I was sent here by LWN (Linux Weekly News). It's well known over there that when you're unhappy, we should be happy, so I'm very happy today :) The converse is likely also true -- you were probably happy about the Oracle v. Google reversal, and I'm very unhappy about that :(
That's not to say I disagree with you on everything -- it seems (from your article on software not being math) that you wouldn't be averse to limiting terms for software patent to something like 5 years, which would be a great thing and might even make software patents benefit society.
Anyway, here's why I'm commenting here: your claim that software isn't math is quite strained. You try to make the distinction that math is "descriptive" and that software "controls a computer", but that's a matter of how software is used, not what it is. You don't have to use software by executing it on a computer; you could use it by reading it like a book if you wanted, and, depending on the software, you could be enlightened by doing that. You could also use software as part of a mathematical proof in the field of computability theory, and this is commonly done. There's a mathematical category of "computable algorithms", which are any formal languages that can be described by a Turing machine, and code that computes an algorithm is a proof that that algorithm is in fact in the category of computable algorithms. Hypothetical software is also written as part of proofs that certain algorithms are "NP-complete", meaning they can't be done quickly on a computer unless a lot of other (hard) problems can also be done quickly on a computer.
Look at functional programming sometime: it's "descriptive" rather than "controlling" (imperative), but it's equivalent to to more conventional (imperative) programming. Functional programming looks a lot more like math than imperative programming, so, if you look at it, maybe you'd see where all the people saying "software is math" are coming from. Look up the Church-Turing thesis to see how functional programming is equivalent to the more common Turing machine-based systems. And the equivalence is (you guessed it) a mathematical definition.
Oh, and, by the way, banning people because you disagree with them is juvenile. Perhaps that comment wasn't constructive, but still.
With the Oracle v. Google reversal and remand, I'm really missing Groklaw
. I wish PJ still felt secure enough to continue with it. It was a great space for collaborating on threats to OSS, and, so far, there's been no good replacement for it. GrokTheLaw
tried to continue in the spirit of the original, but it seems to have fizzled. What a shame.
Just read that bug report. I mean ... just ... read it.
"Generic terms are generic, not the first user owns them."
SystemD parses the KERNEL'S command line, sees a parameter that has always been intended for the KERNEL to use, and responds by spamming the KERNEL'S debug log so much that the boot fails.
And then this is reported as a bug. And then SystemD says it's not their problem.
Linus can be abrasive. Linus can be wrong. In this case, Linus is 100% correct.
Slackware doesn't use SystemD. My hope is that Slackware never will. These arrogant, opinionated, anti-UNIX twats have no business managing the core of a Linux system.
I've been working on the cold boot problem for a while. Read my glorious paper
! Then, download aes-amnesia.S and come back here to figure out how to use it.
WARNING: DO NOT USE HARDWARE OR SOFTWARE SUSPEND WHILE THE LOOP.KO MODULE IS LOADED OR YOU WILL TOTALLY TRASH YOUR HARD DISK -- WE'RE TALKING EXTREME, IRREVERSIBLE DISK CORRUPTION -- UPON RESUME!
WARNING: DO NOT USE ON A SYSTEM CONFIGURED WITH SMP SUPPORT OR YOU WILL TRASH YOUR HARD DISK! PROBABLY NOT AS BAD AS IF YOU SUSPEND, BUT STILL PRETTY BAD!
AND THIS WILL CERTAINLY HAPPEN. IT'S NOT, LIKE, WELL, MAYBE IT WILL HAPPEN. IT WILL HAPPEN EVERY TIME. YOU ABSOLUTELY MUST NOT SUSPEND YOUR COMPUTER WHILE USING THIS. YOU ABSOLUTELY MUST USE A NON-SMP KERNEL WHILE USING THIS. AND IF YOU DON'T KNOW WHAT A NON-SMP KERNEL IS, YOU SHOULDN'T USE THIS. BECAUSE YOU'LL TRASH YOUR HARD DISK IF YOU USE THIS ON A NORMAL LINUX SYSTEM. ALL OF YOUR FILES. GONE. FOR GOOD. AND YOU WON'T KNOW AT FIRST. MAYBE YOU CAN RECOVER SOME OF THE FILES USING A TOOL LIKE PHOTOREC BUT DON'T GO THERE JUST DON'T USE THIS UNLESS YOU'RE ABSOLUTELY REALLY DAMN SURE YOU KNOW HOW TO AVOID CORRUPTING YOUR HARD DISK. THIS IS PRE-ALPHA QUALITY SOFTWARE. DO NOT USE THIS UNLESS YOU KNOW WHAT YOU'RE DOING. AND EVEN IF YOU DO KNOW WHAT YOU'RE DOING, DON'T SUSPEND YOUR COMPUTER, EVER, WHILE LOOP.KO IS LOADED. IF YOU DO ACCIDENTALLY, PULL THE PLUG ON THE LAPTOP AND TAKE OUT THE BATTERY RATHER THAN RESUMING BECAUSE ONCE YOU RESUME, YOUR FILES ARE DEAD. IF YOU DO RESUME, WELL, AGAIN, IMMEDIATELY TURN OFF THE COMPUTER TO AVOID FURTHER DAMAGE. IF YOU USE WITH AN SMP KERNEL, YOU'LL CORRUPT YOUR FILES MORE SLOWLY SO YOU WON'T KNOW AT FIRST. DON'T USE THIS WITH AN SMP KERNEL. IF YOU DON'T KNOW HOW TO DO THESE TWO THINGS -- NOT SUSPEND AND ONLY USE WITH A KERNEL YOU HAVE COMPILED WITHOUT SMP SUPPORT, DO NOT USE THIS SOFTWARE. THIS SOFTWARE CAN DESTROY YOUR DATA. ALL OF IT. FOREVER. DON'T USE THIS SOFTWARE UNLESS YOU UNDERSTAND THIS ENTIRE WARNING AND KNOW HOW TO MAKE SURE YOUR DATA DOESN'T GET DESTROYED.
This is what you do to use it (works with AES128 on 64-bit Linux only):
1. Get Loop-AES here
2. Configure your kernel for Loop-AES. While you're at it, disable hardware performance monitoring (oprofile) and multiple CPUs (we don't support SMP systems unless compiled without SMP support ... yeah, I know, that needs to be fixed, and it can and will be).
3. Copy aes-amnesia.S to aes-amd64.S.
4. Make sure you've configured Loop-AES to use its AMD64 assembly language implementation of AES, which we just copied over. Note that things like Via PadLock and AES-NI are not supported currently; configure them out.
5. Compile Loop-AES as normal.
6. Some tests will fail because Loop-Amnesia doesn't support AES-192 or AES-256 yet.
7. Set up an encrypted volume with Loop-AES using AES128. You're now immune to cold boot!DO NOT SUSPEND YOUR SYSTEM WHILE LOOP-AMNESIA IS IN USE OR YOU WILL ABSOLUTELY FOR SURE CORRUPT YOUR HARD DISK.
In fact, you can do this to make sure it's working:
1. Unmount every encrypted volume except for a small loopback volume WHOSE CONTENTS YOU DON'T CARE ABOUT.
2. Software or hardware suspend the disk.
3. Resume and unmount your test volume DO THIS AND YOU WILL NEVER SEE THE DATA IN THE TEST VOLUME AGAIN IF YOU ARE USING LOOP-AMNESIA.
4. Use "losetup -d" on the loop device you used for the test volume.
5. Unload and reload loop.ko. IF LOOP.KO WON'T UNLOAD, YOU SHOULD BE VERY VERY AFRAID THAT PERHAPS YOU HAVE ANOTHER PARTITION LOADED AND OH GOD YOU'RE GOING TO LOSE ALL YOUR DATA FOR SURE IF YOU UNMOUNT ANYTHING YOU CARE ABOUT SO DON'T DO THAT AND DON'T TYPE "sync". JUST PULL THE PLUG IF YOU MESSED UP AND HAVE ANYTHING OTHER THAN A DUMMY TEST PARTITION MOUNTED. IF YOU'RE LUCKY, MAYBE YOUR DATA WILL STILL BE THERE WHEN YOU TURN THE COMPUTER BACK ON.
6. Verify that the loopback volume's filesystem is corrupted. If it's not, you've done something wrong and are using a non-cold-boot-immune Loop-AES implementation, not Loop-Amnesia!
Best of luck, and comment on this blog post if you have problems! Also comment if you want SMP support; I'd get to adding it faster if I know people are wanting to use it :)
UPDATE: The people who did AESSE (mentioned in my paper) have continued to work on the cold boot problem and have also released code. If you have a computer with AES-NI support, or a 32-bit CPU, you may want to have a look at TRESOR
. TRESOR is a project similar to Loop-Amnesia but uses dm-crypt as its base rather than Loop-AES. TRESOR can also make use of the AES-NI registers to provide better performance than Loop-Amnesia on computers that have them (I will add AES-NI support to Loop-Amnesia if there is demand, however), and, unlike Loop-Amnesia, TRESOR also supports 32-bit versions of Linux (which Loop-Amnesia will never do). Unlike Loop-Amnesia, however, TRESOR does not support mounting multiple encrypted partitions. This means, for instance, that if you want cold-boot-immune data and swap partitions, you'll have to use Loop-Amnesia, not TRESOR.
Author of Loop-Amnesia,
When I was in elementary through high school, my public school district used an Internet filtering system to stop students from accessing "evil" websites, such as those containing nudity or email. I have no idea if the PISSED (inside joke) school district has decided to lighten up any, but I decided to do a comparison of my school district's censorship system with that of China. I have also decided to include instructions on evading censorship of each.
PISSED school district:
- Annoying picture of stupid dog displayed when site is blocked.
- No DNS hijacking.
- Dedicated servers for censorship.
- HTTPS not blocked and not censored because contents of website couldn't be examined.
- I seem to recall port blocking was in effect, with only ports 80 and 443 allowed through.
- Unknown whether running an ssh server on port 80 or 443 would work (would unless they're doing deep packet inspection).
- CGIProxy was effective.
- Booting Linux eliminated need for login.
- Blocked site simply fails to load.
- DNS hijacking stops effectiveness of evasion tools that do not also tunnel DNS.
- Dedicated servers for censorship (assumed).
- Contents of HTTPS websites not examined; some https websites might still be blocked.
- No port blocking in effect.
- CGIProxy not tried but should work if run as https server.
I have successfully evaded both of these censorship systems in the past. Now, I want to tell others how to do this, too.
For the PISSED school district system, the following method should work:
1. Run a proxy server using SSH SOCKS5 proxying or HTTPS CGIProxy on your home Internet connection. If you choose SSH, use port 443.
2. Boot a PISSED computer from a Linux Live CD or DVD so that you don't have to log in and can't be tracked.
3. Connect to your proxy server.
4. Visit blocked websites.
For Communist China, the following method should work:
1. Run a proxy server in another country using SSH SOCKS5. CGIProxy probably won't work because of China's DNS hijacking.
2. Configure Firefox to redirect DNS requests through SOCKS to evade the DNS hijacking by setting network.proxy.socks_remote_dns in about:config.
3. Connect to your proxy server.
4. Visit blocked websites.
On Linux, to connect to an SSH server from a client and use it as a proxy, do ssh -C2qTnN -D 8080 username@remote_machine.com. Add a "-p 443" if you configured your SSH server to use port 443 to evade PISSED port blocking.
If you are personally suffering under the evil, anti-freedom regimes of China or PISSED, or otherwise have a need for evading Internet censorship, please post below so that I can assist you with your specific censorship evasion needs. I recognize these directions are rather skeletal; I feel that, if you are running into trouble, I can best help you by discussing the issue with you personally.
The fan on my recently purchased computer died, leading to overheating and malfunctioning of the power supply, leading to almost all capacitors on my video card exploding, leading to my noticing something was wrong. While this situation has since been rectified, and the computer is running fine (with a new power supply and an ATI Rage 3D XL instead of an NVidia GeForce 7600 ... >.<), I thought I'd ask my readership's opinion of a certain issue:
If I use a soldering iron to replace the blown capacitors ... would the dead graphics card live again?
Thanks for your advice,
Cleaning the fan of a computer system is approximately equivalent to changing the oil on a car. Most computer users, including me, rarely if ever bother to do it, but, if you don't, the computer may be more likely to be damaged over time due to overheating. On desktops, it's usually fairly easy to clean the fan, thanks in part to the widespread standardization of desktop PC components.
Laptops have always been less standardized than desktops, and therefore less user-serviceable. This situation is mainly due to space constraints requiring the use of custom-sized components. While this situation has been improving for a while, the improvement apparently hasn't been enough.
She knew something was wrong at the time, but couldn't force herself to speak clearly. Man, this would be scary thing to have happen to you.
What happened is this:
1. Homosexuals mount a state court challenge asserting a right to marry in California. The California Supreme Court decides that California's constitution allows gay marriage. Yup, the state's fundamental legal charter allows gay marriage; it's just that no one's noticed this before in the 150 years California has been a state.
2. Opponents of gay marriage mount a successful political campaign to pass a ballot measure amending California's constitution to disallow gay marriage. In the Bizarro world of California, then, the founders of the State of California were supporters of gay marriage, but by constitutional amendment the citizens of California changed their fundamental legal charter to nullify this.
3. Homosexuals mount a state court challenge asserting that the amendment to the California Constitution is unconstitutional under state law ... or something stupid like that ... I don't know. Anyway, the California Supreme Court this time acknowledges that, no, the people have spoken and the California Constitution no longer allows gay marriage.
4. Homosexuals now mount a federal court challenge, suing the Governator in his official capacity, along with the attorney general.
5. Because these two individuals support gay marriage, they refuse to perform their duty as executive officers of the state to defend Proposition 8. The proponents of the proposition therefore filed a petition to intervene in the litigation, which was granted, and thereafter defended the law on the state's behalf.
6. It is widely believed that the defendants-intervenors did not do a very good job; in any event, they lost at the district court level. The Attorney General of California refused to appeal the ruling. The defendants-intervenors therefore are attempting to appeal the ruling on the state's behalf, but are running into trouble since there's a legal question of whether they have standing to do so.
People and entities that disgust me here:
1. The California Supreme Court. I highly doubt that the founders of the state intended to write into the California Constitution that gay marriage was a fundamental right. This is judicial activism. I don't particularly dislike the result, but it's the job of the democratic process to resolve the issue of how to provide for homosexuals wishing to marry each other.
2. Judge Walker, for ruling that we amended the Constitution back in 1868 to allow gay marriage, and no one noticed until he did just now.
3. The Governator and his attorney general, for not only failing in their duty to defend the laws of California but refusing to even complete paperwork on behalf of those wishing to do this job for them, thereby creating a legal question of standing. They are being maliciously negligent with regard to the interests of the state they swore to represent.