Documentation is good, so therefore more documentation must be better, right? A few examples where things may have gotten out of control.

more...

Why don’t unix commands have any vowels in the name? cp and mv are obviously devoweled standins for copy and move. But they’re less intuitive for new users. The user wants to copy a file. Why shouldn’t the name of the command be exactly the operation the user wants to perform?

What exactly does the user want to do? Instead of copying files, maybe I want to link two files. What does that mean? In unix, we have hard links and symbolic links. If I replace the “original” file, do I want the link to refer to the original file or the replacement? Or maybe what I mean by link two files is to combine two object files into an executable. Do we call that loading instead? ln is the name of a command, but link is the name of a concept. And sometimes the concept evolves over time. The linker is called ld because it used to be the loader. (I think.)

grep is a remarkably useful tool, but with a most unintuitive name. Why not call it find like Windows does? I want to find some text, I run find. So obvious. But some users may want to find files in the filesystem, not strings in a file. What command do they run? Probably locate.

There may be a great deal of historical accident in the names of commands (what if the inventors of awk had different initials?), but that doesn’t mean we can’t recognize the value of unique and precise identifiers.

The Solitaire cipher is perhaps the best known encryption algorithm implemented with a deck of cards. Ignoring security, it has a few drawbacks. It’s pretty complicated. I can never quite remember the rules. Sure, with practice it’s possible to memorize, but ideally we want something easy to teach. It’s also pretty slow. Even with practice, the shuffling and cutting manipulations take time.

more...

Unlike other languages which have one preferred means of signalling an error, C is a multi error paradigm language. Error handling styles in C can be organized into one of several distinct styles, such as popular or correct. Some examples of each.

more...

Exciting changes to support more hardware.

But first, normalize bind function names in cwm.

Implement the connection state machine for OpenFlow in switchd.

Disable the laser.

New elements to test your knowledge.

Better support for multiple DHCP relays.

Merge Mesa 13.0.2. Also, less pythonic mesa builds.

TSC timecounter is in.

And now we reach the part where I broke marc.

aoyama added a new device xp(4), preliminary support for LUNA’s I/O processor.

visa fixed octeon to handle (ignore) really small physical memory segments. This was once a problem on x86 machines as well, where you might have 3.9GB of memory split across 3 segments, and 256K split across 44 segments. Diminishing returns to tracking all these tiny segments, so it’s often better to ignore them entirely.

stsp completed the half-done implementation of TKIP countermeasures in hostap mode. Instead of disabling the AP until reboot (!), only disable for 60 seconds as standard specifies. Of course, this is still a DOS waiting to happen. And so, now that it works, the next step was to disable TKIP (WPA1) by default. It remains for compat reasons, but must be requested via ifconfig.

patrick imported OpenBSD/arm64, the strange love child of PowerPC pmap, loongson, arm/armv7 code and
FreeBSD aarch64 code.

mpi introduced the NET_LOCK() a rwlock used to serialize accesses to the parts of the network stack that are not yet ready to be executed in parallel or where new sleeping points are not possible.

mikeb added experimental support for device hot-plugging to xen.

patrick changed libc++ and clang to compile with clang, a step in the direction of self hosting clang ports.

There are any number of ways to exfiltrate data via covert channels. For example, a popular technique is to make DNS lookups for a series of hostnames like “attack.example.com”, “atdawn.example.com”, etc. which will be passed through most firewalls. For a long time DNS requests weren’t monitored, but savvy network operators have grown wise. So if we wanted to beam some data off a device surreptitiously, what else can we do?

more...

So Apple no longer knows how to make a battery meter. The good news is OpenBSD is still here for all your desktop needs. How does its battery meter work?

more...

Things happened. In November.

more...

So there’s a buffer overflow in link_ntoa. What does this mean? CERT says an attacker may be able to execute arbitrary code, but who can be an attacker? Where is link_ntoa used?

What does link_ntoa even do? I’ve never heard of this function before.

     The link_ntoa() function takes a link-level address and returns an ASCII
     string representing some of the information present, including the link
     level address itself, and the interface name or number, if present.  This
     facility is experimental and is still subject to change.

Networking something or other I guess.

First place to look is in libc itself, where the function lives. The implementation lives in net/linkaddr.c but it’s the declaration that’s of particular interest.

./hidden/net/if_dl.h:PROTO_DEPRECATED(link_ntoa);

The PROTO_DEPRECATED macro marks a function as exported from the library, but not for use internally. We can also verify with grep that nothing in libc calls link_ntoa, but with the symbol marking we can be confident we haven’t missed any thing.

Moving on to base, we find a few occurrences.

sbin/route/route.c:             printf("%s: link %s; ", which, link_ntoa(&su->sdl));
sbin/route/show.c:              return (link_ntoa(sdl));
usr.bin/netstat/show.c:         return (link_ntoa(sdl));

This is used to print route information obtained from the kernel. So if you haven’t patched yet, before you run route show again, make sure you trust the kernel.

I’ve had a paper copy of Transmetropolitan Volume 1 sitting around the house for about a year, but finally sat down and read it last week. Immediately ordered the full set of ten volumes. (This was an easier decision when the Kindle version was only $6.) I was startled by how it’s a marvelous commentary on current culture and events. At first glance, I saw the copyright date for the collected volume, which is 2009, but the original issues were published starting in 1997. Twenty years later it’s still fresh.

Each volume collects six issues and represent a single story arc, although the volumes also fit together pretty tightly. Most issues are fairly typical narratives (but in a very atypical world), but there’s usually about one more experimental issue per volume. It takes about half of the first volume to establish the world and get up to speed, but after that it’s full steam ahead.

I’d summarize the themes and aspects I really like, but that’s actually pretty hard. Better to just recommend you read it for yourself. Not much of a review. Some panels I liked, which seem relevant.

On callous indifference.

On advertising and tracking culture.

On elected officials.

On tech centric lifestyles.

Haven’t finished the entire series yet, but it’s been great so far.