Slashdot Mirror

You wouldn't be able to do it on hosted webspace - those things usually only allow you to use the http daemon provided. You'd need to actually rent a server, which is usually quite expensive.

For SSL proxying, you'd need to use something like this - never set one up, but it looks about right. Of course, the server would need to be outside the UK to avoid getting logged. If you don't want to go to the trouble of setting up your own, you could try something like FreeNet*, Tor*, JAP** or just a random anonymous SSL proxy (Proxomitron or MultiProxy might prove useful here). If you're a little less paranoid, you could use a CGI proxy.

* Warning: using these systems may mean that child porn is passing through your system, iirc.
** I know that at one point this system was discovered to have a government backdoor in it, but I think they cleaned up their act.

Ok, so the Reg got an email. But why are some of us being redirected when trying to view this supposedly blocked web site? I tried getting jengajam.com using JAP and it came up fine. So who is redirecting us and why? Is it an upstream ISP, or something that jengajam.com has somehow setup? This is really puzzling.

Actually, Hurd is moving to the L4 Microkernel. This is (I think) the same kernel used by EROS/Coyotos but I'm not positive. I do know that the Coyotos developers have been contributing to the L4/Hurd project lately, and that they are working on adding some of the features of the latter to the former. Development on the Mach microkernel based Hurd has essentially been dropped as of about 2 years ago.

I've been a long-time Hurd "interested party" and I actually have the old GnuMach version installed and bootable. I hacked the GNU Pth package to make it compile in Hurd so I could build the Dillo browser and surf the web from Hurd X11 several years ago. I dutifully submitted my patch upstream and it was incorporated into the source :-)

I periodically compile L4/Hurd and boot it up to see where it's at. I just like fooling around with weird operating systems more than anything. I know enough to be able to compile, install, and boot the things, but I've found I don't know the first thing about kernels from following the L4/Hurd mailing list. Its interesting stuff, but I don't have the CS background to really understand a lot of the concepts being discussed.

My guess, L4/Hurd might be minimally functional within a year or two on a very limited set of hardware. You can sort of boot it into debug mode now, and the libc is becoming functional slowly, but it's really basic right now.

here you go:

http://os.inf.tu-dresden.de/L4/LinuxOnL4/

Microkernels are an inevitable future. They have so many advantages for developers and users, and their only real downside is speed. Linux is great and all, but there's so many really cool things that can be done with operating systems that just aren't possible with a monolithic kernel. Maybe some kind of Linux compatibility layer (like FreeBSD has) could be used to ease the transition.

You might want to check out DROPS, the Dresden Real-Time Operating System at http://os.inf.tu-dresden.de/ . With some coding you can use Linux device drivers, but they are separated into their own L4/Fiasco task (L4 is a second generation microkernel family). Thus a device driver may crash, but only parts of the system using it are affected. And as every task may have its own address space it is quite resilient against various security problems.

Another very promising project is L4/Hurd (http://www.gnu.org/software/hurd/hurd-l4.html), which will eventually produce a modern UNIX-like operating system for which it will be a joy to write drivers, filesystems, you name it. :)

No I'm not confusing the two. Accelerated graphics drivers have been buried so deeply into OSes nowadays that they are extremely hard to separate them from all internal APIs.

That is not in fact the case. Both NeXTSTeP and X11 have a very carefully defined formal interface between applications, and the graphics drivers. Cocoa takes this even further, even in the very first verions of OS X it cleanly separated rendering and compositing, and limited acceleration to what could be provided by OpenGL.

If your driver allocates memory

That's a standard Mach call. It doesn't require access to the kernel.

Or accesses the PCI bus

That's memory-mapped.

And Mach is *too* a microkernel.

L4 is a Microkernel. QNX is a microkernel. The Amiga Exec was a microkernel. Mach is far too large and complex to be considered a microkernel. It implements far too many capabilities that microkernels normally delegate to servers to qualify.

[HFS+ is] one of their more significant contributions.

If you were familiar with HFS+ you wouldn't say that.

There's a lot more stuff that's a lot more interesting than HFS+, but I guess it's going to be as hard for you to find as HFS+.

Such as the class of problems falling between wristwatches and the world's top supercomputer?

The Linux Watch isn't exactly practical, and a wristwatch isn't a particularly hard or tight real-time or embedded problem these days... and systems like Blue Gene are really only useful for "embarassingly parallel" problems. Yeh, that's a pretty narrow band.

NT became successful after they dropped their devotion to a pure microkernel design.

NT was never a pure microkernel design. Like Mach, it's always implemented an awful lot of stuff explicitly rather than through services. I assume what you're talking about was them moving GDI into the kernel in NT4.

1. Whether a server runs in the same address space or a separate address space is an implementation detail: having the X server running in user space on UNIX doesn't make it a microkernel design, and there's nothing in the microkernel model that requires you to cross a protection boundary on a message send. Many real time microkernels don't run on protected-mode systems, and others make the space a server runs in entirely arbitrary.

2. Moving GDI into the kernel came at a terrible cost in reliability and stability for servers. We kept most of our servers on NT 3.51 and jumped straight to 2000.

3. What "made NT a success" wasn't anything to do with the kernel design, it was the shims they added that let them run Windows 9x device drives in 2000 and (even more) in XP, which let them drop the 9x line. They could really have done it with Windows 2000... Windows Me was a mistake on all fronts.

4. Loadable kernel modules have nothing to do with microkernel design.

Forget what academia and the popular press have to say about microkernels. Ask anyone in the real-time controls industry, where we've been using what came to be called "microkernel design" since the '70s, they'll set you straight.

The supposed "showdown" on Jay Leno was a highly unscientific and inaccurate test which pitted the world's fasted morse coder using very expensive morse equipment against a teenager using a cheap cell phone with a membrane keypad.

The two hams who won are certainly not the fastest morse operators. They were sending at less than 40 WpM / 200 LpM, whereas most good operators can send around 50 to 60 WpM. Probably they kept it so slow because the audience wouldn't have believed it was morse code if they went to their full speed.

As an example, this is a sample of 60 WpM: click.

Furthermore good morse equipment doesn't have to be expensive; I am using this homebrew sensor keyer for the last 7 years now and I am able to send over 50 WpM with it. Estimated cost less than $20...

For these really different systems you point to, RELIABILITY is also a key point (and closely related to security). You think >1 year uptime for a BSD box chugging away in a basement is good? How about 17 years uptime? And that's when they pulled the plug, not when it died.

I think for really secure + reliable designs you should look at micro-kernel based systems like L4Linux or Gnu's HURD (also moving towards L4). Note: not saying these systems are ready now, because they're still under development, and may have a long way to go before they're 'done'.

So does JAP. I use it almost exclusively, and it works wonders. It allows stacking with other proxies, either local or remote (if you use proxomitron or have an institutional web proxy), and while it does slow things down a touch, I find it to be eminently useful.

Anonymouse surfing: http://www.anonymization.net/ http://www.anonymizer.com/ http://osiris.978.org/~brianr/ians/ http://www.guardster.com/ http://www.antiproxy.com/ http://www.attackcensorship.com/ http://proxify.com/ http://www.anonymous.as/ http://www.mezzy.com/s-index.php http://anonymouse.ws/anonwww.html http://unipeak.com/ http://www.urlencoded.com/ http://www.behidden.com/ Full system proxy systems: http://tor.eff.org/ http://freenet.sourceforge.net/ http://internet.flashback.se/ http://anon.inf.tu-dresden.de/index_en.html http://www.privoxy.org/ http://www.silentsurf.com/ http://www.peacefire.org/circumventor/simple-circu mventor-instructions.html Ordinary proxies: http://www.atomintersoft.com/products/firewall/cou ntry.aspx/Sweden-se http://www.proxy4free.com/page1.html http://www.publicproxyservers.com/page1.html http://www.proxz.com/ http://www.digitalcybersoft.com/ProxyList/ http://www.freeproxy.ru/ http://www.samair.ru/proxy/ http://www.multiproxy.org/anon_proxy.htm http://www.rrdb.org/ http://www.free-proxy-servers.com/ http://www.proxylists.net/ http://www.proxywhois.com/anonymous-proxy-list.htm http://www.openproxies.com/ Plenty, as said.

Search results for -- Suchergebnisse für 'durchwachsene':

marbled -- durchwachsen (Fleisch)
streaky -- durchwachsen (Speck)

from a german online dictionary at : http://www.iee.et.tu-dresden.de/cgi-bin/cgiwrap/we rnerr/search.sh

"JAP makes it possible to surf the internet anonymously and unobservably."

The NT security model itself is quite sophisticated, it derives directly from the old VMS model. Butler Lampson et.al., who designed it, are some of the computer security gurus.

The main problem with NT's security is not the model itself, it's the various ways how it gets circumvented to either have some nifty feature which looks nice at a demonstration without a real use (ActiveX) or because the ways how NT is used by application designers and users is contradictionary to the model. Applications that need administrator priviledges to run are inherently flawed. They are applications, something that is applied on top of the inner workings and shouldn't know about any priviledges necessary for system administration.

NT is a good example how OS design itself doesn't create computer security. It is the way how an OS is used, procedures, usage patterns, deployment, applications, which create an environment for computers which is more or less secure. OS security is a single aspect of overall computer security.

Your first example is not really a Linux/Unix vulnerability (in fact the vulnerability is the same on WinNT), it is an application vulnerability. If it propagates through to the operating system (as it does if the user has far reaching OS priviledges), then it may point out an OS problem. Under Unix/Linux it should normally not affect OS integrity.

The second is indeed an OS problem, because it is a driver problem, and most drivers need OS priviledges to run. It would be possible to have drivers run in a sandbox like environment with a protection layer against the kernel and other drivers which helps to keep driver vulnerabilities local to the driver and the hardware the driver is operating. Sadly neither the Linux kernel nor the WinNT kernel are well prepared for such security layers. There are experiments with minimalistic kernels (microkernels) which provide such layering, but they didn't have much impact into mainstream computing yet. You might be interested in the L3/L4 series which allow userland drivers.

If I recall correctly from the PR fluff AMD put out a few years ago when they announced Fab 30, its due to the highly skilled workforce because of the Technische Universität Dresden (Dresden University of Technology).

If I recall correctly from the PR fluff AMD put out a few years ago when they announced Fab 30, its due to the highly skilled workforce because of the Technische Universität Dresden (Dresden University of Technology).

Very good points.

Also see

http://anon.inf.tu-dresden.de/index_en.html

http://www.onion-router.net/

Onion routing is some very slick stuff. I think it still has some significant traffic anaylsis problems but there are possible ways to work around those that could be good enough depending on your enemy. Also if you are using SSH to a proxy you *must* be careful about traffic analysis.

Start thinking in terms of a combo of what Techincian said and the above and do some serious thought about traffic analysis and you will be well on your way to true paranoia.

i don't know what your problem is, but GPDF

In this regard a microkernel would be much better than either Linux or Windows.

Like L4Linux? It's Linux. It's microkernel. Best from both worlds.

Linux too is able to run on top of a version of L4 from the University of Dresden: L4Linux. There's more to L4 than we may think of at first glance!

The Hurd website, wiki, etc. haven't been updated in years.

At a more fundamental level, there's a design disaster in the making here. L4 seems to make the same mistake Mach made with interprocess communication - unidirectional IPC. This design error is called "what you want is a subroutine call, but what the OS gives you is an I/O operation". This is a crucial design decision. Botch this and your microkernel performance will suck.

QNX gets it right - the basic message-passing primitive is MsgSend, which sends a message and blocks until a reply is received (or a timeout occurs). The implementation immediately transfers control to the destination process (assuming it's waiting for a message), without a trip through the scheduler. That's crucial to getting good performance on real work from a microkernel.

Mach botched this. Mach IPC is pipe-like, with one-way transmission. And that's a major reason Mach was a flop. (Note that the version of Mach used for the MacOS isn't the final "pure Mach", it's a Berkeley BSD UNIX kernel with Mach extensions.)

Why does this matter so much? Because if send doesn't block, when you send, control continues in the sending process. Later, presumably, the sending process blocks waiting for a reply. But who runs next? Whoever was ready to run next. If you're CPU-bound and there are processes ready to run, every time you do a message pass, you lose your turn and your quantum, and have to wait. So programs with extensive IPC activity grind to a crawl on a loaded system.

But if message passing is tightly integrated with scheduling, a message pass doesn't hurt your thread's CPU access. Control continues in the new process with the same quantum (and in QNX, the same priority by default, which avoids priority inversions in real time work). Now message passing is only slightly more expensive than a subroutine call, and can be used for everything.

There is a big literature about Mach, Minix and related underperforming academic microkernels, while the key architectural details of the commercial microkernels that work (basically QNX and IBM's VM) aren't well publicized. But you can dig the information out if you work at it.

Yes, actually.

;)

But the small size doesn't make most systems faster. Running the same Unix API, L4 adds execution time overhead beyond the default monolithic Linux kernel, about 5%. (Does anyone know the figure for Linux-on-Mach? I know it's much greater than 5%....) However, there are some significant advantages having to do with debugging, maintainability, SMP, real time gaurentees, memory management, configurability, robustness, etc. Detailed discussion here.

From the overview:

Kernels based on the L4 API are second-generation -kernels. They are very lean and feature fast, message-based, synchronous IPC, simple-to-use external paging mechanisms, and a security mechanism based on secure domains (tasks, clans and chiefs). The kernels try to implement only a minimal set of abstractions on which operating systems can be built flexibly.

Other links: L4KA homepage, background info, more info with some historical L3 links.

Frankly, I think L4 is very much the right way to do things. I wish I could say the same for other parts of HURD.

But the small size doesn't make most systems faster. Running the same Unix API, L4 adds execution time overhead beyond the default monolithic Linux kernel, about 5%. (Does anyone know the figure for Linux-on-Mach? I know it's much greater than 5%....) However, there are some significant advantages having to do with debugging, maintainability, SMP, real time gaurentees, memory management, configurability, robustness, etc. Detailed discussion here.

From the overview:

Kernels based on the L4 API are second-generation -kernels. They are very lean and feature fast, message-based, synchronous IPC, simple-to-use external paging mechanisms, and a security mechanism based on secure domains (tasks, clans and chiefs). The kernels try to implement only a minimal set of abstractions on which operating systems can be built flexibly.

Other links: L4KA homepage, background info, more info with some historical L3 links.

Frankly, I think L4 is very much the right way to do things. I wish I could say the same for other parts of HURD.

Aren't the virtualization projects like Xen, User Mode Linux, etc. essentially reinventing the microkernel? Their goals seem awfully close to the idea of abstracting away the hardware so you can safely run multiple OS "personalities" at the same time. I wonder what could be accomplished if the virtualization guys teamed up with the people working on a modern microkernel like L4. Anyone have benchmarks comparing L4-Linux with Linux under Xen? Heck, maybe one day people will realize the advantages of a multi-server OS like the Hurd.

you can get the sourcecode for JAP here.
they were told to record access to a child porn site, which they did (visible in the source). they cought one access to that site, but the data had to be deleted after another court ruling which declared the surveillance illegal.

Netgear has promptly reacted to the reports of a backdoor in the WLAN-Access-Point WG602 Version 1 with a Firmware-Update, however, the backdoor is still present, but with a new user name and password. They were a little creative with the name and extended the original character string "super" to "superman." With the password, Netgear has obviously taken the message of security seriously and changed the password to "21241036." However, to whom this telephone number points, Netgear did not comment. There, they knew nothing and initially only wanted to make themselves aware of the (details of the) problem.

Again, there is not a real updated firmware design yet. The question arises whether users are still determined--after the second patch--to get new software. In the lawyer's opinions, this problem could be reason enough to take back the device to the retailer and receive a refund of the purchase price. For now, the retailer can try to fix the shortcoming, however, the chances of that are not very good.

I second the HTML version. Good old Adobe - popped up a nice little window in the background bugging me to update and stalled the IE process. Since the window went to the background, all I could see was the stalled process, and I killed IE, which, of course, closed all my windows. I hate pdf files..

How is this a fault of PDF files? This is a fault of Adobe's software and perhaps Windows not notifying you about the window Adobe popped up. PDF files work great if you have software that doesn't suck. :)

Yes, we can. It's called a microkernel.

True.

The most popular one is Mach

Barf. Not to sound rude, but Mach is a horrid base for an operating system. I'm sorry Apple went with it.

If you mean popular as in "most widely used", then yes, Mach is the most popular "microkernel" (though it doesn't really fit the definition).

Mach is far from the most popular in hacker or academic circles (ie. those who know any better). L4 and EROS are far more suitable hosts for a guest operating system. L4 already has Linux 2.2 and 2.4 running as hosts in fact.

This guy put a lot of thought into the "leaving a buffer" theory. His links page has some really cool links.

-cp-

what is your definition of a Microkernel then?

...when you can contribute to a project like Verified-L4. Where they're applying formal verification to a 2nd generation microkernel. I'd say that pretty much covers the territory from bare-metal up throught theoretical math.

This questions is so cliche that they actually made a ccg out of it

My kids know that I can see everywhere they go by checking my firewall logs. If I check my logs and and see anything I feel is worth discussing then I will. Nothing will stop a 16 year old from viewing porn like having to face dad for an open and frank discussion that starts out as "so son, notice you've been looking at a lot of sex pages..Do you think all women are like that??

It is a Proxy service run through a University in Germany.

I use it at work even though they don't filter anything (or so they say, but they can still log where one goes).

It is pretty "smart" in the sense that it also re-routes all the DNS requests through them, thus nobody will be any wiser on where you're going, all they see is an SSL connection going somewhere, I guess they could decide to block the ip-block, but supposly the system can get around this as well.

There were some concerns recently as the BKA (the German version of the FBI) ordered the University to allow tracking of users who visit a specific website (something with child porn) they initially complied but later got the courts to revoke it and it seems the police overstepped their boundaries, but of course a lot of people wonder now if they really don't monitor anything.

Having said that: I doubt your boss is going to force them to rat out on you.

Infinity LibOS...has what is primarily a proprietary API with some POSIX compatibility where it is sensible.

Is this just poor wording choice, or is he really trying to fork a GPL'd project and make it proprietary?

There's nothing about licensing at the linked sourceforge site, and his CVS repository is just an import of Fiasco at this point, AFAICT.

Sounds to me like Xen is a microkernel like thingy (what with the hardware abstraction layer and all) which you have to port your operating system personality to. What would make this different than the port of linux to the L4 microkernel (besides the Windows XP part)?

The new Swedish law does not mention cookies as such. The new law is, simply said, a response to the new technologies for collecting/storing/tracking information about private citizens, and the abuse these technologies may be used for. It attempts to give the private citizen some control of what type of information is collected, and what may be done with that information.

In general, it appears the privacy/integrity is more respected/protected in Europe than in USA. While US funds the Total Information Awareness Agency, the German State funds Anonymity is not a crime

ermm... clickable...


http://www.tu-dresden.de/vkiwv/vwista/bbc2/

Well troll, pray tell me, why do the German state fund the Open Source project Anonymity is not a Crime (JAP)? Go have a look at FAQ Concept. In particular, note that JAP project also provides anonymity and protection from observation against the operator

I'm pretty certain such a project won't get funding by DARPA today.

Well troll, pray tell me, why do the German state fund the Open Source project Anonymity is not a Crime (JAP)? Go have a look at FAQ Concept. In particular, note that JAP project also provides anonymity and protection from observation against the operator

I'm pretty certain such a project won't get funding by DARPA today.

Well troll, pray tell me, why do the German state fund the Open Source project Anonymity is not a Crime (JAP)? Go have a look at FAQ Concept. In particular, note that JAP project also provides anonymity and protection from observation against the operator

I'm pretty certain such a project won't get funding by DARPA today.

As far as I've understood, freenet is designed to be somewhere where you can access content, as long as somebody has given you the exact address to the file.

The problem I see here, is that there are no easy ways to search for content, except for out-of-band stuff like the web or e-mail, which mostly defeats the entire concept.

There are many ways to get to know keys, several of the index pages on Freenet are a good start. A number of them are generated automatically by crawlers.

Other often used channels are Freenet-based message board Frost and Invisible IRC aka IIP which provides anonymous IRC. Contrary to Freenet, IIP is very quick and interactive - but only for very short messages.

There is a full-text index to Freenet. Definitely out of band (insecure http), so use an anonymous proxy to visit it. Try the JAP proxy for example; powerful concept and acceptable performance.

There's also work being done on making a full text search engine available via HTTP over IIP, which ultimately could be seamlessly accessible from your Freenet client. (Hope to be able to announce a link to this soon.)

A project like Freenet will never be fully done of course. But keeping its goals in mind, it's already doing quite a fair job I think. Performance and usability should and will improve of course, but the level of privacy it offers is already outweighing these rawer edges for a significant user group.

how about gpdf?

Further improve the startup and shutdown time

Improve real-time capabilities

Reduce ROM/RAM size requirements

Improve efficiency of power management

Aren't at least some of these requirements (especially #2) already addressed by L4Linux?

This sort of system could benefit people like "Salam Pax", the Iraqi blogger who disappeared from the 'net a few weeks before the US invasion of Iraq. It's nice to have a public forum for which to voice your views -- but if the ruling government is known for killing those who speak out against it, you need some sort of assurance that you will not be killed for your speech. Note that this system still needs work. It should be combined with something like JAP to protect against identification of bloggers based on who views what blogs.

There are already a bunch of L4 implementations out there with varying degrees of availibility and licensing and some using version 4 of L4 ABI are due out soon...

The PERFECT time to post this link. They even have a nifty Java Webstart installer.

Search this page for "pedestrian".

Nice java applets.