The author seems to think that an ``advantage'' of using ssh-agent
(unencrypted private keys in memory) vs. unencrypted private keys on disk is that somehow
stuff in memory is harder to get to.
For starters, you'd better turn off/proc:
anybody with a fractional brain
who gets root can surely dig the password out
of there. Oh, and turn off/dev/mem. Oh, and make
sure that nobody can install a trojan ssh-agent...
Look, the only real advantage of the ssh-agent approach (or for that matter, typing
a passphrase every time your key is used) that I'm aware of is not that it
helps against being
broken into. It does help when your
machine is confiscated. Because it is difficult
(though not in principle impossible) to tell what
was in RAM once it is powered down, if you pull
the plug when the bad guys come bursting in (and
if you are running without swap space, so that
your bits don't end up on disk anyhow:-) your
accounts on other machines should be safe from
exploration (up to rubber hoses).
This scenario doesn't apply to you? You're
not willing to run without swap? Then for pity's
sake, just use an unencrypted private key on disk.
To put it another way: what SSH acknowledges
is the reality that if someone breaks into your
system, they have to be really dumb not to be
able to get into all the systems you can get into. ssh-agent is a tool for special-case situations.
Actually, they say they will test with inputs
as large as ``a few megabytes''. Note that it is
always legal to merely echo an input if you can't
figure out how to optimize it...
Regardless of how we do in the competition,
we're learning a lot about
our programming language and its implementation, anyhow.
The task isn't a perfect fit for our language,
which is good, since it has tickled some of the
dark corners already.
About 15 years ago for April Fools' day,
a friend and I built an Eliza-like program
called April
designed to emulate a new user on our college
computing system, and hooked it up to the talk daemon to chat up random users.
It would ask questions about the local software
installation, and typed very erratically with
the occasional backed-over typo, which greatly
added to the effect. Our site admin spent a long
time trying to help it out, while we watched
and ROFL.
Perhaps we should build such a thing again,
hook it to IBM's ``AI'' help desk, and watch
the fun:-)...
From what I could
find on the web, the toxic dose of caffeine for adults of average weight
ranges from 1-5g, the equivalent of
4-15 cups of strong coffee. Toxic symptoms
are varied, but include such potentially fatal
ones as tachycardia and psychomotor agitation.
The LD-50 lethal dose is estimated at 7-15g.
But don't be fooled: caffeine is not a dangerous drug like the dreaded THC or MDMA...
Low budgets, encouraging volunteer participants -- now that's the way to run a space program!
An extreme version of this philosophy is central to the Portland State Aerospace Society, Portland State University's group
operating under the auspices of the IEEEAerospace and Electronic Systems Society (AESS). Check out in particular our ongoing work on our Inertial Navigation System, which currently costs out at around $500. All of our work is open source,
and is specifically targeted at usability by
other amateur rocketry groups.
I've messed with programming
languages for 15+ years, and built and
ran a lot
of these kinds of benchmarks on a lot of different
languages. I think it's only fair to put in the
obvious caveat for the less experienced: These
benchmarks are too small to reflect most issues
of performance and ease of use that arise in
real programming. In other words, the languages that are performing best in these comparisons are the best languages for writing tiny benchmarks in, and that's all you
can tell.
(To be fair, I only could see the benchmark
titles, since the site is still slashdotted and
I don't have the patience to chase through the
Google cache. But I recognize most of the titles: there's apparently nothing there that hasn't been
used as a toy benchmark for a long time.)
Note that this is a fundamental dilemma of benchmarking. Nobody is going to implement the same large yet ``generic'' program multiple ways on a large variety of languages just for comparison purposes. Even if they do, they will inevitably slight those languages with which they are less familiar, or lucky. Instead, they try to somehow infer ``What would that be like?'' from little examples. (I should
know: I do this myself all the time.)
The redeeming feature of this particular
benchmark extravaganza is that it may expose
a lot of people to a lot of cool languages and
styles they've never heard of before. For that it is to be commended.
It's hard for me to imagine Battlestar
Galactica without the late Lorne Greene. In my opinion, his controlled
acting and powerful
stage presence elevated the show far beyond what
the scripts and characters deserved: I suspect
he will
be greatly missed in the new series.
``I'm not sure I know too many people who would directly compare Linux/BSD with standard UNIX Systems like Irix, Solaris, etc.''
You're kidding, right? Go talk to anyone
who's been around UNIX for 10 or 15 years: they
will explain to you that (a) UNIX is a valid
description of any ideological descendant of
BTL UNIX, that (b) the interesting differences
between the modern incarnations of these environments are very small, and that (c) the
difference between the systems you described is
mainly one of corporate vs. (semi-)open, not
UNIX vs. ???.
What name would you give the
common functionality of Linux, BSD, and MacOS X, anyhow?
You might want to check out Paolo Soleri's
``arcology in progress'',
Arcosanti.
I'm not sure what its current state is, since
its web page is down, but it is/was an interesting project: construct an arcology
starting without billions of dollars...
So what's wrong with 802.11? My academic
institution has had it running for several
years (!) now. It's not scary fast, but
3Mbps (and now 11Mbps) seems quite adequate
for most tasks even when
shared among many users. The interoperability
is great, and the increased range means fewer
base stations and more redundancy.
Is there something I'm missing, or
is Bluetooth just a poor substitute for
what I have already?
My colleagues routinely solve hard max-clique
instances involving several hundred vertices
on PCs. See, for example, the now 8-year-old
2nd DIMACS Challenge
for more details including performance
on specific instances.
Myth number two: if you have solved integer factorization (or discrete logarithm) then you've proven that P=NP. This is *not* necessarily true. Unfortunately, computer scientists have never been able to classify these problems in the strict P/NP/EXPTIME hierarchy. It is not known if either of these problems is NP-complete (or even weaker, simply NP-hard.)
Uh, finding a factor of a number (as opposed
to finding all the factors) and finding the discrete log of a number are both clearly
in NP. If P=NP, then cryptanalysis
of all standard public and private key cryptosystems I'm aware of is in P (i.e. relatively easy).
There is a recent thesis out there (I don't
have the cite handy, but Springer-Verlag published it) on constructing private-key cryptosystems whose cryptanalysis is C-hard for an arbitrary
class C. I haven't read it, however,
so I can't vouch for its practicality.
What do the storage
device manufacturers get out of
this CPRM effort? Why are they willing to
play along?
With past ``usage-prevention'' efforts,
such as the DAT initiative, ultimately
legislation required storage device manufacturers
to build compliant devices. It seems to me
that CPRM will only make it harder and more expensive for drive manufacturers to
build and support their product, in exchange for
functionality which is not obviously useful and
is obviously harmful to
their customers, both retail and wholesale,
at present.
As someone who was lucky enough to be hanging around at the time, let me add a little bit to the twm history. (I'm sure Keith will correct me
if I get some of this wrong.:-)
The change from Tom's Window Manager to the Tabbed Window Manager was Keith Packard's doing, actually. He had just written the Shape extension to X, to allow non-rectangular
windows, and used it to implement xeyes and
oclock. Keith used twm exclusively
at that point, so tabbing the title bars was a
natural next step. Much of the ICCM compliance
was due to Keith, as well, during the period
the ICCCM was being developed.
I've tried a number of window managers since then: I still use twm...
Why couldn't I find people who believe things like these speedup claims when I was selling electronics? I'd have made a fortune in commission.:)
Recall that Byte magazine used to regularly
post adds for Write-Only Memory chips in their April
issue. Great performance specs, too! The
funniest part was that they always got a few
serious inquiries...
Anybody remember the movie The Third Wave, based
on the true story? In 1968, a high-school
teacher sets up a Nazi-like social
organization as
a classroom experiment, which then goes
horribly awry, as such experiments will...
I wonder if the Pinkertons were aware
of this when they chose this name? My
guess, sadly, is yes.
A lot of folks seem to have very rosy memories of the NeXT cube. I'll be the first to admit
that software-wise, it was cool. The hardware,
on the other hand, was not ``years ahead
of its time.''
My educational institution got some of the
first cubes out. They came with
An MO drive
that was huge, but incredibly slow, and
quite fragile. It was intended to support
a usage model I never saw anyone embrace. ("Carry your world with you.")
A two-bit (literally:-) gray-scale
display that was terrific for displaying
anti-aliased text, but not much use for anything
else, and was entirely non-upgradable.
No better core than the Sun-3s and Macs
available at the time.
That hefty price tag.
I'll admit to having coveted the development
environment. But I've never wished I owned
that hardware.
David Brin's novel practically screamed movie script, and look how well it did in the theatres. Moving Sci-Fi novels to the screen is just plain hard, and the hardest ones to adapt are the ones centered around an unusual character in an unusual situation. The Bicentennial Man is another recent example of this phenomenon.
So yes, I agree: Leave Ender's Game as a great novel. OSC, if you want a screenplay, write an original screenplay. You certainly are capable of this, and the result is likely to be far superior to any adaptation of your print work.
Definitive ref on "cold fusion" (Re:Too bad...)
on
The Quest For Fusion
·
· Score: 3
I regard Bad Science: The Short Life and Weird Times Of Cold Fusion, by Gary Taubes, as the definitive
reference on Pons and Fleischmann's "cold fusion".
It's exhaustive, but a must-read if you call yourself
a scientist and are interested in this subject,
or just want insight into the whole "bad science" process.
(Of course if you are bent on believing a conspiracy theory, you will find it entirely
unpersuasive...)
Note wrt question #9 that
ssh is the only one of the choices that allows
the user to authenticate the host! That is
to say, it may be possible for a non-root user
to put a spoofed login box
on your console (or replace it with a dummy
terminal!) to capture the root password, but being able to respond
with the appropriate host key to ssh implies
that you're talking to something with root privs
on the box. (Assuming, of course, that both ends have been
properly secured in the first place.)
Serious secure boxes will put up a host
authenticator on the console that can be
checked with a user dongle, but of course this
hasn't really caught on in the general UNIX community.
If
you want something later and with more
PC sales, Deadline
was the first game to use kewl packaging for market appeal and copy protection, and
one of the first to include non-combat NPC interactions and a mainstream genre plot. It sold a bajillion copies,
which should also add to its ``influence.''
I won't see any popup that requires JavaScript: I surf with it turned off because I'm concerned about its security. I tend to avoid sites with popups at any rate.
The giant rotating
register set was inspired by the
SPARC register windows. For
interrupt handling and user-kernel transitions,
it should be possible
to use a dedicated
set of registers by rotating the window.
Heck, one could even do user process
context switching that way, up to a point.
Probably it's best to think of the 128-register file in smaller chunks, say 32 regs. Only
64 registers are visible at once anyhow.
Slashdot Mirror
The author seems to think that an ``advantage'' of using ssh-agent (unencrypted private keys in memory) vs. unencrypted private keys on disk is that somehow stuff in memory is harder to get to.
For starters, you'd better turn off /proc:
anybody with a fractional brain
who gets root can surely dig the password out
of there. Oh, and turn off /dev/mem. Oh, and make
sure that nobody can install a trojan ssh-agent...
Look, the only real advantage of the ssh-agent approach (or for that matter, typing a passphrase every time your key is used) that I'm aware of is not that it helps against being broken into. It does help when your machine is confiscated. Because it is difficult (though not in principle impossible) to tell what was in RAM once it is powered down, if you pull the plug when the bad guys come bursting in (and if you are running without swap space, so that your bits don't end up on disk anyhow :-) your
accounts on other machines should be safe from
exploration (up to rubber hoses).
This scenario doesn't apply to you? You're not willing to run without swap? Then for pity's sake, just use an unencrypted private key on disk.
To put it another way: what SSH acknowledges is the reality that if someone breaks into your system, they have to be really dumb not to be able to get into all the systems you can get into. ssh-agent is a tool for special-case situations.
Actually, they say they will test with inputs as large as ``a few megabytes''. Note that it is always legal to merely echo an input if you can't figure out how to optimize it...
Regardless of how we do in the competition, we're learning a lot about our programming language and its implementation, anyhow. The task isn't a perfect fit for our language, which is good, since it has tickled some of the dark corners already.
Two days to go!
About 15 years ago for April Fools' day, a friend and I built an Eliza-like program called April designed to emulate a new user on our college computing system, and hooked it up to the talk daemon to chat up random users.
It would ask questions about the local software installation, and typed very erratically with the occasional backed-over typo, which greatly added to the effect. Our site admin spent a long time trying to help it out, while we watched and ROFL.
Perhaps we should build such a thing again, hook it to IBM's ``AI'' help desk, and watch the fun :-)...
From what I could find on the web, the toxic dose of caffeine for adults of average weight ranges from 1-5g, the equivalent of 4-15 cups of strong coffee. Toxic symptoms are varied, but include such potentially fatal ones as tachycardia and psychomotor agitation. The LD-50 lethal dose is estimated at 7-15g.
But don't be fooled: caffeine is not a dangerous drug like the dreaded THC or MDMA...
Low budgets, encouraging volunteer participants -- now that's the way to run a space program!
An extreme version of this philosophy is central to the Portland State Aerospace Society, Portland State University's group operating under the auspices of the IEEE Aerospace and Electronic Systems Society (AESS). Check out in particular our ongoing work on our Inertial Navigation System, which currently costs out at around $500. All of our work is open source, and is specifically targeted at usability by other amateur rocketry groups.
I've messed with programming languages for 15+ years, and built and ran a lot of these kinds of benchmarks on a lot of different languages. I think it's only fair to put in the obvious caveat for the less experienced: These benchmarks are too small to reflect most issues of performance and ease of use that arise in real programming. In other words, the languages that are performing best in these comparisons are the best languages for writing tiny benchmarks in, and that's all you can tell.
(To be fair, I only could see the benchmark titles, since the site is still slashdotted and I don't have the patience to chase through the Google cache. But I recognize most of the titles: there's apparently nothing there that hasn't been used as a toy benchmark for a long time.)
Note that this is a fundamental dilemma of benchmarking. Nobody is going to implement the same large yet ``generic'' program multiple ways on a large variety of languages just for comparison purposes. Even if they do, they will inevitably slight those languages with which they are less familiar, or lucky. Instead, they try to somehow infer ``What would that be like?'' from little examples. (I should know: I do this myself all the time.)
The redeeming feature of this particular benchmark extravaganza is that it may expose a lot of people to a lot of cool languages and styles they've never heard of before. For that it is to be commended.
It's hard for me to imagine Battlestar Galactica without the late Lorne Greene. In my opinion, his controlled acting and powerful stage presence elevated the show far beyond what the scripts and characters deserved: I suspect he will be greatly missed in the new series.
I know from personal experience that their customer retention tactics are as inexorable as those of Scientologists.
Uh, you're thinking of Earthlink...
``I'm not sure I know too many people who would directly compare Linux/BSD with standard UNIX Systems like Irix, Solaris, etc.''
You're kidding, right? Go talk to anyone who's been around UNIX for 10 or 15 years: they will explain to you that (a) UNIX is a valid description of any ideological descendant of BTL UNIX, that (b) the interesting differences between the modern incarnations of these environments are very small, and that (c) the difference between the systems you described is mainly one of corporate vs. (semi-)open, not UNIX vs. ???.
What name would you give the common functionality of Linux, BSD, and MacOS X, anyhow?
You might want to check out Paolo Soleri's ``arcology in progress'', Arcosanti. I'm not sure what its current state is, since its web page is down, but it is/was an interesting project: construct an arcology starting without billions of dollars...
So what's wrong with 802.11? My academic institution has had it running for several years (!) now. It's not scary fast, but 3Mbps (and now 11Mbps) seems quite adequate for most tasks even when shared among many users. The interoperability is great, and the increased range means fewer base stations and more redundancy.
Is there something I'm missing, or is Bluetooth just a poor substitute for what I have already?
My colleagues routinely solve hard max-clique instances involving several hundred vertices on PCs. See, for example, the now 8-year-old 2nd DIMACS Challenge for more details including performance on specific instances.
Myth number two: if you have solved integer factorization (or discrete logarithm) then you've proven that P=NP. This is *not* necessarily true. Unfortunately, computer scientists have never been able to classify these problems in the strict P/NP/EXPTIME hierarchy. It is not known if either of these problems is NP-complete (or even weaker, simply NP-hard.)
Uh, finding a factor of a number (as opposed to finding all the factors) and finding the discrete log of a number are both clearly in NP. If P=NP, then cryptanalysis of all standard public and private key cryptosystems I'm aware of is in P (i.e. relatively easy).
There is a recent thesis out there (I don't have the cite handy, but Springer-Verlag published it) on constructing private-key cryptosystems whose cryptanalysis is C-hard for an arbitrary class C. I haven't read it, however, so I can't vouch for its practicality.
there is a reasonable amount of info at the website.
[we need to have the equivalent of the jocular RTFM for websites, I think]
I appreciate the summary: I tried to hit the fine website, but of course it is currently Slashdotted...
What do the storage device manufacturers get out of this CPRM effort? Why are they willing to play along?
With past ``usage-prevention'' efforts, such as the DAT initiative, ultimately legislation required storage device manufacturers to build compliant devices. It seems to me that CPRM will only make it harder and more expensive for drive manufacturers to build and support their product, in exchange for functionality which is not obviously useful and is obviously harmful to their customers, both retail and wholesale, at present.
What am I missing here?
As someone who was lucky enough to be hanging around at the time, let me add a little bit to the twm history. (I'm sure Keith will correct me if I get some of this wrong. :-)
The change from Tom's Window Manager to the Tabbed Window Manager was Keith Packard's doing, actually. He had just written the Shape extension to X, to allow non-rectangular windows, and used it to implement xeyes and oclock. Keith used twm exclusively at that point, so tabbing the title bars was a natural next step. Much of the ICCM compliance was due to Keith, as well, during the period the ICCCM was being developed.
I've tried a number of window managers since then: I still use twm...
Why couldn't I find people who believe things like these speedup claims when I was selling electronics? I'd have made a fortune in commission. :)
Recall that Byte magazine used to regularly post adds for Write-Only Memory chips in their April issue. Great performance specs, too! The funniest part was that they always got a few serious inquiries...
Anybody remember the movie The Third Wave, based on the true story? In 1968, a high-school teacher sets up a Nazi-like social organization as a classroom experiment, which then goes horribly awry, as such experiments will...
I wonder if the Pinkertons were aware of this when they chose this name? My guess, sadly, is yes.
A lot of folks seem to have very rosy memories of the NeXT cube. I'll be the first to admit that software-wise, it was cool. The hardware, on the other hand, was not ``years ahead of its time.''
My educational institution got some of the first cubes out. They came with
I'll admit to having coveted the development environment. But I've never wished I owned that hardware.
David Brin's novel practically screamed movie script, and look how well it did in the theatres. Moving Sci-Fi novels to the screen is just plain hard, and the hardest ones to adapt are the ones centered around an unusual character in an unusual situation. The Bicentennial Man is another recent example of this phenomenon.
So yes, I agree: Leave Ender's Game as a great novel. OSC, if you want a screenplay, write an original screenplay. You certainly are capable of this, and the result is likely to be far superior to any adaptation of your print work.
I regard Bad Science: The Short Life and Weird Times Of Cold Fusion, by Gary Taubes, as the definitive reference on Pons and Fleischmann's "cold fusion". It's exhaustive, but a must-read if you call yourself a scientist and are interested in this subject, or just want insight into the whole "bad science" process.
(Of course if you are bent on believing a conspiracy theory, you will find it entirely unpersuasive...)
Note wrt question #9 that ssh is the only one of the choices that allows the user to authenticate the host! That is to say, it may be possible for a non-root user to put a spoofed login box on your console (or replace it with a dummy terminal!) to capture the root password, but being able to respond with the appropriate host key to ssh implies that you're talking to something with root privs on the box. (Assuming, of course, that both ends have been properly secured in the first place.)
Serious secure boxes will put up a host authenticator on the console that can be checked with a user dongle, but of course this hasn't really caught on in the general UNIX community.
Poorly written question.
...uh, Infocom? Zork, perhaps?
If you want something later and with more PC sales, Deadline was the first game to use kewl packaging for market appeal and copy protection, and one of the first to include non-combat NPC interactions and a mainstream genre plot. It sold a bajillion copies, which should also add to its ``influence.''
I won't see any popup that requires JavaScript: I surf with it turned off because I'm concerned about its security. I tend to avoid sites with popups at any rate.
The giant rotating register set was inspired by the SPARC register windows. For interrupt handling and user-kernel transitions, it should be possible to use a dedicated set of registers by rotating the window. Heck, one could even do user process context switching that way, up to a point.
Probably it's best to think of the 128-register file in smaller chunks, say 32 regs. Only 64 registers are visible at once anyhow.