Received an email from United today. I guess one way to do translations is to just dump them all in the email and have the user select one?

$select(lookup(ML_LANG_CD), EN, MileagePlus Monthly Statement, ES, Estado de cuenta de MileagePlus, PT, Extrato do MileagePlus, JA, 月マイレージプラスご利用明細書, CH,前程万里 (MileagePlus) 邀约)$

Some idle thinking about what makes language succeed and replace their predecessors to go with the alpha release of rust. Mostly it comes down to not just being better, but solving a specific problem in a concrete way.

more...

A selection of random numbers regarding source changes in 2014. (src only, I don’t have ports or xenocara repos handy.)

At the high level, there were of course two releases, 5.5 and 5.6, each better than never ever before. They came out on time, much like the 35 releases before them.

The first commit of 2014 was to bump the copyright date, but then jsing jumped the gun and bumped it again at the end of the year, resulting in a copyright year one day shorter than the calendar year. Last commit, for the curious.

The top three committers for the year:

deraadt   995
tedu      913
miod      746

As far as slackers go, competition was fierce to commit the least, resulting in an eight way tie.

avsm        1
bmercer     1
jeremy      1
kirby       1
maja        1
nick        1
rpointel    1
stu         1

Who were the most productive developers? Top three in terms of lines added:

jmatthew    32799
afresh1     24880
daniel      19534

Files added:

schwarze      446
djm           105
bluhm         104

In order to prevent cvs from filling up with all this code, it’s necessary to delete some old code. Who’s to blame for the billowing smoke? Same top three for lines and files.

reyk      -848108   -3264
deraadt   -523341    -893
miod      -277918   -1209

Special mention to jsing for achieving the most churn and smallest net gain by adding 153802 lines and deleting 152604.

The three most popular files:

usr.bin/signify/signify.c        90
usr.sbin/sysmerge/sysmerge.sh    88
usr.bin/mandoc/mandocdb.c        85

Too many unpopular files to list.

Totals:

commits           11044
lines added     1192696
lines deleted   3484520
files added        2653
files deleted      9995

I was watching some Netflix (Joss Whedon Astonishing X-Men) on my iPad. I take a break and I’m catching up on some reading in Safari, when suddenly the next episode starts playing in the background. Not a short while later, but probably about 30 minutes later. It was weird and quite unexpected.

more...

A short review of Godus, iPad edition. It’s a modern update of Populus, one of my Super Nintendo favorites. You squish the earth around, let your idiotic worshippers build homes, and rain destruction on the blasphemous other tribe. It’s fun, especially to start, but then starts slowing down and running into some serious limitations.

more...

End of the year bug? Or always bug? Dunno. Seen at Starbucks.

Also, “try not to lose this page“? For serious?

Making encryption easier and accessible is all the rage. From a programming perspective, one of the most frequent suggestions is to use nacl. I have a few gripes with it.

more...

Here at 31C3, Sebastian Schinzel just gave a presentation based on Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks. The particular attack that caught my eye was the failure to generate a fake PMS before checking for bad padding, not after. Doing it afterwards exposes a timing difference of up to a few microseconds which can be measured over the network.

Of course, this depends on the OpenSSL RAND_pseudo_bytes function taking a measureable amount of time. In LibreSSL, we replaced the random number generator with arc4random which should be much faster. Time to measure. Thanks to benno for setting me up with a 5.5 test machine. (5.5 is the perfect release to test: new chacha20 arc4random, but still vanilla OpenSSL.)

#include <openssl/rand.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <machine/pctr.h>

int
main(int argc, char **argv)
{
        uint64_t before, after;
        int i;
        char buf[48];

        for (i = 0; i < 100; i++)
                RAND_pseudo_bytes(buf, sizeof(buf));
        before = rdtsc();
        for (i = 0; i < 10000; i++)
                RAND_pseudo_bytes(buf, sizeof(buf));
        after = rdtsc();
        printf("RAND_bytes duration: %f\n", (after - before) / 10000.0);
        for (i = 0; i < 100; i++)
                arc4random_buf(buf, sizeof(buf));
        before = rdtsc();
        for (i = 0; i < 10000; i++)
                arc4random_buf(buf, sizeof(buf));
        after = rdtsc();
        printf("arc4random duration: %f\n", (after - before) / 10000.0);
        return 0;
}

Results:

RAND_bytes duration: 24759.2385000
arc4random duration: 2376.2070000

10x faster. Not bad. That microsecond timing attack is now a nanosecond timing attack (albeit for larger values of nanosecond.)

There’s a “smart” shortcut one can take when writing a comparison function (such as for qsort or an RB tree): return the difference between two numbers. Unfortunately, it’s not very smart.

int
compar(int x, int y)
{
        return x - y;
}

Consider x = 4 and y = 6. This does indeed return a negative number (-2), to indicate that x is less than y. If x = 5 and y = -3, then it returns 8 (positive). Two test cases, all passing. Mark it done.

But wait. What if x = 1987654321 and y = -1987654321? Then the difference between them is -319658654 (negative) which proves that x is less than y. That’s less than correct. (Never mind the undefinedness of sign overflow; unsigned won’t save you here.)

Unfortunately, this idiom keeps coming back, probably because some people cheat when writing examples and then other people cheat and copy example code without thinking. Long ago, I fixed one example in the tree man page. A Google search reveals that the practice is both common and widely known to be dangerous.

Even so, it continues to happen even in production code. I noticed in passing this problem existed in nsd. Coincidentally, otto just spent a few days pulling his hair out because nsd was spinning in an infinite loop because a corrupted tree contained a loop, only to find the broken comparison was precisely the problem.

Moral: Don’t do subtraction instead of comparison, even if they tell you “look how cool this is” at school!

Not always, but more frequently than never, I manage Firefox’s cookies by hand. Seeing what’s set, clearing out some I don’t like. Recently I discovered the button to do so in the Preferences dialog had disappeared from the Privacy tab.

Where did it go? It’s hiding under the history section. You have to change Firefox will: “Remember history” to “Use custom settings for history” and then the “Show Cookies...” button reappears. Because that totally makes sense. Just looking at cookies clearly requires that I also change to custom history settings.