Labour MPs from B'liar's "New Labour" sellout era demand that Corbyn resign as the party leader, but don't dare face him in a vote of the membership. Corbyn and his backers have threatened to replace them in the next election, which could be this year of four years from now.

Posted Wed Jun 29 00:00:00 2016 Tags:

Chen Yunfei, survivor of the Tiananmen protests in 1989, has tried to spread awareness of them in China. He is now being tried on charges of saying what the State wants people to forget.

Posted Wed Jun 29 00:00:00 2016 Tags:

The Obama regime is pressing the Senate to pass a bill to "protect" Puerto Rico from default.

However, I've read elsewhere that this bill would give Puerto Rico the same nondemocratic treatment as Greece, and Detroit and Flint.

Posted Wed Jun 29 00:00:00 2016 Tags:

The UK's departure from the EU would remove one obstacle to reforming it.

To take advantage of this opportunity would require electing parties committed to such reform in many EU countries.

Posted Wed Jun 29 00:00:00 2016 Tags:

Disney "princess" marketing teaches girls a limiting gender image and is bad for their self-esteem.

Posted Wed Jun 29 00:00:00 2016 Tags:

India is imposing biometric identification on the whole population, including fingerprinting and iris scans.

It may be possible, or it may become possible, to recognize people on the street by iris scanning from a distance, turning this into a horrible orwellian system.

We tried to resist this.

Posted Wed Jun 29 00:00:00 2016 Tags:

A Chilean officer of the 1970s was found liable in a civil suit for the murder of singer Victor Jara. If he is convicted in a criminal trial, that would be really something to cheer.

The US was behind the military coup after this murder took place.

Posted Wed Jun 29 00:00:00 2016 Tags:

Fake fingerprints make it easy to avoid using your real fingerprints to authenticate.

To make sure you can dispose of them quickly, they need to be edible and digestible.

Posted Wed Jun 29 00:00:00 2016 Tags:

The US plans to ask visitors to declare the locations of their "online presence".

This seems dangerous to me, since there will be no limits to the pressure for self-censorship. Even if the US applies this only to keep out terrorists, other governments will follow the same approach to exclude human rights defenders.

Systematically some will be led to give their passwords too, by mistake.

Posted Wed Jun 29 00:00:00 2016 Tags:

US citizens: Phone Rep. Pelosi to oppose a lame-duck vote on the TPP.

Posted Wed Jun 29 00:00:00 2016 Tags:

Hey look, someone tried to steal my ancient, worthless bike! I just noticed, but I guess it happened at Pride. They cut about halfway through the lock before giving up.

So what do you think, do I buy a new lock, or just put some duct tape on that and hope nobody notices?

Posted Tue Jun 28 21:54:38 2016 Tags:
A Recreation of a 1972 Rothschild Party:

The Illuminati Ball was inspired by leaked photos from the infamous Surrealist Party hosted by the Baron and Baroness de Rothschild in 1972. A night of immersive theater, von Buhler describes the play as "a surreal, bourgeois dinner party filled with power struggles, morality tests, and anthropomorphic escapades."

Staying true to its secretive nature, attendees are not allowed to drive themselves to the event. Instead, a limousine bus picks you up on the Upper East Side in New York City and brings you to a massive, waterfront estate outside of the city (the location and owner are to remain secret). For the festivities, attendees dress to the nines (long capes are always welcome). To complete the look, unique masks and hats will be provided.

Attendees are also assigned characters belonging to either the pig, monkey, cow, chicken or mouse family. Each group has a certain mission, certain things they will experience throughout the night, making them part of the story, both as a spectator and actor. Upon arrival, attendees are briefed, masked, and rehearsed, ready for a night of fire performance, opera, aerial silk acts, and esoteric ritual ceremonies.

Posted Sun Jun 26 21:20:54 2016 Tags:
A booze em' up about waifus, technology, and post-dystopia life.

In this world, corporations reign supreme, all human life is infected with nanomachines designed to oppress them, and the terrifying White Knights ensure that everyone obeys the laws.

But, this is not about those people.

You are a bartender at VA-11 HALL-A. Although it is just a small bar downtown, it attracts the most fascinating people this side of dystopia. Keep your clients lubricated and you will be made privy to the most interesting stories.

Learn about daily life in a cyberpunk dystopia.

A branching storyline where your decisions do not depend on traditional choices, but through the drinks you prepare.

Posted Sun Jun 26 21:11:06 2016 Tags:
Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers

In this paper, we present Fansmitter, a malware that can acoustically exfiltrate data from air- gapped computers, even when audio hardware and speakers are not present. Our method utilizes the noise emitted from the CPU and chassis fans which are present in virtually every computer today. We show that a software can regulate the internal fans' speed in order to control the acoustic waveform emitted from a computer. [...] We demonstrated the effective transmission of encryption keys and passwords from a distance of zero to eight meters, with bit rate of up to 900 bits/hour.

Previously, previously, previously, previously, previously.

Posted Sun Jun 26 20:47:35 2016 Tags:
"When a cell site simulator is deployed, it gathers cell phone info from everyone in the surrounding area, including those whose chicken wings have been lawfully purchased."

Annapolis' log shows police located their target in seven of the 17 cases in which the [Stingray] equipment was used since late 2011.

Annapolis Police couldn't find their target in the case of a Pizza Boli's employee who reported being robbed of 15 chicken wings and three subs while out on delivery in March. In that case, police got a court order, according to the police log.

The value of the wings and subs totaled $56.77.

Law enforcement spokespeople will often point to the handful of homicide or kidnapping investigations successfully closed with the assistance of cell site simulators, but they'll gloss over the hundreds of mundane deployments performed by officers who will use anything that makes their job easier -- even if it's a tool that's Constitutionally dubious.

Don't forget, when a cell site simulator is deployed, it gathers cell phone info from everyone in the surrounding area, including those whose chicken wings have been lawfully purchased. And all of this data goes... somewhere and is held onto for as long as the agency feels like it, because most agencies don't seem to have Stingray data retention policies in place until after they've been FOIA'ed/questioned by curious legislators.

Regular policework -- which seemed to function just fine without cell tracking devices -- now apparently can't be done without thousands of dollars of military equipment. And it's not just about the chicken wing thieves law enforcement can't locate. It's about the murder suspects who are caught but who walk away when the surveillance device wipes its feet on the Fourth Amendment as it serves up questionable, post-facto search warrants and pen register orders.

Previously, previously, previously.

Posted Sun Jun 26 20:32:09 2016 Tags:

Please enjoy jwz mixtape 168.

Posted Sun Jun 26 20:15:31 2016 Tags:

Haven’t been blogging for a while because I’ve been deep in coding and HOWTO-writing. Follows the (slightly edited) text of an email I wrote to the NTPsec devel list that I I think might be of interest to a lot of my audience.

One of the questions I get a lot is: How do you do it? And what is “it”, anyway? The question seems like an inquiry into the mental stance that a systems architect has to have to do his job.

So, um, this is it. If you read carefully, I think you’ll learn a fair bit even if you haven’t a clue about NTP itself.

Today, after a false start yesterday and a correction, I completed a patch sequence that makes a significant structural change to NTP that isn’t just removing cruft.

This is kind of a first. Yes, I’ve made some pretty dramatic changes to the code over the last year, but other than the not-yet-successful TESTFRAME scaffolding they were almost all bug fixes, refactorings, or creative removals. The one exception, JSON reporting from ntpdig, was rather trivial.

[What I didn’t say to the list, because they already know it, is that the code was such a rubble pile that it actually took that year to clean up to the point where a change like this was reasonable to attempt.]

What I’ve succeeded in doing is almost completely removing from the code the assumption that refclock addresses necessarily have the special form 127.127.t.u. The only code that still believes this is in the ntp.conf configuration parser, and the only reason *it* still believes this in order not to break the existing syntax of refclock declarations.

(In fact, clock addresses do still have this form internally, but that is only to avoid surprising older ntpq instances; nothing in the NTPsec code now requires it.)

I’ve also made substantial progress towards eliminating driver-type magic numbers from the code. The table that used to indirect from driver-type numbers to driver-type shortnames is gone; instead, the driver shortname string is what it should be – an element of the driver method table – and there is only one type-number-to-driver indirection, a table in refclock_conf.c.

This is all clearing the decks for a big user-visible change. I’m going to fix the frighteningly awful refclock declaration syntax. Consider this example:

# Uses the shared-memory driver, accepting fixes from a running gpsd
# instance watching one PPS-capable GPS. Accepts in-band GPS time (not
# very good, likely to have jitter in the 100s of milliseconds) on one
# unit, and PPS time (almost certainly good to 1 ms or less) on
# another.  Prefers the latter.
# GPS Serial data reference (NTP0)
fudge refid GPS
# GPS PPS reference (NTP1)
server prefer
fudge refid PPS

The misleading “server” keyword for what is actually a reference clock. The magic 127.127.t.u address, which is the only way you *know* it’s a reference clock. Some attributes of the clock being specified in a mystery ‘fudge’ command only tied in by the magic server address. The magic driver type number 28. The fail is strong here. The only excuse for this garbage (and it’s not much of one – Mills was smart enough to know better) is that it was designed decades ago in a more primitive time.

Here’s how I think it should look:

refclock shm unit 0 refid GPS
refclock shm unit 1 prefer refid PPS

No magic IPv4 address, no split syntax, no driver type number (it’s been replaced by the driver shortname “shm”). It should be less work to get the rest of the way to this (while still supporting the old syntax for backward compatibility) than I’ve done already – I’ve already written the grammar, only the glue code still needs doing.

An unobvious benefit of this change is that the driver reference pages are going to become a lot less mystifying. I can still remember how and why my head hurt on first reading them. Removing the magic addresses and mystery numbers will help a lot.

Along the way I learned a lot about how ntpq and mode 6 responses work. (Like NTP in general, it’s an odd combination of elegant structural ideas with an astonishing accumulation of cruft on top.) In order to remove the magic-address assumptions from ntpq I had to add another variable, “displayname”, to the set you get back when you request information about a peer. In effect, ntpd gets to say “*this* is how you should label this peer”, and ntpq uses that to decorate the clock entries in its -p output.

This has the minor downside that new ntpqs will display (rather than “SHM(0)”) when querying Classic ntpd, which doesn’t ship that variable. Oh well…almost everyone disables remote querying anyway. It was the right thing to do; ntpq has no business knowing about driver type numbers.

(Grrrrr…Actually, *nobody* has any business knowing about driver type numbers. Things that have names should be referred to by name. Making humans maintain a level of indirection from names to numbers is perverse, that’s the kind of detail we have computers to track. Or, to put it slightly differently, “1977 called – it wants its ugly kluge back.”)

It’s easy for codebases this size to wind up as huge balls of mud. There are several nearly equivalent ways to describe my job as a systems architect; one of them centers on enforcing proper separation of concerns so collapse-to- mudball is prevented. The changes I’ve just described are a significant step in the good direction.

Posted Sun Jun 26 02:51:12 2016 Tags:
Posted Sat Jun 25 06:22:16 2016 Tags:

Planet Debian upstream is hosted by Branchable.