Domain: vipul.net
Stories and comments across the archive that link to vipul.net.
Stories · 6
-
Bitten By the Red Hat Perl Bug
snydeq writes "Smart coders always optimize the slowest thing. But what if 'the slowest thing' is the code supplied by your vendor? That was exactly the situation Vipul Ved Prakash discovered when he tinkered with a company Linux box on which Perl code was running at least 100 times slower than expected. The code, he found, was running on CentOS Linux, using Perl packages built by Red Hat. So Prakash got rid of the Perl executable that came with CentOS, compiled a new one from stock, and the bug disappeared. 'What's more disturbing,' McAllister writes, 'is that this Red Hat Perl performance issue is a known bug,' first documented in 2006 on Red Hat's own Bugzilla database. Folks affected by the current bug have two options: sit tight, or compile the Perl interpreter from source — effectively waiving your support contract. If a Linux vendor can't provide comprehensive maintenance and support for the open source software projects you depend on, McAllister asks, who ever will?" -
Tech's Answer To Big Brotherism
StCredZero writes "Along the same lines as the earlier article about Poindexter's info being posted, C|Net has an interesting editorial by Declan McCullagh on how to protect our personal information from unauthorized snooping by the authorities, yet let them have a database for tracking down terrorists. McCullagh's solution is based on algorithms developed for Digital Cash." -
Translucent Databases
Hettinga writes: "Through many popular books and articles in the New York Times, Peter Wayner has done more to promote the field of applied financial cryptography, and in particular open source financial cryptography, than any other author writing today. His new book, Translucent Databases, from Flyzone Press, is no exception." Read on for the rest of the review. Translucent Databases author Peter Wayner pages 185 publisher Flyzone Press rating Outstanding. 5 Stars. Buy this Book. reviewer Robert Hettinga ISBN 0-9675844-1-8 summary Translucent Databases cure "Database Nation" and the "Transparent Society"?Translucent Databases has all the hallmarks of Wayner's books: clear, easy to read exposition of the main issues, why they're important, and, in his technical books, excellently documented code written for the most popular platforms for the technology in question.
This book in particular should be an instant classic because like all great books, it takes what should be a very simple idea, encrypted databases, and expands it to some amazing conclusions.
For a long time now, I've been interested in what I call the geodesic economy, where all information, including information controlling financial assets, is fractally "surfacted", like so much grease in soapy dishwater, as far out into the edges of a ubiquitous internetwork as Moore's Law will allow, using financial cryptography protocols to secure transactions and markets on a nominally insecure, but ubiquitous, public internetwork.
People who are familiar with my thinking about such things over the past 8 years will see quite quickly why I think Peter's new book is so important. Transparent databases represent a way not only to link the batch-settled, book-entry debit-for-credit world of modern financial operations with a more simply founded, but much more sophisticated world which uses cryptographic tokens representing control of various financial and real assets. They also show us how to actually account for those tokens in such a fashion that every financial actor in that market, man or machine, can trust that their bearer certificates are authentic ones, and done in such a fashion that a given token retains its cryptographic integrity, including the functionally anonymous characteristics that made it so cheap to use in the first place.
The singular feature of Wayner's translucent databases is that, like internet bearer transactions themselves, the cryptography securing data in them can happen in the client, and not a centrally vulnerable server. More to the point, by using data stored in this fashion, the data can be dispersed as far out in the network as... well, Moore's Law allows, in extremely fast and lightweight files, and, instead of creating summaries of data for reports, the data can be polled for as close to its source as possible, instantaneously, in realtime, instead of being rolled up into increasingly larger batch-processed summaries taking weeks, sometimes months, to produce and audit.
There are obvious implications for my own particular hobby-horses, like anonymous but accurate double spend databases for bearer transactions, where only a simple blinded m-of-n cryptographic hash of a given promise to pay is necessary to prevent the duplication of that promise to more than one person at a time. However, for the rest of us :-), Wayner also points to a whole host of much less esoteric applications in the lots of the usual places where absolute privacy and extremely authentic information, is at a premium. Examples for military, medical, and anti-rape databases, for accounting systems and securities transactions, and even for internet poker -- the paradigm of completely untrusted parties cooperating for what each player hopes will be his own, preferrably cash, benefit -- are all presented in clear writing and running code.
There has been a lot of lip-service in the privacy community about "owning" your own data. Unfortunately, by involving the state at all, these "advocates" almost always favor inadvertantly draconian political solutions to the problem presented by the ubiquity of database technology and its otherwise beneficial presense in our lives. They ususally present this nonsense as a "sacrifice" for the "greater good" that would make Hayek's Road to Serfdom look like Lilac Sunday at the local arboretum.
In Translucent Databases, Wayner shows, in precise detail, with code, how to solve that problem, without trusting lawyers, much less guys with guns.
Though quite a short read, the scope of the book itself is quite considerable. Wayner starts from simple hashes of data to merely obscure it, through various kinds of encryption, quantization of data, and even accounting with encrypted data using what amounts to virtual cumulative crossfoots like the kind you would see on all good accounting reports. In so doing, Wayner explains, quite simply, something that people like Eric Hughes made great, complicated hay out of years ago with gangling theories of encrypted "open" books.
Ultimately, Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols, neatly, and quite literally, "dis-integrating" the ability of databases to be used against us as a tool of totalitarianism, exemplified most recently by Simpson Garfinkel in his book Database Nation , and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it's safer -- and cheaper -- to do that way.
Every database programmer should have a copy of this simple and elegant book on his reference bookshelf. Particularly if he cares about the integrity of his data, the liability to the database's owner should information be misappropriated, and, not least, about freedom itself in a world of ubiquitous, and, frankly, necessary, stored detail: details about practically every person on earth, their property and finances, and, ultimately, everything they do.
Translucent Databases presents a simple, frankly beautiful, solution to David Brin's world of ubiquitous surveillance, one not requiring, as Brin seems to want, "trust" of state force-monopolists, much less their lawyers and apparatchiks.
In fact, it's such an elegant solution that, as Schopenhauer liked to say about the public acceptance of important new ideas, soon enough, people will say it was obvious all along.
Robert Hettinga is founder of IBUC, the Internet Bearer Underwriting Corporation, which will, hopefully, someday, :-), use translucent databases full of internet bearer certificates to reduce transaction costs by three orders of magnitude. You can purchase Translucent Databases through the publisher. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then visit the submission page. -
Feature:Free Linux
Tom Christiansen, the Perl deity who once kick/banned me from #perl for asking a question about socket programming (not that I'm bitter *grin*) has written a feature called "Free Linux, Support the Demon Penguin" where he argues with the FSF and RMSs stance that Linux should be referred to as GNU/Linux because it is mostly GNU. Tom includes some numbers that you might find revealing. This one is worth a read. The following was written by the Author of the Perl Cookbook, and Slashdot Reader Tom Christiansen Free Linux! Support the Demon Penguin.The Demon Penguin, first seen on a T-shirt at the Linux World conference, is the mascot of the movement to create a an FSF-free Linux by replacing all FSF-owned software in Linux distributions with replacement programs from the BSD distributions.
The Linux kernel, while GPL'd, is certainly not to be replaced, nor is anything else that was *not* written directly by the FSF, whether it's GPL'd or not. As for the compiler, perhaps egcs is a better technical solution. A mere GPL does not GNUware make. Only software that the FSF claims is theirs should be replaced.
The point is *not* that we do not like the FSF's software, or that we do not like the GPL -- well, at least not all of us. Rather, it's because we cannot abide anyone usurping responsibility for the intellectual works of others. In the case of the FSF, such an inconsistent act is oxymoronic at best, and hypocritical at worst.
Let's use real data, not the hyperbolic rhetoric so common to the FSF. Here's a code analysis of a SuSE installation. Note that FSF ownership does not even quite reach 10%, yet rms and his followers would have it called "GNU/Linux". Their claim has no honest justification. Witness the numbers, and judge for yourself: http://www.vipul.net/codd/suse5.2.R.html
Code Contribution Distribution for S.u.S.E. 5.2 Package Name: suse5.2.codd
Package Size: +514659722 bytes.
- uncredited: 82733250 (16.075%)
- free software foundation, inc: 51254116 (9.958%)
- sun microsystems, inc: 38243234 (7.43%)
- the regents of the university of california: 23581801 (4.582%)
- x consortium: 18163125 (3.529%)
- thomas g. lane: 8464917 (1.644%)
- the university of washington: 7832780 (1.521%)
- digital equipment corporation: 7206660 (1.4%)
- snns group, ipvr, univ: 4366722 (0.848%)
- aladdin enterprises: 4108079 (0.798%)
- silicon graphics, inc: 3680070 (0.715%)
- robert nation: 2465545 (0.479%)
- maorong zou: 2438025 (0.473%)
Even if it is 10%, that's not enough to rename Linux to the repugnant "GNU/Linux". And it's not 10%. On a fully loaded server system, it's much less. Attached you will find an `ls` of /usr/man/man1 and /usr/man/man8 from a well-loaded RedHat Linux server system. Let the FSF indicate which commands were written by the FSF themselves, so that their claim of GNU/Linux might have some legitimacy. Until the FSF can prove actual authorship for > 50% of these, they have no business with this deceptive "GNU/Linux" moniker.
Let us give credit where it is due: to all those hundreds and hundreds of selfless volunteers all over the world who have made all Linux what it is today. The bogus term "GNU/Linux" confuses the public about what free operating systems like Linux and BSD are all about, and, perhaps more dangerous to us in the long run, dishonors the innumerable contributors by ignoring their massive efforts.
So please, everyone: let Linux remain Linux, nothing more -- but nothing less! When rms and his minions abandon this misguided and deceptive battle, we too can relent, but until then, support the Demon Penguin!
-
Cooking pot markets
Hackworth sent us a link to an article entitled Cooking pot markets. The article is an extremely good read, and addresses issues like What Motiviates Free Software guys. I suspect most of us free software guys already know what is said here, but this article puts it very clearly for people who might understand it a bit less can be clued it. -
Nanotech Website
Hackworth wrote in to say "Nanothinc. A sort of all-encompassing resoruce on nanotech. They describe themselves as "Web's comprehensive content developer and distributor of nanotechnology and nanoscale related information." Except for the newsletter the site doesn't have any real content yet. Though newsletter is good. "