checksec

It is not a coincidence that the first post in this still young year is about security. Since I realized last year how far the current internet with its "data capitalism" has strayed from its beginnings, I did a lot of reading to understand the situation in more detail. Data and Goliath by the renowned security expert Bruce Schneier was a depressing eye opener and I am currently still reading his new book Click Here to Kill Everybody which reiterates the problems in light of more recent events. If you are looking for more in depth information from somebody with a long track record, I can strongly recommend those books as a starting point.

Linux Security

One of the lessons I recently learned is that real security is extremely hard to achieve - even by the best in the field. It is also pretty much impossible for a non-specialist to evaluate the security of any given solution without much more transparency into the security design process (threat models) and the implementation methods used to avoid them (protocols, etc.).

The Linux kernel and the GNU tool chains on the other hand offer a variety of hardening features to protect a GNU/Linux system from certain vulnerabilities. Having a tool to quickly evaluation which of those methods are in effect on a given system would be a welcome tool in the toolbox, especially when custom build systems are involved rather than the well known distributions.

The application security expert Tobias Klein provides a nice shell script to do exactly that. As checksec.sh only requires the Bourne Again Shell (bash), it is immediately usable on pretty much every GNU/Linux system out there.

Read more…

Users Or Consumers

While at university in the previous millennium, I was very much in love with the Smalltalk language and especially the Smalltalk system. Built on top of the core language, the latter includes the possibility to study and modify every aspect of the whole system through the class browser and image persistence. Such a setup allowed a freedom of creativity that I since miss in programming. The mythical Lisp machine must have been of a similar pedigree but having never used such a machine this is only what I can guess by reading about it.

This nice blog post by J.V. Toups reminded me of those days but also looks at this from a very different, yet interesting, angle. Just how much potential of our digital computers do we lose every second by having divided the world into a tiny class of "producers" and a gigantic class of "users" with all the rest of the world in it. Being patronized, members of the last class unfortunately have no idea whatsoever about how empowering computers really can be. If the system is designed to include the user, then it only takes a small amount of time to learn the basics of how to "program" them.

Xerox Alto

Read more…

The Ultimate Plumber

Working in a Unix console enables the use of sophisticated pipelines in day to day administrative work. Sometimes such complex pipelines can only be assembled in an interactive and iterative series of prototypes. In such a situation up - the Ultimate Plumber can speed up work significantly by shortening the iteration cycles.

Pipes

Read more…

How DuckDuckGo Earns Money Without Surveillance

As described in the previous post The Case Against Google, I am using DuckDuckGo exclusively now for quite some time. Although I am happy with the search results overall, there have been (rare) occasions when I reran queries through Google because I could simply not find what I was looking for in an adequate time frame.

DuckDuckGo Logo

Read more…

RSS Is Dead. Long Live RSS!

Mozilla published its intent to remove RSS support in Firefox 63 or Firefox 64 . The reasoning is that the feature is not widely used and so the code has become a large burden on the rest of the code base. Without knowing the Firefox code base, this explanation makes a lot of sense.

A comment on the previous post An Increasingly User-Hostile Web got me started using RSS only a few months ago, but because this workflow naturally supports reading news from different devices, it has become part of my daily workflow. All that was needed was the installation of Nextcloud News App on my existing server.

FRDM-K64F

Read more…

The Case Against Google

For some time now I have changed my default search engine to DuckDuckGo, but that was mostly the result of my reflection on privacy issues. Everybody has already witnessed, how even a single Google search can quickly "taint" the ads presented on pretty much every subsequently visited web page. Changing the default search engine and using open services like Open Street Map instead of Google Maps are easy steps to prevent every information flowing directly to this omnipresent entity.

The New York Times article The Case Against Google however looks at the dominance of Google from a completely different angle and puts this in a very interesting historical context. The question in a nutshell is - can Google prevent real competition by simply excluding competitors from search results? Or put differently, can an emerging new internet service be choked to insignificance by not being visible on the first page in Google search?

Too Many Books To Read

Read more…

Fixing DocNav 2017.04 on Debian Stretch

Having installed Vivado 2017.04 on one of my GNU/Linux machines that run Debian 9.3 (Stretch), I realized that DocNav fails to start:

dzu@deepthought:~$ . /opt/Xilinx/Vivado/2017.4/settings64.sh
dzu@deepthought:~$ docnav
docnav: error while loading shared libraries: libpng12.so.0: cannot open shared object file: No such file or directory
dzu@deepthought:~$
Xilinx Logo

Read more…

Electricity Map

During all the political discussions for the need of clean power, I always wondered about real data for this domain, i.e. how much of our electrical power is coming from what sources. As it wasn't that important, I never even tried to find any source for this and continued to live in ignorance. By sheer accident the situation changed recently as I learned about the Electricity Map web site answering exactly this question in real time. The site focuses on the release of the green house gas CO2 to visualize the data.

It is very instructive to study the individual countries, their power mix and the trade of electricity across the borders. A few questions that popped into my mind when visiting it for the first time were pretty easy to answer:

  • Why does Norway have such an excellent CO2 balance?
  • Why is France also doing very good? Ok, so the problems of nuclear power plants are beyond the data of this page.
  • What is the installed capacity of solar and wind energy in Germany compared to nuclear power plants?
Electricity Map Screenshot

Read more…

Firefox is Cool Again

Even though it is not news anymore, I think it is worth mentioning that Mozilla Firefox improved by a large margin with the Firefox Quantum (57) release. Although I have been using Firefox since it started back in 2004, from time to time I was jealous of the performance of Chrome and other engines. Still I never left the platform with the deep conviction that Firefox will catch up sooner or later. This time has finally come!

Mozilla Firefox Logo

Read more…

New View on the Weather

Taking great pleasure in outdoor activities, it has always been important for me to have accurate weather predictions available. Although localized weather forecasts on the web or from apps are very good nowadays, it turns out that some qualitative insight greatly improves understanding the general weather situation.

Having enjoyed it a lot, this post is a recommendation for the book "Do-it-yourself Wettervorhersage" (currently in German only) from Urs Neu.

Do-it-yourself Wettervorhersage

Read more…