guest - flak

best of seven elections

Here’s a proposal for a new voting system that solves the problems of day after regret and “I didn’t think it mattered” common to current voting systems. Over the course of seven days, seven independent elections are held, each with the same ballots. The results of each election are calculated separately, and the ultimate winner is the best of seven, or four. As an added wrinkle, each voter will be restricted to voting three times, although they may choose any three of the seven to participate in.

First, this solves the problem of voter regret. If, after your first vote, you realize you hung the wrong chad, casting the balance of the two remaining votes in opposition will effectively reverse it.

Second, it allows apathetic voters to see which way the wind is blowing. If the first few votes turn out to be very close, then newly interested voters will have the opportunity to express their opinion in the later elections. Turn out the vote campaigns will be freshly energized by demonstrating how important each vote is. On the other hand, if the results can be decided early, those voters can spend their valuable time playing LoL.

Motivated voters can choose to vote early, in the vanguard, in an effort to establish momentum. Others may choose to hang back deliberately, saving their votes for a knock out in the later rounds.

Additionally, if a voter is unable to vote on a particular day because little Timmy fell down the well, this system provides them with multiple opportunities to cast a makeup vote (barring any last day mishaps).

Sounds like a plan?

Posted 2016-06-25 21:05:59 by tedu Updated: 2016-06-25 21:20:26
Tagged: politics rants

true string indices

The other day cperciva answered why strchr returns a pointer. Many other languages do return an offset, but of course many of those lanuages don’t have pointers. Poor things. I happened to be writing a bunch of code using strchr recently, and needed both pointers and offsets.

Let’s imagine we have two similar functions, strchr and index.

Continue reading true string indices...

Posted 2016-06-24 13:42:27 by tedu Updated: 2016-06-25 17:03:49
Tagged: c programming

timeline of libexpat random vulnerability

libexpat calls rand to obtain a secret hash salt. That’s not good. Actually, as far as vulnerabilities go, it’s pretty chickenshit, but perhaps there’s a lesson to be learned.

2012-03-24 - libexpat 2.1.0 released with a fix for an algorithmic hash table attack (CVE-2012-0876). It uses rand() seeded by srand(time(NULL)) to obtain a hash table salt.

2012-04-01 - libexpat 2.1.0 imported to OpenBSD. The rand calls are replaced with arc4random as spotted by deraadt and nicm. April Fools!

2012-04-05 - A public report that using random may be too predictable.

2013 - Tick tock.

2014 - Tick tock.

2015-02-07 - Redhat bug filed. The complaint is not that rand is a poor choice for secret salts, but that calling srand interferes with the proper malfunctioning of other rand consumers.

2016-06-04 - libexpat is the proud recipient of two more CVE awards. By sheer miraculous luck, OpenBSD is not susceptible. Users of other operating systems need not be alarmed as libexpat has been patched to use getpid as a source of entropy as well.

const unsigned long entropy = gather_time_entropy() ^ getpid() ^ (unsigned long)parser;

Lesson to be learned? Sometimes bad things happen and there’s nothing we can do to prevent them. So it goes.

Posted 2016-06-10 05:40:40 by tedu Updated: 2016-06-10 05:40:40
Tagged: openbsd security software

select works poorly

At the bottom of the OpenBSD man page for select is a little note. “Internally to the kernel, select() and pselect() work poorly if multiple processes wait on the same file descriptor.” There’s a similar warning in the poll man page. Where does this warning come from and what does it mean?

The code to implement these system calls lives in src/sys/kern/sys_generic.c. Despite differences in interface, the internal implementation is mostly shared, which is why they both have the same affliction. select and poll both scan a set of file descriptors for readiness, then if none are ready we sleep and wait.

The primary function for sleeping is tsleep, which requires a wait channel. Conceptually similar to a condition variable. At some later point, when something changes, another process or interrupt will call wakeup on the same wait channel and we’ll resume running. For example, if we’re trying to read from a pipe, but there’s no data, we’ll sleep using the address of the pipe data structure. When data is written to the pipe, it will call wakeup with the same address. We only wake up the reader(s) of this pipe, and don’t disturb the slumber of all the readers blocked waiting on other pipes.

Continue reading select works poorly...

Posted 2016-06-07 13:59:14 by tedu Updated: 2016-06-07 13:59:14
Tagged: c openbsd programming

accidentally nonblocking

A continuation, perhaps culmination, of a series that includes rough idling, firefox vs rthreads, and browser ktrace browsing.

I really like using ktrace to inspect programs. It’s somewhat primitive, to be sure, and unlike source review, it can be difficult to understand the programmer’s intentions. However, my CPU doesn’t execute intentions; it executes instructions.


Browser source code can be nearly impenetrable due to size, but some other programs share similar behaviors. Perhaps they will prove a tractable target for further investigation. xterm contains some code that looks about like this. (Despite the “Abandon All Hope” warning at the entrance to this ifdef maze, I still found it quite navigable.)

Continue reading accidentally nonblocking...

Posted 2016-06-06 05:41:09 by tedu Updated: 2016-06-06 12:57:18
Tagged: c network openbsd programming

pedobear uses a macbook

Based on the fact that Ars Technica likes to use a MacBook keyboard to illustrate many of their child porn related stories, I conclude that’s pedobear’s preferred computing device.

Don’t be a creeper: use a ThinkPad.

Posted 2016-06-04 17:52:12 by tedu Updated: 2016-06-04 17:52:12
Tagged: magreview quote

browser ktrace browsing

The key to understanding how modern browsers work is to observe them in action. For this, we can use ktrace. I’ve posted a few ktrace snippets before, but here’s some new ones to aid in our understanding. Even if we don’t learn anything, deciphering ktrace and kdump output is a pretty useful skill. I use ktrace to verify software I write does what I think I expect. Using ktrace on other people’s software is like a never ending set of practice exercises.

All of the kdump output below has the same form. Process and thread ID, name, timestamp, record type, data.

On the surface, Firefox looks like a pretty simple program with few dependencies:

Continue reading browser ktrace browsing...

Posted 2016-06-03 14:48:57 by tedu Updated: 2016-06-03 14:48:57
Tagged: software


An amazing show. Sat down to watch one episode of Humans and watched the entire season in one six hour sitting.

The premise is a world much like our own, but with mostly perfected android technology. The synths appear human and have a sufficiently advanced AI to interact with humans. They are not, however, self aware. Except for a select few, which have been captured, wiped, and returned to service. Now they need to find each other while hiding their true identities, especially from the secret synth police chasing them. Apart from some of the worst examples of technobabble posing as computer jargon, the show works and is very well made. I’ll just assume that robotic AI is very complex, and they borrowed jargon from simpler fields.

Continue reading humans...

Posted 2016-05-19 20:34:43 by tedu Updated: 2016-05-19 20:34:43
Tagged: moviereview

file considered harmful

Yes, actually harmful.

The file utility can be useful. Don’t know what program to open a file with? Run file and it will tell you. Of course, sometimes file will be wrong and misidentify the file type. This may be inconvenient, but at least as a user you still have the option of trying to run another program.

Except when you don’t. What happens when file (or its programmatic buddy, libmagic) is not a hint, but a gatekeeper? What happens when some application determines its behavior based on the output of file?

What happens is you can’t print on Tuesday.

Or you can’t print particular documents that contain inappropriate phrases.

Or you can’t launch a browser and consequently prevent Firefox from providing ASLR enabled builds.

Something tells me these won’t be the last three bugs.

A program that helps users is useful. A program that restricts users is harmful. Run file on your computer all you want, but don’t use file to limit what I can do.

Posted 2016-05-18 18:11:51 by tedu Updated: 2016-05-18 18:11:51
Tagged: bugs rants software

the day some of the DNS stopped

For the past few months, my iPhone has had a peculiar bug. Apple services didn’t work in my house. I could listen Amazon music, but not Apple music. I could update my Facebook status, but not the Facebook app itself. I could read Apple’s website and learn about security updates in the latest version of iOS, but not download them.

If I disabled wifi, all of these things became possible. Of course, that meant burning through cellular data. And important iOS updates can’t be downloaded except via wifi. If I walked down to a Starbucks and used their wifi, I could download everything. By process of elimination, I concluded the problem was not the phone, Apple’s services, the wifi radio, etc. The problem was local to my home network. (Or perhaps somewhere one step beyond, in the ISP network, but that seemed a somewhat less likely suspect. Also, multiple other local wifi networks worked.)

Continue reading the day some of the DNS stopped...

Posted 2016-05-17 23:45:14 by tedu Updated: 2016-05-17 23:45:14
Tagged: network openbsd