Xennt and Mr. Kamphuis worked together on a previous bunker-based project — a bulletproof hosting business they sold as CyberBunker and ran out of a five-story military bunker in The Netherlands.

That’s according to Guido Blaauw, director of Disaster-Proof Solutions, a company that renovates and resells old military bunkers and underground shelters. Blaauw’s company bought the 1,800 square-meter Netherlands bunker from Mr. Xennt in 2011 for $700,000.

Guido Blaauw, in front of the original CyberBunker facility in the Netherlands, which he bought from Mr. Xennt in 2011. Image: Blaauw.

Media reports indicate that in 2002 a fire inside the CyberBunker 1.0 facility in The Netherlands summoned emergency responders, who discovered a lab hidden inside the bunker that was being used to produce the drug ecstasy/XTC.

Blaauw said nobody was ever charged for the drug lab, which was blamed on another tenant in the building. Blauuw said Xennt and others in 2003 were then denied a business license to continue operating in the bunker, and they were forced to resell servers from a different location — even though they bragged to clients for years to come about hosting their operations from an ultra-secure underground bunker.

“After the fire in 2002, there was never any data or servers stored in the bunker,” in The Netherlands, Blaauw recalled. “For 11 years they told everyone [the hosting servers where] in this ultra-secure bunker, but it was all in Amsterdam, and for 11 years they scammed all their clients.”

Firefighters investigating the source of a 2002 fire at the CyberBunker’s first military bunker in The Netherlands discovered a drug lab amid the Web servers. Image: Blaauw.

Blaauw said sometime between 2012 and 2013, Xennt purchased the bunker in Traben-Trarbach, Germany — a much more modern structure that was built in 1997. CyberBunker was reborn, and it began offering many of the same amenities and courted the same customers as CyberBunker 1.0 in The Netherlands.

“They’re known for hosting scammers, fraudsters, pedophiles, phishers, everyone,” Blaauw said. “That’s something they’ve done for ages and they’re known for it.”

The former Facebook profile picture of Sven Olaf Kamphuis, shown here standing in front of Cyberbunker 1.0 in The Netherlands.

About the time Xennt and company were settling into their new bunker in Germany, he and Kamphuis were engaged in a fairly lengthy and large series of distributed denial-of-service (DDoS) attacks aimed at sidelining a number of Web sites — particularly anti-spam organization Spamhaus. A chat record of that assault, detailed in my 2016 piece, Inside the Attack that Almost Broke the Internet, includes references to and quotes from both Xennt and Kamphuis.

Kamphuis was later arrested in Spain on the DDoS attack charges. He was convicted in The Netherlands and sentenced to time served, which was approximately 55 days of detention prior to his extradition to the United States.

Some of the 200 servers seized from CyberBunker 2.0, a “bulletproof” web hosting facility buried inside a German military bunker. Image: swr.de.

The AP story mentioned above quoted German prosecutor Juergen Bauer saying the 59-year-old main suspect in the case was believed to have links to organized crime.

A 2015 expose’ (PDF) by the Irish newspaper The Sunday World compared Mr. Xennt (pictured below) to a villain from a James Bond movie, and said he has been seen frequently associating with another man: an Irish mobster named George “the Penguin” Mitchell, listed by Europol as one of the top-20 drug traffickers in Europe and thought to be involved in smuggling heroin, cocaine and ecstasy.

Cyberbunkers 1.0 and 2.0 owner and operator Mr. Xennt, top left, has been compared to a “Bond villain.” Image: The Sunday World, July 26, 2015.

Blaauw said he doesn’t know whether Kamphuis was arrested or named in the investigation, but added that people who know him and can usually reach him have not heard from Kamphuis over several days.

Here’s what the CyberBunker in The Netherlands looked like back in the early aughts when Xennt still ran it:

Here’s what it looks like now after being renovated by Blaauw’s company and designed as a security operations center (SOC):

The former CyberBunker in the Netherlands, since redesigned as a security operations center by its current owner. Image: Blaauw.

I’m glad when truly bad guys doing bad stuff like facilitating child porn are taken down. The truth is, almost anyone trafficking in the kinds of commerce these guys courted also is building networks of money laundering business that become very tempting to use or lease out for other nefarious purposes, including human trafficking, and drug trafficking.

Harald WelteSometimes software development is a struggle

I'm currently working on the firmware for a new project, an 8-slot smart card reader. I will share more about the architecture and design ideas behind this project soon, but today I'll simply write about how hard it sometimes is to actually get software development done. Seemingly trivial things suddenly take ages. I guess everyone writing code knows this, but today I felt like I had to share this story.

Chapter 1 - Introduction

As I'm quite convinced of test-driven development these days, I don't want to simply write firmware code that can only execute in the target, but I'm actually working on a USB CCID (USb Class for Smart Card readers) stack which is hardware-independent, and which can also run entirely in userspace on a Linux device with USB gadget (device) controller. This way it's much easier to instrument, trace, introspect and test the code base, and tests with actual target board hardware are limited to those functions provided by the board.

So the current architecture for development of the CCID implementation looks like this:

  • Implement the USB CCID device using FunctionFS (I did this some months ago, and in fact developing this was a similarly much more time consuming task than expected, maybe I find time to expand on that)
  • Attach this USB gadget to a virtual USB bus + host controller using the Linux kernel dummy_hcd module
  • Talk to a dumb phoenix style serial SIM card reader attached to a USB UART, which is connected to an actual SIM card (or any smart card, for that matter)

By using a "stupid" UART based smart card reader, I am very close to the target environment on a Cortex-M microcntroller, where I also have to talk to a UART and hence implement all the beauty of ISO 7816-3. Hence, the test / mock / development environment is as close as possible to the target environment.

So I implemented the various bits and pieces and ended up at a point where I wanted to test. And I'm not getting any response from the UART / SIM card at all. I check all my code, add lots of debugging, play around with various RTS / DTR / ... handshake settings (which sometimes control power) - no avail.

In the end, after many hours of trial + error I actually inserted a different SIM card and finally, I got an ATR from the card. In more than 20 years of working with smart cards and SIM cards, this is the first time I've actually seen a SIM card die in front of me, with no response whatsoever from the card.

Chapter 2 - Linux is broken

Anyway, the next step was to get the T=0 protocol of ISO 7816-3 going. Since there is only one I/O line between SIM card and reader for both directions, the protocol is a half-duplex protocol. This is unlike "normal" RS232-style UART communication, where you have a separate Rx and Tx line.

On the hardware side, this is most often implemented by simply connecting both the Rx and Tx line of the UART to the SIM I/O pin. This in turn means that you're always getting an echo back for every byte you write.

One could discard such bytes, but then I'm targeting a microcontroller, which should be running eight cards in parallel, at preferably baud-rates up to ~1 megabit speeds, so having to read and discard all those bytes seems like a big waste of resources.

The obvious solution around that is to disable the receiver inside the UART before you start transmitting, and re-enable it after you're done transmitting. This is typically done rather easily, as most UART registers in hardware provide some way to selectively enable transmitter and/or receiver independently.

But since I'm working in Linux userspace in my development environment: How do I approximate this kind of behavior? At least the older readers of this blog will remember something called the CREAD flag of termios. Clearing that flag will disable the receiver. Back in the 1990ies, I did tons of work with serial ports, and I remembered there was such a flag.

So I implement my userspace UART backend and somehow it simply doesn't want to work. Again of course I assume I must be doing something wrong. I'm using strace, I'm single-stepping through code - no avail.

In the end, it turns out that I've just found a bug in the Linux kernel, one that appears to be there at least ever since the git history of linux-2.6.git started. Almost all USB serial device drivers do not implement CREAD, and there is no sotware fall-back implemented in the core serial (or usb-serial) handling that would discard any received bytes inside the kernel if CREAD is cleared. Interestingly, the non-USB serial drivers for classic UARTs attached to local bus, PCI, ... seem to support it.

The problem would be half as much of a problem if the syscall to clear CREAD would actually fail with an error. But no, it simply returns success but bytes continue to be received from the UART/tty :/

So that's the second big surprise of this weekend...

Chapter 3 - Again a broken card?

So I settle for implementing the 'receive as many characters as you wrote' work-around. Once that is done, I continue to test the code. And what happens? Somehow my state machine (implemented using osmo-fsm, of course) for reading the ATR (code found here) somehow never wants to complete. The last byte of the ATR always is missing. How can that be?

Well, guess what, the second SIM card I used is sending a broken, non-spec compliant ATR where the header indicates 9 historical bytes are present, but then in reality only 8 bytes are sent by the card.

Of course every reader has a timeout at that point, but that timeout was not yet implemented in my code, and I also wasn't expecting to hit that timeout.

So after using yet another SIM card (now a sysmoUSIM-SJS1, not sure why I didn't even start with that one), it suddenly works.

After a weekend of detours, each of which I would not have assumed at all before, I finally have code that can obtain the ATR and exchange T=0 TPDUs with cards. Of course I could have had that very easily if I wanted (we do have code in pySim for this, e.g.) but not in the architecture that is as close as it gets to the firmware environment of the microcontroller of my target board.

Planet DebianSteinar H. Gunderson: All Unicode characters

I made this during the Unicode 5.2.0 days; now it's time for an upgrade:

grep -viE 'LEFT-TO-RIGHT|RIGHT-TO-LEFT|SURROGATE|;Cc;' UnicodeData.txt | perl -U -e 'binmode STDOUT, ":utf8"; while (<>) { my ($u, $name, undef, undef, undef, undef, undef, undef, undef, undef, $alias) = split /;/; printf "%c\tU+%s\t%s\t%s\n", oct("0x$u"), $u, $name, $alias; } ' > /srv/storage.sesse.net/unicode.txt

Result at http://storage.sesse.net/unicode.txt. It doesn't include all the CJK ideographs, but apart from that, it should be fairly complete.

,

CryptogramFriday Squid Blogging: Did Super-Intelligent Giant Squid Steal an Underwater Research Station?

There's no proof they did, but there's no proof they didn't.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Planet DebianJoey Hess: turing complete version numbers

A quick standard for when you want to embed an arbitrary program in the version number of your program.

2   increment the data pointer (to point to the next cell to the right).
3   decrement the data pointer (to point to the next cell to the left).
+   increment (increase by one) the byte at the data pointer.
-   decrement (decrease by one) the byte at the data pointer.
.   output the byte at the data pointer.
4   accept one byte of input, storing its value in the byte at the data pointer.
6   if the byte at the data pointer is zero, then instead of moving the instruction pointer forward to the next command, jump it forward to the command after the matching 9 command.
9   if the byte at the data pointer is nonzero, then instead of moving the instruction pointer forward to the next command, jump it back to the command after the matching 6 command. 

This is simply Brainfuck with operators that are legal in (Debian) version numbers kept as-is, and some numbers replacing the rest.

Note that all other operators are ignored as usual. In particular, 1 and 8 are ignored, which make it easy to build version number programs that compare properly with past versions. And in some cases, adding 1 or 8 will be needed to make a particular program be a properly formatted version number.

For example, an infinite loop version number is:

1+69

A nice short hello world is:

1+6-6336+6-8-1-29-6333999222-92-1.1-1-1-8.2.8.2.3333-1.3+1.22222.2.33.3-1.1

Licensing: Yes, there should also be a way to embed a license in a version ... Oh, I mean to say, the Wikipedia excerpt above is CC-BY-SA, and the hello world is based on https://esolangs.org/wiki/Hello_world_program_in_esoteric_languages

Previously: a brainfuck monad

Sociological ImagesWhat Makes a Mashup Work?

From music to movies and restaurants, genres are a core part of popular culture. The rules we use to classify different scenes and styles help to shape our tastes and our social identities, and so we often see people sticking to clear boundaries between what they like and what they don’t like (for example: “I’ll listen to anything but metal.”). 

But bending the rules of genre can be the quickest way to shake up expectations. Mashups were huge a few years ago. This past summer we saw “Old Town Road” push boundaries in the country music world on its way to becoming a mega-hit. Zeal & Ardor’s mix of black metal and gospel, country blues, and funk is breaking new ground in heavier music.

Blending genres can also backfire. A new fusion concept could be a hit, or it could just be confusing. Sociological research on Netflix ratings and Yelp reviews finds that people with a high preference for variety, who like to consume many different things, are not necessarily interested in atypical work that blends genres in a new or strange way.

One of the more interesting recent examples is this new gameshow concept from Hillsong—a media channel tied to the charismatic megachurch organization:

What is this show? Is it preaching? Is it a game show? Do millennials even watch prime time game shows? Don’t get me wrong, I’ll hate-watch The Masked Singer every once in a while, but the mix seems a little out of place here. Gerardo Martí makes a good point in the tweet above. This show may be a way to repackage religious messaging in a new style. Given what we know about cultural consumption, however, I wonder if this is just too risky to pull anyone in.

It is easy to chase atypicality today, both for media organizations and religious groups trying to retain a younger viewership and find the next big thing. For all the pressure to innovate, this trailer for SOUTHPAW shows us just how much we still rely on genre rules to figure out what to consume.

Evan Stewart is an assistant professor of sociology at University of Massachusetts Boston. You can follow him on Twitter.

(View original at https://thesocietypages.org/socimages)

Cory DoctorowShort documentary on the quest to re-decentralize the internet

I sat down for an interview for Reason’s short feature, The Decentralized Web Is Coming, which documents the surging Decentralized Web movement, whose goal is to restore the internet’s early, decentralized era, before it turned into five giant services filled with screenshots from the other four.

Planet DebianMatthew Garrett: Do we need to rethink what free software is?

Licensing has always been a fundamental tool in achieving free software's goals, with copyleft licenses deliberately taking advantage of copyright to ensure that all further recipients of software are in a position to exercise free software's four essential freedoms. Recently we've seen people raising two very different concerns around existing licenses and proposing new types of license as remedies, and while both are (at present) incompatible with our existing concepts of what free software is, they both raise genuine issues that the community should seriously consider.

The first is the rise in licenses that attempt to restrict business models based around providing software as a service. If users can pay Amazon to provide a hosted version of a piece of software, there's little incentive for them to pay the authors of that software. This has led to various projects adopting license terms such as the Commons Clause that effectively make it nonviable to provide such a service, forcing providers to pay for a commercial use license instead.

In general the entities pushing for these licenses are VC backed companies[1] who are themselves benefiting from free software written by volunteers that they give nothing back to, so I have very little sympathy. But it does raise a larger issue - how do we ensure that production of free software isn't just a mechanism for the transformation of unpaid labour into corporate profit? I'm fortunate enough to be paid to write free software, but many projects of immense infrastructural importance are simultaneously fundamental to multiple business models and also chronically underfunded. In an era where people are becoming increasingly vocal about wealth and power disparity, this obvious unfairness will result in people attempting to find mechanisms to impose some degree of balance - and given the degree to which copyleft licenses prevented certain abuses of the commons, it's likely that people will attempt to do so using licenses.

At the same time, people are spending more time considering some of the other ethical outcomes of free software. Copyleft ensures that you can share your code with your neighbour without your neighbour being able to deny the same freedom to others, but it does nothing to prevent your neighbour using your code to deny other fundamental, non-software, freedoms. As governments make more and more use of technology to perform acts of mass surveillance, detention, and even genocide, software authors may feel legitimately appalled at the idea that they are helping enable this by allowing their software to be used for any purpose. The JSON license includes a requirement that "The Software shall be used for Good, not Evil", but the lack of any meaningful clarity around what "Good" and "Evil" actually mean makes it hard to determine whether it achieved its aims.

The definition of free software includes the assertion that it must be possible to use the software for any purpose. But if it is possible to use software in such a way that others lose their freedom to exercise those rights, is this really the standard we should be holding? Again, it's unsurprising that people will attempt to solve this problem through licensing, even if in doing so they no longer meet the current definition of free software.

I don't have solutions for these problems, and I don't know for sure that it's possible to solve them without causing more harm than good in the process. But in the absence of these issues being discussed within the free software community, we risk free software being splintered - on one side, with companies imposing increasingly draconian licensing terms in an attempt to prop up their business models, and on the other side, with people deciding that protecting people's freedom to life, liberty and the pursuit of happiness is more important than protecting their freedom to use software to deny those freedoms to others.

As stewards of the free software definition, the Free Software Foundation should be taking the lead in ensuring that these issues are discussed. The priority of the board right now should be to restructure itself to ensure that it can legitimately claim to represent the community and play the leadership role it's been failing to in recent years, otherwise the opportunity will be lost and much of the activist energy that underpins free software will be spent elsewhere.

If free software is going to maintain relevance, it needs to continue to explain how it interacts with contemporary social issues. If any organisation is going to claim to lead the community, it needs to be doing that.

[1] Plus one VC firm itself - Bain Capital, an investment firm notorious for investing in companies, extracting as much value as possible and then allowing the companies to go bankrupt

comment count unavailable comments

CryptogramSuperhero Movies and Security Lessons

A paper I co-wrote was just published in Security Journal: "Superheroes on screen: real life lessons for security debates":

Abstract: Superhero films and episodic shows have existed since the early days of those media, but since 9/11, they have become one of the most popular and most lucrative forms of popular culture. These fantastic tales are not simple amusements but nuanced explorations of fundamental security questions. Their treatment of social issues of power, security and control are here interrogated using the Film Studies approach of close reading to showcase this relevance to the real-life considerations of the legitimacy of security approaches. By scrutinizing three specific pieces -- Daredevil Season 2, Captain America: Civil War, and Batman v Superman: Dawn of Justice -- superhero tales are framed (by the authors) as narratives which significantly influence the general public's understanding of security, often encouraging them to view expansive power critically­to luxuriate within omnipotence while also recognizing the possibility as well as the need for limits, be they ethical or legal.

This was my first collaboration with Fareed Ben-Youssef, a film studies scholar. (And with Andrew Adams and Kiyoshi Murata.) It was fun to think about and write.

Krebs on SecurityMyPayrollHR CEO Arrested, Admits to $70M Fraud

Earlier this month, employees at more than 1,000 companies saw one or two paycheck’s worth of funds deducted from their bank accounts after the CEO of their cloud payroll provider absconded with $35 million in payroll and tax deposits from customers. On Monday, the CEO was arrested and allegedly confessed that the diversion was the last desperate gasp of a financial shell game that earned him $70 million over several years.

Michael T. Mann, the 49-year-old CEO of Clifton Park, NY-based MyPayrollHR, was arrested this week and charged with bank fraud. In court filings, FBI investigators said Mann admitted under questioning that in early September — on the eve of a big payroll day — he diverted to his own bank account some $35 million in funds sent by his clients to cover their employee payroll deposits and tax withholdings.

After that stunt, two different banks that work with Mann’s various companies froze those corporate accounts to keep the funds from being moved or withdrawn. That action set off a chain of events that led another financial institution that helps MyPayrollHR process payments to briefly pull almost $26 million out of checking accounts belonging to employees at more than 1,000 companies that use MyPayrollHR.

At the same time, MyPayrollHR sent a message (see screenshot above) to clients saying it was shutting down and that customers should find alternative methods for paying employees and for processing payroll going forward.

In the criminal complaint against Mann (PDF), a New York FBI agent said the CEO admitted that starting in 2010 or 2011 he began borrowing large sums of money from banks and financing companies under false pretenses.

“While stating that MyPayroll was legitimate, he admitted to creating other companies that had no purpose other than to be used in the fraud; fraudulently representing to banks and financing companies that his fake businesses had certain receivables that they did not have; and obtaining loans and lines of credit by borrowing against these non-existent receivables.”

“Mann estimated that he fraudulently obtained about $70 million that he has not paid back. He claimed that he committed the fraud in response to business and financial pressures, and that he used almost all of the fraudulently obtained funds to sustain certain businesses, and purchase and start new ones. He also admitted to kiting checks between Bank of America and Pioneer [Savings Bank], as part of the fraudulent scheme.”

Check-kiting is the illegal act of writing a check from a bank account without sufficient funds and depositing it into another bank account, explains MagnifyMoney.com. “Then, you withdraw the money from that second account before the original check has been cleared.”

Kiting also is known as taking advantage of the “float,” which is the amount of time between when an individual submits a check as payment and when the individual’s bank is instructed to move the funds from the account.

Magnify Money explains more:

“Say, for example, that you write yourself a check for $500 from checking account A, and deposit that check into checking account B — but the balance in checking account A is only $75. Then, you promptly withdraw the $500 from checking account B. This is check-kiting, a form of check fraud that uses non-existent funds in a checking account or other type of bank account. Some check-kiting schemes use multiple accounts at a single bank, and more complicated schemes involve multiple financial institutions.”

“In a more complex scenario, a person could open checking accounts at bank A and bank B, at first depositing $500 into bank A and nothing in bank B. Then, they could write a check for $10,000 with account A and deposit it into account B. Bank B immediately credits the account, and in the time it might take for bank B to clear the check (generally about three business days), the scammer writes a $10,000 check with bank B, which gets deposited into bank A to cover the first check. This could keep going, with someone writing checks between banks where there’s no actual funds, yet the bank believes the money is real and continues to credit the accounts.”

The government alleges Mann was kiting millions of dollars in checks between his accounts at Bank of American and Pioneer from Aug. 1, 2019 to Aug. 30, 2019.

For more than a decade, MyPayrollHR worked with California-based Cachet Financial Services to process payroll deposits for MyPayrollHR client employees. Every other week, MyPayrollHR’s customers would deposit their payroll funds into a holding account run by Cachet, which would then disburse the payments into MyPayrollHR client employee bank accounts.

But when Mann diverted $26 million in client payroll deposits from Cachet to his account at Pioneer Bank, Cachet’s emptied holding account was debited for the payroll payments. Cachet quickly reversed those deposits, causing one or two pay periods worth of salary to be deducted from bank accounts for employees of companies that used MyPayrollHR.

That action caused so much uproar from affected companies and their employees that Cachet ultimately decided to cancel all of those reversals and absorb that $26 million hit, which it is now trying to recover through the courts.

According to prosecutors in New York, Pioneer was Mann’s largest creditor.

“Mann stated that the payroll issue was precipitated by his decision to route MyPayroll’s clients’ payroll payments to an account at Pioneer instead of directly to Cachet,” wrote FBI Special Agent Matthew J. Wabby. “He did this in order to temporarily reduce the amount of money he owed to Pioneer. When Pioneer froze Mann’s accounts, it’s also (inadvertently) stopped movement of MyPayroll’s clients’ payroll payments to Cachet.”

Approximately $9 million of the $35 million diverted by Mann was supposed to go to accounts at the National Payment Corporation (NatPay) — the Florida-based firm which handles tax withholdings for MyPayrollHR clients. NatPay said its insurance should help cover the losses it incurred when MyPayrollHR’s banks froze the company’s accounts.

Court records indicate Mann hasn’t yet entered a plea, but that he was ordered to be released today under a $200,000 bond secured by a family home and two vehicles. His passport also was seized.

LongNowThe Art of World-Building in Science Fiction

The process of world-building in science fiction isn’t just about coming to grips with the consequences of your narrative arc and making it believable. It’s also about imagining a better world.

Stanford anthropologist James Holland Jones spoke about “The Science of Climate Fiction: Can Stories Lead to Social Action?” in 02019 at The Interval. Watch his talk in full here.

Worse Than FailureError'd: Modern Customer Support

"It's interesting to consider that First Great Western's train personnel track on-time but meanwhile, their seats measure uptime," writes Roger G.

 

Peter G. writes, "At $214.90 for two years I was perfectly happy, but this latest price increase? You've simply gone TOO FAR and I will be cancelling ASAP!"

 

"SharePoint does a lot of normal things, but in the case of this upgrade, it truly went above and beyond," Adam S. wrote.

 

"Sure, I guess you can email a question, but just don't get your hopes up for a reply," writes Samuel N.

 

Al H. writes, "When I signed up for a trial evaluation of Toad and got an e-mail with the activation license key, this was not quite what I was expecting."

 

"The cover story, in case anybody starts asking too many questions, is that Dustin is the name of the male squirrel outside the window. He and Sylvia the squirrel are married. Nobody was testing in Production," writes Sam P.

 

[Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

,

Cory DoctorowCome see me in Portland, Maine next Monday with James Patrick Kelly

I’m coming to Maine to keynote the Maine Library Association conference in Newry next Monday; later that day, I’m appearing with James Patrick Kelly at the Portland, Maine Main Library, from 6:30PM-8PM (it’s free and open to the public) This is the first time I’ve been to Maine, and I can’t wait!

CryptogramOn Chinese "Spy Trains"

The trade war with China has reached a new industry: subway cars. Congress is considering legislation that would prevent the world's largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States.

Part of the reasoning behind this legislation is economic, and stems from worries about Chinese industries undercutting the competition and dominating key global industries. But another part involves fears about national security. News articles talk about "spy trains," and the possibility that the train cars might surreptitiously monitor their passengers' faces, movements, conversations or phone calls.

This is a complicated topic. There is definitely a national security risk in buying computer infrastructure from a country you don't trust. That's why there is so much worry about Chinese-made equipment for the new 5G wireless networks.

It's also why the United States has blocked the cybersecurity company Kaspersky from selling its Russian-made antivirus products to US government agencies. Meanwhile, the chairman of China's technology giant Huawei has pointed to NSA spying disclosed by Edward Snowden as a reason to mistrust US technology companies.

The reason these threats are so real is that it's not difficult to hide surveillance or control infrastructure in computer components, and if they're not turned on, they're very difficult to find.

Like every other piece of modern machinery, modern train cars are filled with computers, and while it's certainly possible to produce a subway car with enough surveillance apparatus to turn it into a "spy train," in practice it doesn't make much sense. The risk of discovery is too great, and the payoff would be too low. Like the United States, China is more likely to try to get data from the US communications infrastructure, or from the large Internet companies that already collect data on our every move as part of their business model.

While it's unlikely that China would bother spying on commuters using subway cars, it would be much less surprising if a tech company offered free Internet on subways in exchange for surveillance and data collection. Or if the NSA used those corporate systems for their own surveillance purposes (just as the agency has spied on in-flight cell phone calls, according to an investigation by the Intercept and Le Monde, citing documents provided by Edward Snowden). That's an easier, and more fruitful, attack path.

We have credible reports that the Chinese hacked Gmail around 2010, and there are ongoing concerns about both censorship and surveillance by the Chinese social-networking company TikTok. (TikTok's parent company has told the Washington Post that the app doesn't send American users' info back to Beijing, and that the Chinese government does not influence the app's use in the United States.)

Even so, these examples illustrate an important point: there's no escaping the technology of inevitable surveillance. You have little choice but to rely on the companies that build your computers and write your software, whether in your smartphones, your 5G wireless infrastructure, or your subway cars. And those systems are so complicated that they can be secretly programmed to operate against your interests.

Last year, Le Monde reported that the Chinese government bugged the computer network of the headquarters of the African Union in Addis Ababa. China had built and outfitted the organization's new headquarters as a foreign aid gift, reportedly secretly configuring the network to send copies of confidential data to Shanghai every night between 2012 and 2017. China denied having done so, of course.

If there's any lesson from all of this, it's that everybody spies using the Internet. The United States does it. Our allies do it. Our enemies do it. Many countries do it to each other, with their success largely dependent on how sophisticated their tech industries are.

China dominates the subway car manufacturing industry because of its low prices­ -- the same reason it dominates the 5G hardware industry. Whether these low prices are because the companies are more efficient than their competitors or because they're being unfairly subsidized by the Chinese government is a matter to be determined at trade negotiations.

Finally, Americans must understand that higher prices are an inevitable result of banning cheaper tech products from China.

We might willingly pay the higher prices because we want domestic control of our telecommunications infrastructure. We might willingly pay more because of some protectionist belief that global trade is somehow bad. But we need to make these decisions to protect ourselves deliberately and rationally, recognizing both the risks and the costs. And while I'm worried about our 5G infrastructure built using Chinese hardware, I'm not worried about our subway cars.

This essay originally appeared on CNN.com.

EDITED TO ADD: I had a lot of trouble with CNN's legal department with this essay. They were very reluctant to call out the US and its allies for similar behavior, and spent a lot more time adding caveats to statements that I didn't think needed them. They wouldn't let me link to this Intercept article talking about US, French, and German infiltration of supply chains, or even the NSA document from the Snowden archives that proved the statements.

Planet DebianThomas Lange: Read-only nfsroot with NFS v4 and overlayfs

The Fully Automatic Installation (FAI) is using a read-only nfsroot since it's very beginning. This is also used in diskless clients enviroments and in the LTSP (Linux Terminal Server Project).

During a network installation the clients are running as diskless clients, so the installation has full access to the local hard disk which is not in use. But we need some files to be writable on the read-only nfsroot. In the past we've created symlinks to a ram disk. Later we used aufs (another union fs), a kernel module for doing union mounts of several file systems. Putting a ram disk on top of the read-only nfsroot with aufs makes the nfsroot writable. But aufs was not available in kernel 4.X any more. It was replaced by overlayfs.

The initrd of FAI mounts the nfsroot read only and then puts a tmpfs ram disk on top of it using overlayfs. The result is a new merged file system which is writable. This works nicely since several years when using NFSv3. But when using NFSv4 we can read from a file, but writing always reported

openat(AT_FDCWD,....) = -1 EOPNOTSUPP (Operation not supported)

After some days of debugging overlayfs and NFS v4, I found that it's a complicated mixture of NFS and acl support (POSIX and nfs4 acl) and what overlayfs expects from the file systems in respect to certain xattr. Overlayfs uses calls like

setxattr(work/work, "trusted.overlay.opaque", "0", 1, 0x0) = 0

and writing to a file used

getxattr("/b/lower/etc/test1", "system.nfs4_acl", ....) = 80

without any errors. When talking to some overlayfs guys they ask me to disable acl for the exported NFS file system. There's an noacl option listed on nfs(5), but it's for NFS version 2 and 3 only, not for NFS v4. You cannot disable ACL on a NFS v4 mount.

In the end the solution was to disable ACL on the whole file system on the NFS server, which is exported to the clients. If you have a ext4 file system this works on the NFS server by doing

# mount -oremount,noacl $EXPORTED_FS

After that, overlayfs will detect that ACL's are not support on the NFS mount and behaves as expected allowing writes to a file.

You will need to use dracut instead of initramfs-tools for creating the initrd. The later is using busybox or klibc tools inside the initrd. Both do not support NFS v4 mounts (https://bugs.debian.org/409271).

Dracut is using the normal libc based executables. The Debian package of dracut supports the kernel cmdline option rootovl. This is an example of the kernel cmdline options:

rootovl ip=dhcp root=11.22.33.44:/srv/fai/nfsroot

This mounts a read only nfsroot and puts a tmpfs on top for making it writable.

NFSv4 nfsroot

Worse Than FailureCodeSOD: Trim Off a Few Miles

I don’t know the length of Russell F’s commute. Presumably, the distance is measured in miles. Miles and miles. I say that, because of this block, which is written… with care.

  string Miles_w_Care = InvItem.MilesGuaranteeFlag == true && InvItem.Miles_w_Care.HasValue ? (((int)InvItem.Miles_w_Care / 1000).ToString().Length > 2 ? ((int)InvItem.Miles_w_Care / 1000).ToString().Trim().Substring(0, 2) : ((int)InvItem.Miles_w_Care / 1000).ToString().Trim()) : "  ";
  string Miles_wo_Care = InvItem.MilesGuaranteeFlag == true && InvItem.Miles_wo_Care.HasValue ? (((int)InvItem.Miles_wo_Care / 1000).ToString().Length > 2 ? ((int)InvItem.Miles_wo_Care / 1000).ToString().Trim().Substring(0, 2) : ((int)InvItem.Miles_wo_Care / 1000).ToString().Trim()) : "  ";

Two lines, so many nested ternaries. Need to round off to the nearest thousand? Just divide and then ToString the result, selecting the substring as needed. Be sure to Trim the string which couldn’t possibly contain whitespace, you never know.

Ironically, the only expression in this block which isn’t a WTF is InvItem.MilesGuaranteeFlag == true, because while we’re comparing against true, MilesGuaranteeFlag is a Nullable<bool>, so this confirms that it has a value and that the value is true.

So many miles.

And I would write five hundred lines
and I would write five hundred more
just to be the man who wrote a thousand lines
Uncaught Exception at line 24

[Advertisement] ProGet can centralize your organization's software applications and components to provide uniform access to developers and servers. Check it out!

Krebs on SecurityInterview With the Guy Who Tried to Frame Me for Heroin Possession

In April 2013, I received via U.S. mail more than a gram of pure heroin as part of a scheme to get me arrested for drug possession. But the plan failed and the Ukrainian mastermind behind it soon after was imprisoned for unrelated cybercrime offenses. That individual recently gave his first interview since finishing his jail time here in the states, and he’s shared some select (if often abrasive and coarse) details on how he got into cybercrime and why. Below are a few translated excerpts.

When I first encountered now-31-year-old Sergei “Fly,” “Flycracker,” “MUXACC” Vovnenko in 2013, he was the administrator of the fraud forum “thecc[dot]bz,” an exclusive and closely guarded Russian language board dedicated to financial fraud and identity theft.

Many of the heavy-hitters from other fraud forums had a presence on Fly’s forum, and collectively the group financed and ran a soup-to-nuts network for turning hacked credit card data into mounds of cash.

Vovnenko first came onto my radar after his alter ego Fly published a blog entry that led with an image of my bloodied, severed head and included my credit report, copies of identification documents, pictures of our front door, information about family members, and so on. Fly had invited all of his cybercriminal friends to ruin my financial identity and that of my family.

Somewhat curious about what might have precipitated this outburst, I was secretly given access to Fly’s cybercrime forum and learned he’d freshly hatched a plot to have heroin sent to my home. The plan was to have one of his forum lackeys spoof a call from one of my neighbors to the police when the drugs arrived, complaining that drugs were being delivered to our house and being sold out of our home by Yours Truly.

Thankfully, someone on Fly’s forum also posted a link to the tracking number for the drug shipment. Before the smack arrived, I had a police officer come out and take a report. After the heroin showed up, I gave the drugs to the local police and wrote about the experience in Mail From the Velvet Cybercrime Underground.

Angry that I’d foiled the plan to have me arrested for being a smack dealer, Fly or someone on his forum had a local florist send a gaudy floral arrangement in the shape of a giant cross to my home, complete with a menacing message that addressed my wife and was signed, “Velvet Crabs.”

The floral arrangement that Fly or one of his forum lackeys had delivered to my home in Virginia.

Vovnenko was arrested in Italy in the summer of 2014 on identity theft and botnet charges, and spent some 15 months in arguably Italy’s worst prison contesting his extradition to the United States. Those efforts failed, and he soon pleaded guilty to aggravated identity theft and wire fraud, and spent several years bouncing around America’s prison system.

Although Vovnenko sent me a total of three letters from prison in Naples (a hand-written apology letter and two friendly postcards), he never responded to my requests to meet him following his trial and conviction on cybercrime charges in the United States. I suppose that is fair: To my everlasting dismay, I never responded to his Italian dispatches (the first I asked to be professionally analyzed and translated before I would touch it).

Seasons greetings from my pen pal, Flycracker.

After serving his 41 month sentence in the U.S., Vovnenko was deported, although it’s unclear where he currently resides (the interview excerpted here suggests he’s back in Italy, but Fly doesn’t exactly confirm that). 

In an interview published on the Russian-language security blog Krober.biz, Vovnenko said he began stealing early in life, and by 13 was already getting picked up for petty robberies and thefts.

A translated English version of the interview was produced and shared with KrebsOnSecurity by analysts at New York City-based cyber intelligence firm Flashpoint.

Sometime in the mid-aughts, Vovnenko settled with his mother in Naples, Italy, but he had trouble keeping a job for more than a few days. Until a chance encounter led to a front job at a den of thieves.

“When I came to my Mom in Naples, I could not find a permanent job. Having settled down somewhere at a new job, I would either get kicked out or leave in the first two days. I somehow didn’t succeed with employment until I was invited to work in a wine shop in the historical center of Naples, where I kinda had to wipe the dust from the bottles. But in fact, the wine shop turned out to be a real den and a sales outlet of hashish and crack. So my job was to be on the lookout and whenever the cops showed up, take a bag of goods and leave under the guise of a tourist.”

Cocaine and hash were plentiful at his employer’s place of work, and Vovnenko said he availed himself of both abundantly. After he’d saved enough to buy a computer, Fly started teaching himself how to write programs and hack stuff. He quickly became enthralled with the romanticized side of cybercrime — the allure of instant cash — and decided this was his true vocation.

“After watching movies and reading books about hackers, I really wanted to become a sort of virtual bandit who robs banks without leaving home,” Vovnenko recalled. “Once, out of curiosity, I wrote an SMS bomber that used a registration form on a dating site, bypassing the captcha through some kind of rookie mistake in the shitty code. The bomber would launch from the terminal and was written in Perl, and upon completion of its work, it gave out my phone number and email. I shared the bomber somewhere on one of my many awkward sites.”

“And a couple of weeks later they called me. Nah, not the cops, but some guy who comes from Sri Lanka who called himself Enrico. He told me that he used my program and earned a lot of money, and now he wants to share some of it with me and hire me. By a happy coincidence, the guy also lived in Naples.”

“When we met in person, he told me that he used my bomber to fuck with a telephone company called Wind. This telephone company had such a bonus service: for each incoming SMS you received two cents on the balance. Well, of course, this guy bought a bunch of SIM cards and began to bomb them, getting credits and loading them into his paid lines, similar to how phone sex works.”

But his job soon interfered with his drug habit, and he was let go.

“At the meeting, Enrico gave me 2K euros, and this was the first money I’ve earned, as it is fashionable to say these days, on ‘cybercrime’. I left my previous job and began to work closely with Enrico. But always stoned out of my mind, I didn’t do a good job and struggled with drug addiction at that time. I was addicted to cocaine, as a result, I was pulling a lot more money out of Enrico than my work brought him. And he kicked me out.”

After striking out on his own, Vovnenko says he began getting into carding big time, and was introduced to several other big players on the scene. One of those was a cigarette smuggler who used the nickname Ponchik (“Doughnut”).

I wonder if this is the same Ponchik who was arrested in 2013 as being the mastermind behind the Blackhole exploit kit, a crimeware package that fueled an overnight explosion in malware attacks via Web browser vulnerabilities.

In any case, Vovnenko had settled on some schemes that were generating reliably large amounts of cash.

“I’ve never stood still and was not focusing on carding only, with the money I earned, I started buying dumps and testing them at friends’ stores,” Vovnenko said. “Mules, to whom I signed the hotlines, were also signed up for cashing out the loads, giving them a mere 10 percent for their work. Things seemed to be going well.”

FAN MAIL

There is a large chronological gap in Vovnenko’s account of his cybercrime life story from that point on until the time he and his forum friends started sending heroin, large bags of feces and other nasty stuff to our Northern Virginia home in 2013.

Vovnenko claims he never sent anything and that it was all done by members of his forum.

-Tell me about the packages to Krebs.
“That ain’t me. Suitcase filled with sketchy money, dildoes, and a bouquet of coffin wildflowers. They sent all sorts of crazy shit. Forty or so guys would send. When I was already doing time, one of the dudes sent it. By the way, Krebs wanted to see me. But the lawyer suggested this was a bad idea. Maybe he wanted to look into my eyes.”

In one part of the interview, Fly is asked about but only briefly touches on how he was caught. I wanted to add some context here because this part of the story is richly ironic, and perhaps a tad cathartic.

Around the same time Fly was taking bitcoin donations for a fund to purchase heroin on my behalf, he was also engaged to be married to a nice young woman. But Fly apparently did not fully trust his bride-to-be, so he had malware installed on her system that forwarded him copies of all email that she sent and received.

Fly,/Flycracker discussing the purchase of a gram of heroin from Silk Road seller “10toes.”

But Fly would make at least two big operational security mistakes in this spying effort: First, he had his fiancée’s messages forwarded to an email account he’d used for plenty of cybercriminal stuff related to his various “Fly” identities.

Mistake number two was the password for his email account was the same as one of his cybercrime forum admin accounts. And unbeknownst to him at the time, that forum was hacked, with all email addresses and hashed passwords exposed.

Soon enough, investigators were reading Fly’s email, including the messages forwarded from his wife’s account that had details about their upcoming nuptials, such as shipping addresses for their wedding-related items and the full name of Fly’s fiancée. It didn’t take long to zero in on Fly’s location in Naples.

While it may sound unlikely that a guy so immeshed in the cybercrime space could make such rookie security mistakes, I have found that a great many cybercriminals actually have worse operational security than the average Internet user.

I suspect this may be because the nature of their activities requires them to create vast numbers of single- or brief-use accounts, and in general they tend to re-use credentials across multiple sites, or else pick very poor passwords — even for critical resources.

In addition to elaborating on his hacking career, Fly talks a great deal about his time in various prisons (including their culinary habits), and an apparent longing or at least lingering fondness for the whole carding scene in general.

Towards the end, Fly says he’s considering going back to school, and that he may even take up information security as a study. I wish him luck in that whatever that endeavor is as long as he can also avoid stealing from people.

I don’t know what I would have written many years ago to Fly had I not been already so traumatized by receiving postal mail from him. Perhaps it would go something like this:

“Dear Fly: Thank you for your letters. I am very sorry to hear about the delays in your travel plans. I wish you luck in all your endeavors — and I sincerely wish the next hopeful opportunity you alight upon does not turn out to be a pile of shit.”

The entire translated interview is here (PDF). Fair warning: Many readers may find some of the language and topics discussed in the interview disturbing or offensive.

,

Planet DebianShirish Agarwal: Life, Liberty and Kashmir

I was going to write about history of banking today but because the blockade is still continuing in Kashmir, I am forced to write my opinions on it and clear at least some ideas and myths various people have about Kashmir. Before I start though, I hope the Goa Debian Utsav was good. While I haven’t seen any reports, I hope it went well. Frankly, I was in two minds whether I should apply for the Debutsav in Goa or not. While there is a possibility that I could have applied and perhaps even got the traveling sponsorship, I was unsure as to what to tell the students. With recovery of the economy in India at least 6 quarters away if not more, it would have been difficult for me to justify to the students as to how to look for careers in I.T. when salaries of most professionals have been stagnant, lowered and even retention happening in Pune, Bangalore and other places it would have been difficult to say that.

Anyways, this would be a long one. I would like to start with a lawsuit filed in Kerala which was shared and the judgement which was given which at least in my view was a progressive decision. The case I am reciting is ”Right To Access Internet Is Part Of Right To Privacy And Right To Education‘ which was given by Kerala HC recently. The judgement of the case is at https://www.livelaw.in/pdf_upload/pdf_upload-364655.pdf which I reproduce below as well.

So let us try to figure out what the suit/case was all about and how it involves the larger question of communication blockades and other things in Kashmir. The case involves a woman student of 18 years of age, a Faheema shirin (Petitioner) who came to Kerala for higher studies (B.Ed) at an institute called Narayanguru College located in Kozhikhode District. Incidentally, I have been fortunate to visit Kerala and Khozikhode District and they are beautiful places but we can have that conversation some other day. Now apparently, she was expelled from the college hostel for using the mobile phone during study time. The College is affiliated to University of Calicut. Now according to statements from the hostel matron, the petitioner and others, it became clear that inmates of the hostel were not allowed to use mobile phones from 10 p.m. to 6.a.m. -i.e. 22:00 hrs. to 0600 hrs. Apparently, this rule was changed to 1800 hrs – 2000 hrs. arbitrarily. The petitioner’s house is 150 kms. from the place. When she said it is not possible to follow the rules because of the subjects she was studying as well as she needed to connect to home anytime she wanted or her father or relatives may feel to call her or in case of any help. She alleged discrimination as these rules were only made for the girl’s hostel and not for the boy’s hostel. I had also seen and felt the same but as shared that’s for another day altogether.

The petitioner invoked the Conventions on Eliminations of all forms of Discrimination against Women, 1979, the Beijing Declaration and Universal Declaration of Human Rights, to which GOI is a signatory and hence had to abide by its rules. She further contended that her education depended on her using digital technology with access to web as given in her textbook. She needed to scan the QR codes in various places in her textbooks and use the link given therein to see videos, animations etc. on a digital platform called swayam. Incidentally, it seems swayam runs on closed source software as shared by SFLC.in on their website. Now if it is closed, commercial software than most probably the only the content can be viewed is via streaming rather than downloading, going offline and seeing it as that would attract provisions of the IT ACT and perhaps would constitute piracy. While this point was not argued, it seemed pertinent for me to point out as few people on social media have asked about. In several such cases it is either impossible or you have to be an expert in order to manipulate and download such data (like Snowdem did) but then that’s again a story for another day. Interestingly, the father in the case above was also in the favor of the girl using mobile phone for whatever purpose as he trusts her implicitly and she is adult enough to make her own life choices.

Thankfully, the petitioner had presence of mine throughout the journey that she did all her correspondence through letters instead of orally and had documentary evidence to back up all her claims. The State Govt. of Kerala has been on the forefront of digital technology for a long while and me and many of my friends have been both witness and played our small parts in whichever way to see Kerala become an IT hub. While they still do need to do a lot more but that again is a story for another day. While there was lot of back and forth between her, the hostel authorities, the father and the hostel authorities, she, her father, the hostel authorities and the college but they were unable to resolve the issues amicably. Her grounds for the fight were –

a. She is an adult and of rational mind so she can make decisions on her own.
b. She has right of privacy ( as shared by the Honorable Supreme Court in its 2017 landmark judgement)
c. She needs the mobile and the laptop for studying as her studies demand her using Internet.
d. She also relied and used the budget speech made by Minister of Finance and State Government for making internet accessible to all citizens and recognizing the right to Internet as a human right.
e. Her violation to right of property under Article 300 A.

In order to further bolster her case, through her lawyers she cited further judgements and studies which show how women are disadvantaged to Internet access, in particular she cited a UNESCO study which tells the same.

The judge, Honorable Jutice P.V. Asha guided herself with the arguments and counter-arguments by both parties, she also delved into Calicut University First Ordinances under which the University, the college and the hostel come in to see how thngs fare there. She had also asked the respondent that by using Internet has she or any other student in the hostel ever caused disturbance to any of the other inmates to which the reply was negative. The Judge also determined that if a miuse of a mobile phone or laptop has to happen, it can happen any time, anywhere and you cannot and should not control adult behavior especially when it collides with dignity and freedom of an adult. The learned counsel for the petitioner also shared resolution 23/2 in the UN General Assembly held on 24th June 2013 which talks of freedom of expression and opinion for women’s empowerment to which India is a signatory. There is also resolution 20/8 of 5th July 2012 which also underscores the point. Both the portions of the resolution can be found on page 18 of the judgement. The judge also cited few other judgements which were pointed out by the learned counsel for the petitioner, the Vishaka Judgement (1997) , the Beijing Statement and several other cases and judgement which showed how women are discriminated against under society. In the end she set aside the expulsion citing various judgements and her rationale for the same and asked the matron to take the student back and also asked the student to not humiliate the teacher or warden and she be allowed to use phone in any way she feels fit as far as she doesn’t create any disturbance to other students.

Observations – It opens up several questions which are part of society’s issues even today and probably for sometime.

a. I have been part of quite a few workshops where while I was supposed to share about GNU/Linux, more often than not I ended up sharing about how to use web access rather than advanced technologies. In this I found women to be more backward and take more time to understand and use the concepts than men. Whether it is due to just access issues or larger societal reasons ( the hidden alleged misuse of web) I just don’t know. While I do wish we could do more I don’t have any solutions.

b. As correctly pointed by Honorable Justice Asha, if a women who is pursuing B.Ed. it would harm the career of the young woman. I would opine and put one step more, wouldn’t it also be endangering her proteges, her students from getting a better teacher who is able to guide her students to the best of her ability. As we all know, rightly or wrongly almost all information is available on the net. The role of the teacher or guide is not to show information but probably more as to how to inquire and interpret information in different ways.

Kashmir

In light of the above judgement would not the same principles apply to Kashmir. There are two points shared by various people who are in favor of the lockdown. The first is National Security, National Interest and the second is Kashmiri Pandits. Let us take them one by one –

a. National Interest or/and National Security – I find this reason porous on many grounds. This Govt. is ruled by one of the richest political parties that India ever has. Without divulging further, there is such a huge range of hardware and software for the Government to surveil. With AFSA in-place and all sorts of technologies available off-the-shelf to surveil on residents that argument looks weak. Further, the Minister’s statement tells that the issue is not security of the state but something else. Of course the majoratian view is that they deserve it because they are muslims. If this is not hate, I dunno what is. A person on twitter did a social experiment where a daughter and a mother had the same conflict. The daughter’s view is that it is not right, the mother’s view being the opposite. The daughter disallowed the mother any contact with her, her husband and her daughter for 2 weeks, the mother was in tears. Then how can you think of people being blocked for 2 months.

Another variation of the argument is that militants will come and kill. Now I find it hard to believe that even after having half a million soldiers in the valley they still feel miitants can do something and they cannot. I find it a little hard to digest. There has been news now that the Taliban are involved. If this is true then they have troubled U.S. also, so if one of the most powerful armies on the earth can be stale-mated for what 19 years, are we going to put Kashmiris in lockdown for 19 years ? In fact the prejudcial face can be seen even more at https://www.youtube.com/watch?v=kXWZnnD6JFY-

Kashmiri Pandits – There is no doubt that there was a mass exodus of Kashmiri Hindus from the valley. Nobody disputes that. But just like the process followed in NRC, whether rightly or wrongly couldn’t the Kashmiri Pandits be sent back home. I would argue this is the best time. You have a huge contigent of forces in the valley, you can start the process, get the documents, get them back into the valley, otherwise this will continue to be something like Palestine is in Israel which has continued to an issue for both Israelis and Palestinians with no end in sight. The idea that Pakistan will not harass or do something in Kashmir in fool’s paradise. They have been doing it since 90’s, for that to have a huge population blocked from communicating is nothing but harassment. And hate will never get you anywhere. While this is more greyer than I am making it out, feel free to read this interview as well as the series called The Family Man which I found to be pretty truthful as to the greyishness of the situation out there. While most of the mainstream media gave it an average score, I found it thought-provoking. The fact is mainstream media in India no longer questions the Government excesses. Some people do and they are often targeted. I do hope to share the banking scenario and a sort of mini-banking crisis soon. Till later.

Cory DoctorowMy appearance on Futurithmic

I was delighted to sit down with my old friend Michael Hainsworth for his new TV show Futurithmic, where we talked about science fiction, technological self-determination, internet freedom. They’ve just posted the episode and it’s fabulous!

Planet DebianMike Gabriel: IServ Schulserver - Insecure Setup Strategy allows Hi-Jacking of User Accounts

"IServ Schulserver" [1] is a commercial school server developed by a company in Braunschweig, Germany. The "IServ Schulserver" is a product based on Debian. The whole project started as a students' project.

The "IServ" is an insular school server (one machine for everything + backup server) that provides a web portal / communication platform for the school (reachable from the internet), manages the school's MS Windows® clients via OPSI [2] and provides other features like chatrooms, mail accounts, etc.

The "IServ Schulserver" has written quite a success story in various areas of Germany, recently. IServ has been deployed at many many schools in Northrhein-Westfalia, Lower Saxony and Schleswig-Holstein. You can easily find those schools on the internet, if you search the web for "IServ IDesk".

The company that is developing "IServ" has various IT partner businesses all over Germany that deploy the IServ environment at local schools and are also the first point of contact for support.

It's all hear-say...

So, last night, I heard about a security design flaw not having been fixed / addressed since I had first heard about it. That was in 2014, when one of the Debian Edu schools I supported back then migrated over to IServ. At that time, the below could be confirmed. Last night, I learned that the following is still an issue on an IServ machine deployed recently here in Schleswig-Holstein (its deployment dates only a few weeks back). It's all hear-say, you know. But alas, ...

Mass User Creation Modes

If IServ admins mass create user accounts or (updated 20190930) perform user import from CSV-like data following the product's documentation [3a, 3b], they can opt for user accounts to be created and made active immediately, or they can opt for creating user accounts that are initially deactivated.

If the site admins uses the user import tool on the other hand, they also can opt for activated or deactivated accounts ot be created and they can choose one of the available password creation strategies (password := login (default), password from CSV, password generated via pwgen).

The password creation strategy of the local supplier of IServ Schulserver in Schleswig Holstein (around the area of city of Kiel) seems to be creating these initial user accounts (that is, all contemporary teachers and students) with immediately activated accounts and the default password creation strategy (password := login). (Cough cough...)

Initial Login

If you are a teacher (or student) at a school and have been notified about your initial IServ account being set up for you, you will get the instruction to initially log into the IServ web portal. The school provides each teacher with a URL and a login name. The default scheme for login names is <firstname>.<lastname>.

The password is not explicitly mentioned, as it is easy to remember. It is also <firstname>.<lastname> (i.e. initial_password := login_name). Conveniently as it is, people can do these logins from anywhere. When doing the initial login, the users are guided to a change-password dialog in their web browser session and finally, they can set their own password.

Pheeeww.... one account less that is just too dumb easy to hack.

Getting to know People at your New School

Nowadays, most schools have a homepage. On that homepage, they always present the core teacher staff group (people with some sort of a leadership position) with full names. Sometimes they even list all teachers with their full names. More rarely, but also quite common, all teachers are listed with a portrait photo (and/or the subjects they teach). Wanna be a teacher at that school? Hacky-sign up for an account then...

Update (20190930): To be fully clear on this: IServ does not provide a Sign-Up Feature byitself, all user accounts get created via an import of school data taken out of the school's administration database. However, picking an existing account that is likely to be still fresh and untouched by its user, is pretty much as easy as signing up for an account on.

How to Get In

If you are a nasty hacker, you can now go to some school's homepage, pick a teacher/face (or subject combination) that makes you assume that that person is not an IT-affiliated-kind-of-person and try to login as that person. If you are a neat hacker, you do this via Tor (or similar), of course.

Seriously!

If our imaginery hackers succeed with logging in using initial credentials, they can set a password for the impersonated teacher and they are in.

Many schools, I have seen, distribute documents and information to their teachers via the schools communication platform. If that platform is "IServ Schulserver", then you can easily gain access to those documents [4].

My personal guess is, that schools also use their school communication platform for distributing personal data, which is probably not allowed on the educational network of a school anyway (the "IServ Schulserver" is not an E-Mail server on the internet, it is the core server, firewall, mail gateway, Windows Network Server, etc. of the school's educational network).

Now, sharing those information via a system that is so easy to get unauthorized access to, is IMHO highly negligent and a severe violation of the GDPR.

Securing Mass User Creation

There are several ways, to fix this design flaw:

  • mass create users with accounts being initially deactivated and come up with some internal social workflow for enabling and setting up accounts and user passwords
  • talk to the developers and ask them to add credential imports (i.e. mass setting passwords for a list of given usernames)
  • Obsolete 20190930: use some other school server solution
  • Update 20190930: the previous statement about just using another school server solution is not really leading to better security by itself. The problem here in this blog post is not so much about IServ's user import code, but about the combination of software-featured setup strategies and that service providers deploy IServ in such an insecure manner (although more secure features are available, but not the default). So, I could also say: get another service provider. People who, when setting up school IT, are aware of the security impact of their doings.

Other Security Issues?

If people like to share their observations about school IT and security, I'd be interested. Let me know (see the imprint page [5] on my blog for my mail address).

light+love
Mike Gabriel (aka sunweaver at debian.org)

References & Footnotes

Update 20190930:

Last Friday, I received feedback from Sören Wendhauen (IServ GmbH). He provided some more background information about IServ user import. Thanks a lot for that.

Admin coaches at IServ GmbH do in fact make there service partner businesses aware of what I have depicted above. So, service providers should be in the loop of the security weakness (and act accordingly, I'd expect).

However, (and that was the essence of my reply), they (IServ GmbH developers) nonetheless developed this "password := login" feature in the first place, made it the default password generation strategy and even now that they have more secure password creation methods at hand, they leave the "password := login" method the default method.

Another alternative: If user accounts are activated at creation time and if the "password := login" password creation method had been used during creation, the IServ WebUI could e.g. prohibit a world-wide login, but restrict the user login to the computer labs of the school. Not a good solution, but drastically shrinking the attack vector, while keeping the wanted usability. However, this only works at schools where computer lab access is always monitored by teacher staff.

With Dürrenmatt's "Die Physiker" in mind, as a software developer I am responsible for the features I give people at hand to use and/or misuse.

Planet DebianAndrej Shadura: Rust-like enums in Kotlin

Rust has an exciting concept of enumeration types, which is much more powerful than enums in other languages. Notably C has the weakest type of enum, since there’s no type checking of any kind, and enum values can be used interchangeably with integers:

enum JobState {
    PENDING,
    STARTED,
    FAILED,
    COMPLETED
};

You can opt for manually assigning integers instead of leaving this to the compiler, but that’s about it.

Higher level languages like Python and Java treat enumeration types as classes, bringing stricted type checking and better flexibility, since they can be extended nearly as any other classes. In both Python and Java individual enumerated values are singleton instances of the enumeration class.

class JobState(Enum):
    PENDING = auto()
    STARTED = auto()
    FAILED = auto()
    COMPLETED = auto()
enum JobState {
    PENDING,
    STARTED,
    FAILED,
    COMPLETED;
}

Since enumerations are classes, they can define extra methods, but because the enum values are singletons, they can’t be coupled with any extra data, and no new instances of the enum class can be created.

In contrast with Python and Java, Rust allows attaching data to enumerations:

enum JobState {
    Pending,
    Started,
    Failed(String),
    Completed
}

This allows us to store the error message in the same value as the job state, without having to declare a structure with an extra field which would be used only when the state in Failed.

So, what Kotlin has to offer? Kotlin has a language feature called sealed classes. A sealed class is an abstract class with limited interitance: all of its subclasses have to be declated in the same file. In a way, this is quite close to the Rust enums, even though sealed classed look and behave a bit differently.

sealed class JobState {
    object Pending : JobState()
    object Started : JobState()
    object Completed : JobState()
    data class Failed(val errorMessage: String) : JobState()
}

Declared this way, JobState can be used in a way similar to Rust’s enums: a single variable of this type can be assigned singletons Pending, Started or Completed, or any instance of Failed with a mandatory String member:

val state: JobState = JobState.Failed("I/O error")

when (state) {
    is JobState.Completed ->
        println("Job completed")
    is JobState.Failed ->
        println("Job failed with an error: ${state.errorMessage}")
}

This usage resembles the regular Java/Kotlin enums quite a bit, but alternatively, Pending and friends can be declared outside of the sealed class, allowing them to be used directly without the need to add a JobState qualifier.

A slightly simplified real life example from a Kotlin project I’m working on, where a separate coroutine handles I/O with a Bluetooth or a USB device:

sealed class Result
object Connected : Result()
data class Failed(val error: String) : Result()

sealed class CommServiceMsg
data class Connect(val response: CompletableDeferred<Result>) : CommServiceMsg()
object Disconnect : CommServiceMsg()
data class Write(val data: ByteArray) : CommServiceMsg()

fun CoroutineScope.bluetoothServiceActor(device: BluetoothDevice) = actor<CommServiceMsg>(Dispatchers.IO) {
    val socket: BluetoothSocket = device.createSocket()

    process@ for (msg in channel) {
        when (msg) {
            is Connect -> {
                with(socket) {
                    msg.response.complete(try {
                        connect()
                        Connected
                    } catch (e: IOException) {
                        val error = e.message ?: ""
                        Failed(error)
                    }
                }
            }
            is Disconnect -> break@process
            is Write -> {
                socket.outputStream.write(msg.data)
            }
        }
    }
    socket.outputStream.flush()
    socket.close()
}

Here, we can talk to bluetoothServiceActor using messages each carrying extra data; if the coroutine needs to talk back (in this example, the result of a connection attempt), it uses a CompletableDeferred<> value of the Result type, which can hold an error message when needed.

With that in place, we can write something like this:

val bluetoothService = bluetoothServiceActor(device)
val response = CompletableDeferred<Result>()

bluetoothService.send(Connect(response))
var result = response.await()
when (result) {
    is Connected -> {
        bluetoothService.send(Write(byteArrayOf(42, 0x1e, 0x17)))
        bluetoothService.send(Disconnect)
    }
    is Failed ->
        println("error occurred: ${result.error}")
}

CryptogramIneffective Package Tracking Facilitates Fraud

This article discusses an e-commerce fraud technique in the UK. Because the Royal Mail only tracks packages to the postcode -- and not to the address - it's possible to commit a variety of different frauds. Tracking systems that rely on signature are not similarly vulnerable.

Worse Than FailureCodeSOD: And it was Uphill Both Ways

Today’s submission is a little bit different. Kevin sends us some code where the real WTF is simply that… it still is in use somewhere. By the standards of its era, I’d actually say that the code is almost good. This is more of a little trip down memory lane, about the way web development used to work.

Let’s start with the HTML snippet:

<frameset  border="0" frameborder="0" framespacing="0" cols="*,770,*"  onLoad="MaximizeWindow()">
	<!-- SNIPPED... -->
</frameset>

In 2019, if you want to have a sidebar full of links which allow users to click, and have a portion of the page update while not refreshing the whole page, you probably write a component in the UI framework of your choice. In 1999, you used frames. Honestly, by 1999, frames were already on the way out (he says, despite maintaining a number of frames-based applications well into the early 2010s), but for a brief period in web development history, they were absolutely all the rage.

In fact, shortly after I made my own personal home page, full of <marquee> tags, creative abuse of the <font> tag, and a color scheme which was hot pink and neon green, I showed it to a friend, who condescendingly said, “What, you didn’t even use frames?” He made me mad enough that I almost deleted my Geocities account.

Frames are dead, but now we have <iframes> which do the same thing, but are almost entirely used for embedding ads or YouTube videos. Some things will never truly die.

  IE4 = (document.all) ? true : false;
  NS4 = (document.layers) ? true : false;
  ver4 = (IE4||NS4);

  if (ver4!=true){  
    function MaximizeWindow(){
        alert('Please install a browser with support for Javascript 1.2. This website works for example with Microsofts Internet Explorer or Netscapes Navigator in versions 4.x or newer!')
        self.history.back();
        }
    }
  
  if (ver4==true){
    function MaximizeWindow(){
    window.focus();
	window.moveTo(0,0)
	window.resizeTo(screen.availWidth,screen.availHeight)
      }
}

Even today, in the era of web standards, we still constantly need to use shims and compatibility checks. The reasons are largely the same as they were back then: standards (or conventions) evolve quickly, vendors don’t care about standards, and browsers represent fiendishly complicated blocks of software. Today, we have better ways of doing those checks, but here we do our check with the first two lines of code.

And this, by the way, is why I said this code was “almost good”. In the era of “a browser with support for Javascript 1.2”, the standard way of checking browser versions was mining the user-agent string. And because of that we have situations where browsers report insanity like Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36.

Even in the late 90s though, the “right” way to check if your site was compatible with a given browser was to check for the features you planned to use. Which this code does- specifically, it’s looking for document.all or document.layers, which were two different approaches to exploring the DOM before we had actual tools for exploring the DOM. In this era, we’d call stuff like this “DHTML” (the D is for “dynamic”), and we traversed the DOM as a chain of properties, doing things like document.forms[0].inputs[0] to access fields on the form.

This is almost good, though, because it doesn’t gracefully degrade. If you don’t have a browser which reports these properties- document.all or document.layers, we just pop up an alert and forcibly hit the back button on your browser. Then again, if you do have a browser that supports those properties, it’s just going to go and forcibly hit the “Maximize” button on you, which is also not great, but I’m sure would make the site look quite impressive on an 800x600 resolution screen. I’m honestly kind of surprised that this doesn’t also check your resolution, and provide some warning about looking best at a certain resolution, which was also pretty standard stuff for this era.

Again, the real WTF is that this code still exists out in the wild somewhere. Kevin found it when he encountered a site that kept kicking him back to the previous page. But there’s a deeper WTF: web development is bad. It’s always been bad. It possibly always will be bad. It’s complicated, and hard, and for some reason we’ve decided that we need to build all our UIs using a platform where a paragraph is considered a first-class UI element comparable to a button. But the next time you struggle to “grok” the new hot JavaScript framework, just remember that you’re part of a long history of people who have wrestled with accomplishing basic tasks on the web, and that it’s always been a hack, whether it’s a hack in the UA-string, a hack of using frames to essentially embed browser windows inside of browser windows, or a hack to navigate the unending efforts of browser vendors to hamstring and befuddle the competition.

[Advertisement] ProGet can centralize your organization's software applications and components to provide uniform access to developers and servers. Check it out!

,

Planet DebianEnrico Zini: xtypeinto: type text into X windows

Several sites have started disabling paste in input fields, mostly password fields, but also other fields for no apparent reason.

Random links on the topic:

  • https://developers.google.com/web/tools/lighthouse/audits/password-pasting
  • https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords
  • https://www.troyhunt.com/the-cobra-effect-that-is-disabling/
  • https://www.wired.com/2015/07/websites-please-stop-blocking-password-managers-2015/

This said, I am normally uneasy about copy-pasting passwords, as any X window can sniff the clipboard contents at any time, and I like password managers like impass that would type it for you instead of copying it to the clipboard.

However, today I got out way more frustrated than I could handle after illing in 17-digits nonsensical, always-slightly-different INPS payment codelines inside input fields that disabled paste for no reason whatsoever (they are not secret).

I thought "never again", I put together some code from impass and wmctrl and created xtypeinto:

$ ./xtypeinto --help
usage: xtypeinto [-h] [--verbose] [--debug] [string]

Type text into a window

positional arguments:
  string         string to type (default: stdin)

optional arguments:
  -h, --help     show this help message and exit
  --verbose, -v  verbose output
  --debug        debug output

Pass a string to xtypeinto as an argument, or as standard input.

xtypeinto will show a crosshair to pick a window, and the text will be typed into that window.

Please make sure that you focus on the right field before running xtypeinto, to make sure things are typed where you need them.

CryptogramCrown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

Earlier this month, I made fun of a company called Crown Sterling, for...for...for being a company that deserves being made fun of.

This morning, the company announced that they "decrypted two 256-bit asymmetric public keys in approximately 50 seconds from a standard laptop computer." Really. They did. This keylength is so small it has never been considered secure. It was too small to be part of the RSA Factoring Challenge when it was introduced in 1991. In 1977, when Ron Rivest, Adi Shamir, and Len Adelman first described RSA, they included a challenge with a 426-bit key. (It was factored in 1994.)

The press release goes on: "Crown Sterling also announced the consistent decryption of 512-bit asymmetric public key in as little as five hours also using standard computing." They didn't demonstrate it, but if they're right they've matched a factoring record set in 1999. Five hours is significantly less than the 5.2 months it took in 1999, but slower than would be expected if Crown Sterling just used the 1999 techniques with modern CPUs and networks.

Is anyone taking this company seriously anymore? I honestly wouldn't be surprised if this was a hoax press release. It's not currently on the company's website. (And, if it is a hoax, I apologize to Crown Sterling. I'll post a retraction as soon as I hear from you.)

EDITED TO ADD: First, the press release is real. And second, I forgot to include the quote from CEO Robert Grant: "Today's decryptions demonstrate the vulnerabilities associated with the current encryption paradigm. We have clearly demonstrated the problem which also extends to larger keys."

People, this isn't hard. Find an RSA Factoring Challenge number that hasn't been factored yet and factor it. Once you do, the entire world will take you seriously. Until you do, no one will. And, bonus, you won't have to reveal your super-secret world-destabilizing cryptanalytic techniques.

EDITED TO ADD (9/21): Others are laughing at this, too.

EDITED TO ADD (9/24): More commentary.

CryptogramRussians Hack FBI Comms System

Yahoo News reported that the Russians have successfully targeted an FBI communications system:

American officials discovered that the Russians had dramatically improved their ability to decrypt certain types of secure communications and had successfully tracked devices used by elite FBI surveillance teams. Officials also feared that the Russians may have devised other ways to monitor U.S. intelligence communications, including hacking into computers not connected to the internet. Senior FBI and CIA officials briefed congressional leaders on these issues as part of a wide-ranging examination on Capitol Hill of U.S. counterintelligence vulnerabilities.

These compromises, the full gravity of which became clear to U.S. officials in 2012, gave Russian spies in American cities including Washington, New York and San Francisco key insights into the location of undercover FBI surveillance teams, and likely the actual substance of FBI communications, according to former officials. They provided the Russians opportunities to potentially shake off FBI surveillance and communicate with sensitive human sources, check on remote recording devices and even gather intelligence on their FBI pursuers, the former officials said.

It's unclear whether the Russians were able to recover encrypted data or just perform traffic analysis. The Yahoo story implies the former; the NBC News story says otherwise. It's hard to tell if the reporters truly understand the difference. We do know, from research Matt Blaze and others did almost ten years ago, that at least one FBI radio system was horribly insecure in practice -- but not in a way that breaks the encryption. Its poor design just encourages users to turn off the encryption.

Worse Than FailureCodeSOD: Do You Need this

I’ve written an unfortunate amount of “useless” code in my career. In my personal experience, that’s code where I write it for a good reason at the time- like it’s a user request for a feature- but it turns out nobody actually needed or wanted that feature. Or, perhaps, if I’m being naughty, it’s a feature I want to implement just for the sake of doing it, not because anybody asked for it.

The code’s useless because it never actually gets used.

Claude R found some code which got used a lot, but was useless from the moment it was coded. Scattered throughout the codebase were calls to getInstance(), as in, Task myTask = aTask.getInstance().

At first glance, Claude didn’t think much of it. At second glance, Claude worried that there was some weird case of deep indirection where aTask wasn’t actually a concrete Task object and instead was a wrapper around some factory-instantiated concrete class or something. It didn’t seem likely, but this was Java, and a lot of Java code will follow patterns like that.

So Claude took a third glance, and found some code that’s about as useful as a football bat.

public Task getInstance(){
    return this;
}

To invoke getInstance you need a variable that references the object, which means you have a variable referencing the same thing as this. That is to say, this is unnecessary.

[Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!

Planet DebianKeith Packard: picolibc

Picolibc Version 1.0 Released

I wrote a couple of years ago about the troubles I had finding a good libc for embedded systems, and for the last year or so I've been using something I called 'newlib-nano', which was newlib with the stdio from avrlibc bolted on. That library has worked pretty well, and required very little work to ship.

Now that I'm doing RISC-V stuff full-time, and am currently working to improve the development environment on deeply embedded devices, I decided to take another look at libc and see if a bit more work on newlib-nano would make it a good choice for wider usage.

One of the first changes was to switch away from the very confusing "newlib-nano" name. I picked "picolibc" as that seems reasonably distinct from other projects in the space and and doesn't use 'new' or 'nano' in the name.

Major Changes

Let's start off with the big things I've changed from newlib:

  1. Replaced stdio. In place of the large and memory-intensive stdio stack found in newlib, picolibc's stdio is derived from avrlibc's code. The ATmel-specific assembly code has been replaced with C, and the printf code has seen significant rework to improve standards conformance. This work was originally done for newlib-nano, but it's a lot cleaner looking in picolibc.

  2. Switched from 'struct _reent' to TLS variables for per-thread values. This greatly simplifies the library and reduces memory usage for all applications -- per-thread data from unused portions of the library will not get allocated for any thread. On RISC-V, this also generates smaller and faster code. This also eliminates an extra level of function call for many code paths.

  3. Switched to the 'meson' build system. This makes building the library much faster and also improves the maintainability of the build system as it eliminates a maze of twisty autotools configure scripts.

  4. Updated the math test suite to use glibc as a reference instead of some ancient Sun machine.

  5. Manually verified the test results to see how the library is doing; getting automated testing working will take a lot more effort as many (many) tests still have invalid 'correct' values resulting in thousands of failure.

  6. Remove unused code with non-BSD licenses. There's still a pile of unused code hanging around, but all non-BSD licensed bits have been removed to make the licensing situation clear. Picolibc is BSD licensed.

Picocrt

Starting your embedded application requires initializing RAM as appropriate and calling initializers/constructors before invoking main(). Picocrt is designed to do that part for you.

Building Simplified

Using newlib-nano meant specifying the include and library paths very carefully in your build environment, and then creating a full custom linker script. With Picolibc, things are much easier:

  • Compile with -specs=picolibc.specs. That and the specification of the target processor are enough to configure include and library paths. The Debian package installs this in the gcc directory so you don't need to provide a full path to the file.

  • Link with picolibc.ld (which is used by default with picolibc.specs). This will set up memory regions and include Picocrt to initialize memory before your application runs.

Debian Packages

I've uploaded Debian packages for this version; they'll get stuck in the new queue for a while, but should eventually make there way into the repository. I'll plan on removing newlib-nano at some point in the future as I don't plan on maintaining both.

More information

You can find the source code on both my own server and over on github:

You'll find some docs and other information linked off the README file

Sam VargheseSaudis want US to fight another war for them

On 3 August 1990, the morning after Iraq invaded Kuwait, the Saudi Arabian government was more than a bit jittery, fearing that the Iraqi dictator Saddam Hussein would make Riyadh his next target. The Saudis had been some of the bigger buyers of American and British arms, but they found that they had a big problem.

And that was the fact that all the princes who were pilots of F-16 jets, considered one of the glamour jobs, had gone missing. Empty jets were of no use. How would the Saudis defend their country if Baghdad decided to march into the country’s Eastern Region? If Hussein decided to do so, he would be in control of a sizeable portion of the world’s oil resources and many countries would be royally screwed.

Then the Americans came calling, ready with doctored satellite imagery to scare the hell out of King Fahd and his colleagues. Finally, the king gave in to Dick Cheney’s arguments and asked the Americans to come into Saudi Arabia to defend the country.

The situation appears to be repeating itself after missiles hit Saudi Arabian oil installations two weeks ago, though this time the Americans seem reluctant to get into a fight with Iran, which has been blamed for the attack.

There is not a shred of proof to implicate Teheran apart from American and Saudi claims but then when has the Western press ever needed anything more than claims to point the finger at Iran?

The Saudis have been using foreign labour for a long time to do all the work in the country, right from cleaning the toilets to managing their companies. And they would, no doubt, be looking to the Americans to fight Iran too if it becomes necessary.

The fact is, the Saudis have more than enough military equipment to protect their country. But they are either incompetent to the point where they are unable to use it as it should be used. Or else, they are lazy and want others to do the work for them. After all, these are royals, right?

The Americans made a profit on the war which was waged in 1991 to eject Iraq from Kuwait; they spent US$51 billion and raked in US$60 billion, with contributions being made by numerous countries, all worried that oil prices would put their economies into negative territory.

But Iran will not be a pushover as Iraq was. And there is unlikely to be any kind of coalition like the one assembled in 1990. Nobody has the appetite for a fight. The world economy is looking decidedly shaky. And after the US pulled out of a deal to prevent Iran from developing nuclear weapons, countries in Europe are not exactly enthusiastic about joining the Americans in any more crazy adventures.

Planet DebianDirk Eddelbuettel: RcppAnnoy 0.0.13

annoy image

A new release of RcppAnnoy is now on CRAN.

RcppAnnoy is the Rcpp-based R integration of the nifty Annoy library by Erik Bernhardsson. Annoy is a small and lightweight C++ template header library for very fast approximate nearest neighbours—originally developed to drive the famous Spotify music discovery algorithm.

This release brings several updates. First and foremost, the upstream Annoy C++ code was updated from version 1.12 to 1.16 bringing both speedier code thanks to AVX512 instruction (where available) and new functionality. Which we expose in two new functions of which buildOnDisk() may be of interest for some using the file-back indices. We also corrected a minor wart in which a demo file was saved (via example()) to a user directory; we now use tempfile() as one should, and contributed two small Windows build changes back to Annoy.

Detailed changes follow below.

Changes in version 0.0.13 (2019-09-23)

  • In example(), the saved and loaded filename is now obtained via tempfile() to not touch user directories per CRAN Policy (Dirk).

  • RcppAnnoy was again synchronized with Annoy upstream leading to enhanced performance and more features (Dirk #48).

  • Minor changes made (and send as PRs upstream) to adapt both annoylib.h and mman.h changes (Dirk).

  • A spurious command was removed from one vignette (Peter Hickey in #49).

  • Two new user-facing functions onDiskBuild() and unbuild() were added (Dirk in #50).

  • Minor tweaks were made to two tinytest-using test files (Dirk).

Courtesy of CRANberries, there is also a diffstat report for this release.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

,

TEDIs geoengineering a good idea? A brief Q&A with Kelly Wanser and Tim Flannery

This satellite image shows marine clouds off the Pacific West Coast of the United States. The streaks in the clouds are created by the exhaust from ships, which include both greenhouse gases and particulates like sulfates that mix with clouds and temporarily make them brighter. Brighter clouds reflect more sunlight back to space, cooling the climate.

As we recklessly warm the planet by pumping greenhouse gases into the atmosphere, some industrial emissions also produce particles that reflect sunshine back into space, putting a check on global warming that we’re only starting to understand. In her talk at TEDSummit 2019, “Emergency medicine for our climate fever,” climate activist Kelly Wanser asked: Can we engineer ways to harness this effect and reduce the effects global warming?

This idea, known as “cloud brightening,” is seen as controversial. After her talk, Wanser was joined onstage by environmentalist Tim Flannery — who gave a talk just moments earlier about the epic carbon-capturing abilities of seaweed — to discuss cloud brightening and how it could help restore our climate to health. Check out their exchange below.

CryptogramI'm Looking to Hire a Strategist to Help Figure Out Public-Interest Tech

I am in search of a strategic thought partner: a person who can work closely with me over the next 9 to 12 months in assessing what's needed to advance the practice, integration, and adoption of public-interest technology.

All of the details are in the RFP. The selected strategist will work closely with me on a number of clear deliverables. This is a contract position that could possibly become a salaried position in a subsequent phase, and under a different agreement.

I'm working with the team at Yancey Consulting, who will follow up with all proposers and manage the process. Please email Lisa Yancey at lisa@yanceyconsulting.com.

Google AdsenseAdSense now understands Marathi

Today, we’re excited to announce the addition of Marathi, a language spoken by over 80 millions people in Maharashtra, India and many other countries around the world, to the family of AdSense supported languages.

The interest for Marathi language content has been growing steadily over the last few years. With this launch, AdSense provides an easy way for publishers to monetize the content they create in Marathi, and advertisers can connect to a Marathi speaking audience with relevant ads.

To start monetizing your Marathi content website with Google AdSense:

  1. Check the AdSense Program policies and make sure your site is compliant.
  2. Sign up for an AdSense account
  3. Add the AdSense code to start displaying relevant ads to your users

Welcome to AdSense! Sign Up now!

Posted by:
AdSense Internationalization Team

CryptogramFrance Outlines Its Approach to Cyberwar

In a document published earlier this month (in French), France described the legal framework in which it will conduct cyberwar operations. Lukasz Olejnik explains what it means, and it's worth reading.

Planet DebianMolly de Blanc: Freedoms and Rights

I want to talk a bit about the relationship between rights and freedoms, and what they are. I think building a mutual understanding around this is important as I dig deeper into conversations around digital rights and software, user, and technology freedom.

A right is like a privilege in as much is that it’s something you’re allowed to do, however rights are innate and not earned. They are things to which everyone is entitled. A freedom expresses a lack of constraints related to an action. When we have a particular freedom (freedom X), we have an unrestrained ability to do X — we can do whatever we want in relation to X. You can also have the right to a certain kind of freedom (e.g. freedom of speech). I talk about both digital rights and digital freedoms. I view digital rights are the extension of our rights into digital spaces, and digital freedoms as the freedoms we have in those spaces. We have the right to free expression when speaking in a room; we have the right to free expression when speaking on the Internet.

Typically, we frame rights and freedoms in terms of government restrictions: governments are not allowed to keep you from exercising your freedoms, and they are there to protect and ensure your rights. It is becoming increasingly relevant (and common) to also talk about these in relation to companies and technology. It is important to also shift this discussion to include companies and technologies — especially computing software. As computing becomes more pervasive, we need to make sure that the software we’re writing is freedom protecting and rights respecting. These freedoms include the freedoms we typically associate with free and open source software: the unbridaled ability to use, study, modify, and share. it also includes freedoms like expression (to express ourselves without constraint) and the freedom to assemble (to get together without constraint). All of these freedoms are freedoms we have the right to, in addition to other rights including the right to digital autonomy and the right to consent.

I want to dig a little into a specific example, of the play between freedoms and rights, and the way we see computing fits in.

We have the right to freedom of speech — to communicate unfettered with one another. Free expression is something to which everyone is entitled, and there is a societal, social, and moral imperative to protect that right. Computers connect us to one another and enable us to express ourselves. They also give us safe spaces to develop the ideas we want to express in public ones, which is a necessary part of freedom of speech. However, computers can also infringe upon that right. Home surveillance devices, like home assistants, that are listening to and recording everything you say are stepping on your right and restricting your freedom. They are taking away your safe space to develop ideas and creating an environment where you cannot express yourself without restriction for fear of possible repercussions.

This is just one example of how computers play with the things we traditionally consider our rights and freedoms. Computers also force us to consider rights and freedoms in new contexts, and push the boundaries of what we consider to “count.” Our right to bodily autonomy now includes which medical devices, which computers, we allow to be implanted into our bodies; what happens with our medical and biometric data; and when and how our bodies are being monitored in public (and private) spaces. This includes the near future, where we see an increase in wearable computers and recreational and elective implants.

We have freedoms, we have rights, and we have the rights to certain freedoms because it is moral, ethical, and necessary for a just world. Our digital rights and digital freedoms are necessary for our digital autonomy, to borrow a phrase from Karen Sandler. Digital autonomy is necessary to move forward into a world of justice, equity, and equality.

Special thanks for Christopher Lemmer Webber.

Worse Than FailureAccounting for Changes

Sara works as a product manager for a piece of accounting software for a large, international company. As a product manager, Sara interacts with their internal customers- the accounting team- and Bradley is the one she always bumps heads with.

Bradley's idea of a change request is to send a screenshot, with no context, and a short message, like "please fix", "please advise", or "this is wrong". It would take weeks of emails and, if they were lucky, a single phone call, for Sara's team to figure out what needs to be fixed, because Bradley is "too busy" to provide any more information.

One day, Bradley sent a screenshot of their value added taxation subsystem, saying, "This is wrong. Please fix." The email was much longer, of course, but the rest of the email was Bradley's signature block, which included a long list of titles, certifications, a few "inspirational" quotes, and his full name.

Sara replied. "Hi Brad," her email began- she had once called him "Bradley" which triggered his longest email to date, a screed about proper forms of address. "Thanks for notifying us about a possible issue. Can you help me figure out what's wrong? In your screen shot, I see SKU numbers, tax information, and shipping details."

Bradley's reply was brief. "Yes."

Sara sighed and picked up her phone. She called Bradley's firm, which landed her with an assistant, who tracked down another person, who asked another who got Bradley to confirm that the issue is that, in some cases, the Value Added Tax isn't using the right rate, as in some situations multiple rates have to be applied at the same time.

It was a big update to their VAT rules. Sara managed to talk to some SMEs at her company to refine the requirements, contacted development, and got the modifications built in the next sprint.

"Hi, Bradley," Sara started her next email. "Thank you for bringing the VAT issue to our attention. Based on your description, we have implemented an update. We've pushed it to the User Acceptance Testing environment. After you sign off that the changes are correct, we will deploy it into production. Let me know if there are any issues with the update." The email included links to the UAT process document, the UAT test plan template, and all the other details that they always provided to guide the UAT process.

A week later, Bradley sent an email. "It works." That was weird, as Bradley almost never signed off until he had pushed in a few unrelated changes. Still, she had the sign off. She attached the email to the ticket and once the changes were pushed to production, she closed the ticket.

A few days later, the entire accounting team goes into a meltdown and starts filing support request after support request. One user submitted ten by himself- and that user was the CFO. This turns into a tense meeting between the CFO, Bradley, Sara, and Sara's boss.

"How did this change get released to production?"

Sara pulled up the ticket. She showed the screenshots, referenced the specs, showed the development and QA test plans, and finally, the email from Bradley, declaring the software ready to go.

The CFO turned to Bradley.

"Oh," Bradley said, "we weren't able to actually test it. We didn't have access to our test environment at all last week."

"What?" Sara asked. "Why did you sign off on the change if you weren't able to test it!?"

"Well, we needed it to go live on Monday."

After that, a new round of requirements gathering happened, and Sara's team was able to implement them. Bradley wasn't involved, and while he still works at the same company, he's been shifting around from position to position, trying to find the best fit…

[Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

,

Sam VargheseWas Garcès the right choice to officiate SA-NZ game?

The authorities who select referees for matches at the Rugby World Cup do not seem to think very deeply about the choices they make. This is, perhaps, what resulted in the French referee Jérôme Garcès being put in charge of the game between New Zealand and South Africa on 21 September.

Some background is necessary to understand why Garcès’ appointment was questionable. He had officiated in the game between Australia and New Zealand earlier this year and handed out a red card to Kiwi lock Scott Barrett for a charge on Australian skipper Michael Hooper. This was a decision that was questioned in many quarters; that Scott Barrett deserved a yellow card was not in question, but a red card was deemed to be a gross over-reaction.

Scott Barrett was banned for two matches after that and was making his return in Saturday’s game. Thus there were a fair few people observing how Garcès would officiate, especially when it came to Scott Barrett.

An additional factor that made Garcès unsuitable for this game is the regular claim about referees going easy on New Zealand because of their influence in world rugby; apart from those who come to watch a game because they are fans of this team or that, there is huge contingent of people who come to watch the All Blacks because they have some sort of mystique around them.

This claim is made by officials of teams which have been getting hammered by the Kiwis for years so one can put it down to that variety of fruit which is common these days: sour grapes. The fact is that all teams take advantage of the rules to the extent possible.

Garcès, thus, had to avoid being seen as going easy on New Zealand. And he made some very elementary errors.

The most glaring mistake he made was when he failed to send off South Africa winger Makazole Mapimpi for not releasing the New Zealand standoff Richie Mo’unga, after the latter had booted a ball downfield, collected it five metres from the goalline and, though somewhat off-balance, was set to stumble over the line and score. Mapimpi tacked him but did not release Mo’unga as per the rules as there were no other South African players around to lend support.

Given that South Africa indulges in cynical tactics like this quite often — who can forget the professional fouls committed by the like of Bakkies Botha, Victor Matfield and Bryan Habana in years gone by? — a hardline referee may well have awarded the All Blacks a penalty try.

But Garcès did not go beyond a regulation penalty. He earned bitter criticism from the New Zealand captain Kieran Read who described him as “gutless” right there on the field.

Garcès also overlooked a number of neck rolls by South Africa’s Pieter-Steph du Toit on the All Blacks flanker Ardi Savea. Springboks giant lock Eben Etzebeth also grabbed the neck of a Kiwi player here and there but Garcès had no eyes for these tactics. All this in a year when there have been repeated reports that rugby referees have been ordered to crack down on tackles that come anywhere near the head.

The French official also missed a number of questionable tackles by the New Zealand players. He was put in a tricky situation by whoever selected him to officiate in the game and came out smelling of anything but roses.

But then Garcès was not responsible for the most shocking refereeing decision of the opening weekend of the tournament. This honour was claimed by British referee Rowan Kitt who was officiating as the television match official in the game between Australia and Fiji.

Kitt had nothing to offer on a tackle that Australian winger Reece Hodge effected on Fiji’s Peceli Yato, the team’s best player up to that point of the game, blocking the flanker with a shoulder-led, no-arms challenge to the head that resulted in Yato having to leave the field with concussion. He played no further part in the game.

On-field official Ben O’Keeffe missed the tackle too, but he was somewhat unsighted as the tackle took place close to the sideline. Former referee Jonathan Kaplan was scathing in his criticism of Kitt.

“On this occasion Kitt ruled that the challenge was legal and I find that extremely surprising,” said the 70-Test referee, a highly respected official during his day, in a column for the UK’s Daily Telegraph. “To let it pass without any sanction whatsoever was clearly the wrong call.”

He added: “Going into this tournament World Rugby have been very clear about contact with the head and what constitutes a red card under their new High Tackle Sanction framework.

“With that in mind I have absolutely no idea why Reece Hodge was not sent off for his tackle on Fiji’s Peceli Yato. To me it was completely clear and an almost textbook example of the type of challenge they are trying to outlaw.”

Exactly what it will take for referees to rule equally on all infringements remains to be seen. Perhaps someone needs to die on the field in real-time before rugby officials sit up and take notice.

Planet DebianWilliam (Bill) Blough: Free Software Activities (August 2019)


Debian

  • Fixed bug 933422: passwordsafe — Switch to using wxgtk3

    Versions:

    • unstable/testing: 1.06+dfsg-3
  • Upgraded passwordsafe package to latest upstream version (1.08.2)

    Versions:

    • unstable/testing: 1.08.2+dfsg-1
    • buster-backports: 1.08.2+dfsg-1~bpo10+1
  • Updated python-django-cas-client to latest upstream version (1.5.1) and did some miscellaneous cleanup/maintenance of the packaging.

    Versions:

    • unstable/testing: 1.5.1-1
  • Discovered an issue with sbuild where the .changes file output by the build was different from the .changes file passed to lintian. This meant that the lintian results were sometimes different when lintian was run via sbuild vs when it was run manually. Patch submitted.

  • Provided a patch for NuSOAP to update deprecated class constructors.

  • Submitted a merge request to update the ftp-master website and replace a reference to Buster as testing with Bullseye.

Axis2-C

  • Fixed bug AXIS2C-1619: CVE-2012-6107: SSL/TLS Hostname validation

    Commits:

    • r1866225 - Perform SSL hostname validation
    • r1866245 - Add SSL host validation check to X509_V_OK code path

CryptogramA Feminist Take on Information Privacy

Maria Farrell has a really interesting framing of information/device privacy:

What our smartphones and relationship abusers share is that they both exert power over us in a world shaped to tip the balance in their favour, and they both work really, really hard to obscure this fact and keep us confused and blaming ourselves. Here are some of the ways our unequal relationship with our smartphones is like an abusive relationship:

  • They isolate us from deeper, competing relationships in favour of superficial contact -- 'user engagement' -- that keeps their hold on us strong. Working with social media, they insidiously curate our social lives, manipulating us emotionally with dark patterns to keep us scrolling.

  • They tell us the onus is on us to manage their behavior. It's our job to tiptoe around them and limit their harms. Spending too much time on a literally-designed-to-be-behaviorally-addictive phone? They send company-approved messages about our online time, but ban from their stores the apps that would really cut our use. We just need to use willpower. We just need to be good enough to deserve them.

  • They betray us, leaking data / spreading secrets. What we shared privately with them is suddenly public. Sometimes this destroys lives, but hey, we only have ourselves to blame. They fight nasty and under-handed, and are so, so sorry when they get caught that we're meant to feel bad for them. But they never truly change, and each time we take them back, we grow weaker.

  • They love-bomb us when we try to break away, piling on the free data or device upgrades, making us click through page after page of dark pattern, telling us no one understands us like they do, no one else sees everything we really are, no one else will want us.

  • It's impossible to just cut them off. They've wormed themselves into every part of our lives, making life without them unimaginable. And anyway, the relationship is complicated. There is love in it, or there once was. Surely we can get back to that if we just manage them the way they want us to?

Nope. Our devices are basically gaslighting us. They tell us they work for and care about us, and if we just treat them right then we can learn to trust them. But all the evidence shows the opposite is true.

EDITED TO ADD (9/22) Cindy Cohn echoed a similar sentiment in her essay about John Barlow and his legacy.

Planet DebianColin Watson: Porting Storm to Python 3

We released Storm 0.21 on Friday (the release announcement seems to be stuck in moderation, but you can look at the NEWS file directly). For me, the biggest part of this release was adding Python 3 support.

Storm is a really nice and lightweight ORM (object-relational mapper) for Python, developed by Canonical. We use it for some major products (Launchpad and Landscape are the ones I know of), and it’s also free software and used by some other folks as well. Other popular ORMs for Python include SQLObject, SQLAlchemy and the Django ORM; we use those in various places too depending on the context, but personally I’ve always preferred Storm for the readability of code that uses it and for how easy it is to debug and extend it.

It’s been a problem for a while that Storm only worked with Python 2. It’s one of a handful of major blockers to getting Launchpad running on Python 3, which we definitely want to do; stoq ended up with a local fork of Storm to cope with this; and it was recently removed from Debian for this and other reasons. None of that was great. So, with significant assistance from a large patch contributed by Thiago Bellini, and with patient code review from Simon Poirier and some of my other colleagues, we finally managed to get that sorted out in this release.

In many ways, Storm was in fairly good shape already for a project that hadn’t yet been ported to Python 3: while its internal idea of which strings were bytes and which text required quite a bit of untangling in the way that Python 2 code usually does, its normal class used for text database columns was already Unicode which only accepted text input (unicode in Python 2), so it could have been a lot worse; this also means that applications that use Storm tend to get at least this part right even in Python 2. Aside from the bytes/text thing, many of the required changes were just the usual largely-mechanical ones that anyone who’s done 2-to-3 porting will be familiar with. But there were some areas that required non-trivial thought, and I’d like to talk about some of those here.

Exception types

Concrete database implementations such as psycopg2 raise implementation-specific exception types. The inheritance hierarchy for these is defined by the Python Database API (DB-API), but the actual exception classes aren’t in a common place; rather, you might get an instance of psycopg2.errors.IntegrityError when using PostgreSQL but an instance of sqlite3.IntegrityError when using SQLite. To make things easier for applications that don’t have a strict requirement for a particular database backend, Storm arranged to inject its own virtual exception types as additional base classes of these concrete exceptions by patching their __bases__ attribute, so for example, you could import IntegrityError from storm.exceptions and catch that rather than having to catch each backend-specific possibility.

Although this was always a bit of a cheat, it worked well in practice for a while, but the first sign of trouble even before porting to Python 3 was with psycopg2 2.5. This release started implementing its DB-API exception types in a C extension, which meant that it was no longer possible to patch __bases__. To get around that, a few years ago I landed a patch to Storm to use abc.ABCMeta.register instead to register the DB-API exceptions as virtual subclasses of Storm’s exceptions, which solved the problem for Python 2. However, even at the time I landed that, I knew that it would be a porting obstacle due to Python issue 12029; Django ran into that as well.

In the end, I opted to refactor how Storm handles exceptions: it now wraps cursor and connection objects in such a way as to catch DB-API exceptions raised by their methods and properties and re-raise them using wrapper exception types that inherit from both the appropriate subclass of StormError and the original DB-API exception type, and with some care I even managed to avoid this being painfully repetitive. Out-of-tree database backends will need to make some minor adjustments (removing install_exceptions, adding an _exception_module property to their Database subclass, adjusting the raw_connect method of their Database subclass to do exception wrapping, and possibly implementing _make_combined_exception_type and/or _wrap_exception if they need to add extra attributes to the wrapper exceptions). Applications that follow the usual Storm idiom of catching StormError or any of its subclasses should continue to work without needing any changes.

SQLObject compatibility

Storm includes some API compatibility with SQLObject; this was from before my time, but I believe it was mainly because Launchpad and possibly Landscape previously used SQLObject and this made the port to Storm very much easier. It still works fine for the parts of Launchpad that haven’t been ported to Storm, but I wouldn’t be surprised if there were newer features of SQLObject that it doesn’t support.

The main question here was what to do with StringCol and its associated AutoUnicodeVariable. I opted to make these explicitly only accept text on Python 3, since the main reason for them to accept bytes was to allow using them with Python 2 native strings (i.e. str), and on Python 3 str is already text so there’s much less need for the porting affordance in that case.

Since releasing 0.21 I realised that the StringCol implementation in SQLObject itself in fact accepts both bytes and text even on Python 3, so it’s possible that we’ll need to change this in the future, although we haven’t yet found any real code using Storm’s SQLObject compatibility layer that might rely on this. Still, it’s much easier for Storm to start out on the stricter side and perhaps become more lenient than it is to go the other way round.

inspect.getargspec

Storm had some fairly complicated use of inspect.getargspec on Python 2 as part of its test mocking arrangements. This didn’t work in Python 3 due to some subtleties relating to bound methods. I switched to the modern inspect.signature API in Python 3 to fix this, which in any case is rather simpler with the exception of a wrinkle in how method descriptors work.

(It’s possible that these mocking arrangements could be simplified nowadays by using some more off-the-shelf mocking library; I haven’t looked into that in any detail.)

What’s next?

I’m working on getting Storm back into Debian now, which will be with Python 3 support only since Debian is in the process of gradually removing Python 2 module support. Other than that I don’t really have any particular plans for Storm at the moment (although of course I’m not the only person with an interest in it), aside from ideally avoiding leaving six years between releases again. I expect we can go back into bug-fixing mode there for a while.

From the Launchpad side, I’ve recently made progress on one of the other major Python 3 blockers (porting Bazaar code hosting to Breezy, coming soon). There are still some other significant blockers, the largest being migrating to Mailman 3, subvertpy fixes so that we can port code importing to Breezy as well, and porting the lazr.restful stack; but we may soon be able to reach the point where it’s possible to start running interesting subsets of the test suite using Python 3 and categorising the failures, at which point we’ll be able to get a much better idea of how far we still have to go. Porting a project with the best part of a million lines of code and around three hundred dependencies is always going to take a while, but I’m happy to be making progress there, both due to Python 2’s impending end of upstream support and so that eventually we can start using new language facilities.

,

Planet DebianJoey Hess: how to detect chef

If you want your program to detect when it's being run by chef, here's one way to do that.

sleep 1 while $ENV{PATH} =~ m#chef[^:]+/bin#;

This works because Chef's shell_out adds Gem.bindir to PATH, which is something like /opt/chefdk/embedded/bin.

You may want to delete the "sleep", which will make it run faster.

Would I or anyone ever really do this? Chef Inc's management seems determined to test the question, don't they.

Cory DoctorowWhy do people believe the Earth is flat?

I have an op-ed in today’s Globe and Mail, “Why do people believe the Earth is flat?” wherein I connect the rise of conspiratorial thinking to the rise in actual conspiracies, in which increasingly concentrated industries are able to come up with collective lobbying positions that result in everything from crashing 737s to toxic baby-bottle liners to the opioid epidemic.

In a world where official processes are understood to be corruptible and thus increasingly unreliable, we don’t just have a difference in what we believe to be true, but in how we believe we know whether something is true or not. Without an official, neutral, legitimate procedure for rooting out truth — the rule of law — we’re left just trusting experts who “sound right to us.”

Big Tech has a role to play here, but it’s not in automated brainwashing through machine learning: rather, it’s in the ability for conspiracy peddlers to find people who are ripe for their version of the truth, and in the ability of converts to find one another and create communities that make them resilient against social pressure to abandon their conspiracies.

Fighting conspiracies, then, is ultimately about fighting the corruption that makes them plausible — not merely correcting the beliefs of people who have come under their sway.

They say that ad-driven companies such as Google and Facebook threw so much R&D at using data-mining to persuade people to buy refrigerators, subprime loans and fidget-spinners that they accidentally figured out how to rob us of our free will. These systems put our online history through a battery of psychological tests, automatically pick an approach that will convince us, then bombard us with an increasingly extreme, increasingly tailored series of pitches until we’re convinced that creeping sharia and George Soros are coming for our children.

This belief is rooted in a deep and completely justified mistrust of the Big Tech companies, which have proven themselves liars time and again on matters of taxation, labour policy, complicity in state surveillance and oppression, and privacy practices.

But this well-founded skepticism is switched off when it comes to evaluating Big Tech’s self-serving claims about the efficacy of its products. Exhibit A for the Mind-Control Ray theory of conspiratorial thinking is the companies’ own sales literature, wherein they boast to potential customers about the devastating impact of their products, which, they say, are every bit as terrific as the critics fear they are.

Why do people believe the Earth is flat? [Cory Doctorow/The Globe and Mail]

LongNowHow to Practice Long-term Thinking in a Distracted World

WIRED’s Editor-in-Chief Nicholas Thompson recently interviewed Bina Venkataraman about her new book, The Optimist’s Telescope: Thinking Ahead in a Reckless Age. Venkataraman’s book focuses on the need for more long-term thinking in the world, and explores issues that have long been a focus for us at Long Now, including the nuclear waste storage problem (discussed in the interview).

Nicholas Thompson: So what I want to do in this conversation with Bina is start out with some personal stuff, move to some organizational stuff, and then try to get to some complicated stuff. So let’s begin with the personal: Why did you write this?

Bina Venkataraman: Well, there’s two answers to that question. The first is that I think we are part of a generation of humanity who have never faced higher stakes for thinking ahead. We’re living longer than our grandparents or their grandparents, and we’re going to need to think about our own futures and how we plan for them. If you look at problems like climate change, our knowledge of how we impact the future is far greater than previous generations of humanity. But we are in a culture that’s encouraging instant gratification. And so I started to wonder: Is it actually possible to think ahead?

The personal part of the answer is that I was working in the White House, and part of my job was to meet with executives of major corporations—like food corporations, for example—and talk about the threat of drought and heat waves to their supply chain. So how farms are going to be affected, the potential for crop failure and a warming climate. One time I sat across from an executive, and he looked at me and said, “You know, I really care about this problem. I have children. I have grandchildren, but I just can’t think ahead. You know, my board and my shareholders have me focused on the quarter. I just can’t think ahead.”

,

Planet DebianDirk Eddelbuettel: digest 0.6.21

A new version of digest is just now arriving at CRAN (following a slight holdup over one likely spurious reverse dependency error), and I will send an updated package to Debian shortly as well.

digest creates hash digests of arbitrary R objects (using the md5, sha-1, sha-256, sha-512, crc32, xxhash32, xxhash64, murmur32, and spookyhash algorithms) permitting easy comparison of R language objects. It is a fairly widely-used package (currently listed at 795k downloads) as many tasks may involve caching of objects for which it provides convenient general-purpose hash key generation.

Every now and then open source work really surprises you. Out of nowhere arrived a very fine pull request by Matthew de Queljoe which adds a very clever function getVDigest() supplying a (much faster) vectorized wrapper for digest creation. We illustrate this in a quick demo vectorized.R that is included too. So if you call digest() in bulk, this will most likely be rather helpful to you. Matthew even did further cleanups and refactorings but we are saving that for a subsequent pull request or two.

CRANberries provides the usual summary of changes to the previous version.

For questions or comments use the issue tracker off the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Planet DebianBen Hutchings: Linux Plumbers Conference 2019, part 2

Here's the second chunk of notes I took at Linux Plumbers Conference earlier this month. Part 1 covered the Distribution kernels track.

Kernel Debugging Tools BoF

Moderators: George Wilson and Serapheim Dimitropoulos from Delphix; Omar Sandoval from Facebook

Details: https://linuxplumbersconf.org/event/4/contributions/539/

Problem: ability to easily anlyse failures in production (live system) or post-mortem (crash dump).

Debuggers need to:

  • Get consistent stack traces
  • Traverse and pretty-print memory structures
  • Easily introduce, extend. combine commands

Most people present use crash; one mentioned crash-python (aka pycrash) and one uses kgdb.

Pain points:

  • Tools not keeping up with kernel changes
  • Poor scripting support in crash

crash-python is a Python layer on top of a gdb fork. Uses libkdumpfile to decode compressed crash-dumps.

drgn (aka Dragon) is a debugger-as-a-library. Excels in introspectiion of live systems and crash-dumps, and covers both kernel and user-space. It can be extended through Python. As a library it can be imported and used from the Python REPL.

sdb is Deplhix's front-end to drgn, providing a more shell-like interactive interface. Example of syntax:

> modules | filter obj.refcnt.counter > 10 | member name

Currently it doesn't always have good type information for memory. A raw virtual address can be typed using the "cast" command in a pipeline. Hoping that BTF will allow doing better.

Allows defining pretty-print functions, though it appears these have to be explciitly invoked.

Answering tough questions:

  • Can I see any stacks with a specific function in? (bpftrace can do that on a live system, but there's no similar facility for crash dumps.)
  • What I/O is currently being issued?
  • Which files are currently being written?

Some discussion around the fact that drgn has a lot of code that's dependent on kernel version, as internal structures change. How can it be kept in sync with the kernel? Could some of that code be moved into the kernel tree?

Omar (I think) said that his approach was to make drgn support multiple versions of structure definitions.

Q: How does this scale to the many different kernel branches that are used in different distributions and different hardware platforms?

A: drgn will pick up BTF structure definitions. When BTF is available the code only needs to handle addition/removal of members it accesses.

Brendan Gregg made a plea to distro maintainers to enable BTF. (CONFIG_DEBUG_INFO_BTF).

Wayland BoF

Moderator: Hans de Goede of Red Hat

Details: https://linuxplumbersconf.org/event/4/contributions/533/

Pain points and missing pieces with Wayland, or specifically GNOME Shell:

  • GNOME Shell is slower
  • Synergy doesn't work(?) - needs to be in the compositor
  • With Nvidia proprietary driver, mutter and native Wayland clients get GPU acceleration but X clients don't
  • No equivalent to ssh -X. Pipewire goes some way to the solution. The whole desktop can be remoted over RDP which can be tunnelled over SSH.
  • No remote login protocol like XDMCP
  • No Xvfb equivalent
  • Various X utilities that grab hot-keys don't have equivalents for Wayland
  • Not sure if all X's video acceleration features are implemented. Colour format conversion and hardware scaling are implemented.
  • Pointer movement becomes sluggish after a while (maybe related to GC in GNOME Shell?)
  • Performance, in general. GNOME Shell currently has to work as both a Wayland server and an X compositor, which limits the ability to optimise for Wayland.

IoT from the point of view of view of a generic and enterprise distribution

Speaker: Peter Robinson of Red Hat

Details: https://linuxplumbersconf.org/event/4/contributions/439/

The good

Can now use u-boot with UEFI support on most Arm hardware. Much easier to use a common kernel on multiple hardware platforms, and UEFI boot can be assumed.

The bad

"Enterprise" and "industrial" IoT is not a Raspberry Pi. Problems result from a lot of user-space assuming the world is an RPi.

Is bluez still maintained? No user-space releases for 15 months! Upstream not convinced this is a problem, but distributions now out of synch as they have to choose between last release and arbitrary git snapshot.

Wi-fi and Bluetooth firmware fixes (including security fixes) missing from linux-firmware.git. RPi Foundation has improved Bluetooth firmware for the chip they use but no-one else can redistribute it.

Lots of user-space uses /sys/class/gpio, which is now deprecated and can be disabled in kconfig. libgpiod would abstract this, but has poor documentation. Most other GPIO libraries don't work with new GPIO UAPI.

Similar issues with IIO - a lot of user-space doesn't use it but uses user-space drivers banging GPIOs etc. libiio exists but again has poor documentation.

For some drivers, even newly added drivers, the firmware has not been added to linux-firmware.git. Isn't there a policy that it should be? It seems to be an unwritten rule at present.

Toolchain track

Etherpad: https://etherpad.net/p/LPC2019_TC/timeslider#5767

Security feature parity between GCC and Clang

Speaker: Kees Cook of Google

Details: https://linuxplumbersconf.org/event/4/contributions/398/

LWN article: https://lwn.net/Articles/798913/

Analyzing changes to the binary interface exposed by the Kernel to its modules

Speaker: Dodji Seketeli of Red Hat

Details: https://linuxplumbersconf.org/event/4/contributions/399/

Wrapping system calls in glibc

Speakers: Maciej Rozycki of WDC

Details: https://linuxplumbersconf.org/event/4/contributions/397/

LWN article: https://lwn.net/Articles/799331/

CryptogramFriday Squid Blogging: Piglet Squid

Another piglet squid video.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Planet DebianBernhard R. Link: Firefox 69 dropped support for

With version 69, firefox removed the support for the <keygen> feature to easily deploy TLS client certificates.
It's kind of sad how used I've become to firefox giving me less and less reasons to use it...

CryptogramNew Biometrics

This article discusses new types of biometrics under development, including gait, scent, heartbeat, microbiome, and butt shape (no, really).

Worse Than FailureError'd: Full Stack Languages...and BEYOND!

"When travelling to outer space, don't forget your...Javascript code?" writes Rob S.

 

Pascal wrote, "If you ask me, I think Dr. Phil needs to hire a captioner that doens't have a stutter."

 

Tore F. writes, "If the Lenovo System Update tool was coded to expect an unexpected exception, does that mean that it was, in fact, actually expected?"

 

"Note to self: Never set the A/C to its lowest limit, or at least have a toilet and TP handy," writes Peter G.

 

"No matter how hard you try, Yodal, 82 - (-7) does not equal 22," Chris E. wrote.

 

Jiri G. writes, "100% service availability? Nah, you don't need that. Close enough is good enough."

 

[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!

,

CryptogramRevisiting Software Vulnerabilities in the Boeing 787

I previously blogged about a Black Hat talk that disclosed security vulnerabilities in the Boeing 787 software. Ben Rothke concludes that the vulnerabilities are real, but not practical.

Worse Than FailureRedesign By Committee

Sample web form

Carl was excited to join his first "real" company and immerse himself in the World of Business. The fresh-faced IT Analyst was immediately assigned to a "cross-strata implementation team" tasked with redesigning the RMA form completed by customers when they returned goods. The current form had been flagged for various weaknesses and omissions.

The project's kickoff meeting ran for three hours, with twelve team members in attendance representing departments throughout the company. By the end of the meeting, the problem had been defined, and everyone had homework: to report to the next team meeting with their own interpretations of what the new form should look like.

Each team member dutifully came back with at least one version of the form each. The next meeting consisted of Norman, the QA Manager, critiquing each prospective form as it was presented to the group. Without fail, he'd shake his head with a furrowed brow, muttering "No, no ..."

This proceeded, form after form, until Terry, an Accounts Junior, presented his version. When Norman expressed displeasure, Terry dared to ask, "Well? What's wrong with it?"

Norman gestured to the list of required criteria in his hands. "You've missed this piece of information, and that's probably the most important item we need to capture."

Terry frowned. "But, Norman, your form doesn't have that information on it, either."

Upon looking down at his own form, Norman realized Terry was correct. He rallied to save his dignity. "Ah, yes, but, you see, I know that it's missing."

Stupefied, Terry backed down.

Carl cycled through bafflement, boredom, and agony of the soul as the meeting dragged on. At one point, Finance Manager Kevin picked up yet another version of the form and asked, "What about this one, then?"

Jason the Ops Manager skimmed through it, ticking off items against the list of criteria. "Yup, yup, yup, yup ... yes, this is it! I think we've cracked it!" he exclaimed.

Norman peered at the form in Jason's hands. "That's the form we're currently using." The very form they needed to replace.

Hours upon hours of combined effort had thus far resulted in no progress whatsoever. Carl glanced at the conference room's wall clock with its stubbornly slow hands, wondering if a camera hidden behind it were recording his reaction for a YouTube prank channel. But, no. He was simply immersed in the World of Business.

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!

,

Krebs on SecurityBefore He Spammed You, this Sly Prince Stalked Your Mailbox

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything.

In truth these old fashioned “advance fee” or “419” scams predate email and have circulated via postal mail in various forms and countries over the years.

The recent one pictured below asks for help in laundering some $11.6 million from an important dead person that anyway has access to a secret stash of cash. Any suckers who bite are strung along for weeks while imaginary extortionists or crooked employees at these bureaucratic institutions demand licenses, bribes or other payments before disbursing any funds. Those funds never arrive, no matter how much money the sucker gives up.

This type of “advance fee” or “419” scam letter is common in spam, probably less so via USPS.

It’s easy to laugh at this letter, because it’s sometimes funny when scammers try so hard. But then again, maybe the joke’s on us because sending these scams via USPS makes them even more appealing to the people most vulnerable: Older individuals with access to cash but maybe not all their marbles. 

Sure, the lure costs $.55 up front. But a handful of successful responses to thousands of mailers could net fortunes for these guys phishing it old school.

The losses from these types of scams are sometimes hard to track because so many go unreported. But they are often perpetrated by the same people involved in romance scams online and in so-called ‘business email compromise” or BEC fraud, wherein the scammers try to spoof the boss at a major company in a bid to get wire payment for an “urgent” (read: fraudulent) invoice.

These scam letters are sometimes called 419 scams in reference to the penal code for dealing with such crimes in Nigeria, a perennial source of 419 letter schemes. A recent bust of a Nigerian gang targeted by the FBI gives some perspective on the money-making abilities of a $10 million ring that was running these scams all day long.

Reportedly, in the first seven months of 2019 alone the FBI received nearly 14,000 complaints reporting BEC scams with a total loss of around $1.1 billion—a figure that nearly matches losses reported for all of 2018.

CryptogramCracking Forgotten Passwords

Expandpass is a string expansion program. It's "useful for cracking passwords you kinda-remember." You tell the program what you remember about the password and it tries related passwords.

I learned about it in this article about Phil Dougherty, who helps people recover lost cryptocurrency passwords (mostly Ethereum) for a cut of the recovered value.

Worse Than FailureCodeSOD: You Can Take Care

Tiberrias sends us some code that, on its face, without any context, doesn’t look bad.

var conditionId = _monitorConditionManagement.GetActiveConditionCountByClient(clientIdentityNumber);

_monitorConditionManagement.StopCondition(conditionId);

The purpose of this code is to lookup a condition ID for a client, and then clear that condition from a client by StopConditioning that ID. Which, if you read the code closely, the problem becomes obvious: GetActiveConditionCountByClient. Count. This doesn’t return a condition ID, it returns the count of the number of active conditions. So, this is a stupid, simple mistake, an easy error to make, and an easy error to catch- this code simply doesn’t work, so what’s the WTF?

This code was written by a developer who either made a simple mistake or just didn’t care. But then it went through code review- and the code reviewer either missed it, or just didn’t care. It’s okay, though, because there are unit tests. There’s a rich, robust unit test suite. But in this case, the GetActiveConditionCountByClient and the StopCondition methods are just mocks, and the person who wrote the unit test didn’t check to see that the mocks were called as expected, because they just didn’t care.

Still, there’s an entire QA team between this code and production, and since this code definitely can’t work, they’re going to catch the bug, right? They might- if they cared. But this code passed QA, and got released into production.

The users might notice, but the StopCondition method is so nice that, if given an invalid ID, it just logs the error and trucks on. The users think their action worked. But hey, there’s a log file, right? There’s an operations team which monitors the logs and should notice a lot of errors suddenly appearing. They just would have to care, which guess what…

This bug only got discovered and fixed because Tiberrias noticed it while scrolling through the class to fix an entirely unrelated bug.

“You really shouldn’t fix two unrelated bugs in the same commit,” the code reviewer said when Tiberrias submitted it.

There was only one way to reply. “I don’t care.”

[Advertisement] ProGet supports your applications, Docker containers, and third-party packages, allowing you to enforce quality standards across all components. Download and see how!

,

Krebs on SecurityMan Who Hired Deadly Swatting Gets 15 Months

An Ohio teen who recruited a convicted serial “swatter” to fake a distress call that ended in the police shooting an innocent Kansas man in 2017 has been sentenced to 15 months in prison.

Image: FBI.gov

“Swatting” is a dangerous hoax that involves making false claims to emergency responders about phony hostage situations or bomb threats, with the intention of prompting a heavily-armed police response to the location of the claimed incident.

The tragic swatting hoax that unfolded on the night of Dec. 28, 2017 began with a dispute over a $1.50 wager in an online game “Call of Duty” between Shane M. Gaskill, a 19-year-old Wichita, Kansas resident, and Casey S. Viner, 18, from the Cincinnati, OH area.

Viner wanted to get back at Gaskill in grudge over the Call of Duty match, and so enlisted the help of another man — Tyler R. Barriss — a serial swatter in California known by the alias “SWAuTistic” who’d bragged of swatting hundreds of schools and dozens of private residences.

Chat transcripts presented by prosecutors showed Viner and Barriss both saying if Gaskill isn’t scared of getting swatted, he should give up his home address. But the address that Gaskill gave Viner to pass on to Barriss no longer belonged to him and was occupied by a new tenant.

Barriss’s fatal call to 911 emergency operators in Wichita was relayed from a local, non-emergency line. Barriss falsely claimed he was at the address provided by Viner, that he’d just shot his father in the head, was holding his mom and sister at gunpoint, and was thinking about burning down the home with everyone inside.

Wichita police quickly responded to the fake hostage report and surrounded the address given by Gaskill. Seconds later, 28-year-old Andrew Finch exited his mom’s home and was killed by a single shot from a Wichita police officer. Finch, a father of two, had no party to the gamers’ dispute and was simply in the wrong place at the wrong time.

“Swatting is not a prank, and it is no way to resolve disputes among gamers,” U.S. Attorney Stephen McAllister, said in a press statement. “Once again, I call upon gamers to self-police their community to ensure that the practice of swatting is ended once and for all.”

In chat records presented by prosecutors, Viner admitted to his role in the deadly swatting attack:

Defendant VINER: I literally said you’re gonna be swatted, and the guy who swatted him can easily say I convinced him or something when I said hey can you swat this guy and then gave him the address and he said yes and then said he’d do it for free because I said he doesn’t think anything will happen
Defendant VINER: How can I not worry when I googled what happens when you’re involved and it said a eu [sic] kid and a US person got 20 years in prison min
Defendant VINER: And he didn’t even give his address he gave a false address apparently
J.D.: You didn’t call the hoax in…
Defendant VINER: Does t [sic] even matter ?????? I was involved I asked him to do it in the first place
Defendant VINER: I gave him the address to do it, but then again so did the other guy he gave him the address to do it as well and said do it pull up etc

Barriss was sentenced earlier this year to 20 years in federal prison for his role in the fatal swatting attack.

Barriss also pleaded guilty to making hoax bomb threats in phone calls to the headquarters of the FBI and the Federal Communications Commission in Washington, D.C. In addition, he made bomb threat and swatting calls from Los Angeles to emergency numbers in Ohio, New Hampshire, Nevada, Massachusetts, Illinois, Utah, Virginia, Texas, Arizona, Missouri, Maine, Pennsylvania, New Mexico, New York, Michigan, Florida and Canada.

Prosecutors for the county that encompasses Wichita decided in April 2018 that the officer who fired the shot that killed Andrew Finch would not face charges, and would not be named because he wasn’t being charged with a crime.

Viner was sentenced after pleading guilty to one count each of conspiracy and obstructing justice, the US attorney’s office for Kansas said. CNN reports that Gaskill has been placed on deferred prosecution.

Viner’s obstruction charge stems from attempts to erase records of his communications with Barriss and the Wichita gamer, McAllister’s office said. In addition to his prison sentence, Viner was ordered to pay $2,500 in restitution and serve two years of supervised release.

Worse Than FailureA Learning Experience

Jakob M. had the great pleasure of working as a System Administrator in a German school district. At times it was rewarding work. Most of the time it involved replacing keyboard keys mischievous children stole and scraping gum off of monitor screens. It wasn't always the students that gave him trouble though.

Frau Fritzenberger was a cranky old math teacher at a Hauptschule near Frankfurt. Jakob regularly had to answer support calls she made for completely frivolous things. Having been teaching since before computers were a thing, she put up a fight for every new technology or program Jakob's department wanted to implement.

Over the previous summer, a web-based grading system called NotenWertung was rolled out across the district's network. It would allow teachers to grade homework and post the scores online. They could work from anywhere, with any computer. There was even a limited mobile application. Students and parents could then get a notification and see them instantly. Frau Fritzenberger was predictably not impressed.

She threw a fit on the first day of school and Jakob was dispatched to defuse it. "Why do we need computers for grading?!" she screeched at Jakob. "Paper works just fine like it has for decades! How else can I use blood red pen to shame them for everything they get wrong!"

"I understand your concern, Frau Fritzenberger," Jakob replied while making a 'calm down' gesture with his arms. "But we can't have you submitting grades on paper when the entire rest of the district is using NotenWertung." He had her sit down at the computer and gave her a For Dummies-type walkthrough. "There, it's easier than you think. You can even do this at night from the comfort of your own home," he assured her before getting up to leave.

Just as he was exiting the classroom, he heard her shout, "If you were my student, I would smack you with my ruler!" Jakob brushed it off and left to answer a call about paper clips jammed in a PC fan.

The next morning, Jakob got a rare direct call on his desk phone. It was Frau and she was in a rage. All he could make out between strings of aged German cuss words was "computer is broken!" He hung up and prepared to head to Frau's Hauptschule.

Jakob expected to find that Frau didn't have a network connection, misplaced the shortcut to her browser, didn't realize the monitor was off, or something stupid like that. What he found was Frau's computer was literally broken. The LCD screen of her monitor was an elaborate spider web, her keyboard was cracked in half, and the PC tower looked like it had been run over on the Autobahn. Bits of the motherboard dangled outside the case, and the HDD swung from its cable. "Frau Fritzenberger... what in the name of God happened here?!"

"I told you the computer was broken!" Frau shouted while meanly pointing her crooked index finger at Jakob. "You told me I have to do grades on the computer. So I packed it up to take home on my scooter. It was too heavy for me to ride with it on back so I wiped out and it smashed all over the road! This is all your fault!"

Jakob stared on in disbelief at the mangled hunks of metal and plastic. Apparently you can teach an old teacher new tricks but you can't teach her that the same web application can be accessed from any computer.

[Advertisement] ProGet supports your applications, Docker containers, and third-party packages, allowing you to enforce quality standards across all components. Download and see how!

,

LongNowLong Now hosts Anthropocene Film Festival

Phosphorus Mining

Long Now is honored to host the San Francisco premiere of ANTHROPOCENE: The Human Epoch on Sunday, September 29, 02019 at 1:30pm at the historic Castro Theatre. This special Sunday afternoon Seminar will feature the film screening, followed by a Q&A with Stewart Brand and all 3 filmmakers.

A cinematic meditation on humanity’s massive reengineering of the planet, ANTHROPOCENE: The Human Epoch is a documentary film from Jennifer Baichwal, Nicholas de Pencier and Edward Burtynsky. The film follows the research of an international body of scientists, the Anthropocene Working Group, who after nearly 10 years of research, are arguing that the Holocene Epoch gave way to the Anthropocene Epoch in the mid-twentieth century, because of profound and lasting human changes to the Earth.

ANTHROPOCENE is the third and final full-length documentary film of the The Anthropocene Project, a multidisciplinary body of work combining fine art photography, film, virtual reality, augmented reality, scientific research and educational programs, seeks to investigate human influence on the state, dynamic, and future of the Earth.

Watermark and Manufactured Landscapes, the other 2 films in this Anthropocene trilogy, will show the same day at 5:30pm and 9:00pm at the Castro Theater, with separate tickets required for each screening. Tickets to see the 2 additional films need to be purchased in person at the theater box office (open from noon to 9:30pm) on the day of the event.

Tickets to the premiere of ANTHROPOCENE may be purchased here.

CryptogramAnother Side Channel in Intel Chips

Not that serious, but interesting:

In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to a CPU's last-level cache, rather than following the standard (and significantly longer) path through the server's main memory. By avoiding system memory, Intel's DDIO­short for Data-Direct I/O­increased input/output bandwidth and reduced latency and power consumption.

Now, researchers are warning that, in certain scenarios, attackers can abuse DDIO to obtain keystrokes and possibly other types of sensitive data that flow through the memory of vulnerable servers. The most serious form of attack can take place in data centers and cloud environments that have both DDIO and remote direct memory access enabled to allow servers to exchange data. A server leased by a malicious hacker could abuse the vulnerability to attack other customers. To prove their point, the researchers devised an attack that allows a server to steal keystrokes typed into the protected SSH (or secure shell session) established between another server and an application server.

Worse Than FailureCodeSOD: Should I Do this? Depends.

One of the key differences between a true WTF and an ugly hack is a degree of self-awareness. It's not a WTF if you know it's a WTF. If you've been doing this job for a non-zero amount of time, you have had a moment where you have a solution, and you know it's wrong, you know you shouldn't do this, but by the gods, it works and you've got more important stuff to worry about right now, so you just do it.

An anonymous submitter committed a sin, and has reached out to us for absolution.

This is a case of "DevOps" hackery. They have one server with no Internet- one remote server with no Internet. Deploying software to a server you can't access physically or through the Internet is a challenge. They have a solution involving hopping through some other servers and bridging the network that lets them get the .deb package files within reach of the destination server.

But that introduces a new problem: these packages have complex dependency chains and unless they're installed in the right order, it won't work. The correct solution would be to install a local package repository on the destination server, and let apt worry about resolving those dependencies.

And in the long run, that's what our anonymous submitter promises to do. But they found themselves in a situation where they had more important things to worry about, and just needed to do it.

#!/bin/bash count=0 for f in ./*.deb do echo "Attempt $count" for file in ./*.deb do echo "Installing $file" sudo dpkg -i $file done (( count++ )) done

This is a solution to dependency management which operates on O(N^2): we install each package once for the total number of packages in the folder. It's the brutest of force solutions, and no matter what our dependency chain looks like, by sheer process of elimination, this will eventually get every package installed. Eventually.

[Advertisement] Ensure your software is built only once and then deployed consistently across environments, by packaging your applications and components. Learn how today!

,

CryptogramUpcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak:

The list is maintained on this page.

,

CryptogramFriday Squid Blogging: How Scientists Captured the Giant Squid Video

In June, I blogged about a video of a live juvenile giant squid. Here's how that video was captured.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

CryptogramWhen Biology Becomes Software

All of life is based on the coordinated action of genetic parts (genes and their controlling sequences) found in the genomes (the complete DNA sequence) of organisms.

Genes and genomes are based on code-- just like the digital language of computers. But instead of zeros and ones, four DNA letters --- A, C, T, G -- encode all of life. (Life is messy, and there are actually all sorts of edge cases, but ignore that for now.) If you have the sequence that encodes an organism, in theory, you could recreate it. If you can write new working code, you can alter an existing organism or create a novel one.

If this sounds to you a lot like software coding, you're right. As synthetic biology looks more like computer technology, the risks of the latter become the risks of the former. Code is code, but because we're dealing with molecules -- and sometimes actual forms of life -- the risks can be much greater.

Imagine a biological engineer trying to increase the expression of a gene that maintains normal gene function in blood cells. Even though it's a relatively simple operation by today's standards, it'll almost certainly take multiple tries to get it right. Were this computer code, the only damage those failed tries would do is to crash the computer they're running on. With a biological system, the code could instead increase the likelihood of multiple types of leukemias and wipe out cells important to the patient's immune system.

We have known the mechanics of DNA for some 60 plus years. The field of modern biotechnology began in 1972 when Paul Berg joined one virus gene to another and produced the first "recombinant" virus. Synthetic biology arose in the early 2000s when biologists adopted the mindset of engineers; instead of moving single genes around, they designed complex genetic circuits.

In 2010 Craig Venter and his colleagues recreated the genome of a simple bacterium. More recently, researchers at the Medical Research Council Laboratory of Molecular Biology in Britain created a new, more streamlined version of E. coli. In both cases the researchers created what could arguably be called new forms of life.

This is the new bioengineering, and it will only get more powerful. Today you can write DNA code in the same way a computer programmer writes computer code. Then you can use a DNA synthesizer or order DNA from a commercial vendor, and then use precision editing tools such as CRISPR to "run" it in an already existing organism, from a virus to a wheat plant to a person.

In the future, it may be possible to build an entire complex organism such as a dog or cat, or recreate an extinct mammoth (currently underway). Today, biotech companies are developing new gene therapies, and international consortia are addressing the feasibility and ethics of making changes to human genomes that could be passed down to succeeding generations.

Within the biological science community, urgent conversations are occurring about "cyberbiosecurity," an admittedly contested term which exists between biological and information systems where vulnerabilities in one can affect the other. These can include the security of DNA databanks, the fidelity of transmission of those data, and information hazards associated with specific DNA sequences that could encode novel pathogens for which no cures exist.

These risks have occupied not only learned bodies -- the National Academies of Sciences, Engineering, and Medicine published at least a half dozen reports on biosecurity risks and how to address them proactively -- but have made it to mainstream media: genome editing was a major plot element in Netflix's Season 3 of "Designated Survivor."

Our worries are more prosaic. As synthetic biology "programming" reaches the complexity of traditional computer programming, the risks of computer systems will transfer to biological systems. The difference is that biological systems have the potential to cause much greater, and far more lasting, damage than computer systems.

Programmers write software through trial and error. Because computer systems are so complex and there is no real theory of software, programmers repeatedly test the code they write until it works properly. This makes sense, because both the cost of getting it wrong and the ease of trying again is so low. There are even jokes about this: a programmer would diagnose a car crash by putting another car in the same situation and seeing if it happens again.

Even finished code still has problems. Again due to the complexity of modern software systems, "works properly" doesn't mean that it's perfectly correct. Modern software is full of bugs -- thousands of software flaws -- that occasionally affect performance or security. That's why any piece of software you use is regularly updated; the developers are still fixing bugs, even after the software is released.

Bioengineering will be largely the same: writing biological code will have these same reliability properties. Unfortunately, the software solution of making lots of mistakes and fixing them as you go doesn't work in biology.

In nature, a similar type of trial and error is handled by "the survival of the fittest" and occurs slowly over many generations. But human-generated code from scratch doesn't have that kind of correction mechanism. Inadvertent or intentional release of these newly coded "programs" may result in pathogens of expanded host range (just think swine flu) or organisms that wreck delicate ecological balances.

Unlike computer software, there's no way so far to "patch" biological systems once released to the wild, although researchers are trying to develop one. Nor are there ways to "patch" the humans (or animals or crops) susceptible to such agents. Stringent biocontainment helps, but no containment system provides zero risk.

Opportunities for mischief and malfeasance often occur when expertise is siloed, fields intersect only at the margins, and when the gathered knowledge of small, expert groups doesn't make its way into the larger body of practitioners who have important contributions to make.

Good starts have been made by biologists, security agencies, and governance experts. But these efforts have tended to be siloed, in either the biological and digital spheres of influence, classified and solely within the military, or exchanged only among a very small set of investigators.

What we need is more opportunities for integration between the two disciplines. We need to share information and experiences, classified and unclassified. We have tools among our digital and biological communities to identify and mitigate biological risks, and those to write and deploy secure computer systems.

Those opportunities will not occur without effort or financial support. Let's find those resources, public, private, philanthropic, or any combination. And then let's use those resources to set up some novel opportunities for digital geeks and bionerds -- as well as ethicists and policymakers -- to share experiences, concerns, and come up with creative, constructive solutions to these problems that are more than just patches.

These are overarching problems; let's not let siloed thinking or funding get in the way of breaking down barriers between communities. And let's not let technology of any kind get in the way of the public good.

This essay previously appeared on CNN.com.

CryptogramSmart Watches and Cheating on Tests

The Independent Commission on Examination Malpractice in the UK has recommended that all watches be banned from exam rooms, basically because it's becoming very difficult to tell regular watches from smart watches.

Worse Than FailureError'd: Many Languages, One WTF

"It's as if IntelliJ IDEA just gave up trying to parse my code," writes John F.

Henry D. writes, "If you have a phone in English but have it configured to recognize two different languages, simple requests sometimes morph into the weirdest things."

 

 

Carl C. wrote, "Maybe Best Buy's page is referring to a store near Nulltown, Indiana, but really, I think their site is on drugs."

 

"Yeah, Thanks Cisco, but I'm not sure I really want to learn more," writes Matt P.

 

"Ebay is alerting me to something. No idea what it is, but I can tell you what they named their variables," Lincoln K. wrote.

 

"Not quite sure what secrets the Inner Circle holds, I guess knowing Latin?" writes Matt S.

 

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!

,

LongNowShort film of Comet 67P made from 400,000 Rosetta images is released

On August 6, 02014, the European Space Agency’s Rosetta probe successfully reached Comet 67P. In addition to studying the comet, Rosetta was able to place one of Long Now’s Rosetta Disks on its surface via its Philae lander.

In 02017, ESA released over 400,000 images from the Rosetta mission. Now, motion designer Christian Stangl has made a short film out of the images.
The Comet offers a remarkable, beautiful, and haunting look at this alien body from the Kuiper belt. Watch it below:

the Comet from Christian Stangl on Vimeo.

CryptogramFabricated Voice Used in Financial Fraud

This seems to be an identity theft first:

Criminals used artificial intelligence-based software to impersonate a chief executive's voice and demand a fraudulent transfer of €220,000 ($243,000) in March in what cybercrime experts described as an unusual case of artificial intelligence being used in hacking.

Another news article.

CryptogramNotPetya

Wired has a long article on NotPetya.

EDITED TO ADD (9/12): Another good article on NotPetya.

CryptogramDefault Password for GPS Trackers

Many GPS trackers are shipped with the default password 123456. Many users don't change them.

We just need to eliminate default passwords. This is an easy win.

EDITED TO ADD (9/12): A California law bans default passwords starting in 2020.

CryptogramMore on Law Enforcement Backdoor Demands

The Carnegie Endowment for International Peace and Princeton University's Center for Information Technology Policy convened an Encryption Working Group to attempt progress on the "going dark" debate. They have released their report: "Moving the Encryption Policy Conversation Forward.

The main contribution seems to be that attempts to backdoor devices like smartphones shouldn't also backdoor communications systems:

Conclusion: There will be no single approach for requests for lawful access that can be applied to every technology or means of communication. More work is necessary, such as that initiated in this paper, to separate the debate into its component parts, examine risks and benefits in greater granularity, and seek better data to inform the debate. Based on our attempt to do this for one particular area, the working group believes that some forms of access to encrypted information, such as access to data at rest on mobile phones, should be further discussed. If we cannot have a constructive dialogue in that easiest of cases, then there is likely none to be had with respect to any of the other areas. Other forms of access to encrypted information, including encrypted data-in-motion, may not offer an achievable balance of risk vs. benefit, and as such are not worth pursuing and should not be the subject of policy changes, at least for now. We believe that to be productive, any approach must separate the issue into its component parts.

I don't believe that backdoor access to encryption data at rest offers "an achievable balance of risk vs. benefit" either, but I agree that the two aspects should be treated independently.

EDITED TO ADD (9/12): This report does an important job moving the debate forward. It advises that policymakers break the issues into component parts. Instead of talking about restricting all encryption, it separates encrypted data at rest (storage) from encrypted data in motion (communication). It advises that policymakers pick the problems they have some chance of solving, and not demand systems that put everyone in danger. For example: no key escrow, and no use of software updates to break into devices).

Data in motion poses challenges that are not present for data at rest. For example, modern cryptographic protocols for data in motion use a separate "session key"� for each message, unrelated to the private/public key pairs used to initiate communication, to preserve the message's secrecy independent of other messages (consistent with a concept known as "forward secrecy"). While there are potential techniques for recording, escrowing, or otherwise allowing access to these session keys, by their nature, each would break forward secrecy and related concepts and would create a massive target for criminal and foreign intelligence adversaries. Any technical steps to simplify the collection or tracking of session keys, such as linking keys to other keys or storing keys after they are used, would represent a fundamental weakening of all the communications.

These are all big steps forward given who signed on to the report. Not just the usual suspects, but also Jim Baker -- former general counsel of the FBI -- and Chris Inglis: former deputy director of the NSA.

Worse Than FailureCodeSOD: Time to Wait

When dealing with customers- and here, we mean, “off the street” customers- they often want to know “how long am I going to have to wait?” Whether we’re talking about a restaurant, a mechanic, a doctor’s office, or a computer/phone repair shop, knowing (and sharing with our customers) reasonable expectations about how much time they’re about to spend waiting.

Russell F works on an application which facilitates this sort of customer-facing management. It does much more, too, obviously, but one of its lesser features is to estimate how long a customer is about to spend waiting.

This is how that’s calculated:

TimeSpan tsDifference = dtWorkTime - DateTime.Now;
string strEstWaitHM = ((tsDifference.Hours * 60) + tsDifference.Minutes).ToString();
if (Convert.ToInt32(strEstWaitHM) >= 60)
{
	decimal decWrkH = Math.Floor(Convert.ToDecimal(strEstWaitHM) / 60);
	int intH = Convert.ToInt32(decWrkH);
	txtEstWaitHours.Value = Convert.ToString(intH);
	int intM = Convert.ToInt32(strEstWaitHM) - (60 * intH);
	txtEstWaitMinutes.Value = Convert.ToString(intM);
}
else
{
	txtEstWaitHours.Value = "";
	txtEstWaitMinutes.Value = strEstWaitHM;
}

Hungarian Notation is always a great sign of bad code. It really is, and I think that’s because it’s easy to do, easy to enforce as a standard, and provides the most benefit when you have messy variable scoping and keeping track of what type a given variable is might actually be a challenge.

Or, as we see in this case, it’s useful when you’re passing the same data through a method with different types. We calculate the difference between the WorkTime and Now. That’s the last thing in this code which makes sense.

The key goal here is that, if we’re going to be waiting for more than an hour, we want to display both the hours and minutes, but if it’s just minutes, we want to display just that.

We have that TimeSpan object, which as you can see, has a convenient Hours and Minutes property. Instead of using that, though, we convert the hours to minutes, add it together, if the number is more than 60, we know we’ll be waiting for over an hour, so we want to populate the hours box, and the minutes box, so we have to convert back to hours and minutes.

In that context, the fact that we have to convert from strings to numbers and back almost seems logical. Almost. I especially like that they Convert.ToDecimal (to avoid rounding errors) and Math.floor the result (to round off). If only there were some numeric type that never rounded off, and always had an integer value. If only…

[Advertisement] ProGet supports your applications, Docker containers, and third-party packages, allowing you to enforce quality standards across all components. Download and see how!

,

Sociological ImagesNormal Distributions in the Wild

Social scientists rely on the normal distribution all the time. This classic “bell curve” shape is so important because it fits all kinds of patterns in human behavior, from measures of public opinion to scores on standardized tests.

But it can be difficult to teach the normal distribution in social statistics, because at the core it is a theory about patterns we see in the data. If you’re interested in studying people in their social worlds, it can be more helpful to see how the bell curve emerges from real world examples.

One of the best ways to illustrate this is the “Galton Board,” a desk toy that lets you watch the normal distribution emerge from a random drop of ball-bearings. Check out the video below or a slow motion gif here.

The Galton Board is cool, but I’m also always on the lookout for normal distributions “in the wild.” There are places where you can see the distribution in real patterns of social behavior, rather than simulating them in a controlled environment. My absolute favorite example comes from Ed Burmila:

The wear patterns here show exactly what we would expect a normal distribution to tell us about weightlifting. More people use the machine at a middle weight setting for the average strength, and the extreme choices are less common. Not all social behavior follows this pattern, but when we find cases that do, our techniques to analyze that behavior are fairly simple.

Another cool example is grocery shelves. Because stores like to keep popular products together and right in front of your face (the maxim is “eye level is buy level“), they tend to stock in a normally-distributed pattern with popular stuff right in the middle. We don’t necessarily see this in action until there is a big sale or a rush in an emergency. When stores can’t restock in time, you can see a kind of bell curve emerge on the empty shelves. Products that are high up or off to the side are a little less likely to be picked over.

Paul Swansen, Flickr CC

Have you seen normal distributions out in the wild? Send them my way and I might feature them in a future post!

Evan Stewart is an assistant professor of sociology at University of Massachusetts Boston. You can follow him on Twitter.

(View original at https://thesocietypages.org/socimages)

Krebs on SecurityNY Payroll Company Vanishes With $35 Million

MyPayrollHR, a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies. The ongoing debacle, which allegedly involves malfeasance on the part of the payroll company’s CEO, resulted in countless people having money drained from their bank accounts and has left nearly $35 million worth of payroll and tax payments in legal limbo.

Unlike many stories here about cloud service providers being extorted by hackers for ransomware payouts, this snafu appears to have been something of an inside job. Nevertheless, it is a story worth telling, in part because much of the media coverage of this incident so far has been somewhat disjointed, but also because it should serve as a warning to other payroll providers about how quickly and massively things can go wrong when a trusted partner unexpectedly turns rogue.

Clifton Park, NY-based MyPayrollHR — a subsidiary of ValueWise Corp. — disclosed last week in a rather unceremonious message to some 4,000 clients that it would be shutting its virtual doors and that companies which relied upon it to process payroll payments should kindly look elsewhere for such services going forward.

This communique came after employees at companies that depend on MyPayrollHR to receive direct deposits of their bi-weekly payroll payments discovered their bank accounts were instead debited for the amounts they would normally expect to accrue in a given pay period.

To make matters worse, many of those employees found their accounts had been dinged for two payroll periods — a month’s worth of wages — leaving their bank accounts dangerously in the red.

The remainder of this post is a deep-dive into what we know so far about what transpired, and how such an occurrence might be prevented in the future for other payroll processing firms.

A $26 MILLION TEXT FILE

To understand what’s at stake here requires a basic primer on how most of us get paid, which is a surprisingly convoluted process. In a typical scenario, our employer works with at least one third party company to make sure that on every other Friday what we’re owed gets deposited into our bank account.

The company that handled that process for MyPayrollHR is a California firm called Cachet Financial Services. Every other week for more than 12 years, MyPayrollHR has submitted a file to Cachet that told it which employee accounts at which banks should be credited and by how much.

According to interviews with Cachet, the way the process worked ran something like this: MyPayrollHR would send a digital file documenting deposits made by each of these client companies which laid out the amounts owed to each clients’ employees. In turn, those funds from MyPayrollHR client firms then would be deposited into a settlement or holding account maintained by Cachet.

From there, Cachet would take those sums and disburse them into the bank accounts of people whose employers used MyPayrollHR to manage their bi-weekly payroll payments.

But according to Cachet, something odd happened with the instructions file MyPayrollHR submitted on the afternoon of Wednesday, Sept. 4 that had never before transpired: MyPayrollHR requested that all of its clients’ payroll dollars be sent not to Cachet’s holding account but instead to an account at Pioneer Savings Bank that was operated and controlled by MyPayrollHR.

The total amount of this mass payroll deposit was approximately $26 million. Wendy Slavkin, general counsel for Cachet, told KrebsOnSecurity that her client then inquired with Pioneer Savings about the wayward deposit and was told MyPayrollHR’s bank account had been frozen.

Nevertheless, the payroll file submitted by MyPayrollHR instructed financial institutions for its various clients to pull $26 million from Cachet’s holding account — even though the usual deposits from MyPayrollHR’s client banks had not been made.

REVERSING THE REVERSAL

In response, Cachet submitted a request to reverse that transaction. But according to Slavkin, that initial reversal request was improperly formatted, and so Cachet soon after submitted a correctly coded reversal request.

Financial institutions are supposed to ignore or reject payment instructions that don’t comport with precise formatting required by the National Automated Clearinghouse Association (NACHA), the not-for-profit organization that provides the backbone for the electronic movement of money in the United States. But Slavkin said a number of financial institutions ended up processing both reversal requests, meaning a fair number of employees at companies that use MyPayrollHR suddenly saw a month’s worth of payroll payments withdrawn from their bank accounts.

Dan L’Abbe, CEO of the San Francisco-based consultancy Granite Solutions Groupe, said the mix-up has been massively disruptive for his 250 employees.

“This caused a lot of chaos for employers, but employees were the ones really affected,” L’Abbe said. “This is all very unusual because we don’t even have the ability to take money out of our employee accounts.”

Slavkin said Cachet managed to reach the CEO of MyPayrollHR — Michael T. Mann — via phone on the evening of Sept. 4, and that Mann said he would would call back in a few minutes. According to Slavkin, Mann never returned the call. Not long after that, MyPayrollHR told clients that it was going out of business and that they should find someone else to handle their payroll.

In short order, many people hit by one or both payroll reversals took to Twitter and Facebook to vent their anger and bewilderment at Cachet and at MyPayrollHR. But Slavkin said Cachet ultimately decided to cancel the previous payment reversals, leaving Cachet on the hook for $26 million.

“What we have since done is reached out to 100+ receiving banks to have them reject both reversals,” Slavkin said. “So most — if not all — employees affected by this will in the next day or two have all their money back.”

THE VANISHING MANN

Cachet has since been in touch with the FBI and with federal prosecutors in New York, and Slavkin said both are now investigating MyPayrollHR and its CEO. On Monday, New York Governor Andrew Cuomo called on the state’s Department of Financial Services to investigate the company’s “sudden and disturbing shutdown.”

A tweet sent Sept. 11 by the FBI’s Albany field office.

The $26 million hit against Cachet wasn’t the only fraud apparently perpetrated by MyPayrollHR and/or its parent firm: According to Slavkin, the now defunct New York company also stiffed National Payment Corporation (NatPay) — the Florida-based firm which handles tax withholdings for MyPayrollHR clients — to the tune of more than $9 million.

In a statement provided to KrebsOnSecurity, NatPay said it was alerted late last week that the bank accounts of MyPayrollHR and one of its affiliated companies were frozen, and that the notification came after payment files were processed.

“NatPay was provided information that MyPayrollHR and Cloud Payroll may have been the victims of fraud committed by their holding company ValueWise, whose CEO and owner is Michael Mann,” NatPay said. “NatPay immediately put in place steps to manage the orderly process of recovering funds [and] has more than sufficient insurance to cover actions of attempted or real fraud.”

Requests for comment from different executives at both MyPayrollHR and its parent firm ValueWise Corp. went unanswered, and the latter’s Web site is now offline. Several erstwhile MyPayrollHR employees reached via LinkedIn said none of them had seen or heard from Mr. Mann in days.

Meanwhile, Granite Solutions Groupe CEO L’Abbe said some of his employees have seen their bank accounts credited back the money that was taken, while others are still waiting for those reversals to come through.

“It varies widely,” L’Abbe said. “Every bank processes differently, and everyone’s relationship with the bank is different. Others have absolutely no money right now and are having a helluva time with their bank believing this is all the result of fraud. Things are starting to settle down now, but a lot of employees are still in limbo with their bank.”

For its part, Cachet Financial says it will be looking at solutions to better detect when and if instructions from clients for funding its settlement accounts suddenly change.

“Our system is excellent at protecting against outside hackers,” Slavkin said. “But when it comes to something like this it takes everyone by complete surprise.”

LongNowLong-term Building in Japan

The Ise Shrine in Japan, which has been rebuilt every 20 years for over 1,400 years. 

When I started working with Stewart Brand over two decades ago, he told me about the ideas behind Long Now, and how we might build the seed for a very long-lived institution. One of the first examples he mentioned to me was Ise Shrine in Japan, which has been rebuilt every 20 years in adjacent sites for over 1,400 years. This shrine is made of ephemeral materials like wood and thatch, but its symbiotic relationship with the Shinto belief and craftsmen has kept a version of the temple standing since 692 CE. Over these past decades many of us at Long Now have conjured with these temples as an example of long-term thinking, but it had not occurred to me that I might some day visit them.

That is, until a few years ago, when I came across a news piece about the temples. It announced that the shrine’s foresters were harvesting the trees for the next rebuild, and I decided to do some research to find out how and when visitors could go see the one temple being replaced by the next. This research turned out to be very difficult, in part because of the language barrier, but also because the last rebuild took place well before the world wide web was anything close to ubiquitous. I kept my ear out and asked people who might know about the shrines, but did not get very far.

Then, one morning in late September, Danny Hillis called to tell me that Daniel Erasmus, a Long Now member in Holland, had learned that the shrine transfer ceremony would be taking place the following Saturday. Danny said he was going to try and meet Daniel in Ise, and wanted to know if he should document it. I told him he wouldn’t need to, because I was going to get on a plane and meet them there.

Ise Shrine

The next few days were a blur of difficult travel arrangements to a rural Japanese town where little English was spoken and lodging was already way over-booked. I was greatly aided by a colleague’s Japanese wife, who was able to find us a room in a traditional ryokan home-stay very close to the temples. I also put the word out about the trip, and Ping Fu from the Long Now Board decided to join us, as well.

Streets of Osaka.

A few days later I met Ping at SFO for our flight to Osaka. Danny Hillis and Daniel Erasmus would be coming in from Tokyo a day later. We would stay the night in Osaka and then take the train to Ise. I found out that one of the other sites in Japan I had always wanted to visit was also close by: the Buddhist temples of Nara, considered to be some of the oldest continuously standing wooden structures in the world. We would be visiting Nara after our visit to Ise.

After landing, Ping and I spent a jet-lagged evening wandering around the Blade Runner streets of Osaka to find a restaurant. In Japan the best local food and drink are often tiny neighborhood affairs that only seat 5–10 people. Ping’s ability to read Kanji characters, which transfer over from Chinese, proved to be very helpful in at least figuring out if a sign was for a restaurant or a bathhouse.

“Fast food” in Osaka.

The next morning we headed east on a train to Ise eating “fast food” — morsels of fish and rice wrapped in beautiful origami of leaves. This was not one of the bullet trains; Ise is a small city whose economy has been largely driven by Shinto pilgrims for the last two millennia. A few decades before the birth of Christ, a Japanese princess is said to have spent over twenty years wandering Japan, looking for the perfect place to worship. Around year 4 of the current era she found Ise, where she heard the spirits whisper that this “is a secluded and pleasant land. In this land I wish to dwell.” And thus Ise was established as the Shinto spiritual center of Japan.

This is probably a good time to say a bit more about Shinto. While it is referred to often as a religion with priests and temples, there is actually a much deeper explanation, as with most things in Japan. Shinto is the indigenous belief system that goes back to at least 6 centuries BCE and pre-dates any religions in Japan — including Buddhism, which did not arrive until a millennium or so later. Shinto is an animist world view, which believes that spirits, or Kami, are a part of all things. It is said that nearly all Japanese are Shinto, even though many would self-describe as non-religious, or Buddhist. There are no doctrines or prophets in Shinto; people give reverence to various Kami for different reasons throughout their day, week, or life.

Shinto Priest at Ise gates.

There are over 80,000 Shinto temples, or Jinja, in Japan, and hundreds of thousands of Shinto “priests” who administer them. Of all of these temples, the structures at Ise, collectively referred to as Jingū, are considered the most important and the most highly revered. And of these, the Naikū shrine, which we were there to see, tops them all, and only members of the Japanese imperial family or the senior priests are allowed near or in the shrine. The simple yet stunningly beautiful Kofun-era architecture of the temples dates back over 2500 years, and the traditional construction methods have been refined to an unbelievably high art — even when compared to other Japanese craft.

Roof detail at shrine at Ise.

My understanding of how this twenty-year cycle became a tradition is that these shrines were originally used as seed banks. Since these were made of wood, they would need to be replaced and the seed stock transferred from one to the other. The design of the buildings and even the thatch roof are highly evolved for this. When there are rains, the thatch roof gets heavier, weighing down the wood joinery and making it water-tight. In the dry season, it gets lighter and the gaps between the wood are allowed to breathe again, avoiding mold.

The streets of Ise.

On Friday afternoon we arrived at Ise and, within a short walk, had checked in at our very basic ryokan hotel. The location was perfect, however, as we were directly across from the Naikū shrine area entrance. The town of Ise lies in a mainly flat lowland area across the bay from Nagoya (to the North). Its temples are the end destination of a pilgrimage route which people used to traverse largely by foot, and over the last 2,000 years various food and accommodation services have evolved to cater to those visitors.

Arriving at the temple area.

Ping and I wandered toward the entry and met up with Danny, Daniel, and Maholo Uchida, a friend of Daniel’s who is a curator at the National Museum of Emerging Science and Innovation in Tokyo. Maholo would prove to be an absolutely amazing guide through the next 24 hours, and most of what I now understand about Ise and its customs comes from her.

Danny Hillis and Maholo Uchida purifying at the Temizuya.

We traversed a small bridge and passed a low pool of water with a small roof over it. These Temizuya basins, found at the entry to all Shinto shrines, are a place to purify yourself before entry. As with all things in Japan — especially visits to shrines — there is an order and ceremony to washing your hands and mouth at the Temizuya. After this purification, we headed into the forest on a wide path of light grey gravel that crunched underfoot.

Just where the forest begins, we approached a large and beautifully crafted Shinto arch. These are apparently made from the timbers of an earlier shrine after it has been deconstructed. Visitors generally pass through three consecutive arches to enter a Shinto shrine area. Maholo quickly educated us on how to bow as we passed under the first arch (it is different for entering versus leaving) and on proper path walking etiquette. It is apparently too prideful to walk in the middle of the path: you should walk to one side, which is generally — but not always — the left side. As with everything here, there was etiquette to follow which was steeped in tradition and rules that would take a lifetime to understand fully.

Danny Hillis bowing under the first arch.

As we walked from arch to arch, Maholo explained that the forest here had historically been used exclusively to harvest timbers for all the shrines, but over the last millennia they had been harvested too heavily for various war efforts, or lost in fire. Since the beginning of this century the shrines’ caretakers have been bringing these forests back, and expect them to be self-sustaining again within the next two or three rebuilding periods — 40 to 60 years from now.

Third arch approaching the grand shrine.

Passing through a sequence of arches, we arrived at the Naikū shrine sanctuary area. This area includes a place that sells commemorative gifts. At this point you might be thinking “tourist trap gift shop,” but this adjacent structure is at least centuries old and of course perfectly fits the aesthetic. Instead of cheap plastic trinkets and coffee mugs, it offered hand-screened prints on wood from the last temple deconstruction, as well as calligraphic stamps for your shrine ‘passport’.

The 2,000 year-old gift shop.

Adjacent to the gift shop is the walled-off section of the Naikū shrine. Visitors are allowed to approach one spot, where there is a gap in the wall, and see a glimpse of the main temples. On the left, the one completed in 01993 has begun to grey (pictured below), and on the right gleams the newly finished temple, a dual view only seen once every 20 years. After this event, they will begin disassembly of the old shrine, and will leave just a little doghouse-sized structure in its place for the next two decades.

The old shrine, grey with age.

The audience for this event consisted of only a few hundred people. Maholo explained that this rebuilding has been going on for eight years, and that many people come for different parts of the process, including the harvesting of the trees, the blessing of the tools, the milling of the timbers, the placement of the white river foundation stones, and so on.

As we stood there, crowds were gathering, and we noticed behind us a series of chests that were roped off in the courtyard area. Some of these were plain wood and some of them were lacquered. These chests contained the temple “treasures” that are moved from the old temple to the new. Some are re-created every 20 years by the greatest craftspeople in Japan, some have been moved from temple to temple for 14 centuries, and some are totally secret to all but the priests. The treasures are what the Kami spirits follow from one temple to the next as they are rebuilt. So the Shinto priests move the treasures when the new temple is ready, and the Kami spirits move sometime in the night to follow them in to their new home.

Treasure change ceremony at Ise.

As we took photos, a large group of priests and press started lining up. We were ushered over to the gift building area and held back by white gloved security personnel. It was a bit comical as they did not seem to know exactly what to do with us. Since this ceremony happens only every 20 years, it is unlikely that any of the staff were present at the last occasion: while this is one of the oldest events in the world, it is simultaneously brand new. It was very apparent that none of the ritual acts were performed for the audience. All of this ceremony was designed for the benefit of the Kami spirits, not for people’s entertainment, and much of what we saw were glimpses through trees from a distance. While it was hard to see everything, we all agreed that this perspective made the tradition much more magical and interesting than if it had all been laid bare.

Without fanfare, the princess of Japan led a march of hundreds of Ise priests down the path that we had just walked, and they all lined up in rows next to the chests. After a ceremony with nearly 30 minutes of bowing, the chests were carried into the sanctuary and placed into the new shrine (though this was out of view).

Then they came back out, lined up again, and went through a series of wave like bows before being led away by the princess.

All very calm, very simple, and without any hurrah. The Kami would soon follow the treasures into their new home.

What was a real surprise was to learn that there are 125 shrines in Ise: all are rebuilt every 20 years, but on different schedules. This is also done at other Shinto shrine sites, but not always every 20 years; some have cycles as long as 60 years. Once we were allowed to wander around again, we hiked up the hill to some of the other temples, all built for different Kami. Some recently-built shrines stood next to the ones awaiting deconstruction, and some stood alone. These are all made with similar design and unerring construction, and unlike the main temple, we were allowed to walk right up to these and take pictures.

A recently-built shrine stands next to an old one.

We left the forest on a different path as the sun set, bowing our exit bows twice after each of the three arches. We wandered through the town a bit and I suggested we find a local bar that offered the traditional Japanese “bottle keep” so we could drink half of a bottle and leave it on the shelf to return in 20 years for the other half.

Hopefully we’ll drink from this bottle again in 02033.

Maholo took us to a tiny alley where she peeked into a few shoji screens, eventually finding us the right place. It had only eight or so seats, and the proprietor was a lovely Japanes grandmother. We ordered a bottle of Suntory whiskey and began to pour.

The barkeep was amazed to find out how far we had traveled to see the ceremony, and put our dated Long Now bottle on the highest shelf in a place of honor.

Afterwards, Maholo had arranged for us to have dinner at a beautiful ryokan with one of the Shinto priests, who had come in from Tokyo to help with the events in Ise. We were served course after course of incredible seafood while he gracefully answered our questions, all translated by Maholo.

We learned that the priests who run Ise are their own special group within the Shinto organization, and don’t really follow the line of the main organization. For instance, when several of the Shinto temples were offered UNESCO world heritage site status, they politely declined. I can just imagine them wondering why they would need an organization like UNESCO, that is not even half a century old, to tell them that they had achieved “historic” status. I suspect that maybe in a millennium or two, if UNESCO is still around, they might reconsider.

The priests bringing the Kami their first meal.

The next morning we returned to Naikū to catch a glimpse through the trees of the priests bringing the Kami their first meal. The Kami are fed in the morning and evening of each day from a kitchen building behind the temple sanctuary. We watched priests and their assistants bringing in chests of food as we chatted with an American who works for the Shinto central office in Tokyo. He had put together a beautiful book about the shrines at Ise, The Soul of Japan, to which he later sent me a link to share in this report.

Afterwards, we also visited the small but amazing museum at Ise that displays some of the “treasures” from past shrines, a temple simulacrum, and a display documenting the 1400-year reconstruction history along with the beautiful Japanese tools used for building the shrines.

Bridge to the Gekū shrines.

Then Maholo took us to the Gekū shrine areas, a few kilometers away, which allow much more access. These shrines, and the bridge that leads to them, are also built on the alternating-site, 20-year cycle. But here you walk on the right, and there are four arches — I could not find out why. Most interesting, however, is that in World War II the Japanese emperor ordered a rare temporary delay in shrine rebuilding. While the people of Ise could not defy him, they realized that he had only mentioned the shrines, so they went ahead and rebuilt the bridge as scheduled in the middle of a war-torn year.

Finally, we headed to the train station, from where Danny and Daniel would travel to Kyoto for their flights, and Maholo would return to Tokyo. Ping and I later boarded the train to Osaka to stay the night, and then headed to Nara prefecture the next day.

Entering Hōryū-ji

Hōryū-ji at Nara

Only 45 minutes by train from Osaka is the stop at Hōryū-ji, a bit before you get to Nara center. Almost concurrent to the building of the first shrine at Ise in the 7th century, a complex of Buddhist temples were built here beginning in 607 CE.

The tall pagoda at Hōryū-ji is one of the oldest continuously standing structures in the world. And while there is controversy over which parts of this temple complex are orginal, the central vertical pillar of wood in the Pagoda was definitively felled in 594.

The architecture has a strong Chinese influence, reflecting the route Buddhism traveled before arriving in Japan, and came with a tradition of continual maintenance rather than periodic rebuilding. 

Roof detail at Hōryū-ji

I suspect one of the main reasons these buildings have survived so long is their ceramic roof. The roof tiles can last centuries and are vastly less susceptible to fire than wood or thatch. Like the Shinto shrines, though, no one resides in these buildings, so the chance of human error starting a blaze is vastly diminished. I was amused to see the “no smoking” sign as we entered one of temples.

No smoking sign at Hōryū-ji

As you walk through these temples there are many beautiful little maintenance details. Places where water would have wicked into the bottom of a pillar or around the edge of a metal detail have been carefully removed, with new wood spliced back in over the centuries.

It is striking that this part of Japan houses two sets of structures, both of nearly equal age, and both made of largely ephemeral materials that have lasted over 14 centuries through totally different mechanisms and religions. Both require a continuous, diligent and respectful civilization to sustain them, yet one is punctuated and episodic, while the other is gradual. Both are great models for how to make a building, or an institution, last through millennia.


Learn More

  • Read Alexander Rose’s recent essay in BBC Future, “How to Build Something that Lasts 10,000 Years.”
  • See more photos from Alexander Rose’s trip to Japan here.
  • Read Soul of Japan: An Introduction to Shinto and Ise Jingu (02013) in full here.

CryptogramOn Cybersecurity Insurance

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion:

Policy makers have long held high hopes for cyber insurance as a tool for improving security. Unfortunately, the available evidence so far should give policymakers pause. Cyber insurance appears to be a weak form of governance at present. Insurers writing cyber insurance focus more on organisational procedures than technical controls, rarely include basic security procedures in contracts, and offer discounts that only offer a marginal incentive to invest in security. However, the cost of external response services is covered, which suggests insurers believe ex-post responses to be more effective than ex-ante mitigation. (Alternatively, they can more easily translate the costs associated with ex-post responses into manageable claims.)

The private governance role of cyber insurance is limited by market dynamics. Competitive pressures drive a race-to-the-bottom in risk assessment standards and prevent insurers including security procedures in contracts. Policy interventions, such as minimum risk assessment standards, could solve this collective action problem. Policy-holders and brokers could also drive this change by looking to insurers who conduct rigorous assessments. Doing otherwise ensures adverse selection and moral hazard will increase costs for firms with responsible security postures. Moving toward standardised risk assessment via proposal forms or external scans supports the actuarial base in the long-term. But there is a danger policyholders will succumb to Goodhart's law by internalising these metrics and optimising the metric rather than minimising risk. This is particularly likely given these assessments are constructed by private actors with their own incentives. Search-light effects may drive the scores towards being based on what can be measured, not what is important.

EDITED TO ADD (9/11): BoingBoing post.

Worse Than FailureCodeSOD: ImAlNumb?

I think it’s fair to say that C, as a language, has never had a particularly great story for working with text. Individual characters are okay, but strings are a nightmare. The need to support unicode has only made that story a little more fraught, especially as older code now suddenly needs to support extended characters. And by “older” I mean, “wchar was added in 1995, which is practically yesterday in C time”.

Lexie inherited some older code. It was not designed to support unicode, which is certainly a problem in 2019, and it’s the problem Lexie was tasked with fixing. But it had an… interesting approach to deciding if a character was alphanumeric.

Now, if we limit ourselves to ASCII, there are a variety of ways we could do this check. We could convert it to a number and do a simple check- characters 48–57 are numeric, 65–90 and 97–122 cover the alphabetic characters. But that’s a conditional expression- six comparison operations! So maybe we should be more clever. There is a built-in library function, isalnum, which might be more optimized, and is available on Lexie’s platform. But we’re dedicated to really doing some serious premature optimization, so there has to be a better way.

bool isalnumCache[256] =
{false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false,
false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true, false, false, false, false, false, false,
false,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true, false, false, false, false, false,
false,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true,  true, true, false, false, false, false,
false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false,
false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false,
false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false,
false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false};

This is a lookup table. Convert your character to an integer, and then use it to index the array. This is fast. It’s also error prone, and this block does incorrectly identify a non-alphanumeric as an alphanumeric. It also 100% fails if you are dealing with wchar_t, which is how Lexie ended up looking at this block in the first place.

[Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

,

Krebs on SecurityPatch Tuesday, September 2019 Edition

Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software. The software giant assigned a “critical” rating to almost a quarter of those vulnerabilities, meaning they could be used by malware or miscreants to hijack vulnerable systems with little or no interaction on the part of the user.

Two of the bugs quashed in this month’s patch batch (CVE-2019-1214 and CVE-2019-1215) involve vulnerabilities in all supported versions of Windows that have already been exploited in the wild. Both are known as “privilege escalation” flaws in that they allow an attacker to assume the all-powerful administrator status on a targeted system. Exploits for these types of weaknesses are often deployed along with other attacks that don’t require administrative rights.

September also marks the fourth time this year Microsoft has fixed critical bugs in its Remote Desktop Protocol (RDP) feature, with four critical flaws being patched in the service. According to security vendor Qualys, these Remote Desktop flaws were discovered in a code review by Microsoft, and in order to exploit them an attacker would have to trick a user into connecting to a malicious or hacked RDP server.

Microsoft also fixed another critical vulnerability in the way Windows handles link files ending in “.lnk” that could be used to launch malware on a vulnerable system if a user were to open a removable drive or access a shared folder with a booby-trapped .lnk file on it.

Shortcut files — or those ending in the “.lnk” extension — are Windows files that link easy-to-recognize icons to specific executable programs, and are typically placed on the user’s Desktop or Start Menu. It’s perhaps worth noting that poisoned .lnk files were one of the four known exploits bundled with Stuxnet, a multi-million dollar cyber weapon that American and Israeli intelligence services used to derail Iran’s nuclear enrichment plans roughly a decade ago.

In last month’s Microsoft patch dispatch, I ruefully lamented the utter hose job inflicted on my Windows 10 system by the July round of security updates from Redmond. Many readers responded by saying one or another updates released by Microsoft in August similarly caused reboot loops or issues with Windows repeatedly crashing.

As there do not appear to be any patch-now-or-be-compromised-tomorrow flaws in the September patch rollup, it’s probably safe to say most Windows end-users would benefit from waiting a few days to apply these fixes. 

Very often fixes released on Patch Tuesday have glitches that cause problems for an indeterminate number of Windows systems. When this happens, Microsoft then patches their patches to minimize the same problems for users who haven’t yet applied the updates, but it sometimes takes a few days for Redmond to iron out the kinks.

The trouble is, Windows 10 by default will install patches and reboot your computer whenever it likes. Here’s a tutorial on how to undo that. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update.

Most importantly, please have some kind of system for backing up your files before applying any updates. You can use third-party software to do this, or just rely on the options built into Windows 10. At some level, it doesn’t matter. Just make sure you’re backing up your files, preferably following the 3-2-1 backup rule.

Finally, Adobe fixed two critical bugs in its Flash Player browser plugin, which is bundled in Microsoft’s IE/Edge and Chrome (although now hobbled by default in Chrome). Firefox forces users with the Flash add-on installed to click in order to play Flash content; instructions for disabling or removing Flash from Firefox are here. Adobe will stop supporting Flash at the end of 2020.

As always, if you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a good chance other readers have experienced the same and may even chime in here with some helpful tips.

Cory DoctorowCharles de Lint on Radicalized

I’ve been a Charles de Lint fan since I was a kid (see photographic evidence, above, of a 13-year-old me attending one of Charles’s signings at Bakka Books in 1984!), and so I was absolutely delighted to read his kind words in his books column in Fantasy and Science Fiction for my latest book, Radicalized. This book has received a lot of critical acclaim (“among my favorite things I’ve read so far this year”), but to get such a positive notice from Charles is wonderful on a whole different level.

The stories, like “The Masque of the Red Death,” are all set in a very near future. They tackle immigration and poverty, police corruption and brutality, the U.S. health care system and the big pharma companies. None of this is particularly cheerful fodder. The difference is that each of the other three stories give us characters we can really care about, and allow for at least the presence of some hopefulness.

“Unauthorized Bread” takes something we already have and projects it into the future. You’ve heard of Juciero? It’s a Wi-Fi juicer that only lets you use the proprietary pre-chopped produce packs that you have to buy from the company. Produce you already have at home? It doesn’t work because it doesn’t carry the required codes that will let the machine do its work.

In the story, a young woman named Salima discovers that her toaster won’t work, so she goes through the usual steps one does when electronics stop working. Unplug. Reset to factory settings. Finally…

“There was a touchscreen option on the toaster to call support but that wasn’t working, so she used the fridge to look up the number and call it.”

I loved that line.

Books To Look For [Charles de Lint/F&SF]

Worse Than FailureDeath by Consumption

Tryton Party Module Address Database Diagram

The task was simple: change an AMQ consumer to insert data into a new Oracle database instead of an old MS-SQL database. It sounded like the perfect task for the new intern, Rodger; Rodger was fresh out of a boot camp and ready for the real world, if he could only get a little experience under his belt. The kid was bright as they came, but boot camp only does so much, after all.

But there are always complications. The existing service was installed on the old app servers that weren't setup to work with the new corporate app deployment tool. The fix? To uninstall the service on the old app servers and install it on the new ones. Okay, simple enough, if not well suited to the intern.

Rodger got permissions to set up the service on his local machine so he could test his install scripts, and a senior engineer got an uninstall script working as well, so they could seamlessly switch over to the new machines. They flipped the service; deployment day came, and everything went smoothly. The business kicked off their process, the consumer service picked up their message and inserted data correctly to the new database.

The next week, the business kicked off their process again. After the weekend, the owners of the old database realized that the data was inserted into the old database and not the new database. They promptly asked how this had happened. Rodger and his senior engineer friend checked the queue; it correctly had two consumers set up, pointing at the new database. Just to be sure, they also checked the old servers to make sure the service was correctly uninstalled and removed by tech services. All clear.

Hours later, the senior engineer refreshed the queue monitor and saw the queue now had three consumers despite the new setup having only two servers. But how? They checked all three servers—two new and one old—and found no sign of a rogue process.

By that point, Rodger was online for his shift, so the senior engineer headed over to talk to him. "Say, Rodger, any chance one of your installs duplicated itself or inserted itself twice into the consumer list?"

"No way!" Rodger replied. "Here, look, you can see my script, I'll run it again locally to show you."

Running it locally ... with dawning horror, the senior engineer realized what had happened. Roger had the install script, but not the uninstall—meaning he had a copy still running on his local developer laptop, connected to the production queue, but with the old config for some reason. Every time he turned on his computer, hey presto, the service started up.

The moral of the story: always give the intern the destructive task, not the constructive one. That can't go wrong, right?

[Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

Cory DoctorowPodcast: DRM Broke Its Promise

In my latest podcast (MP3), I read my new Locus column, DRM Broke Its Promise, which recalls the days when digital rights management was pitched to us as a way to enable exciting new markets where we’d all save big by only buying the rights we needed (like the low-cost right to read a book for an hour-long plane ride), but instead (unsurprisingly) everything got more expensive and less capable.

The established religion of markets once told us that we must abandon the idea of owning things, that this was an old fashioned idea from the world of grubby atoms. In the futuristic digital realm, no one would own things, we would only license them, and thus be relieved of the terrible burden of ownership.

They were telling the truth. We don’t own things anymore. This summer, Microsoft shut down its ebook store, and in so doing, deactivated its DRM servers, rendering every book the company had sold inert, unreadable. To make up for this, Microsoft sent refunds to the custom­ers it could find, but obviously this is a poor replacement for the books themselves. When I was a bookseller in Toronto, noth­ing that happened would ever result in me breaking into your house to take back the books I’d sold you, and if I did, the fact that I left you a refund wouldn’t have made up for the theft. Not all the books Microsoft is confiscating are even for sale any lon­ger, and some of the people whose books they’re stealing made extensive annotations that will go up in smoke.

What’s more, this isn’t even the first time an electronic bookseller has done this. Walmart announced that it was shutting off its DRM ebooks in 2008 (but stopped after a threat from the FTC). It’s not even the first time Microsoft has done this: in 2004, Microsoft created a line of music players tied to its music store that it called (I’m not making this up) “Plays for Sure.” In 2008, it shut the DRM serv­ers down, and the Plays for Sure titles its customers had bought became Never Plays Ever Again titles.

We gave up on owning things – property now being the exclusive purview of transhuman immortal colony organisms called corporations – and we were promised flexibility and bargains. We got price-gouging and brittle­ness.

MP3

,

Krebs on SecuritySecret Service Investigates Breach at U.S. Govt IT Contractor

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections to its government partner networks.

In mid-August, a member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S. government IT contractor that does business with more than 20 federal agencies, including several branches of the military. The seller bragged that he had access to email correspondence and credentials needed to view databases of the client agencies, and set the opening price at six bitcoins (~USD $60,000).

A review of the screenshots posted to the cybercrime forum as evidence of the unauthorized access revealed several Internet addresses tied to systems at the U.S. Department of Transportation, the National Institutes of Health (NIH), and U.S. Citizenship and Immigration Services (USCIS), a component of the U.S. Department of Homeland Security that manages the nation’s naturalization and immigration system.

Other domains and Internet addresses included in those screenshots pointed to Miracle Systems LLC, an Arlington, Va. based IT contractor that states on its site that it serves 20+ federal agencies as a prime contractor, including the aforementioned agencies.

In an interview with KrebsOnSecurity, Miracle Systems CEO Sandesh Sharda confirmed that the auction concerned credentials and databases were managed by his company, and that an investigating agent from the Secret Service was in his firm’s offices at that very moment looking into the matter.

But he maintained that the purloined data shown in the screenshots was years-old and mapped only to internal test systems that were never connected to its government agency clients.

“The Secret Service came to us and said they’re looking into the issue,” Sharda said. “But it was all old stuff [that was] in our own internal test environment, and it is no longer valid.”

Still, Sharda did acknowledge information shared by Wisconsin-based security firm Hold Security, which alerted KrebsOnSecurity to this incident, indicating that at least eight of its internal systems had been compromised on three separate occasions between November 2018 and July 2019 by Emotet, a malware strain usually distributed via malware-laced email attachments that typically is used to deploy other malicious software.

The Department of Homeland Security did not respond to requests for comment, nor did the Department of Transportation. A spokesperson for the NIH said the agency had investigated the activity and found it was not compromised by the incident.

“As is the case for all agencies of the Federal Government, the NIH is constantly under threat of cyber-attack,” NIH spokesperson Julius Patterson said. “The NIH has a comprehensive security program that is continuously monitoring and responding to security events, and cyber-related incidents are reported to the Department of Homeland Security through the HHS Computer Security Incident Response Center.”

One of several screenshots offered by the dark web seller as proof of access to a federal IT contractor later identified as Arlington, Va. based Miracle Systems. Image: Hold Security.

The dust-up involving Miracle Systems comes amid much hand-wringing among U.S. federal agencies about how best to beef up and ensure security at a slew of private companies that manage federal IT contracts and handle government data.

For years, federal agencies had few options to hold private contractors to the same security standards to which they must adhere — beyond perhaps restricting how federal dollars are spent. But recent updates to federal acquisition regulations allow agencies to extend those same rules to vendors, enforce specific security requirements, and even kill contracts that are found to be in violation of specific security clauses.

In July, DHS’s Customs and Border Patrol (CPB) suspended all federal contracts with Perceptics, a contractor which sells license-plate scanners and other border control equipment, after data collected by the company was made available for download on the dark web. The CPB later said the breach was the result of a federal contractor copying data on its corporate network, which was subsequently compromised.

For its part, the Department of Defense recently issued long-awaited cybersecurity standards for contractors who work with the Pentagon’s sensitive data.

“This problem is not necessarily a tier-one supply level,” DOD Chief Information Officer Dana Deasy told the Senate Armed Services Committee earlier this year. “It’s down when you get to the tier-three and the tier-four” subcontractors.

Worse Than FailureCodeSOD: Making a Nest

Tiffany started the code review with an apology. "I only did this to stay in style with the existing code, because it's either that or we rewrite the whole thing from scratch."

Jim J, who was running the code review nodded. Before Tiffany, this application had been designed from the ground up by Armando. Armando had gone to a tech conference, and learned about F#, and how all those exciting functional features were available in C#, and returned jabbering about "immutable data" and "functors" and "metaprogramming" and decided that he was now a functional programmer, who just happened to work in C#.

Some struggling object-oriented developers use dictionaries for everything. As a struggling functional programmer, Armando used tuples for everything. And these tuples would get deeply nested. Sometimes, you needed to flatten them back out.

Tiffany had contributed this method to do that:

public static Result<Tuple<T1, T2, T3, T4, T5>> FlatternTupleResult<T1, T2, T3, T4, T5>( Result<Tuple<Tuple<Tuple<Tuple<T1, T2>, T3>, T4>, T5>> tuple ) { return tuple.Map(x => new Tuple<T1, T2, T3, T4, T5>(x.Item1.Item1.Item1.Item1, x.Item1.Item1.Item1.Item2, x.Item1.Item1.Item2, x.Item1.Item2, x.Item2)); }

It's safe to say that deeply nested generics are a super clear code smell, and this line: Result<Tuple<Tuple<Tuple<Tuple<T1, T2>, T3>, T4>, T5>> tuple downright reeks. Tuples in tuples in tuples.

Tiffany cringed at the code she had written, but this method lived in the TaskResultHelper class, and lived alongside methods with these signatures:

public static Result<Tuple<T1, T2, T3, T4>> FlatternTupleResult<T1, T2, T3, T4>(Result<Tuple<Tuple<Tuple<T1, T2>, T3>, T4>> tuple) public static Result<Tuple<T1, T2, T3>> FlatternTupleResult<T1, T2, T3>(Result<Tuple<Tuple<T1, T2>, T3>> tuple)

"This does fit in with the way the application currently works," Jim admitted. "I'm sorry."

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!

Cory DoctorowCome see me in Santa Cruz, San Francisco, Toronto and Maine!

I’m about to leave for a couple of weeks’ worth of lectures, public events and teaching, and you can catch me in many places: Santa Cruz (in conversation with XKCD’s Randall Munroe); San Francisco (for EFF’s Pioneer Awards); Toronto (for Word on the Street, Seeding Utopias and Resisting Dystopias and 6 Degrees); Newry, ME (Maine Library Association) and Portland, ME (in conversation with James Patrick Kelly).

Here’s the full itinerary:

Santa Cruz, September 11, 7PM: Bookshop Santa Cruz Presents an Evening with Randall Munroe, Santa Cruz Bible Church, 440 Frederick St, Santa Cruz, CA 95062

San Francisco, September 12, 6PM: EFF Pioneer Awards, with Adam Savage, William Gibson, danah boyd, and Oakland Privacy; Delancey Street Town Hall, 600 Embarcadero St., San Francisco, California, 94107

Houston and beyond, September 13-22: The Writing Excuses Cruise (sorry, sold out!)

Toronto, September 22: Word on the Street:

Toronto, September 23, 6PM-8PM: Cory Doctorow in Discussion: Seeding Utopias & Resisting Dystopias , with Jim Munroe, Madeline Ashby and Emily Macrae; Oakwood Village Library & Arts Centre, 341 Oakwood Avenue, Toronto, ON M6E 2W1

Toronto, September 24: 360: How to Make Sense at the 6 Degrees Conference, with Aude Favre, Ryan McMahon and Nanjala Nyabola, Art Gallery of Ontario.

Newry, ME, September 30: Keynote for the Maine Library Association Annual Conference, Sunday River Resort, Newry, ME

Portland, ME, September 30, 6:30PM-8PM: In Conversation With James Patrick Kelly, Main Library, Rines Auditorium.

I hope you can make it!

,

Sam VargheseSerena Williams loses another Grand Slam final

Serena Williams has fallen flat on her face again in her bid to equal Margaret Court’s record of 24 Grand Slam titles. This time Williams’ loss was to Canadian teenager Bianca Andreescu – and what makes it better is that she lost in straight sets, 6-3, 7-5.

Andreescu, 19, is a raw hand at the game; she has never played in the main draw of the US Open before. Last year, ranked 208, she was beaten in the first round by Olga Danilovic.

Williams has now lost four Grand Slam finals in pursuit of 24 wins: Angelique Kerber defeated her at Wimbledon in 2018, Naomi Osaka defeated her in the last US Open and Simona Halep accounted for Williams at Wimbledon this year. In all those finals, Williams was unable to win more than four games in any set. And now Andreescu has sent her packing.

Williams appears to be obsessed with being the winner of most Grand Slams before she quits the game. But after returning from maternity leave, she has shown the inability to cope with the pressure of a final. Her last win was in the Australian Open in 2017, when she beat her sister, Venus, 6-4, 6-4.

Unlike many other players, Williams is obsessed with herself. Not for her the low-profile attitude cultivated by the likes of Roger Federer or Steffi Graf. The German woman, who dominated tennis for many years, was a great example for others.

In 1988, Graf thrashed Russian Natasha Zvereva 6-0, 6-0 in the final of the French Open in 34 minutes – the shortest and most one-sided Grand Slam final on record. And Zvereva had beaten the great Martina Navratilova en route to the final!

Yet Graf was low-key at the presentation. She did not laud it over Zvereva who was in tears, she did not indulge in triumphalism. One shudders to think of the way Williams would have carried on in such a situation. Graf was graciousness personified.

Williams is precisely the opposite. When she wins, it is because she played well. And when she loses, it is all because she did not play well. Her opponent only gets some reluctant praise.

It is time for Williams to do some serious soul-searching and consider whether it is time to bow out. This constant search for a 24th title — and I’m sure she will look for a 25th after that to be atop the winners’ list — is getting a little tiresome.

There is a time in life for everything as it says in the Biblical book of Ecclesiastes. Williams has had a good run but now her obsession with another win is getting on people’s nerves. There is much more to women’s tennis than Serena Williams – and it is time that she realised it as well and retired.