* Posts by Gunnar Wolf

43 posts • joined 23 Nov 2008

Seagate flashes 60TB (yes, sixty) SSD monster

Gunnar Wolf

Mind you, remember that seasoned RAID administrators recommend to either build arrays from different brands/models of hard drives, or to be *very* reactive in replacing a failed drive right away *and get an extra one handy*, because drives coming from the same batch will probably have the similar kind of defects, and their useful life will be quite similar. So, if you buy 24×2TB SDDs today and arranging them on some level of redundancy, you are not getting 24 times better redundancy. Some 10 times, perhaps (which is nothing to despise, of course!)

Bruce Schneier's Data and Goliath – solution or part of the problem?

Gunnar Wolf
Big Brother

What's your really valuable data then?

James: You might fill in lots of little white lies. But you also fill in distilled truth: Who your real friends are? Not those on your list, but those you hold correspondence with. Where did you grow up? Not where you told your profile you did, but the place you uploaded all those childhood pictures from — And the place you have in common with a third of your friends. Where do you work? Not where you told your profile, but where you connect from during daytime. There's too much real data you are not hiding from them.

'Utterly unusable' MS Word dumped by SciFi author Charles Stross

Gunnar Wolf
Linux

Re: Doubly unusable if he moved the document

Charlie,

I have gone (twice!) through the process of publishing a book.The first one was basically prose, in a scholarly setting (published by a university), the second one is a technical one. I chose to use LaTeX, the first one written straight in LaTeX, and the second one via Emacs in org-mode. And yes, the correction/edition process was painful. They want to use Word, I certainly don't. It was quite an issue to get them to accept to use red-ink over paper, and I had to incorporate it all... Painful, but OTOH way better than finding out the changes in Word and going back to my Sacred Originals.

Of course, teaching LaTeX to the editor is just out of the question!

It's 2015 and ATMs don't know when a daughterboard is breaking them

Gunnar Wolf

Re: First rule

In Mexico, if you make a withdrawal for less than your daily ATM allowance, a commission is charged.

Of course, I'd be happier if that commission was bonified to the poor sod-behind-the-counter's salary, which I don't expect to be very big.

Kim Dotcom vows to KILL SKYPE with encrypted MegaChat

Gunnar Wolf
Linux

In this case, it's just a matter of configuring what's already there

The SIP technology has already been delivered to browsers (i.e. Jitsi, ReSIProcate) and can be even delivered with a Drupal module (Drucall). Only a SIP presence provider (i.e. the centralized part of the service) is needed to be set up. So, contrary to what the article says, I do not liken this to Dotcom's "Unbreakable" Mega: This is a simple-ish configuration of a well-known, much-tested, much-deployed set of tools.

Disk areal density: Not a constant, consistent platter

Gunnar Wolf
Holmes

Been that way for many many years

As there's quite a bit of logic to using shorter angled sectors on the external tracks of a disk, this has been in use since the 1980s. Originally it was quite expensive, and each area of the disk had to be rotated at a different speed (i.e. the original Macintosh floppies), but it is now achieved with heads that are able to read/write at different linear speeds.

I'm linking to this Wikipedia article as I contributed some bits to it ;-)

https://en.wikipedia.org/wiki/Zone_bit_recording

E-vote won't happen for next Oz election

Gunnar Wolf
Thumb Up

Good for Australia

I can only wish other countries' legislatures or electoral bodies had the insight that Australians have. Pushing e-voting solutions sounds like a political win, as most of the population will have a warm fuzzy feeling that the politicians want to make things more transparent, but are always a security disaster. I'm very happy this decision was taken to the right side: NO e-voting.

Canonical pushes LXD, its new mysterious drug for Linux containers

Gunnar Wolf

Re: Paravirtualisation?

No, it's not paravirtuali[sz]ation — It's based on containers. Think vserver (hot in ~2007-2009), openvz (did it ~2009-2012) or lxc (Linux Containers, in the main Linux tree for quite a long time. I'm using it ever since). Now... What I fail to understand from the summary is how it differs from lxc (besides substituting a 'c' for a 'd'). If it's taking Docker and making it go for a full Linux OS instead of just an app... It's just peeling a layer off it, and going back to the regular lxc?

The late 2014 Apple Mac Mini: The best (and worst) of both worlds

Gunnar Wolf

Re: Laptop

Well, the main justification for using a slow 5400RPM HDD is the lower power consumption. I label that as a laptop part.

Also, for a MacOS machine, shipping with embedded graphics seems to follow a similar reasoning. MacOS machines do a lot of compositing, even if just for the base desktop tasks, and do get benefit from a "proper" independent video card.

Gunnar Wolf

Depends on your view...

At some point, I bought two Macs. I could barely stand the usability of their desktop compared to my traditional Linux environments (and no, I'm not a GNOME or KDE person, I use just a tiling window manager with various applications).

Maybe a month after I bought both Macs, they both were reinstalled with Linux. And nowadays, several years later, whenever I sit at a Mac, I have to accept the desktop is beautifully unusable. Hell, even give me Windows anyday, I'll take it over MacOS.

I am Police Sergeant L. Torvalds! Stop or I'll shoot

Gunnar Wolf
Angel

Re: Linus don't need no gun

Best protection she can get at him trying to write a new filesystem.

(Or what was the thing that Mr. Reiser did?)

SMASH the Bash bug! Apple and Red Hat scramble for patch batches

Gunnar Wolf
Linux

Re: Because the flaws were very different

If I recall correctly, Debian used dash because they are still using System V init, and dash started up quicker than bash and Debian were looking for faster boot up times

It is one of many reasons. But if we were to find one single reason, I'm sure we'd end up finding my friend Raphael Geissert sitting on it: He was quite active for some time finding and explaining bashisms, different constructs which are handy but break strict-POSIX shell programming. Allowing the system to properly run with a strict POSIX shell benefits low-disk-space systems (i.e. the embedded world), allows for faster start-up times, and leads to less head-scratching due to hard to identify bugs.

If I recall correctly, the drive to migrate the default shell from bash to dash was in 2009, somewhat before the migration to Upstart/SystemD/OpenRC/AnyOtherInitStyle.

- Just One More Debian Developer ;-)

US Copyright Office rules that monkeys CAN'T claim copyright over their selfies

Gunnar Wolf
WTF?

Jurisdiction?

The owner of the camera is British.

Wikimedia is a global project.

The monkey is Indonesian.

How and why is this ruled by a US copyright office? What does their opinion matter in any of the involved jurisdictions?

ABANDON CLOUD! Docker Linux containers spring a security leak

Gunnar Wolf
Linux

If I get this correctly...

The container security is only doomed if you do have all of the contained systems in the same filesystem. It is relatively common practice to set up a different filesystem (I do it with LVM) for each of them, and AFAICT, you would not be able to link to any inodes outside of it.

I would like to know how this works WRT ZFS/BTRFS filesystem subdivisions. Don't have any hands-on experience... But if I understand the layout correctly, they would be still compromised.

The Death of the Corporate Network Perimeter

Gunnar Wolf
WTF?

404 all over...

It only makes sense that 404 people responded to an unavailable report (or... Why else would it read "link to report: xxxx"?)

Reg guys: Please provide the report!

Anatomy of OpenSSL's Heartbleed: Just four bytes trigger horror bug

Gunnar Wolf
Black Helicopters

Re: OpenSSL is open source, most financial institutions don't use open source encryption.

You say¸ «It might mean revoking your SSL certificates and getting new ones. Pricey if you have a lot, and time consuming.»

If you have a remote code execution or a privilege escalation bug, and your server gets owned... it's game over. The attacker might have already grabbed your certificates, as well as any information in your server. Get owned, and you will anyway have to revoke every certificate — and user credentials.

Gunnar Wolf
Boffin

A bug in a library is always worse, but...

The "terrible" bit in this bug is because it happened in a very widely used system library, but just because you asked, you can look at:

http://seclists.org/fulldisclosure/2014/Apr/108

A zero-day bug uncovered today, making IIS servers vulnerable. Yes, to very different issues, but still, getting user-level read+exec privileges to your system means game over. Just as much as this (big, very big) program, or even more.

There have been several big information disclosure, code execution and login credentials "mismanagement" bugs in IIS. The reason Heartbleed is more important is because it is a (gross!) library-level bug — which means that potentially hundreds of programs using said library are using broken controls.

Gunnar Wolf
Big Brother

Verisign provides certificates...

But in order to use Verisign, you need some tool or library to take care of the communication. That's where OpenSSL kicks in. And, yes, it's used "all over the place", not just in Linux.

Gunnar Wolf
Linux

Rust would help, but there's a reason it's not used there

System libraries usually need to be implemented in the most efficient possible way. That efficiency is achieved by working as close as possible to the "bare metal" — And C gets you there. For code that will be executed thousands of times every minute, in millions of servers all around the world (such as OpenSSL), this efficiency is a must.

And when writing in a language without the memory management bits we have come to get used to... does not come without a price. Writing in C means you have to be much more careful — precisely because of this kind of issues.

Qantas' biggest problems are … Apple, Samsung and Google?

Gunnar Wolf

Not my usual routes, however...

I have never travelled to Oceania, so Qantas is completely off my map. But living in Mexico and having an Argentinian wife means a sizable chunk of our money goes to the airline that best delivers us South for vacations.

We have taken Aeromexico, which has direct flights between Mexico and Argentina, and seems to be on the same league as what you describe of Qantas. But it is oh-so-expensive, we have only used it in recent years when we could "pay" with miles flown with LAN (thankfully in an alliance).

Now, LAN is a Chilean airline. We sometimes lay over in Chile, sometimes in Peru. LAN has a better entertainment system, yes, but I don't really mind it so much — I can perfectly stand being bored for twelve hours, the world won't stop turning. And yes, I don't travel without my Kindle. But the differentiator for me (besides being cheaper) is that it has better seating. I am not _that_ tall (1.85) although am somewhat overweight, but I just fit better in LAN's aircraft. And that's worth a lot.

What we think to do next time, however, is not to choose based on neither of those factors: We will try to fly to Rosario, via Brazil. This means, the trip will be a bit longer, maybe even a bit more expensive, but we will avoid the quite uncomfortable transit from the international airport to Buenos Aires, and then 3hr of the trip North by land (our family lives ~500Km from Buenos Aires).

Italian woman stunned by exploding artichoke

Gunnar Wolf
Trollface

Re: I'd be more worried

Hey now, are you a racist pig? Eating beans is *in no way* related to drugdealing-induced violence here in Mexico!

Ballmer: 'We made more money than almost anybody on the PLANET'

Gunnar Wolf

Apple's first tablets...

Say what? A decade before Apple's tablets? Remember Apple had the Netwon pad in the 1990s. Yes, it was a huge flop. But earlier Windows tablets were neither a very good sell.

Richard Stallman decides Emacs should go WYSIWYG

Gunnar Wolf
Thumb Up

Re: Tell you what I would like...

Then go look at Org-mode. It's really a breeze to use, a very intuitive and rich markup language, with all kinds of export filters for different formats — I most often use LaTeX for PDF generation and HTML, but you can export Org documents to Docbook, even to ODF.

Besides, for fine-controlling the layout exports' presentation details, you can include little snippets. As an example, if you want a figure to be placed spanning two thirds of the text width when outputting to TeX, or 500px when outputting to HTML, just do:

#+caption: This caption will hang below the figure

#+latex_attr: width=0.66\textwidth

#+html_attr: width="500"

[[img/foo.img]]

And yes, that's as heavy as the markup goes. It's often almost indistnguishible from straight text. Oh, and for WYSIWYGers: Emacs *will* render in different faces italic, bold or other kinds of text, headers, etc. Of course, they will not be rendered as they appear on the final document (as Emacs does not even attempt to know which will that final document's export format be), but the structure will be clearly shown.

Instagram Act: UK.gov's latest copyright landgrab stymied - for now

Gunnar Wolf

Re: right vs privilege error again

«before copyright, artists typically depended on patronage to make a living»

The bulk of artists do not depend on copyright for a living, but on individuals giving them money more or less directly. That's not completely unlike patronage — But whereas patronage usually means an artist gets a stipend on the promise of future works, artists depend on individual, smaller amounts, shelled out by many people.

Most musicians get much more from the paid performances they do (even for tips on free gigs) than from album sales. Most literary authors I know base their income on being able to get in contests or stipends (usually state-sponsored), which still seems very much like patronage, even if they sell individual copies of their books. Academic authors, much more so — We get a salary from a university to keep writing, not a payment for how our books and articles are selling. Plastic artists (painters, sculptors) are quite unique as their works are tangible and not losslessly reproducible, and thus, each item still ranks in the hundreds or (more usually) thousands of dollars.

Copyright usually benefits intermediaries the most — If I write a book and a given publisher prints it, yes, they will give me a percentage of their sales. But the percentage is usually so low (3-10%) that I don't take it much into account. Yes, I'm not a best-selling author by far yet, but then again — Who is? Are we looking at the bulk of content creators in the lump of the normal curve, or at the upper tail of best-selling creators?

DEAD STEVE JOBS chap becomes ENGINEER ... at Lenovo

Gunnar Wolf
Megaphone

Many professions can complain...

You say, «It most certainly is insulting to actual engineers». Well, engineering is a word often appropriated by other fields, as others have already answered. And we also take titles from other fields — My wife is an architect. She laughs at my peers who are "information architects", "software architects", "infrastructure architects". And very probably, you can find similar nonsense applied to several other fields!

ITU to Europe: One charger for all mobes good. One to rule them ALL? Better

Gunnar Wolf

USB: This side up

The fact that it's usually easy to identify the side of a USB cable (even tactily(sp?)) is not as widely known as it should be. Granted, having a cable connector look identical from both sides is frankly stupid. But the USB logo that's usually embossed on every cable end means "this side up". For ports embedded in a computer, it means "this side facing the user in our most usual configuration". Granted, in my desktop computer it really means "you are not a usual user", but at least my fingers know the right position for the cables. And over the years, I guess I have saved at least a work-week worth of fuming about the stupid shape of the connector.

Not so Saucy after all: Ubuntu reveals Mirless Salamander... and what, no Britney?

Gunnar Wolf
Linux

At loss understanding Ubuntu

I have been a Linux user for over 15 years already. Yes, that means that my usage patterns are probably different from new user's perspective. Anyway — I tried Ubuntu on and off since the first (2004) versions. I liked their work when it was basically a more-polished GNOME+Debian system. And, yes, that's when they enjoyed their highest market share, brand awareness and what not.

Since Ubuntu started pushing their Unity interface, not only they lost the favor of thousands of users, they also lost the (very nice) "Linux for human beings" they had for their first ~5 years.

I have been puzzled by Ubuntu machines lately. I can (grudgingly) find my way around modern KDE or GNOME desktops, but Unity continues to baffle me.

Now, get off my xterm!

Boffins find MEXICAN WAVE pattern in random climate wobbles

Gunnar Wolf
Stop

As a Mexican...

I demand to know why this standing pattern references us.

I am standing right here, and I won't move until I get a satisfactory answer.

Britney-obsessed Ubuntu 13.10 DUMPS X Windows-killer Mir in desktop U-turn

Gunnar Wolf
Linux

Re: Fork, fork. My kingdom for a fork

Ugh. I have basically the opposite experience from what Gene Cash here mentions. I just *loved* the simplicity and non-verboseness of X clipboard hanging ever since I first successfully installed a RedHat 4 (1996), and through my progression via different distros (even *BSDs) until I settled in Debian. And, after many years, I don't only know there are different clipboards, but use them for different things. Of course, I'm quite a well-trained user by now — But the system does what I want. (Or I think the way the system wants me to? Hmmm...)

Now, as for the "stupidity with which X11 handles multiple monitors"... Most of the time, at my office, I work in a dual-monitor setup. My right monitor is rotated 90° (portrait, 1440x900), my left monitor is at "regular" 1280x1024. I hated multi-monitor setup back in the XFree days, but today, with a single xrandr command, I get everything I need — And I get it always reliably. In my laptop, switching between a regular, dual-screen and mirrored-screen monitor is also straightforward; when I see my colleagues fiddle with Fn+F5 until they get the right projector+screen layout, I cannot but laugh.

So, yes, X11 gave me quite a bit of headaches back in the day. Nowadays, it's one of the most unobtrusive, reliable pieces of software I use. And, yes, I'm one of those obsessed with no-binary-blobs software.

Anatomy of a killer bug: How just 5 characters can murder iPhone, Mac apps

Gunnar Wolf

Re: Brings back memories

Right, killer sequences... "ZZZZZ as well as certain control sequences", you mention... Well, there was this Hayes patent on inserting a "two second pause" between parts of a command to make their modems not hang up on the (otherwise valid) +++ATH0\n sequence. Of course, most manufacturers did license this, and several manufacturers found ways not to... But I do remember seeing a modem that could be pushed to hang up this way. Very fun for us BBS (ab)users! :)

Gunnar Wolf

Re: -1 = Error ?

Right, but the "-1 = error" logic seems to hold: Probably a miscommunication between programming teams. One team expects a string-handling function to always be successful (hey, after all, how hard is it to parse a string?), and the other team knows better their Unicode-fu, knowing an error condition *can* easily be reached with invalid strings.

Gunnar Wolf
Thumb Up

Also chiming in to the happy people...

I am also delighted to find this great example of technical content in The Register. I teach the Operating Systems class, and I will *surely* give this article to my students to read and appreciate the ways to find a real vulnerability. Thanks!

Would you trust crowd-sourced maps? Skobbler releases satnav app

Gunnar Wolf

MapsWithMe

I use MapsWithMe on my Android device. Every now and then, I connect to the network and download updated data. And yes, although it's not as comfortable as doing it on a big screen, I sometimes also use Vespucci to edit maps on the spot; my edits are saved until I decide to upload them.

I do not have nor plan to get a data plan (and, replying to Fuzz's message, I am completely aware the phone might be logging my movements to later upload them to Google), but I have the full OSM data set for my country. Not as complete as I'd like, but much better than not having it, or to having to pay for data every time I open the maps.

You thought watching cat videos was harmless fun? Think AGAIN

Gunnar Wolf

Re: How many creatures

...or breed.

Would, say, cows as a species have much future were humans mandated not to breed them for food anymore?

iPad owners 'considerably richer than yow'

Gunnar Wolf
Holmes

No, you stop being working class...

Andrew says: «Do you stop being working class if you earn £65k a year between yourself and your partner then?»

Nope. You stop being working class when you stop working.

Apple vs Amazon in ereader format smackdown

Gunnar Wolf

Hey, don't insult me!

I am a Kindle owner. And although I have bought some books from Amazon, by far most of the books I have in my device are of different origins. EPub translates very easily to Mobi, which works just fine in the Kindle. Even PDF works, although much less comfortably.

Apple sued over iPhone location tracking

Gunnar Wolf
Megaphone

Cell triangulation is more precise than what you think

Take a look at this experiment published about a month ago by German Green Party member Malte Spitz:

http://www.zeit.de/datenschutz/malte-spitz-data-retention

It is amazing, incredible, scary... And fun :)

IE captain flees Microsoft for Google

Gunnar Wolf

What possibly happens...

Is that the reality field around Wilson has shifted - so that MS is just "standard practice". And next to it, Google is undeniably good. Not perfect (that's left for monks on hills like the Free Software flowerchildren) but just good.

New cycle helmets emit stench if they need replacement

Gunnar Wolf

You have to be crazy...

Ian 45: <em>Helmets are a good idea but you have to be mad to cycle in cities in the UK, especially London.</em>

I get the localized version of that exact statement all the time. I live in Mexico City, by all measures harder/harsher than London. And, believe me, after the fear gets out of your mind, you discover cycling is not only fun but tremendously practical - and safer. Of course, I know people who have died in cycling accidents. I know also, however, too many people dying because of driving accidents, while inside their SUVs.

Gunnar Wolf

Helmets are not for collisions with automotors

A bicycle helmet will usually be manufactured for absorbing shocks you can get up to ~20Km/h - That means, it's good for the shock you get from falling to the ground while riding at your usual speed. And yes, believe me they work. I was once hit laterally by a car, so I fell down at ~20Km/h, and the helmet broke in two (and I don't recall even hitting my head, I felt much stronger the scratch in my leg).

The other time I fell down and damaged a helmet it was due to uneven terrain, so again, ~20Km/h. The helmet didn't break, but I do remember the hit I took on the head, enough to warrrant a new helmet.

So, I can safely say that a helmet saved my life, and another helmet saved my facial integrity :)

Nokia rides you hard for power

Gunnar Wolf
Thumb Up

It's not about saving power from the mains...

this thingy is not meant for you to save the ~1W the phone charger consumes - It is about giving you longer autonomy, clearly targetted at GPS-savvy people. For one, I surely want to get one - I don't ride long rides that often, but when I do, it's always a turn-down that the battery dies after tracking ~50-60Km.

Asus assures no more delays for keyboard-computer

Gunnar Wolf
Linux

Do you mean...

It will take you less than a week to code the driver for the plastic injection machine? Sweet!

Virtualization and HPC - Will they ever marry?

Gunnar Wolf

Well, what is cheaper?

Virtualization and HPC can benefit from each other if the complexity of administering a cluster is way more expensive than the performance loss. This is seldom the case, yes.

Now, replying to the "Negative overhead" comment: There _can_ be a reason for actual speedup when using virtualized hardware - even more, when using paravirtualized devices. If the amount of network transactions you do is very high, and your VMs use the paravirt network devices, the network streams might be passed back and forth between your instances faster than if they were to be properly sent to a NIC. Even at gigabit speeds - A NIC operating at gigabit can use this speed for bursts of information, but the latency of the signal travelling probably 2 or 3 meters to the switch and back can be measurable.

Then again, maybe your app could use less network, sychronize less often, and gain performance.

Biting the hand that feeds IT © 1998–2019