|
|
My cousin Greg Coker has created an eBay auction for Football cards with the proceeds going to a charity that protects animal welfare (I can’t remember the name – I’ll update this post later). He also has a bunch of other eBay auctions of football cards going which are not for charity.
The charity auction is held in association with SEN (Sports Entertainment Network – a sports talk-back AM radio station) [1]. This afternoon Greg was interviewed on SEN about football cards in general. He gave a good talk, he could probably do some professional radio work if he was interested.
Greg’s cards are from the VFL (Victorian Football League) before it became the AFL (Australian Football League) [2]. The cards used to be sold in “milk bars” (small stores that sold a variety of junk food and some essential food items including milk – most such stores are closed now as they have been replaced by petrol stations and supermarkets) and each pack of ~5 cards had some crewing gum included (which Greg often discarded because he didn’t like it – he should have given it to me, I was not so fussy). The back side of the cards had a jigsaw picture which I have never seen anyone complete (I expect that Greg has assembled at least one jigsaw as he has some sets).
Probably the way the cards were collected, traded, etc is very similar to sports based cards from other countries (such as baseball cards in the US).
On the animal front, I’ve had a mother cat and four kittens move into the shed in my back-yard. The mother cat has no collar and is not known by anyone in the area so she appears to have been dumped by her owner when she got pregnant. There are four kittens, one is ginger, one is black, and two are mottled part black and part ginger. They are all healthy and friendly and the kittens are all really cute. The kittens have become used to being patted and handled by humans so it will be easy to make them household pets.
If an owner is not found for them then they will probably all end up being put to sleep (unfortunately I can’t keep them so I’ll have to deliver them to the local council).
If anyone in Melbourne, Australia wants some free cats then I would be happy to deliver them. I’ll supply as many cats as desired. I can’t give away the mother until the kittens have been given away, so if you want the mother cat (dark coloured) then you may have to wait for a while.
Judging by the date that I first noticed them (when they were walking around, had their eyes open, and ate solid food) the kittens would have to be at least 7 weeks old. It’s recommended that kittens not be given away before they are 8 weeks old and given that it will probably take a week to organise anything I expect that anyone who reads I don’t think that there is any risk of giving them away too early.
Please let me know by email or a comment if you are in the vicinity of Melbourne, Australia and want a new pet (or several new pets).
The latest news related to the Beijing Olympic games is that Kevin Rudd (our Prime Minister) has said “It is absolutely clear that there are human rights abuses in Tibet. That’s clear-cut; we need to be upfront and absolutely straight about what’s going on,” – stating the obvious really. If that was all that happened then it wouldn’t be particularly interesting.
The paper version of “The Age” quotes George Bush as seconding Kevin Rudd’s statement. I believe that this is quite significant. Bush is well known for being stupid, the fact that he is now following the example of someone else who is doing good things is a very positive thing for the world. When John Howard was our Prime Minister we had an idiot (Howard) following an even bigger idiot (Bush) and the result was not good.
Kevan Gosper (an Australian IOC board member) said “They just take their hate out on whatever the issues are at the time, and that hate against the host country is being taken out on our torch“. People who are totally corrupt sometimes seem confused when other people are motivated by moral principles, maybe we have a culture clash between the corrupt IOC board and the attitudes of most people in the rest of the world (I can’t think of any other way to map Kevan’s statement to reality).
Mr Rudd has confirmed that Chinese “security guards” (soldiers) will not be permitted to operate in Australia to protect the Olympic torch from protesters, but the “security guards” have been operating in the UK.
I read about this on the web site of The Age, but I won’t link to them because they have a lot of broken links with the following explanation – I am not going to link to sites that are so transient in nature (linking to The Age would lower the quality of my blog). Incidentally does anyone know of a news service in Australia that has reliable pages which stay online?
We could not find the page you requested. This is often because older content has been removed from our site. In most cases you can still find the item via our archive service, News Store, where you can buy articles for a small fee.
It also has the following text which indicates that the most visible problem is probably transient, but the fact that they deliberately break links is unacceptable to me:
If you reached this page from a link on our site, please contact the webmaster (choose Technical faults) and tell us the address of the faulty page and the address shown for this page.
The MSN article about the meeting between Bush and Rudd also had an interesting quote from Nancy Pelosi (speaker of the house in the US congress) [1]. She said “As I said in India last week where I met with His Holiness the Dalai Lama, if freedom-loving people throughout the world do not speak out against China’s oppression in Tibet, we have lost our moral authority to speak out on behalf of human rights anywhere in the world” and that the IOC made a mistake in awarding the games to China.
Pelosi is not known for being left-wing (the US Democratic party is centrist/right by the standards of most democracies) so it’s interesting to see her take a stand on this issue.
Erich Schubert has written about this, he points out that the Olympics are not about sports [2]. Well of course the Olympics are about money, drugs, and sports-science!
I’m not sure that I agree with Schubert and Pelosi, the Chinese Olympics has focussed a lot of international attention on what China is doing – this has to be good for human rights. The Olympic games are a white elephant, running them costs a huge amount of money and there is no evidence that they actually make money for the host country once the opportunity costs are taken into account. Maybe we should give the Olympics to Zimbabwe or the Sudan next?
I believe that apart from some exceptions (such as “links” posts) each post should stand alone. A reader should be able to read a single blog post and understand the author’s point without needing to visit any external sites.
A common mistake is to write a post that can not be understood without following the links. This means that if one of the links gets taken down then the post can not be interpreted. Also if a reader has Internet access problems that deny access to the other site (which is not uncommon) they will be unable to find the original source and thus miss the point.
It’s quite common for people to download copies of blog content before going out of net access (I routinely load a Planet feed of the blogs I read before travelling). Some people read blog content via email, for such people reading blogs without net access will be even more common. If a blog post can’t be immediately understood then a significant number of readers will just skip it. If too many posts from one RSS feed (where “too many” is a subjective value that varies from reader to reader) have this problem then they may just unsubscribe from the feed.
Also even people who do have good net access will sometimes skip posts which require them to visit an external site. It takes more time and if they aren’t sure that the content will be of interest then they skip it.
Finally writing an explanation of your point tends to result in more clear communication. At the shallow end of the blog pool it’s quite common to see posts which link to web pages and express disagreement with them. If the web page which is referenced makes several points (it’s very rare to find pages which strictly make a single point with no sub-points and no chain of logic to support the point) then it can be difficult or impossible to determine what the blogger specifically disagreed with. A post which summarises a page and gives specific reasons for agreeing or disagreeing with it gives little potential for confusion or miscommunication.
Currently my SE Linux Play Machine [1] is running as a Xen DomU. So if someone cracks it they would also have to crack Xen to get access to directly change things on the hardware (EG modifying the boot process). As documented in my last post [2] a user of my Play Machine recently managed to change my password. Of course this was just two days after the vmsplice() kernel security flaw had been discovered [3]. Of course any machine that offers shell access to remote users (or the ability to run CGI-BIN scripts or other programs that users can upload) is immediately vulnerable to such exploits and while SE Linux has blocked local kernel exploits in the past [4] there will always be the possibility of kernel exploits that SE Linux can’t block or which can be re-written to work in a way that is not stopped by the SE Linux policy. So it’s best to assume that SE Linux systems are vulnerable to kernel exploits.
At the time that the vmsplice() exploit was announced there was a claim that it could be used to de-stabilise a Xen Dom0 when run within a DomU. It’s best to assume that any attack which can make some software perform in an unexpected manner can also be used to successfully attack it. So at the time I was working on the assumption that the Dom0 could have been exploited.
Therefore I reinstalled the entire machine, I firstly installed a new Dom0 (on which I decided to run Debian/Unstable) and then I made a fresh install of Etch for the Play Machine. There is a possibility that an attacker could compromise the hardware (changing the BIOS or other similar attacks), but this seems unlikely – I doubt that someone would go to such effort to attach hardware that I use for demonstrating SE Linux and for SE Linux development (it has no data which is secret).
If someone attacks my Play Machine they would have to first get root on the DomU in question and then crack Xen to get access to the hardware. Then the machine is on a separate Ethernet segment which has less access to my internal network than the general Internet does (so they would not gain any real benefit).
One thing an attacker can do is launch a DOS attack on my machine. One summer a Play Machine overheated and died, I suspect that the extra heat produced by a DOS attack contributed to that problem. But losing a low-end machine I bought second-hand is not a big deal.
When discussing the machine there are two common comments I get. One is a suggestion that I am putting myself at risk, I think that the risk of visiting random web sites is significantly greater. Another is a challenge to put the machine on my internal network if I really trust SE Linux, as noted I have made mistakes in the past and there have been Linux kernel bugs – but apart from that it’s always best to have multiple layers of protection.
My SE Linux Play Machine [1] has been online again since the 18th of March.
On Monday the 11th of Feb I took it offline after a user managed to change the password for my own account (their comment was “ohls -lsa! i can change passwordls -lsals -lsa HACKED!“). Part of the problem was the way /bin/passwd determines whether it should change a password.
The previous algorithm (and the one that is currently used in Debian/Etch) is that if the UID of the account that is having it’s password changed doesn’t match the UID of the process that ran /bin/passwd then an additional SE Linux check is performed (to see if it has permission to change other user’s passwords). The problem here is that my Play machine has root (UID==0) as the guest account, and that according to the /bin/passwd program there is no difference between the root account (for unprivileged users) and the bofh account (which I use and which also has UID==0). This means of course that users of the root account could change the password of my account. My solution to this was to run chcon on the /bin/passwd program to give it a context that denied it the ability to change a password. The problem was that I accidentally ran the SE Linux program restorecon (which restores file contexts to their default values) which allowed /bin/passwd to change passwords, and therefore allowed a user to change the password of my account.
The semanage tool that allows changing the default value of a file context does not permit changing the default for a file specification that matches one from the system policy (so the sys-admin can’t override compiled in values).
I have now fixed the problem (the fix is in my Etch SE Linux repository [2] and has been accepted for Debian/Unstable and something based on it will go into the upstream branch of Shadow. See the Debian bug report #472575 [3] for more information.
The summary of the new code is that in any case where a password is not required to change the user’s password then SE Linux access checks will be performed. The long version is below:
The new algorithm (mostly taken from the Red Hat code base which was written by Dan Walsh) is that you can only change a password if you are running as non-root (which means that the pam_unix.so code will have verified the current password) or if you are running as root and the previous SE Linux security context of the process is permitted access to perform the passwd operation in the passwd class (which means it is permitted to change other user’s passwords).
The previous context (the context before one of the exec family of system calls was called) is used for such access checks because we want to determine if the user’s shell (or other program used to launch /bin/passwd) was permitted to change other user’s passwords – executing a privileged program such as /bin/passwd causes a domain transition and the context is different) than the program that was used to execute it. It’s much like a SETUID program calling getuid(2) to get the UID of the process which launched it.
To get the desired functionality for my Play Machine I don’t want a user to change their own password as the account is shared. So I appended password requisite pam_deny.so to the file /etc/pam.d/passwd (as well as the chfn and chsh commands) so that hostile users can’t break things. The new code in /bin/passwd will prevent users from taking over the machine if my PAM configuration ever gets broken, having multiple layers of protection is always a good thing.
The end result is that the Debian package and the upstream code base are improved, and my Debian Etch repository has the code in question.
My Etch back-port repository of SE Linux related packages (which I documented in a previous post [1]) now has a complete set of packages for AMD64. From now on I aim to make AMD64 and i386 be my main supported platforms for SE Linux development.
There is a guy who may be able to give me a stack of well configured PowerMacs (2gigs of RAM), if he comes through with that then I may add PPC-32 to the list of architectures I support. If that happens then probably the machines will have their hard drives smashed for security reasons, so I’ll want to swap some G3 PowerMacs for hard drives.
At the moment I’ve got more time to work on these things than I have had for a while.
I’ve got Etch support going quite well (see my post about my Etch repository [1]), the next step is to back-port some packages for AMD64 to get it working as well as i386.
I’ve got an i386 Xen server for SE Linux development (which is also used for my Play Machine’s [2] DomU – so it’s definitely not for anything secret). I can give accounts and/or DomU’s to people who have a good use for them (the machine has 512M of RAM so could have 4-5 DomU’s).
Currently it seems that the 2.6.24 kernel in Debian doesn’t work for Xen (at least on with an i686 CPU). I have filed bug report #472584 about it not working as a DomU [3]. This combined with the fact that according to bug report #466492 it doesn’t work as a Dom0 (which I have verified in my own tests) [4] makes the package linux-image-2.6.24-1-xen-686 unusable.
Due to the inability to use 2.6.24 Xen I can’t do SE Linux development for Lenny in a DomU (Lenny tools build policy version 21 and the Etch kernel I’m using only supports policy version 20). So I have repurposed one of my servers for Lenny (unstable) development. I can give user accounts on that machine to anyone who has a good reason (and there are some people who I would give root access to if they need it).
The current policy packages in Unstable are built without MCS support. This is a problem as converting between a policy which has MCS or MLS and one which doesn’t is rather painful (purge policy, reinstall policy, and reboot are all required steps). I have filed bug report #473048 with a patch for this – my patch may not actually be much good (I don’t understand some aspects of Manoj’s code) but it does achieve the desired result [5]. I won’t be making Apt repositories for such things as I expect that the changes will get into Debian fast enough.
The next thing I am starting to work on is MLS support for Debian (currently it only supports the Strict and Targeted policies). See the Multilevel Security Wikipedia page for some background information on the technology [6].
I don’t expect that many people will use MLS on Debian in production environments, and it wouldn’t surprise me if no-one used it on a production server (although of course it would be impossible to prove this). But I still believe that it’s worth having for educational purposes. I am sure that there are packages in Debian of a similar size that will get less use so it’s not a waste of disk space on mirror servers!
The only real down-side to adding MLS support is that it will increase the build time for the Debian SE Linux policy packages, currently they take 13 minutes to build on a 1.1GHz Celeron system (the Xen server I mentioned previously) and I expect that the machine in question will have build times greater than 20 minutes with MLS included. I will probably need to set up an Unstable DomU on a dual-core 64bit machine for the sole purpose of building policy packages. I will also have to investigate use of the “-j” option to make when building the policy to take advantage of the dual cores. I often do small tweaks to policy and it’s annoying to have to wait for any length of time for a result.
The version of Coreutils that is currently in Unstable will have ls display a “+” character for every file when running SE Linux (I have filed bug report #472590) about this [7]. It is being actively discussed and at this stage it seems most likely that the functionality from Etch in this regard will be restored (which is using “+” to represent ACLs only not SE Linux contexts). It seems likely to me that I will find a few other issues of a similar nature now that I have started seriously working on Unstable.
For the benefit of Debian and upstream developers who get involved in such discussions, please do not be put off if you join a discussion that is CC’d to the NSA SE Linux mailing list and have your message rejected by the list server. The code of conduct is much the same on most mailing lists, and the SE Linux list is not much different to others. The difference is that before your get your email address white-listed for posting you have to agree to the terms of service for the list. The people who run the list server appear to work more than 40 hours a week so there should not be a great delay. If anyone wants to get a message about Debian SE Linux development sent to the list without delay on a weekend then they can send it to me for forwarding.
I am aware of some discussions about SE Linux and the Debian installer. I have not responded to them yet because I wanted to get some serious coding done first as an approach of “I haven’t done much coding recently but trust me I’ll fix the problems for you” might not be accepted well. I will start investigating these issues as soon as I have my Debian/Unstable server working well in enforcing mode.
Update: I’ve just filed bug report #473067 with a patch to enable MLS policy builds [8].
I just read an interesting blog post about Montenegro [1]. Apparently a key to the process of becoming a country was acting like it was inevitable.
It seems that this method can be applied to many areas, one of which is the contest between Linux and some proprietary OSs.
For many years monopolists have convinced people that it was inevitable that they would monopolise all areas of software development. Why use any other software (even if it is more reliable, faster, has more features, and is cheaper) if a monopolist is about to dominate the market? The monopolist changes sometimes, the monopolist from ~1990 to now is different from the monopolist of the 1970’s, but the tactics of a computer monopolist remain the same.
The way to beat this is largely to just ignore them. There is an ongoing debate in some circles about when Linux will be “ready for the desktop“. I’ve been running Linux as my primary desktop environment since about July 1998, it’s almost 10 years of having Linux as my primary desktop environment. It seems inevitable that the Linux will take over the desktop – it’s far better for desktop use than it was 10 years ago when I switched.
Some people claim that Linux lacks driver support. Every piece of hardware that I’ve wanted to use over the last 10 years has had adequate support. Often second-hand hardware works best with Linux, hardware vendors have no reason to continue to support their old products on newer operating systems (they make more money if you buy new hardware to run the new OS). Not only is hardware support for Linux adequate, but long-term support is far superior (and I often get to use cheap second-hand hardware). Now that an increasing number of hardware vendors are supporting Linux for their new hardware (Intel, AMD, and most laptop vendors are doing some good work in this regard). It seems that everyone who has tried both says that writing drivers for Linux is easier than writing drivers for proprietary OSs, so it seems inevitable that Linux will end up with better driver support by all metrics.
Linux is designed for users. DRM (Digital Restrictions Management) is not something that interests Linux developers. Run Linux and your computer will obey you and give full quality audio and video. It seems inevitable that Linux will dominate the AV section of the market (it already dominates the computer work involved with creating movies).
Free software (of which Linux is merely the most famous and popular example) is based on the principles of open design and open standards. When you use a free software program to save a file then you can be reasonably sure that you will be able to read it back again in a few decades. Most free software uses file formats that are well documented and standardised. Sometimes there are bugs in programs and new versions will use files in a different way, this is sometimes a case when you rely on a bug in an old version. Using the older version of the software is sometimes required to properly access old data. Fortunately when you have the source to the older programs they can be compiled on new systems (so different types of CPU won’t matter). Also the lack of DRM means that an OS image can be virtualised. One thing that is on my todo list is to create a set of virtual machine images of some of the most commonly used distributions of Linux so I can easily compare distributions of 10 years ago with modern distributions – it’s not technically challenging and there is no particular technical or legal obstacle to doing this. This would also mean that if someone gave me a file in some strange format from 10 years ago I would have a better chance of reading it. It seems inevitable that as the value of data increases the desire to avoid OSs that prevent people from accessing their own data will also increase, and that will eventually squeeze out most closed software from the market. This doesn’t mean the end of proprietary software, merely the end of software that holds user’s data hostage.
The majority of the world’s population does not use computers. The computers that they end up using will be cheap because they can’t afford to waste so much money on new hardware. To make cheap machines means that there will be limited resources in terms of RAM, mass storage, and CPU power which require more efficient software. Also to properly take advantage of machines with small screens and other limitations changes to the design of the software will be required. It seems inevitable that the most open software will be adapted to such environments more readily than proprietary software.
Now this doesn’t mean that we can take a break from development. In the free software community there are usually many different programs to perform a particular task with competition between the developers of the various projects. The fact that a monopolist is inevitably going to lose it’s position is of little relevance to the competition between the various free alternatives.
I am just watching US Senator Barack Obama speaking at Google about his bid to become the next US president [1]. He has announced plans for allowing greater citizen oversight of the government including having all government data in open file formats (a great idea – the Australian Bureau of Statistics has a large amount of data online in Excel format). But his most significant item so far is to have a National CTO (Chief Technology Officer). It’s an idea that seems totally obvious now that I’ve heard it and leaves me wondering why I never thought of it before!
Barack understand technology, wants a functioning democracy, and gets a +5 Insightful from me for the CTO idea!
He also announced a plan to double federal funding for basic scientific research as part of a measure to make the US more competitive with other countries. He mentioned the US standing in the world as a problem (it’s the first mention of this that I’ve heard from anyone in the US government) and notes this as an issue which limits the ability of the US to save lives in regions such as the Darfur. He also claims that there is no clash of civilisations and cites his experience living in a Muslim country as helping to build bridges.
When discussing his reasons for running he said that he believes that he can bring his country together to solve problems better than other candidates. That’s the type of thing you often hear and ignore in political campaigns. It is often difficult to believe that someone wants to be famous and powerful for anything other than the most selfish reasons. But Barack gives me the strong impression that he is genuine.
He stated a plan to shut down Guantanamo bay (presumably just the prison and torture aspect – I’m guessing that he is not intending to close the military base) and to stop “rendition” (sending prisoners to other countries to be tortured).
His plans for education are innovative, as part of educating young children (0-3 years old) he stated an aim to teach parents to read so that they can read to their children! It’s sensible and obvious once you have heard it, but no-one seems to have publicised that idea before. He announced that he will increase teachers’ salaries.
He describes the US as having an “empathy deficit“, it’s obvious to almost everyone outside the US but not something that many people in the US realise.
He wants decisions to be based on facts and is determined to use facts when dealing with health insurance companies.
I just wish that we had some politicians like him in Australia. In terms of policy the Greens politicians would agree with him, but the combination of great policies, insight, and excellent delivery seems a lot better than any of the options in Australia.
Update: Changed the post (including the permalink) to have the correct spelling of Barack. Mental note – double check the spelling of everything in the permalink.
|
|
