flak rss random

documentation is thoroughly hard

Documentation is good, so therefore more documentation must be better, right? A few examples where things may have gotten out of control.

more...

Posted 18 May 2017 20:24 by tedu Updated: 19 May 2017 02:48
Tagged: openbsd software

meaningful short names

Why don’t unix commands have any vowels in the name? cp and mv are obviously devoweled standins for copy and move. But they’re less intuitive for new users. The user wants to copy a file. Why shouldn’t the name of the command be exactly the operation the user wants to perform?

What exactly does the user want to do? Instead of copying files, maybe I want to link two files. What does that mean? In unix, we have hard links and symbolic links. If I replace the “original” file, do I want the link to refer to the original file or the replacement? Or maybe what I mean by link two files is to combine two object files into an executable. Do we call that loading instead? ln is the name of a command, but link is the name of a concept. And sometimes the concept evolves over time. The linker is called ld because it used to be the loader. (I think.)

grep is a remarkably useful tool, but with a most unintuitive name. Why not call it find like Windows does? I want to find some text, I run find. So obvious. But some users may want to find files in the filesystem, not strings in a file. What command do they run? Probably locate.

There may be a great deal of historical accident in the names of commands (what if the inventors of awk had different initials?), but that doesn’t mean we can’t recognize the value of unique and precise identifiers.

Posted 03 Mar 2017 02:31 by tedu Updated: 14 Jun 2017 22:55
Tagged: rants software

RC40 card cipher

The Solitaire cipher is perhaps the best known encryption algorithm implemented with a deck of cards. Ignoring security, it has a few drawbacks. It’s pretty complicated. I can never quite remember the rules. Sure, with practice it’s possible to memorize, but ideally we want something easy to teach. It’s also pretty slow. Even with practice, the shuffling and cutting manipulations take time.

more...

Posted 10 Feb 2017 14:27 by tedu Updated: 10 Feb 2017 14:27
Tagged: gadget security

to errno or to error

Unlike other languages which have one preferred means of signalling an error, C is a multi error paradigm language. Error handling styles in C can be organized into one of several distinct styles, such as popular or correct. Some examples of each.

more...

Posted 24 Jan 2017 20:52 by tedu Updated: 24 Jan 2017 20:52
Tagged: c programming

go garbage collector and liveness

Depending on language, compiler, and runtime, sometimes the garbage collector needs a few hints from the programmer. You know you’re done with an object, but to the GC, if a variable appears live, it can’t be collected. Sometimes the problem really is programmer error, as objects continue to collect in a container that’s never inspected. Other times the variable will be overwritten soon enough, but does it help to overwrite it sooner?

more...

Posted 02 Jan 2017 15:18 by tedu Updated: 03 Aug 2017 15:25
Tagged: go programming

2016 computer review

Where are they now followup review for some computers, some from before 2016 even. Three sets of three computers.

more...

Posted 30 Dec 2016 17:03 by tedu Updated: 30 Dec 2016 17:03
Tagged: computers

exfiltration via receive timing

Another similar way to create a backchannel but without transmitting anything is to introduce delays in the receiver and measure throughput as observed by the sender. All we need is a protocol with transmission control. Hmmm.

more...

Posted 22 Dec 2016 15:20 by tedu Updated: 22 Dec 2016 15:20
Tagged: c network programming security

openbsd changes of note 4

Exciting changes to support more hardware.

But first, normalize bind function names in cwm.

Implement the connection state machine for OpenFlow in switchd.

Disable the laser.

New elements to test your knowledge.

Better support for multiple DHCP relays.

Merge Mesa 13.0.2. Also, less pythonic mesa builds.

TSC timecounter is in.

And now we reach the part where I broke marc.

aoyama added a new device xp(4), preliminary support for LUNA’s I/O processor.

visa fixed octeon to handle (ignore) really small physical memory segments. This was once a problem on x86 machines as well, where you might have 3.9GB of memory split across 3 segments, and 256K split across 44 segments. Diminishing returns to tracking all these tiny segments, so it’s often better to ignore them entirely.

stsp completed the half-done implementation of TKIP countermeasures in hostap mode. Instead of disabling the AP until reboot (!), only disable for 60 seconds as standard specifies. Of course, this is still a DOS waiting to happen. And so, now that it works, the next step was to disable TKIP (WPA1) by default. It remains for compat reasons, but must be requested via ifconfig.

patrick imported OpenBSD/arm64, the strange love child of PowerPC pmap, loongson, arm/armv7 code and
FreeBSD aarch64 code.

mpi introduced the NET_LOCK() a rwlock used to serialize accesses to the parts of the network stack that are not yet ready to be executed in parallel or where new sleeping points are not possible.

mikeb added experimental support for device hot-plugging to xen.

patrick changed libc++ and clang to compile with clang, a step in the direction of self hosting clang ports.

Posted 20 Dec 2016 17:25 by tedu Updated: 20 Dec 2016 17:25
Tagged: openbsd

exfiltration via request timing

There are any number of ways to exfiltrate data via covert channels. For example, a popular technique is to make DNS lookups for a series of hostnames like “attack.example.com”, “atdawn.example.com”, etc. which will be passed through most firewalls. For a long time DNS requests weren’t monitored, but savvy network operators have grown wise. So if we wanted to beam some data off a device surreptitiously, what else can we do?

more...

Posted 19 Dec 2016 17:30 by tedu Updated: 19 Dec 2016 17:30
Tagged: c network programming security

watt time is left

So Apple no longer knows how to make a battery meter. The good news is OpenBSD is still here for all your desktop needs. How does its battery meter work?

more...

Posted 16 Dec 2016 13:49 by tedu Updated: 16 Dec 2016 13:49
Tagged: computers openbsd software