Martin Pool's blog

A Hard Lesson to Learn

Joseph Lorenzo Hall writes

A HARD LESSON TO LEARN: don't use Microsoft Word's "Highlight tool" with the color set to black to redact documents--one can still copy and paste "highlighted" text!

The really interesting part about this DoJ case is reading the un-redacted document and seeing what was "blacked out" under FOIA exemptions (un-redacted document is here: http://www.thememoryhole.org/feds/doj-attorney-diversity-unredacted.pdf ).

I wonder how many other electronic FOIA-released documents are out there where a simple copy and paste will reveal redactions?

Pertinent paragraph:

"It turns out the [DoJ's] report began its life as a Microsoft Word document, and whoever was in charge of sanitizing it for public release did so by using Word's highlight tool, with the highlight color set to black, according to an analysis by Tim Sullivan, CEO of activePDF, a maker of server-side PDF tools. The simple and convenient technique would have been perfectly effective had the end product been a printed document, but it was all but useless for an electronic one."

posted Thu 30 Oct 2003 in /issues/security | link

linux.conf.au 2004 programme out

Linux.Conf.Au 2004 announces conference programme!

Our much anticipated conference programme is now officially released into the wild, sporting a new and improved format - with 4 simultaneous streams, just to make your job harder in choosing which paper presentation to attend! :-)

We've divided our tutorials and paper presentations into 4 categories - low-level programming, high-level programming, applications and advocacy/community/case-studies - so you can better match your interests to the papers.

So now there's no excuse not to hop onto your closest web browser and navigate to http://lca2004.linux.org.au/register/ where you can register and pay for your attendance at LCA 2004 in January 2004.

Be quick though - conference registrations have already passed 100, and are storming their way towards 150, so if you're planning on coming, sign up now for the fun!

And as another quick update - since we've last contacted you we've been pretty busy. On our website we've announced :

Whew! It's been a busy month! But wait, there's more cool things to come.... You'll just have to check our website lca2004.linux.org.au regularly to find out more (and while you're there, why not register? :-)

posted Thu 30 Oct 2003 in /conf/lca2004 | link

Magic SysRq over telnet

Cute Itanium tricks department:

On the hp Integrity Itanium servers, you can telnet into the management processors and talk to the Linux host's serial console. In particular you can use this to talk to the ELILO boot loader, and to look at oopsies.

One cool thing I recently discovered is that you can send a TELNET BREAK which is translated into a serial break, which has a similar effect to pressing SysRq on a regular keyboard. That is, you can get a list of processes, sync the disks, or unmount the disks for a semi-graceful reboot.

To send a break from the standard Unix telnet client, hit Ctrl+] then type send brk. You need to pause for a second or so after typing this because the break locks out other activity on the serial port. 

Debian GNU/Linux testing/unstable kate console
Linux ia64 2.4.22-showmem #29 SMP Wed Oct 29 14:59:35 EST 2003
                                                                                
kate login:
telnet> send break
SysRq : HELP : loglevel0-8 reBoot tErm kIll saK showMem Off showPc
unRaw Sync showTasks Unmount
                                                                                
telnet> send break
pSysRq : Show Regs
                                                                                
Pid: 0, CPU 1, comm:              swapper
psr : 0000101008026018 ifs : 8000000000000000 ip  :
[<e000000004415440>]    Not tainted
ip is at (no symbol)
unat: 0000000000000000 pfs : 000000000000050a rsc : 0000000000000003
rnat: 8000000000000013 bsps: 000000000001003e pr  : 80000000ff605935
ldrs: 0000000000000000 ccv : 0000000000000000 fpsr: 0009804c8a70433f
csd : 0000000000000000 ssd : 0000000000000000
b0  : e0000000044155f0 b6  : e000000004402d60 b7  : e000000004415440
f6  : 1003e2e8ba2e8ba2e8ba3 f7  : 1003e000000000b0b5c99
f8  : 1003e0000000000fd086b f9  : 1003e000000000adf5c99
f10 : 000000000000000000000 f11 : 1003e000000000b0b5c99
r1  : e000000004c6ea80 r2  : 0000000000000000 r3  : 0000000000000000
r8  : 0000000000000000 r9  : e0000040fffa8050 r10 : 0000000000000000
r11 : 0000000000000000 r12 : e0000040fef87e30 r13 : e0000040fef80000
r14 : e0000040fef87dd0 r15 : e0000040fef80028 r16 : 0000000000000000
r17 : 0000000000000000 r18 : e000000004a78688 r19 : e0000040fef80038
r20 : 0000000000000000 r21 : 0000000000000000 r22 : e0000040fef80028
r23 : e000000004415440 r24 : 0000000000000000 r25 : 0000000000000000
r26 : 0000000000000000 r27 : e0000040fef80e90 r28 : 80000000ff606535
r29 : 0000000000000001 r30 : 0000000000000000 r31 : 0000000000000001

posted Wed 29 Oct 2003 in /computers/hardware/rx2600 | link

relayfs

relayfs:

As the Linux kernel matures, there is an ever increasing number of facilities and tools that need to relay large amounts of data from kernel space to user space. Up to this point, each of these has had its own mechanism for relaying data. To supersede the individual mechanisms, we introduce the "high-speed data relay filesystem" (relayfs). As such, things like LTT, printk, EVLog, etc. should all use relayfs to get their data to user-space. The use of relayfs would, for example, avoid lost printk's. It would also result in the standardization of the way in which large amounts of data are transferred from kernel space to user space.

The main idea behind the relayfs is that every data flow is put into a separate "channel" and each channel is a file. In practice, each channel is a separate memory buffer allocated from within kernel space upon channel instantiation. Software needing to relay data to user space would open a channel or a number of channels, depending on its needs, and would log data to that channel. All the buffering and locking mechanics are taken care of by the relayfs.

davem doesn't like it though...

So would you consider running printk on Netlink sockets? Do you think Netlink could accomodate something as intensive as tracing? etc.

Of course it can. Look, netlink is used on routers to transfer hundreds of thousands of routing table entries in one fell swoop between a user process and the kernel every time the next hop Cisco has a BGP routing flap.

If you must have "enterprise wide client server" performance, we can add mmap() support to netlink sockets just like AF_PACKET sockets support such a thing. But I _really_ doubt you need this and unlike netlink sockets relayfs has no queueing model, whereas not only does netlink have one it's been tested in real life.

You guys are really out of your mind if you don't just take the netlink printk thing I did months ago and just run with it. When someone first told showed me this relayfs thing, I nearly passed out in disbelief that people are still even considering non-netlink solutions.

On the other hand Richard Moore says

In messaging terms relayfs is more about he collation of parts of a message rather than the sending of multiple messages to a session partner. There are three aspects in which relayfs radically differs from netlink:

1) it does not require a partnership -- a client and serve, or session pair -- it is simply a buffering mechanism that allows data be deposited. There is no expectation that the data will be consumed or that there is a listening partner. The reason fore this design point comes from the origin of relayfs as a buffering mechanism that satisfies the needs of a low-level system trace. Data from a trace might never be consumed if the system, sub-system or component never fails.

2) data can be deposited from any context - interrupt time, task time, sysinit in particular.

3) the depositing of data with relayfs has to depend one a very simple interface and infrastructure in order to function under a severely damaged system. My impression is that netlink depends a significant infrastructure.

posted Tue 28 Oct 2003 in /software/linux-kernel | link

Wagers as payment for software completion

aj replied to my note on free software economics.

(Wouldn't it be nice if there were some higher-level metadata about threads across blogs rather tha just A HREFs?)

His wager model is similar to Jim Bell's Assassination Politics. You can factor Assassination Politics into several fairly separate parts:

1. Blinded cryptographic wagers are a good way to arrange payment between n customers and an agent completing a particular task, without needing to know the other's identity.

2. (a) The US government is corrupt, and (b) an appropriate response is to assassinate various government employees, officeholders, or appointees.

You can usefully consider the wager algorithm if you disagree with the second point.

Imagine for a moment that as ordinary citizens were watching the evening news, they see an act by a government employee or officeholder that they feel violates their rights, abuses the public's trust, or misuses the powers that they feel should be limited. A person whose actions are so abusive or improper that the citizenry shouldn't have to tolerate it.

What if they could go to their computers, type in the miscreant's name, and select a dollar amount: The amount they, themselves, would be willing to pay to anyone who "predicts" that officeholder's death. That donation would be sent, encrypted and anonymously, to a central registry organization, and be totaled, with the total amount available within seconds to any interested individual. If only 0.1% of the population, or one person in a thousand, was willing to pay $1 to see some government slimeball dead, that would be, in effect, a $250,000 bounty on his head.

It seems like that would give TV station owners even more power than they presently have.

posted Tue 28 Oct 2003 in /issues/economics | link

aj wrote more on this, which will get a reply eventually.

posted Tue 28 Oct 2003 in /issues/economics | link

Linux and the race to the bottom

One fairly silly argument sometimes advanced against Linux is that by reducing towards zero the cost of getting a good operating system, it is somehow communist or anti-capitalist. This argument's typically put by people who think capitalism is an extremely good thing.

There certainly is a "race to the bottom" here — bottom price that is. Software features which were once very expensive can now be had at little cost, and without giving up freedoms like being able to modify the system or retaining control of your own data.

But this is a good capitalist system in action: it's *meant* to be hard for companies to make money, and particularly so if they don't continue to innovate. It's a good thing that prices keep falling, and that you can now get for negligible cost the things that used to be expensive.

Linux is just a bit of creative destruction, or destructive creation, in action.

posted Fri 17 Oct 2003 in /issues/economics | link

Dijon, Ainslie

Just superb. Friendly staff, excellent fresh ingredients, novel but homely combinations. On the night we visited, they had probably the best oysters I've had in Canberra, from Coffin Bay. Go there.

Mietta's says “Excellent”.

posted Thu 16 Oct 2003 in /food/restaurants/canberra | link

One short question

Here's a question I'd like to hear SCO answer: do SCO indemnify their customers from any intellectual property issues arising from SCO software?

SCO are still (barely) in the business of shipping software, including both proprietary and open-source components. Either one could, hypothetically, infringe on some other party's copyrights or patent rights. Do SCO indemnify their customers? If not, why are they demanding that Linux distributors indemnify their customers?

posted Mon 13 Oct 2003 in /issues/sco-vs-linux | link

Felten on Senate Hearings

Ed Felten writes:

Today I testified at a Senate Commerce Committee hearing. The issue under discussion was whether (or how) the government should require the inclusion of DRM (anti-copying) technology in digital TV equipment. Here is my written testimony. [...]

You would probably be disappointed as well at the quality of the debate. It's not that debate doesn't occur; and it's not that the issues at hand aren't important. But much time is wasted on posturing that is irrelevant to the nominal topic of the hearing and seems designed only to show that one side is purer of heart than the other. An example was the repeated references to porn on P2P networks. This had no connection to the hearing's topic, and nobody even bothered to connect it to the topic. And none of the witnesses had any connection with P2P technology.[...]

Mr. Valenti, characteristically, hit the P2P porn meme the hardest, even, in a surreal moment, inviting the Senators' staffers to go download some porn from Kazaa and see for themselves how vile it is. As a parent, I had to chuckle on hearing the American movie industry complain about the distribution of inappropriate sexual content to kids. But then again the whole room seemed at times to be an irony-free zone.

Ed's testimony is also particularly good.

posted Thu 9 Oct 2003 in /issues/copyright | link

Sterling on Feminist Steganography

Google serendipidy produced a little essay by Bruce Sterling on Steganography and Feminism:

I have returned from Italy, where I was hanging out with Linux free software guys. Some of them were Communists. One always hears the weird allegation that Linux users are Communists, but this is the first time I ever met any real ones.

In Italy's unique political circumstances, the Communists are "the party of honest government." Whereas the current Prime Minister, Silvio "The Cavaliere" Berlusconi, is a sinister media monopolist who hangs out with half-reformed fascisti. Then there's that Le Pen guy, in France. And in sweet, kindly Holland, a gay right-wing xenophobe has been shot dead by an animal- rightist. You know, in Europe, life is hairy this season.

People in Italy (who rather like cyberpunk books for their spooky, noir aspects), always have me figured for some kind of stiletto-toting, chrome and matte-black conspirator. Little knowing that the most sinister things I do are (a) eating taco chips and (b) sitting in front of a Macintosh moving my fingers up and down.

This reputation, however, likely accounts for brief Italian encounter I had with some Eastern European cyberfeminists. It seems that these ladies had read a recent speech of mine at the Computers Freedom and Privacy Conference, where I publicly stated that I "admire women" and like to see them take "a public role in public life."

They were thrilled to see a technologically knowledgeable American male acknowledging their humanity. These ladies have some security problems.

Mind you, these aren't heavy-duty, with-it, Cornelia Sollfrank style cyberfeminists. Those cyberfeminists are sophisticated, learned Eurofemmes in brainy-glasses, who hang out with Australian performance artists and know how to use real computers. These cyberfeminists were dainty little dissident peaceniks. They're from one of those "former" countries.

posted Thu 9 Oct 2003 in /issues/crypto | link

Bilskinir

Nathan has a pretty cool blog at bilsirnir, and in particular an interview with Malcolm Crompton, the Australian Federal Privacy Commissioner:

I spoke to Federal Privacy Commissioner, Malcolm Crompton (right), today and found him more passionate than I expected. He expressed his frustration that the owners of intellectual property (IP) were pushing digital restrictions management but not thinking of the impact that has on our rights to withhold our personal information (PI). He views the Privacy Act as a way to balance the agendas of both corporations and individuals, creating tradeable rights that level the playing field. He has told Microsoft that Palladium should balance both sides of the equation, but that at the moment he is frustrated that it does not.

We're talking about a serious privacy vs piracy debate. On the piracy debate we're talking about management of Intellectual Property (IP). I am a person with Personal Information (PI) and if that is taken away, it is an invasion of my privacy. I would like to hear these people (IP owners) making such a lot of noise about piracy of IP talk about the protections of PI -- then they would have some credibilty. There's a pretty ugly asymmetry in the debate. Both sides need to grow up a bit and be a bit more respective of both sides of the argument.

posted Thu 9 Oct 2003 in /blogs | link

Archives 2008: Apr Feb 2007: Jul May Feb Jan 2006: Dec Nov Oct Sep Aug Jul Jun Jan 2005: Sep Aug Jul Jun May Apr Mar Feb Jan 2004: Dec Nov Oct Sep Aug Jul Jun May Apr Mar Feb Jan 2003: Dec Nov Oct Sep Aug Jul Jun May

Copyright (C) 1999-2007 Martin Pool.