the future sure is bleak

Watched two movies.

Automata. Starring Antonio Banderas. This starts out like some of the best Asimov robot short stories, especially Little Lost Robot. The earth is a desiccated, irradiated husk but slowly being rebuilt by robots with two Protocols. One says no harming humans. The other says no self modification. Antonio is tasked with tracking down the origins of a group of robots that apparently can modify themselves. Then the story gets sidetracked quite a bit. The evil Robo Corp henchmen decide Antonio must be in on the trouble and are sent out to get him. So much trouble could have been averted if they had even once asked him what was happening, but no. Shoot first, ask questions later. Turns a rather good mystery thriller into a boring bang bang western.

The Colony. Starring Morpheus. Like Snowpiercer the world is frozen over after a global warming reversifier. Instead of the silly train conceit, however, people live in underground bunkers like in Fallout. So far, so good. Then we get lots of contrived conflict, blood thirsty cannibals (why is it always cannibals?), and whatever. I stopped caring.

Disappointing. It’s like the producer/director for each movie got halfway through, realized they hadn’t used any of the spurting blood budget, and then decided to use it all up. But at least in terms of atmosphere and setting, they were briefly entertaining.

Two movies, two bonus comics!

The real currency of modern life is information.

How to explain the future to your past self.

Posted 2014-10-30 19:36:09 by tedu Updated: 2014-10-30 20:25:42
Tagged: moviereview

least worst golden key

The Washington Post seems to have kicked a crypto hornets nest recently, with their suggestion that Apple (and other phone manufacturers, though I’ll stick with Apple as an example) should include a golden escrow key to allow law enforcement to decrypt suspects’ phones. This provoked the expected reaction from everybody who gets it that escrow is a terrible idea. Fair enough. But what’s the least worst escrow system we can devise?

Why would we want to design such a system, given that implementing a golden key would be a disaster? Well, disaster planning is hardly a new idea. Nor does coming up with a plan for the worst case scenario necessarily mean you want it to happen. Devising fire evacuation plans for an office building doesn’t make one an arsonist. I think having a good escrow plan ready is better than having none and being forced to design one on the spot. Even worst case scenarios can be subdivided into worst worst and least worst. And so, without advocating for a key escrow system, here’s how I might go about building one.

Continue reading least worst golden key...

Posted 2014-10-11 16:11:48 by tedu Updated: 2014-10-11 16:11:48
Tagged: politics security thoughts

on the power of proprietary information

Lots of great articles in the October 13, 2014 New Yorker, all connected by the common theme of knowledge is power. Who knows what and when gives one a considerable edge. Nothing surprising, but reading about it from several perspectives reveals just how true the old saying is.

The first major article, Embrace the Irony, is about Lawrence Lessig’s quest to reform campaign finance. Not information, per se, but access is power, and asymmetrical access has about the same result as asymmetrical information. I didn’t really like this article, though; it seems to bounce around quite a bit.

Who cooks your Chinese food? Possibly (probably?) an underground worker from The Kitchen Network. There’s a lot more anecdote here than data, but the way the network operates is crazy. Pay a “work agency” some money and get a bus number and a phone number. Get on the bus, get off in the middle of nowhere, call the number, boss picks you up. You know nothing about the job before then, not even the name of the restaurant. The workers generally don’t know English, and so they are dependent on their handlers to help make arrangements and navigate the world. It’s not in the bosses’ interest to educate their workers, and even the workers don’t seem interested in helping each other, preferring to keep whatever knowledge they have to themselves.

Continue reading on the power of proprietary information...

Posted 2014-10-09 20:35:29 by tedu Updated: 2014-10-09 20:35:29
Tagged: magreview

features are faults

Reflections on a few security vulnerabilities; some recent, some less so.

Rails JSON/YAML bug (CVE-2013-0333). ShellShock (CVE-2014-6271). What do they have in common? A feature which nobody knew existed was plugged into the internet. Rails and bash were arguably working as designed. Unfortunately, parsing all the strings with all the parsers as a general operating principle turns out to have negative security implications. It sure is convenient for all zero people who know about the feature, but less so for the rest of us.

Continue reading features are faults...

Posted 2014-10-07 23:43:54 by tedu Updated: 2014-10-08 16:29:58
Tagged: security software thoughts

opting in to airport scanners

For the past few years, I’d been opting out of the new airport scanners. Initially I had several reasons for this decision, but over time things changed, and after some reflection I realized the most compelling rationale I now had each time I opted out was “I opted out last time.”

Initially I was most concerned about the possible effects of the backscatter scanners. Maybe they’re safe or maybe not, but it seemed like an untested theory at the time. I’m comfortable with the millimeter wave scanners, but keeping track of what was what seemed like a chore. Easiest to say no to the entire category. Now that the backscatter machines are only installed wherever else, but not at airports, that’s one reason down.

Continue reading opting in to airport scanners...

Posted 2014-10-07 23:43:45 by tedu Updated: 2014-10-07 23:43:45
Tagged: politics rants

funding topologies

“Startup culture starting to resemble a pyramid that has folded in on itself, exploring funding topologies Ponzi never dreamed of” - Pinboard

Funding topology is definitely a subject worthy of further research.

Posted 2014-10-03 18:24:49 by tedu Updated: 2014-10-03 18:24:49
Tagged: business quote


Copying another idea from Old New Thing and porting to unix. This time it’s Piping to notepad. Instead of starting a new notepad process, let’s feed stdin to any existing window.

This requires as many as two helper functions. First we need to find a target, by having the user click on a window.

Continue reading stdwinjector...

Posted 2014-09-16 15:48:29 by tedu Updated: 2014-09-16 22:53:32
Tagged: c programming x11


At the g2k14 hackathon in July, I thought about a new interface for SSL connections. One of the most frequent complaints from OpenSSL users was that it was too much work to do anything, and one of the most frequent complaints from advanced users was that it was too much work to do anything correctly. Notably, failure to check the hostname in the cert against the hostname of the network connection is an unfortunately common mistake. And so was born the ressl (reimagined SSL) interface. Joel Sing (jsing) ended up implementing it first, putting the libressl in LibreSSL.

One of our strict guidelines was that we would not expose any OpenSSL data structures to the user. The biggest problem with the existing libssl API was that the underlying X.509 data structures poked through. Nobody cares about ASN.1 or X.509. Nobody wants to care. As one can see by reviewing the <ressl.h> header, only ressl types are exposed. Only the implementation knows about libssl and libcrypto, and in fact, it’s not even guaranteed that the implementation does know about them.

Continue reading goreSSL...

Posted 2014-09-10 15:45:23 by tedu Updated: 2014-09-10 15:45:23
Tagged: c go openbsd programming

OpenBSD version numbers

OpenBSD has lots of version numbers, each incremented at their own pace and for their own reasons. Here’s a rundown.

The OpenBSD version number, the number you’re probably most familiar with, is incremented by 0.1 every six months. This increment happens regardless of the changes made. Every release adds some new features, fixes some old bugs, probably adds a new bug or two, and, if I have anything to say about it, removes some old features. The six month release cycle has priority over development, meaning if a feature isn’t ready, it waits for the release after; the next release doesn’t wait for the feature.

Pretty much anything can change between versions. The kernel interface (more on this later) can change, such that software developed for 5.4 won’t run on 5.5. The behavior of command line tools can change. The format or organization of config files in /etc (pf.conf) can change. The existence or absence of third party software like nginx or sendmail can change. Numbers are decimal; after X.9 they roll over to Y.0 without fanfare. Perhaps the only time that version change seemed significant was 3.0, with the coincidental introduction of pf. But 4.0 and 5.0 were probably less remarkable.

Continue reading OpenBSD version numbers...

Posted 2014-09-05 15:24:07 by tedu Updated: 2014-09-05 21:44:10
Tagged: openbsd software

won't contain gluten in the bag

They’re potato chips. Why would they have gluten? “Gluten free” is the new “won’t turn pink in the can”.

Posted 2014-09-03 19:08:01 by tedu Updated: 2014-09-03 19:08:01
Tagged: business food quote