Having recently helped someone evade Internet censorship in China, I've become familiar with the technical details of how they accomplish it.
In the case of at least the censored site I used for testing, the IP address of the site is not blocked -- if you just go to the IP address of the site, it will work. However, DNS queries to the domain name of the site are resolved to seemingly random IP addresses (a different address is used every time resolution is attempted).
Now for the interesting part: DNS queries to the domain name of the site are resolved to seemingly random IP addresses NO MATTER WHAT DNS SERVER YOU USE. Even if you set your DNS server to something like OpenDNS or some other server outside of China, the query still will not resolve correctly. This means Chinese ISPs must be scanning for DNS query packets and intercepting them no matter where those packets are going. The only way around this seems to be tunneling all DNS queries through some other type of packet to a DNS server outside of China's control. Using a SOCKS proxy is sufficient as long as the DNS queries are tunneled (see here for how to do that: http://kb.mozillazine.org/Network.proxy.socks_remote_dns ). Theoretically, you wouldn't need to browse through a proxy after making the DNS query.
Given oppression like this, however, it's probably a good idea to do that anyway: http://online.wsj.com/article/SB126170663042804985.html
---linuxrocks123
1 Comment | Post A Comment | Add to Memories | Tell a Friend | Link
From: Mick Kelly <mick.tiempo@xxxxxxxxx.xxx>
To: <p.jones@xxxxxxxxx.xxx>
Subject: RE: Global temperature
Date: Sun, 26 Oct 2008 09:02:00 +1300
Yeah, it wasn't so much 1998 and all that that I was concerned about, used
to dealing with that, but the possibility that we might be going through a
longer - 10 year - period of relatively stable temperatures beyond what you
might expect from La Nina etc.
Speculation, but if I see this as a possibility then others might also.
Anyway, I'll maybe cut the last few points off the filtered curve before I
give the talk again as that's trending down as a result of the end effects
and the recent cold-ish years.
Enjoy Iceland and pass on my best wishes to Astrid.
Mick
Post A Comment | Add to Memories | Tell a Friend | Link
As a Linux user, I have mixed feelings about Apple. They use a lot of OSS and even contribute back quite a bit. Their OS is a slightly broken version of Unix with a goofy non-X GUI, but it's still Unix, and they usually follow open standards fairly well.
On the other hand, their hardware, in general, is overpriced, flaky crap that offers no benefit over standard PC hardware, and the company is run by possibly the one man in technology even more insane than Steve Ballmer (Aside: Does being named Steve and going into tech somehow make you go totally nuts? I hope not; I know a guy in ECE here named Steve. He's nice.).
One of the evil things Apple does is file frivolous lawsuits against websites that leak information about their upcoming products. They also use the DMCA and their sucky, shouldn't-be-enforceable EULA to kill businesses, like Psystar, that sell computers running OS X for more reasonable prices. They recently won a court judgment against this U.S.-based company: http://store.psystar.com/business/desktops/osx The company is still up, though, for the moment, and possibly pending appeal, so you've still got a chance to get one if you want. Assuming they take credit cards, you can probably just dispute the charge if they don't deliver. Not that I would buy from them, because I see no need for an OS X-based machine when I can run Linux instead.
I'm writing this entry now because I just found something pretty awesome: it turns out that there's a German company, PearC, doing the same thing Psystar is doing, but in Germany -- and Apple can't touch them because EULAs aren't enforceable unless agreed upon prior to purchase in Germany, and the country has no equivalent of the U.S.'s sucky DMCA law :) Yay for sanity in Europe!
https://phonemasters.de/en/PearC-Starter
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
I have a netscape.net email account from the time when Netscape was an AOL-owned ISP that also offered free webmail accounts. Apparently, in the mind of some random guy in Cuba who inexplicably has my email address, this makes me Netscape technical support. He asked in broken English how to get the last version of the Spanish localization of Netscape. I helped him out as best I could, telling him where to get Seamonkey (which I hope he does) and also the last translation of Netscape 7 into Spanish -- warning it was quite old and insecure -- just in case he really wanted the branded browser for some reason. I responded in Spanish, which made me feel a little cool. (I also included an English version in case my Spanish was somehow bad enough that he could understand my English better. :)
I think this is kind of hilarious.
---linuxrocks123
1 Comment | Post A Comment | Add to Memories | Tell a Friend | Link
http://kerneltrap.org/mailarchive/linux-kernel/2007/8/26/164932
The drop_caches workaround suggested here appears to work for a problem I've been having with the 2.6.29.6 kernel on Defiant. It appears to be a VM problem which is not technically a /leak/, but a case where cached data is incorrectly kept around instead of being evicted for program data. On Defiant, this causes memory usage to steadily increase over time until performance degrades severely due to swap-thrashing. I ran this command once, and memory usage MINUS BUFFERS AND CACHES went down by 6MB, suggesting that the kernel lost track of and "leaked" the cached pages.
I've put it in a hack script that sleeps for a week, then runs the "drop_caches" trigger. Hopefully this will work.
If it does, I'm reporting this to LKML ... my assumptions that the problem was with b43 or the Intel graphics driver appear to be wrong.
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
http://science.slashdot.org/comments.pl?sid=1343053&cid=29147223
This is the most intelligent argument against atheism I've ever come across. It's still wrong (for the reasons pointed out in some of the replies), but it's a really good try.
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
This is an interesting article: http://harvardmagazine.com/2009/07/jeffersons-conundrum
A more serious crypto breakthrough is described by Bruce Schneier, one of the world's leading security experts, here: http://www.schneier.com/blog/archives/2009/07/new_attack_on_a.html
This attack is effective on 192 and 256-bit AES. It reduces the average number of computations necessary to crack a 256-bit AES key to 2^112. Since the average number of iterations necessary to brute-force 128-bit AES is 2^127, this makes 128-bit AES the most secure version of the AES algorithm. AES is the algorithm that would be used for things like encrypting hard disks; it is also (probably) used to secure online transactions after a key exchange using RSA.
Note that 2^112 is still an unfathomably large number and is far beyond the capabilities of even the most powerful supercomputer, so this attack is currently only of theoretical interest. It is still a troubling development -- future attacks may reduce the algorithm's effectiveness further -- and it is an indication that AES might not be a good choice for future encryption projects. When I finally get around to encrypting my hard drive, I'll probably use a different algorithm. Before, it was a slam-dunk to use AES.
A little background on AES: AES stands for Amercian Encryption Standard. It is a NIST standard replacing the Data Encryption Standard, which had been severely broken due to its key size being too small (56 bits). The Electronic Frontier Foundation demonstrated the severity of the attack by ordering custom-fabricated chips to build a machine, Deep Crack, which could decrypt DES messages within hours.
The AES process was done in an open manner and algorithms were solicited for consideration from the international cryptography community. The five finalists back in 1998 were as follows:
1. Rijndael (which won and is therefore now known as AES)
2. Serpent
3. Twofish (by Bruce Schneier)
4. RC6 (by Ronald Rivest of RSA fame, among others)
5. MARS (submitted by IBM)
All of these algorithms remain secure from a practical perspective, though RC6 is subject to nasty software patent issues. There isn't much reason to use AES192 or AES256 now, though, since AES128 isn't subject to this new attack and imposes less of a performance overhead.
CAST6 appears to be another good cipher choice: [http://en.wikipedia.org/wiki/CAST-256]; its predecessor, CAST5, may also be acceptable. CAST6 was submitted for AES candidacy as well but did not make finalist status.
Were I to start my future hard drive encryption project today, I would consider the following algorithms, in this order:
1. Twofish
2. Serpent
3. Blowfish (probably would be fastest on my old SPARC box ;)
4. CAST6
5. CAST5
6. AES128
Blowfish would be at the top of the list except that Schneier, the designer, now recommends using Twofish instead.
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
Update: I found a more complete version of the poem, which was actually Greek (and so I don't care about the original text):
"To the dead spirit of Cerelia Fortunata, my most precious wife,
with whom for eleven years I lived without a single quarrel.
Do not pass by my epitaph, traveler, but when you have stopped,
hear and learn, then depart.
There is no boat to carry you to Hades,
no ferryman Charon, no judge Aeacus, no dog Cerberus.
All of us below have become bones and ashes.
Truly, I have nothing more to tell you.
So depart, traveler, lest dead though I am
I seem to you to be a teller of vain lies.
Do not favor this monument with sweet smelling oils
or garlands, for it is but a stone.
Do not feed the funeral flames, it is a waste of money.
If you can give, give while I live.
Pouring wine on the ashes will only turn them to mud,
and besides the dead will not drink.
For so I shall be. And you have heaped up earth on these remains,
say that what this was, it will never be again."
[Epitaph of a cynic (Rome, 3rd century C.E. EG 646)]
(end update)
Do not pass by my epitaph, traveler.
But having stopped, listen and learn, then go your way.
There is no boat in Hades, no ferryman Charon,
No caretaker Aiakos, no dog Cerberus.
All we who are dead below
Have become bones and ashes, but nothing else.
I have spoken to you honestly, go on, traveler,
Lest even while dead I seem loquacious to you.
Unfortunately, I cannot find the original Latin. Atheism is certainly not a recent phenomenon :)
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
A kind friend allowed me to stay in her apartment last night since she'd already left for the summer. I have a sublet for the summer, but I can't move in until about 2 hours from now. All my stuff is moved in, save for two bags which I'm carrying with me. Her apartment is a ways from campus, and I got a little confused taking the buses. I got on the "Orchard Downs Only" bus, which was right, but I waited and waited and for some reason the "2 Red", my connection, never came.
I go to the actual intersection of the stop, instead of the stop itself, but still find nothing. Then, on the other side of the street, I see a bus labeled with what looks at the time like exactly what I need:
5E GREEN /
EXPRESS CAMPUS
Green is the only bus route I know fairly well, and I know it goes where I need it to go and how to get to my office from it. I usually take the 50 Green, but I figured that "E" is close enough to "0". I rush to the other side of the street (the bus had a light), and flag the bus down. The driver grins and lets me on.
"You know where I'm going?"
"Green Street!"
"Heh heh, I'm not getting there til 7:40." It was about 6:50.
"That's fine; I'm not in a hurry."
I was not in a hurry. I couldn't move in until 10 anyway, so I'd either be storing my bags in my office or riding around with them on a bus. Neither option seemed particularly better or worse than the other.
The bus continued on its way, zig-zagging through the city, and I took the chance to look around the city. Then, the bus started turning into neighborhoods, which I thought was rather odd, but I guess it had to go somewhere for those 50 minutes. I began to relax and think about how much I'd like to sleep. (I'd found, at 3am, what I hope was a flattened wolf spider and not a brown recluse that I'd rolled over while attempting to sleep. I gave up sleep attempts after that.)
Then the bus started picking up children. Yes, you read that right. No, not college students. No, not high school students (well, maybe a few were). Mostly elementary to middle-school age children. It was one or two at a time at first, but then 5 or more each time the bus stopped. At one point, the bus stopped at a middle school and most of the children got off, but then it stopped in a parking lot and about 20 more got on. There were at least 28 children on the bus at points. Apparently, "CAMPUS" did not refer exclusively to the University of _____ campus, but also to the elementary, middle, and high school campuses in the local city. I had gotten on what was apparently a school bus for part of its route. It wasn't yellow (not even the Yellow route), but I guess they don't need to be yellow here.
As children go, I guess these weren't particularly bad. None of them talked or sat next to me (even though I moved my bags when the bus filled up completely to be courteous; I guess they were wary of me or just liked to stand), and only a few were really rowdy. Eventually they all got off and the bus turned onto Green and 1st, and the ride was delightfully child-free from that point on.
In that sense ths story has a happy ending: I reached the university campus, and my office, and am now writing this post on my laptop, with the rest of my luggage under my desk. There is now about an hour and a half until I can move into my new apartment, and then I will shower and maybe sleep. And eat. I really need to eat.
At least no one brought pets on the bus.
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
Reposted from a discussion with someone on Facebook.
---
Swine flu is a deadly virus: of the 245 suspected cases of swine flu in the U.S., one case resulted in death. Normal flu strains are also deadly; approximately 36000 people in the U.S. die from the normal, non-swine flu each year. About 43000 people die annually from car crashes in the U.S. There is no shortage of ways people die.
People are so afraid of this particular way people die right now because it's new and not really well-understood (though we do already know human immune systems and standard antivirals can fight it). In a year, it'll almost certainly be like the bird flu -- still killing people, but totally forgotten. In the meantime, mass hysteria over the swine flu has the potential to do harm, so it's best if everyone not incite mass hysteria.
---linuxrocks123
2 Comments | Post A Comment | Add to Memories | Tell a Friend | Link
This is reposted slightly edited from a rant I sent to froeschele over IM.
Doctor Who needs to stop coming up with AWESOME backstories for potential companions and then killing them off or having the Doctor reject them because "OMG I LOST A COMPANION AND I'M IN SO MUCH EMOTIONAL PAIN AND I NEVER WANT TO GO THROUGH THAT AGAIN WAAAAAHH!!!!" or WHATEVER >(
A jewel thief. The Doctor could have been traveling through space and time with a JEWEL THIEF!!!! The writers come up with an AWESOME character and then throw her away after one episode!?!?!?!?!
And, this isn't fhe first time they've done this. I count 4 one-off companions that probably should have been more. So far, the only companion they DID bring back after using her in a one-off episode was Donna! I actually thought Donna wasn't so bad, but her semi-bumbling self-importance did get old. They should have just used HER in one episode and used Astrid or the CAT BURGLAR JEWEL THIEF for a whole season.
List of Doctor Companions:
Rose: bored girl who works in clothing store, which burns down
Martha: medical student whose building happens to go to the moon (temporarily)
Donna: secretary/temp who is deperate to find a man but has a bad taste in men (married man who was poisoning her to use her body as the key to unlock a spaceship full of alien spiders at the center of Earth to devour humanity)
Reinette: 18th century French aristocrat who has seen the Doctor every so often since she was 5 due to a weird door in time through her fireplace
Astrid: alien young woman working on a space cruise liner so she can see the stars a little closer
Lady Christina: English noble whose family lost everything, so she became a JEWEL THIEF with MAD SKILLZ!
River Song: the Doctor's future wife, who recognized him from her past (the Doctor's future)
OF THESE CHARACTERS, the writers used Rose, Martha, and Donna, and threw away Reinette, Astrid, Lady Christina, and River Song after one episode each :( Rose, Martha, and even Donna weren't bad, of course, but they had really lame backstories compared to the one-off companions. Donna's was the coolest backstory of the three permanent ones, and they meant her as a one-off companion!!!
WRITERS, STOP KILLING OFF YOUR BEST-DESIGNED CHARACTERS!
Thank you. I'm done now.
Disgruntled fan,
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
Opinion here: http://volokh.com/files/BoucherDCT.1.pdf
I of course don't think this is a particularly spectacular ruling from the point of view of civil liberties, but it seems very tailored to the specific facts of this case, which really only arose due to spectacular stupidity on the part of both the defendant and the border agent. Hint to defendant: do not, under any circumstances, type the password to your kiddie porn stash into your laptop for the officer. Hint to border agent: do not, after looking through said kiddie porn stash, turn the computer off so that the encryption key is erased from RAM. The logic of the ruling only applies since the government already knew enough to be able to be able to subpoena the contents of the encrypted volume.
Quote:
Second Circuit precedent, however, does not require that the government be aware of the incriminatory contents of the files; it requires the government to demonstrate "with reasonable particularity that it knows of the existence and location of subpoenaed documents." In re Grand Jury Subpoena, 1 F.3d at 93.
This leaves open the possibility that the subpoenaed documents could be, "the contents of the laptop hard drive" in a normal case, for a fully encrypted volume; I'm not sure whether that would fly. Nice tricks like hidden TrueCrypt volumes aren't covered: the "existence" part of the test almost certainly would fail in that case: the subpoenaed hidden volume very well might not exist, and the government has no way of knowing unless the defendant gives the password for it.
This was a district court decision. An appeal to the Second Circuit has already been filed, so we'll have to see how that goes. The penalty for not complying with a subpoena is very severe: the court can put you in prison for contempt indefinitely if you are able but refuse to comply with a court order. I've never felt this was particularly fair, and, if I ever develop a terminal condition and have weeks to live, I hope I'm subpoenaed to testify information I have but don't wish to reveal, just so I can colorfully tell the judge to sodomize himself with a retractable baton.
---linuxrocks123
1 Comment | Post A Comment | Add to Memories | Tell a Friend | Link
http://vimeo.com/2598878
This video is a graphical representation of 2008's edits to OpenStreetMap, an open-source street map database. This is a very cool project and is an important prerequisite for open-source GPS systems.
Also, the video looks awesome :)
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
Since the Cloudbook has taken the Zaurus's old name of Spellbinder, I will now refer to the Zaurus as Torchwood. I'm not really sure what to do with Torchwood now, so, when I get a chance, I'm going to install Angstrom on it.
http://www.angstrom-distribution.org/2007-12-r18-images-available-poodle
http://linuxtogo.org/gowiki/ZaurusPoodle
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
Mild spoiler warning.
House and Cameron on their one and only date. (Cameron would only agree to work for House again if he took her on a date.)
Cameron: I have one evening. One chance. And I don't want to waste it talking about what wines you like or what movies you hate. I want to know how you feel -- about me.
House: You live under the delusion that you can fix everything that isn't perfect. That's why you married a man who was dying of cancer. You don't love; you need. And now that your husband is dead, you're looking for your new charity case. That's why you're going out with me. I'm twice your age; I'm not great-looking; I'm not charming. I'm not even nice. What I am is what you need: I'm damaged.
I just love this show.
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
"You pretend you're above the system. You pretend to be a rebel. You claim to hate rules, but all you do is substitute your own rules for those of society. That's a nice simple rule. Tell the blunt, honest truth in the starkest, darkest way, and what will be, will be. What will be should be. And everyone else is a coward. But you're wrong. It's not cowardly to not call someone an idiot. People aren't tactful or polite just because they're nice. They do it because they've got an ounce of humility. Because they know that they will make mistakes. They know that their actions have consequences. And they know that those consequences are their fault. Why do you want so bad not to be human, huh?"
House is awesome.
---linuxrocks123
Post A Comment | Add to Memories | Tell a Friend | Link
|
|
|
|
|
![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}