Older blog entries for etbe (starting at number 1072)

The 2013 Federal Election

picture of rubbish left after the federal election

Seven hours ago I was handing out how to vote cards for the Greens at the 2013 Australian Federal election. I was hoping that either we would have a Labor/Greens coalition or an outright majority for Labor. Unfortunately we got a Liberal majority in the lower house and it looks like some extreme right wing groups may get into the senate (replacements for “Family First” – the anti-Gay party).

For some reason the polling station where I was working only had volunteers from the three major parties (Greens, Labor, and Liberal) while other polling stations in the same electorate had volunteers from smaller parties such as the Sex Party and the Socialist Alliance.

The volunteers from the Liberal party ate McDonalds outside the polling station and afterwards McDonalds rubbish was left on the ground, the above picture isn’t particularly clear because I took it after 6PM when the polls closed. The Liberals didn’t care enough to put their rubbish in a bin, it’s an externality for them, if they get enough seats in the senate they will surely take the same approach to governing Australia. The Labor people didn’t take the effort to clean up the Liberal mess even though it wasn’t particularly difficult to do so, I think that’s the type of attitude that led to this election defeat. In the case of the McDonalds rubbish in question I put it in the bin so that when the primary school kids return on Monday their school won’t be too messy after the election. But in the case of the mess that is being made in Australian politics it will take many more Greens votes to allow us to clean it up.

Related posts:

  1. Victorian State Election Election Tomorrow On Saturday we will have a Victorian state...
  2. Telling People How to Vote Yesterday I handed out how to vote (HTV) cards for...
  3. Supporting an Election Campaign Yesterday I handed out “how to vote” cards for the...

Syndicated 2013-09-07 15:10:16 from etbe - Russell Coker

Ownership of a Club

Last night at the Annual General Meeting we had a motion to disincorporate The Linux Users of Victoria (LUV) [1]. The proposal was for LUV to cease being an incorporated society on condition that Linux Australia (LA) [2] accepts us as a sub-committee. As a sub-committee of LA we would elect our own committee to run things locally but have LA hold the finances, deal with all the paperwork that the government demands, and generally do as many of the non-core tasks associated with running a users’ group as possible.

When we discussed this at the LUV committee meetings it didn’t seem like a big deal. But as is often the case with political discussions it turned out to be difficult.

There was a lot of discussion about LUV supposedly ceasing to exist, people seem to think that LUV is defined by having an incorporated society. My impression was always that it was defined by a mailing list and having meetings – and I was involved in both before there was an incorporated society.

Lurkers and Ownership

During the discussion we had some input from members who were typically lurkers who seemed to feel that their property rights towards LUV were being infringed, this annoys me. I think that if someone chooses not to be involved in running an organisation then they should choose not to concern themselves with the details of how the organisation is to be run. People who attend the meetings should have a say in how the meetings are run and have reason to be concerned about anything that might affect them and the opinions of speakers also matter. People who are involved with mailing list discussions should have a say in how the lists are run. But people who have never volunteered for a position on the committee shouldn’t be greatly concerned about the internal issues of how things are run.


Some concern was expressed about the financial situation of LUV and whether we would still get enough donations to keep it running when combined with LA. There was even some FUD suggesting that LA would just take our money (they had assured us that all funds and donations would be ear-marked for us). The current LUV financial situation is that Red Hat pays for the venue for the monthly meetings and the rent for the venue comprises about 2/3 of all donations. The remaining 1/3 comes from one company. So in the current situation if Red Hat ceased donating then we would have 18 months to find another donor or cease holding meetings before our bank balance became unreasonably low. If the company which gives the other significant annual donation was to cease doing so then we could operate for a few years on savings but we would need to find some other source of funding.

It seems to me that joining LA would give us more financial security. Then if Red Hat ceased paying for the venue then LA could keep things running until we found another donor, I’m confident that LA wouldn’t allow LUV to just shut down because of a shortage of donations.

If people are really concerned about the financial situation of LUV then they should urgently seek further donations such that if any one donor decided to stop giving then we could still operate as normal. To achieve that goal I think we need at least another $1,000 per annum. This issue of redundancy in donations is something I raise every time that LUV finances are discussed.

My conclusion is that people aren’t really bothered about the financial security of LUV except when they are looking for reasons to avoid change.

Doing New Things

During the course of discussion about the future of LUV there were a number of requests for improvement. One significant request was for more support for regional Linux users. Some years ago we held a mini-conference in Ballarat which went well. I think it would be good to do such things again, the cost is not particularly great and I’m sure it would be accepted by LA for funding, but we need to organise it.

Organising such events is something that anyone can do. Any LUV member can plan an event, get costs for everything that is needed (food, accommodation, travel, etc) and then pitch it to the LUV committee in terms of which things should be paid by LUV and which by the members concerned. We could then work on getting additional funding from LA if necessary. But planning an event takes some effort and it’s often effort that can only be done by a local. Finding a suitable venue and getting some assurance that a large enough audience will attend is something that can’t be done remotely.

I think that the problem for LUV in regard to such things isn’t a lack of money or independence. I think that the problem is that the committee spends too much volunteer time on administrative tasks and not enough time directly doing things that benefit members and the community in general.

In the past I have declined nomination to the LUV committee because I felt that I could contribute more by giving lectures, finding other speakers, and doing other things to directly improve the group. I was on the committee last year and have now been elected to it again, but I’m starting to think that I made a mistake. Maybe I should have declined and let others work on the new model rules and other paperwork.

One committee member has claimed that the time taken on administrative tasks isn’t taking time away from other LUV related tasks, I invite any committee members who feel that way to address some of the services that members are requesting. Speaking for myself my lack of time directly impacts that I can do for the club.

I think that ownership of a club should be related to what people do for the club. If you have a feeling of ownership and lack ideas for how to contribute then you can ask the LUV mailing list, there are lots of people with suggestions for things to do.

Related posts:

  1. Who Can Contribute to Free Software A common misconception is that only programmers can contribute to...
  2. Ownership of Laptops for Work Jetstar has announced some new changes to the way they...
  3. Linux in Singapore Are there any active LUGs in Singapore? A friend in...

Syndicated 2013-09-04 05:42:10 from etbe - Russell Coker

Links August 2013

Mark Cuban wrote an interesting article titled “What Business is Wall Street In” about the failure of Wall Street to fulfill it’s stated purpose of providing capital for businesses [1]. His proposed solution is extreme, but so is the problem.

PopSci has an interesting article by Peter Nonacs about allowing students to collaborate (which is often known as “cheating”) in an exam on a Game Theory exam [2]. So the Game Theory exam became a practical exercise. It’s more interesting than I can describe in a paragraph.

Salon has an interesting article suggesting that mealtime routines and rituals improve flavor [3]. I wonder whether that applies to other things. Does the “ritual” of compiling software make one enjoy it more? Would the food at a Linux conference taste better if we sang the “Free Software Song” first?

Related posts:

  1. Links August 2010 Urban Honking has an insightful article about the Arduino and...
  2. Links May 2013 Cameron Russell (who works as an underwear model) gave an...
  3. Links February 2013 Aaron on Software wrote an interesting series of blog posts...

Syndicated 2013-08-31 13:58:18 from etbe - Russell Coker

Scratching a Galaxy S

Some years ago when I first got a LG U990 Viewty (which in some ways is the best phone I ever owned) I went swimming and left my phone in my bag. My phone happened to rest on my car keys and had vibration mode enabled, after a couple of missed calls I had a nasty scratched area on the phone screen. Since then I’ve been very wary about allowing metal objects to come in contact with a phone screen.

Now I have a Samsung Galaxy S with some sort of motherboard damage (it won’t even boot and I know it’s not a software issue because it was initially intermittent). A phone that old isn’t worth repairing (they sell on ebay for as little as $50) so it seemed worth testing how hard the screen is. The screen cover is Gorilla Glass which was the hardest glass available at the time the phone was new (apparently there are better versions of Gorilla Glass available now and my more recent phones should be tougher).

My first test was with one of my favorite Japanese kitchen knives, it didn’t scratch at all. Then I chose a knife sharpening stone as an obvious item that’s harder than a knife, it scratched the screen easily. A quartz pebble also scratched the screen when I used some force, so presumably concrete and brick would also scratch it. Tests with all current Australian coins and my car keys showed that the screen is too hard to be scratched by them. I also tested hitting the phone screen with my keys, I hit it much harder than would happen if I was to run while having my phone and my keys in the same pocket and there was no damage.

My conclusion is that any metal object you are likely to carry in your pocket is unlikely to cause any problem if knocked against the screen of a modern phone.

Related posts:

  1. Samsung Galaxy S3 First Review with Power Case My new Samsung Galaxy S3 arrived a couple of days...
  2. CyanogenMod and the Galaxy S Thanks to some advice from Philipp Kern I have now...
  3. Samsung Galaxy Note 2 A few weeks ago I bought a new Samsung Galaxy...

Syndicated 2013-08-26 13:57:25 from etbe - Russell Coker

The End of Kogan Mobile

Kogan Mobile has just announced that Telstra succeeded in it’s attempt to break it’s contract with ISPone and thus end the Kogan Mobile business [1]. Over the last few years there has been a trend for all Australian telcos to increase mobile phone costs. There are some pre-paid companies that offer reasonable deals for people who don’t make many calls, but for people who make any significant amount of calls or use any significant amount of data transfer the prices have mostly been going up.

The big exceptions to the trend of increased prices were Kogan Mobile and Aldi who offered “unlimited” contracts at affordable rates. Kogan’s deal was initially $299 per annum (it was later increased a bit) for “unlimited” calls and SMS and 6G of data transfer per month (but not more than 1G in one day and not more than 3 days of more than 400M in a month). 6G per month is much more than most people could use in a month and 400M is enough data transfer that most people won’t be at risk of doing that 3 times in a month. While Kogan did impose some limits on calls and SMS they weren’t going to affect most people. So when I switched to Kogan I removed the apps that tracked bandwidth use and talked for as long as I wanted without bothering about cost. I don’t think I used much more data transfer or spoke for much longer, but it was good not to bother about such things.

Now it seems that Aldi Mobile [2] is the best remaining option for affordable mobile access in Australia for anyone who wants more than the basic use. Aldi’s option is $35 for 30 days of “unlimited” phone calls and SMS within Australia with 5G of data transfer, $420 for 360 days of “unlimited” calls and 5G of data per almost-month isn’t as good as $299 per 365/366 days and 6G of data per month. Only having 5G of data per almost-month isn’t a problem for me, but the significant increase in price is.

A big problem with Aldi is the limitations on “acceptable use” which aren’t as clear as for Kogan, Aldi gives “downloading gigabytes of data in a short period” as an example of unacceptable use, this isn’t nearly as good as Kogan’s daily limits of 3*400M or 1*1G in a month which can be tracked by software to avoid accidental breaches.

But I’ll use Aldi in spite of this risk. All the other telcos charge too much for plans which involve 2G of data per month. The 1.5G quota I had before Kogan was a real problem for me, I need a quota of at least 2G with no serious penalties for accidentally exceeding it or a quota that’s at least 3G.

Australia needs proper competition in the mobile phone market or significant government action. Forcing the current telcos to stop colluding would be one good option for the government but another option would be to create a government owned telco with a mandate to serve the public – much like Telstra was before John Howard sold it off.

Related posts:

  1. Kogan Mobile Kogan Mobile is the newest virtual telco in Australia [1]....
  2. Dual SIM Phones vs Amaysim vs Contract for Mobile Phones Currently Dick Smith is offering two dual-SIM mobile phones for...
  3. Australian Mobile Phone Costs I previously wrote about the changes to bundling prices by...

Syndicated 2013-08-20 14:55:06 from etbe - Russell Coker

Google web sites and Chromium CPU Use

Chromium is the free software build of the Google Chrome web browser. It’s essentially the same as the Google code but will often be an older version, particularly when you get Chromium from Debian/Stable (or any other Linux distribution that doesn’t track the latest versions all the time) and compare it to getting Chrome straight from Google.

My wife is using Chromium on an AMD Opteron 1212 for all the usual web browsing tasks. Recently I’ve noticed that it takes a lot of CPU time whenever she leaves a Google web site open, that can be Google+, Gmail, or Youtube.

Web standards are complex and it’s difficult to do everything the way that one might desire. Making a web browser that doesn’t take 100% CPU time when the user is away from their desk may be a difficult technical challenge. Designing a web site that doesn’t trigger such unwanted behavior in common web browsers might also be a challenge.

But when one company produces both a web browser and some web sites that get a lot of traffic it’s rather disappointing that they don’t get this right.

It could be that Google have fixed this in a more recent version of the Chrome source tree, and it could be that they fixed the browser code before rolling out a new version of Google+ etc which causes problems with the old version (which might explain why I’ve never seen this problem). But even if that is the case it’s still disappointing that they aren’t supporting older versions. There is a real need for computers that don’t need to be updated all the time, running a 3 month old Linux distribution such as Debian/Wheezy shouldn’t be a problem.

There’s also a possibility that part of the cause of the problem is that an Opteron 1212 is a relatively slow CPU by today’s standards and it’s the slowest system I’m currently supporting for serious desktop use. I don’t even think it was one of the fastest CPUs available when it was released 4 years ago. But I think we should be able to expect systems to remain usable for more than 4 years. The Opteron 1212 system is a Dell PowerEdge tower server that is used as a workstation and a file server, so while I get desktop systems with faster CPUs for free I want to keep using the old PowerEdge server to avoid data corruption. As an aside I’ve been storing important data on BTRFS for a year now and the only data loss I’ve suffered has been due to a faulty DIMM. The filesystem checksums built in to modern filesystems such as BTRFS and ZFS mean that RAM corruption covers a greater portion of the risk to data integrity and the greater complexity of the data structures in such filesystems gives the possibility of corruption that can’t be fixed without mkfs (as happened to me twice on the system with a bad DIMM).

The consequences of such wasted CPU use are reduced CPU time for other programs which might be doing something useful, extra electricity use, and more noise from CPU cooling fans (which is particularly annoying for me in this case).

Any suggesstions for reducing the CPU use of web browsers, particularly when idle?

Related posts:

  1. Google Chrome – the Security Implications Google have announced a new web browser – Chrome [1]....
  2. Bugs in Google Chrome I’m currently running google-chrome-beta version 5.0.375.55-r47796 on Debian/Unstable. It’s the...
  3. Google Chrome and SE Linux [107108.433300] chrome[12262]: segfault at bbadbeef ip 0000000000fbea18 sp 00007fffcf348100...

Syndicated 2013-08-15 11:29:29 from etbe - Russell Coker

Nexus 4 Ringke Fusion Case

LG Nexus 4 phone with Ringke Fusion case

I’ve been using Android phones for 2.5 years and for all my phones (Sony-Ericsson Xperia X10, Samsung Galaxy S, Samsung Galaxy S3, and LG Nexus 4) I’ve bought “gel” cases. The gel cases are made of soft rubber which allows phones to bounce rather than break if dropped and also provide better grip (both for holding the phone and for resting it on a vibrating surface such as a tray in a car or plane). The cases have cost me between $12.50 and $15, I haven’t felt inclined to pay any more because a case has always seemed like a needless expense, something that merely compensates for deficiencies in phone design.

There are some problems with the gel cases, the first one is that they are rather ugly, while I’m not really interested in decorating my phones it seems a waste to have a nice phone like the Nexus 4 which has a neat sparkling pattern on the back and then use a case that entirely covers it. The next problem is the fact that the gel cases tend to restrict access to the buttons on the outside of the case.

I have been given a Rearth Ringke Fusion case for my Nexus 4 by MobileZap (this is a link for the Nexus 4 cases they sell) [1]. The case features a transparent layer of plastic at the back which protects the phone against having the rear glass of the case break (a known risk with the Nexus 4) while still allowing the user to admire it. With good lighting the sparkling pattern on the back of the phone can still be enjoyed, unfortunately this doesn’t show up at all in my photo. It’s impossible for a photo to capture a shimmering effect although other photographers have done a better job at showing off a Nexus 4. Also the transparent back to the case gives the option of putting any form of decoration between the phone and the case, for example one could print the logo of their Ingress team and put it between the phone and the case.

One thing that is visible in the photo is the feet on the back of the case. With small feet at the corners the transparent back usually won’t touch a surface that it rests on, this should prevent unsightly scratches to the back of the case. Also the feet can get some grip on the surface that it rests on, my car has a tray suitable for resting a phone which has a pattern of dimples that catch the feet of the Ringke case and prevent it from sliding.

Finally the external buttons for power and volume control are not obstructed in any way. After using 7 phones of 4 different models with gel cases I’ve become accustomed to buttons either being difficult to press or easy to press accidentally. The Ringke case allows the buttons to be pressed easily when needed but doesn’t seem prone to accidental presses.

I’m not about to buy a new case for my Galaxy Note 2 (my main phone at the moment) because I don’t like paying to replace something that works. But next time I buy a case I’ll look for something better than a plain gel case, it’s worth paying an extra $9 to get a good case for a phone that costs $350 (the current discount rate for a Nexus 4) or more. I definitely recommend the Ringke case for a Nexus 4.

Related posts:

  1. Nexus 4 My wife has had a LG Nexus 4 for about...
  2. Samsung Galaxy S3 First Review with Power Case My new Samsung Galaxy S3 arrived a couple of days...
  3. Cooling Phones According to the bureau of meteorology today is 39C. But...

Syndicated 2013-08-13 12:14:06 from etbe - Russell Coker

Religious Conversion

Today I was in the center of Melbourne and I saw two stands run by Muslims advocating their faith. They had a selection of DVDs and brochures to give away and seemed friendly enough for anyone who wanted a chat. I think that this is a good thing, if the majority of the Australian population would think of the Muslim minority as people who give away DVDs rather than as potential suicide bombers then it would be a great benefit for society.

Then I saw a Christian stand which had placards indicating that Jesus loves Muslims, which is fine. One of the workers on that stand then gleefully told me that there had been a Muslim stand in that area but the Muslims departed when they arrived. It would be good if advocates for the various religions could work together to promote positive things that they all agree on (generally related to being nice to other people). When they seem to be essentially bullying other religious groups into leaving the area they aren’t making a good case for a kind and caring god.

The Christian who was so happy about the Muslims departing then tried to convert me. He started by talking about a mobile phone not being able to appear from nothing which was the start of an utterly stupid argument about creationism. That was stupid firstly because it’s obvious that evolution doesn’t apply to consumer electronics, if I leave a phone lying on top of another phone overnight I’m not going to get some little phones appearing as a result.

But the bigger stupidity is in even promoting creationism in the first place. Advocating creationism is essentially claiming that god is so incapable that ze can’t manage an evolutionary process. An all-seeing all-knowing god of infinite intelligence could just create a plasma cloud that will form into a solar system and evolve life. People who argue for creationism don’t believe in a capable god, they believe in a being that resembles a god in the way a “magician” resembles someone who can actually perform magic. Arguing for creationism is arguing for a limited being which probably isn’t worthy of worship (why worship space aliens who are probably only a few thousand years ahead of us). Regardless of the scientific evidence (which is strongly in favor of evolution) just logically thinking about the issue in regard to what a being with infinite powers might actually do suggests that ze could just as easily create or evolve all life and probably wouldn’t care about what we believe. Genesis should be taken as metaphor because it’s obvious that nothing that’s taught in a year 7 science class could be taught to your typical stone age goat-herd, but even if it was taken literally it’s not specified as a required belief (as opposed to a belief in a single god, repenting sins, and other beliefs which are required).

The greatest stupidity however is the fact that even if it made any sense to promote creationism it wouldn’t make sense to do so immediately. Any time you want to convert someone to a set of beliefs it’s a good strategy to start with the ones which will seem least wacky. I can have have a conversation with Christians about positive things which we generally agree on such as donating to charity and trying to do good things in various ways. But when they start with the stupid stuff I walk away.

When the weather is better I plan to interview representatives of the various religious groups who are trying to convert people on the street and rate them according to how wacky they are. I’ll be a little limited in my ability to review them by the total lack of any right to free speech in Australia (our laws are much the same as those in the UK). But I should still be able to give them a reasonable review.

Related posts:

  1. The Principles of Stupidity We always underestimate the number of stupid people The...
  2. Conversion of Video Files To convert video files between formats I use Makefiles, this...
  3. religious requirements for free software development Relgions commonly require contributions to charitable causes and helping...

Syndicated 2013-08-03 13:45:41 from etbe - Russell Coker

Links July 2013

Wayne Mcgregor gave an interesting TED talk about the creative processes of a choreographer [1]. The dancing in this talk is really good.

Melissa McEwan wrote an interesting article on whether being an “ally” to members of a disadvantaged group is a state or a process [2]. It seems to me that the word ally is a problem here, maybe a word like supporter would be more useful.

Ken Murray wrote an insightful article How Doctors Die about the end of life choices that people with medical experience make [3]. He makes a good case for rejecting the type of “treatment” which has a low probability of success and a certainty of lowering the quality of life. It would be good if health insurance offered patients with terminal illness an option of $1000 per day party funds if they chose to reject the expensive and painful methods that might extend their life, that might even save enough money to allow cheaper health insurance!

Rick Falkvinge wrote an interesting post about the copyright to translations of the Bible [4]. I used to think that copyright issues with “religious” works was only a problem with cults…

Joshua Foer wrote an interesting article for the New Yorker about the invention of the language Quijada which is designed for maximum precision [5]. It also has a lot of background information on constructed languages and the way that they are used.

Related posts:

  1. Links March 2013 Russ Allbery wrote an informative post about how to determine...
  2. Links July 2011 The Reid Report has an article about the marriage pledge...
  3. Links February 2013 Aaron on Software wrote an interesting series of blog posts...

Syndicated 2013-07-31 05:15:27 from etbe - Russell Coker

Security is Impossible

The Scope of the Problem

Security is inherently complex because of the large number of ways of circumventing it. For example Internet facing servers have been successfully attacked based on vulnerabilities in the OS, the server application, public key generation, DNS, SSL key certificates (and many other programs and algorithms in use), as well as the infrastructure and employees of all companies in the chain. When all those layers work reasonably well (not perfectly but well enough to not obviously be the weakest link) there are attacks on the end user systems that access the servers (such as the trojan horse programs used to attack PCs used for online banking).

My Area of Interest

The area of security that interests me is Linux software development. There are many related areas such as documentation and default configurations to make it easier for people to secure their systems (instead of insecure systems being the default option) which are all important.

There are also many related fields such as ensuring that all people with relevant access are trustworthy. There are many interesting problems to solve in such areas most of which aren’t a good match for my skills or just require more time than I have available.

I sometimes write blog posts commenting on random security problems in other areas. Sometimes I hope to inspire people to new research, sometimes I hope to just inform users who can consider the issues when implementing solutions to security problems.


In the software development side there are ongoing problems of bugs in code that weaken security. The fact that the main area of concern for people who are interested in securing systems is fixing bugs is an indication that the problem of software quality needs a lot of work at the moment.

The other area that gets a reasonable amount of obvious work is in access control. Again it’s an area that needs a lot of work, but the fact that we’re not done with that is an indication of how far there is to go in generally improving computer security.

Authenticating Software Releases

There have been cases where source code repositories have been compromised to introduce trojan horse code, the ones I’ve read about have been discovered reasonably quickly with little harm done – but there could be some which weren’t discovered. Of course it’s likely that such attacks will be discovered because someone will have the original and the copies can be compared.

Repositories of binaries are a bigger problem, it’s not always possible to recompile a program and get a binary which checks out as being identical (larger programs often include the build time in the binary). Even for build processes which don’t include such data it can be very difficult to determine the integrity of a build process. For example programs compiled with different versions of libraries, header files, or compilers will usually differ slightly.

As most developers frequently change the versions of such software they will often be unable to verify their own binaries and any automated verification of such binaries will be impossible for anyone else. So if a developer’s workstation was compromised without their knowledge it might be impossible for them to later check whether they released trojan binaries – without just running the binaries in question and looking for undesired behavior.

The problem of verifying past binaries is solvable for large software companies, Linux distributions, and all other organisations that have the resources to keep old versions of all binaries and libraries used to build software. For proprietary software companies the verification process would have to start with faith in the vendor of their OS and compiler doing the right thing. For Linux distributions and other organisations based on free software it would start by having the source to everything which can then be verified in theory – although in practice verifying all source for compilers, the OS, and libraries would be a huge undertaking.


There is a well documented history of military espionage, people who are sworn to secrecy have been subverted by money, blackmail, and by having political beliefs which don’t agree with their government. The history of corporate espionage is less well documented but as corporations perform less stringent background checks than military organisations I think it’s safe to assume that corporate espionage is much more common.

Presumably any government organisation that can have any success at subverting employees of a foreign government can be much more successful in subverting programmers (either in companies such as Microsoft or in the FOSS community). One factor that makes it easier to launch such attacks is the global nature of software development. Government jobs that involve access to secret data have requirements about where the applicant was born and has lived, corporate jobs and volunteer positions in free software development don’t have such requirements.

The effort involved in subverting an existing employee of a software company or contributor to free software or the effort involved in getting an agent accepted in such a project would be quite small when compared to a nuclear weapons program. Therefore I think we should assume that every country which is capable of developing nuclear weapons (even North Korea) can do such things if they wish.

Would the government of such a country want to subvert a major software project that is used by hundreds of millions of people? I can imagine ways that such things could benefit a government and while there would be costs for such actions (both in local politics and international relations) it seems most likely that some governments would consider it to be worth the risk – and North Korea doesn’t seem to have much to lose.


We would like every computer to be like a castle with a strong wall separating them from the bad things which can’t be breached in ways that aren’t obvious. But the way things are progressing with increasingly complex systems depending on more people and other systems it’s becoming more like biology than engineering. We can think of important government systems as being comparable to the way people with compromised immune systems are isolated from any risk of catching a disease, the consequences of an infection are worse so greater isolation measures are required.

For regular desktop PCs getting infected by a trojan is often regarded as being similar to getting a cold in winter. People just accept that their PC will be infected on occasion and don’t bother making any serious effort to prevent it. After an infection is discovered the user (or their management for a corporate PC) tend not to be particularly worried about data loss in spite of some high profile data leaks from companies that do security work and the ongoing attacks against online banking and webcam spying on home PCs. I don’t know what it will take for users to start taking security risks seriously.

I think that a secure boot is a good step in the right direction, but it’s a long way from being able to magically solve all security problems. I’ve previously described some of the ways that secure boot won’t save you [1].

The problems of subverting developers don’t seem to be an immediate concern (although we should consider the possibility that it might be happening already without anyone noticing). The ongoing trend is that the value of computers in society is steadily increasing which therefore increases the rewards for criminals and spy agencies who can compromise them. Therefore it seems that we will definitely face the problems of subverted developers if we can adequately address the current technical problems related to flaws in software and inadequate access control. We just need to fix some of the problems which are exploited more easily to force the attackers to use the more difficult and expensive attacks. Note that it is a really good thing to make attacks more difficult, that decreases the number of organisations that are capable of attack even though it won’t stop determined attackers.

For end user systems the major problem seems to be related to running random programs from the Internet without a security model that adequately protects the system. Both Android and iOS make good efforts at protecting a system in the face of random hostile applications, but they have both been shown to fail in practice (it might be a good idea to have a phone for games that is separate from the phone used for phone calls etc). More research into OS security is needed to address this. But in the mean time users need to refrain from playing games and viewing porn on systems that are used for work, Internet banking, and other important things. While PCs are small and cheap enough that having separate PCs for important and unimportant tasks is practical it seems that most users don’t regard the problems as being serious enough to be worth the effort.

Related posts:

  1. a good security design for an office One issue that is rarely considered is how to...
  2. Mail Server Security I predict that over the course of the next 10...
  3. Multiple Filesystems for Security There is always been an ongoing debate about how to...

Syndicated 2013-07-23 04:34:01 from etbe - Russell Coker

1063 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!