|
|
Today I happened to see a bio-fuel petrol station! I decided to check it out (even though I was traveling by tram in a part of town that I don’t normally visit so there was no possibility of any real purchase).
The station is Conservo [1]. Their main products are E10 petrol (10% Ethanol and 90% Petrol), B20 bio-Diesel (20% bio-Diesel and 80% Petroleum based fuel oil), and B100 (100% bio-Diesel). All the fuel that they sell has a biological based component. The prices for the fuel seemed a little lower than is charged by other petrol stations, but it’s difficult to tell as fuel prices can change rapidly.
I spoke to one customer who had just filled up his 4WD with bio-Diesel about his experiences. He said that he sometimes used B20 and sometimes B100. He had found no down-side to using such fuels but had noticed that when under hard acceleration the bio-Diesel fuel seemed to cause less dark smoke (IE less soot).
All the fuels that they sell are produced in Australia. There are issues with imported bio-fuels which are sometimes produced with slash and burn agriculture and often increase the prices for essential food items (such as corn in South America). As the fuel is produced in Australia such issues should not apply. According to a brochure they have facilities to allow people to deposit used vegetable oil which can then be converted to bio-Diesel.
Inside the store they sell a variety of organic foods and drinks, I bought a bottle of carbonated organic apple juice which was quite nice and at $3 was not outside the price range that I expect from a petrol station (which do tend to charge high rates for refreshments). It was not an unreasonably high price for an organic drink.
In the store they sell and promote a range of producthttp://en.wikipedia.org/wiki/Flash_points that are positive for the environment. They have a display about using algae to produce bio-Diesel fuel which has some interesting information but unfortunately didn’t list the productivity of algae fields in terms of the number of tons per hectare per year (or month or other time period).
One really interesting point I read on their web site concerns the flash point [2] of fuel. The flash-point is the temperature which allows enough of the flammable substance to evaporate to produce an ignitable mixture. Petrol is listed as less than -40C, fossil-Diesel fuel is greater than 62C according to Wikipedia (greater than 55C according to Conservo) while Conservo list the flash point of bio-Diesel as greater than 110C. Wikipedia lists the flash point of canola (rape seed) oil as 327C. This is described as being a benefit of bio-Diesel. While it’s obvious that this is a disadvantage for Petrol, I find it difficult to imagine a situation where a fuel tank could reach a temperature greater than 55C but less than 110C.
In their Good for the Environment [3] page they claim that the exhaust from burning bio-Diesel is less harmful to human health than that from burning fossil fuels. My previous post about Vegie Cars [4] is getting some comments suggesting otherwise. So far I haven’t found good references either way, but the discussion has raised some really good issues.
Update: Petrol’s flash-point is less than -40C not +40C.
I’ve read a lot about running Diesel vehicles on plant oil, but one thing that was never clear was why some people claim that you need special chemical additives.
The article about converting vehicles to vegetable oil on the VegieCars.com [1] site explains all this. It seems that if you want to produce fuel which can be used in unmodified vehicles then you need to add a mixture of methanol caustic soda. This is going to be difficult, dangerous, have some expense, and probably not be that good for the environment.
The other option (which they recommend) is to modify the vehicle to accept straight vegetable oil. This means pre-heating the oil before it enters the engine (to lower it’s viscosity and make it vaporise more easily) and to filter the oil to remove solid objects and water.
A possibility is to have two separate fuel tanks so that you can switch between plant oil and petroleum based Diesel fuel. This is an option if driving in a cold climate (probably not an issue in Australia apart from a few mountains) and if you are concerned about the quality of your plant oil (a bad batch could clog the filters and force you to use petroleum based fuel).
They also have an interesting cost-comparison page to show you how much money you might save by using plant oil [2].
Their site is very interesting and has some good technical information, even if you never plan to drive a Diesel vehicle it’s worth reading if you are interested in cars.
My cousin Greg Coker has created an eBay auction for Football cards with the proceeds going to a charity that protects animal welfare (I can’t remember the name – I’ll update this post later). He also has a bunch of other eBay auctions of football cards going which are not for charity.
The charity auction is held in association with SEN (Sports Entertainment Network – a sports talk-back AM radio station) [1]. This afternoon Greg was interviewed on SEN about football cards in general. He gave a good talk, he could probably do some professional radio work if he was interested.
Greg’s cards are from the VFL (Victorian Football League) before it became the AFL (Australian Football League) [2]. The cards used to be sold in “milk bars” (small stores that sold a variety of junk food and some essential food items including milk – most such stores are closed now as they have been replaced by petrol stations and supermarkets) and each pack of ~5 cards had some crewing gum included (which Greg often discarded because he didn’t like it – he should have given it to me, I was not so fussy). The back side of the cards had a jigsaw picture which I have never seen anyone complete (I expect that Greg has assembled at least one jigsaw as he has some sets).
Probably the way the cards were collected, traded, etc is very similar to sports based cards from other countries (such as baseball cards in the US).
On the animal front, I’ve had a mother cat and four kittens move into the shed in my back-yard. The mother cat has no collar and is not known by anyone in the area so she appears to have been dumped by her owner when she got pregnant. There are four kittens, one is ginger, one is black, and two are mottled part black and part ginger. They are all healthy and friendly and the kittens are all really cute. The kittens have become used to being patted and handled by humans so it will be easy to make them household pets.
If an owner is not found for them then they will probably all end up being put to sleep (unfortunately I can’t keep them so I’ll have to deliver them to the local council).
If anyone in Melbourne, Australia wants some free cats then I would be happy to deliver them. I’ll supply as many cats as desired. I can’t give away the mother until the kittens have been given away, so if you want the mother cat (dark coloured) then you may have to wait for a while.
Judging by the date that I first noticed them (when they were walking around, had their eyes open, and ate solid food) the kittens would have to be at least 7 weeks old. It’s recommended that kittens not be given away before they are 8 weeks old and given that it will probably take a week to organise anything I expect that anyone who reads I don’t think that there is any risk of giving them away too early.
Please let me know by email or a comment if you are in the vicinity of Melbourne, Australia and want a new pet (or several new pets).
The latest news related to the Beijing Olympic games is that Kevin Rudd (our Prime Minister) has said “It is absolutely clear that there are human rights abuses in Tibet. That’s clear-cut; we need to be upfront and absolutely straight about what’s going on,” – stating the obvious really. If that was all that happened then it wouldn’t be particularly interesting.
The paper version of “The Age” quotes George Bush as seconding Kevin Rudd’s statement. I believe that this is quite significant. Bush is well known for being stupid, the fact that he is now following the example of someone else who is doing good things is a very positive thing for the world. When John Howard was our Prime Minister we had an idiot (Howard) following an even bigger idiot (Bush) and the result was not good.
Kevan Gosper (an Australian IOC board member) said “They just take their hate out on whatever the issues are at the time, and that hate against the host country is being taken out on our torch“. People who are totally corrupt sometimes seem confused when other people are motivated by moral principles, maybe we have a culture clash between the corrupt IOC board and the attitudes of most people in the rest of the world (I can’t think of any other way to map Kevan’s statement to reality).
Mr Rudd has confirmed that Chinese “security guards” (soldiers) will not be permitted to operate in Australia to protect the Olympic torch from protesters, but the “security guards” have been operating in the UK.
I read about this on the web site of The Age, but I won’t link to them because they have a lot of broken links with the following explanation – I am not going to link to sites that are so transient in nature (linking to The Age would lower the quality of my blog). Incidentally does anyone know of a news service in Australia that has reliable pages which stay online?
We could not find the page you requested. This is often because older content has been removed from our site. In most cases you can still find the item via our archive service, News Store, where you can buy articles for a small fee.
It also has the following text which indicates that the most visible problem is probably transient, but the fact that they deliberately break links is unacceptable to me:
If you reached this page from a link on our site, please contact the webmaster (choose Technical faults) and tell us the address of the faulty page and the address shown for this page.
The MSN article about the meeting between Bush and Rudd also had an interesting quote from Nancy Pelosi (speaker of the house in the US congress) [1]. She said “As I said in India last week where I met with His Holiness the Dalai Lama, if freedom-loving people throughout the world do not speak out against China’s oppression in Tibet, we have lost our moral authority to speak out on behalf of human rights anywhere in the world” and that the IOC made a mistake in awarding the games to China.
Pelosi is not known for being left-wing (the US Democratic party is centrist/right by the standards of most democracies) so it’s interesting to see her take a stand on this issue.
Erich Schubert has written about this, he points out that the Olympics are not about sports [2]. Well of course the Olympics are about money, drugs, and sports-science!
I’m not sure that I agree with Schubert and Pelosi, the Chinese Olympics has focussed a lot of international attention on what China is doing – this has to be good for human rights. The Olympic games are a white elephant, running them costs a huge amount of money and there is no evidence that they actually make money for the host country once the opportunity costs are taken into account. Maybe we should give the Olympics to Zimbabwe or the Sudan next?
I believe that apart from some exceptions (such as “links” posts) each post should stand alone. A reader should be able to read a single blog post and understand the author’s point without needing to visit any external sites.
A common mistake is to write a post that can not be understood without following the links. This means that if one of the links gets taken down then the post can not be interpreted. Also if a reader has Internet access problems that deny access to the other site (which is not uncommon) they will be unable to find the original source and thus miss the point.
It’s quite common for people to download copies of blog content before going out of net access (I routinely load a Planet feed of the blogs I read before travelling). Some people read blog content via email, for such people reading blogs without net access will be even more common. If a blog post can’t be immediately understood then a significant number of readers will just skip it. If too many posts from one RSS feed (where “too many” is a subjective value that varies from reader to reader) have this problem then they may just unsubscribe from the feed.
Also even people who do have good net access will sometimes skip posts which require them to visit an external site. It takes more time and if they aren’t sure that the content will be of interest then they skip it.
Finally writing an explanation of your point tends to result in more clear communication. At the shallow end of the blog pool it’s quite common to see posts which link to web pages and express disagreement with them. If the web page which is referenced makes several points (it’s very rare to find pages which strictly make a single point with no sub-points and no chain of logic to support the point) then it can be difficult or impossible to determine what the blogger specifically disagreed with. A post which summarises a page and gives specific reasons for agreeing or disagreeing with it gives little potential for confusion or miscommunication.
Currently my SE Linux Play Machine [1] is running as a Xen DomU. So if someone cracks it they would also have to crack Xen to get access to directly change things on the hardware (EG modifying the boot process). As documented in my last post [2] a user of my Play Machine recently managed to change my password. Of course this was just two days after the vmsplice() kernel security flaw had been discovered [3]. Of course any machine that offers shell access to remote users (or the ability to run CGI-BIN scripts or other programs that users can upload) is immediately vulnerable to such exploits and while SE Linux has blocked local kernel exploits in the past [4] there will always be the possibility of kernel exploits that SE Linux can’t block or which can be re-written to work in a way that is not stopped by the SE Linux policy. So it’s best to assume that SE Linux systems are vulnerable to kernel exploits.
At the time that the vmsplice() exploit was announced there was a claim that it could be used to de-stabilise a Xen Dom0 when run within a DomU. It’s best to assume that any attack which can make some software perform in an unexpected manner can also be used to successfully attack it. So at the time I was working on the assumption that the Dom0 could have been exploited.
Therefore I reinstalled the entire machine, I firstly installed a new Dom0 (on which I decided to run Debian/Unstable) and then I made a fresh install of Etch for the Play Machine. There is a possibility that an attacker could compromise the hardware (changing the BIOS or other similar attacks), but this seems unlikely – I doubt that someone would go to such effort to attach hardware that I use for demonstrating SE Linux and for SE Linux development (it has no data which is secret).
If someone attacks my Play Machine they would have to first get root on the DomU in question and then crack Xen to get access to the hardware. Then the machine is on a separate Ethernet segment which has less access to my internal network than the general Internet does (so they would not gain any real benefit).
One thing an attacker can do is launch a DOS attack on my machine. One summer a Play Machine overheated and died, I suspect that the extra heat produced by a DOS attack contributed to that problem. But losing a low-end machine I bought second-hand is not a big deal.
When discussing the machine there are two common comments I get. One is a suggestion that I am putting myself at risk, I think that the risk of visiting random web sites is significantly greater. Another is a challenge to put the machine on my internal network if I really trust SE Linux, as noted I have made mistakes in the past and there have been Linux kernel bugs – but apart from that it’s always best to have multiple layers of protection.
My SE Linux Play Machine [1] has been online again since the 18th of March.
On Monday the 11th of Feb I took it offline after a user managed to change the password for my own account (their comment was “ohls -lsa! i can change passwordls -lsals -lsa HACKED!“). Part of the problem was the way /bin/passwd determines whether it should change a password.
The previous algorithm (and the one that is currently used in Debian/Etch) is that if the UID of the account that is having it’s password changed doesn’t match the UID of the process that ran /bin/passwd then an additional SE Linux check is performed (to see if it has permission to change other user’s passwords). The problem here is that my Play machine has root (UID==0) as the guest account, and that according to the /bin/passwd program there is no difference between the root account (for unprivileged users) and the bofh account (which I use and which also has UID==0). This means of course that users of the root account could change the password of my account. My solution to this was to run chcon on the /bin/passwd program to give it a context that denied it the ability to change a password. The problem was that I accidentally ran the SE Linux program restorecon (which restores file contexts to their default values) which allowed /bin/passwd to change passwords, and therefore allowed a user to change the password of my account.
The semanage tool that allows changing the default value of a file context does not permit changing the default for a file specification that matches one from the system policy (so the sys-admin can’t override compiled in values).
I have now fixed the problem (the fix is in my Etch SE Linux repository [2] and has been accepted for Debian/Unstable and something based on it will go into the upstream branch of Shadow. See the Debian bug report #472575 [3] for more information.
The summary of the new code is that in any case where a password is not required to change the user’s password then SE Linux access checks will be performed. The long version is below:
The new algorithm (mostly taken from the Red Hat code base which was written by Dan Walsh) is that you can only change a password if you are running as non-root (which means that the pam_unix.so code will have verified the current password) or if you are running as root and the previous SE Linux security context of the process is permitted access to perform the passwd operation in the passwd class (which means it is permitted to change other user’s passwords).
The previous context (the context before one of the exec family of system calls was called) is used for such access checks because we want to determine if the user’s shell (or other program used to launch /bin/passwd) was permitted to change other user’s passwords – executing a privileged program such as /bin/passwd causes a domain transition and the context is different) than the program that was used to execute it. It’s much like a SETUID program calling getuid(2) to get the UID of the process which launched it.
To get the desired functionality for my Play Machine I don’t want a user to change their own password as the account is shared. So I appended password requisite pam_deny.so to the file /etc/pam.d/passwd (as well as the chfn and chsh commands) so that hostile users can’t break things. The new code in /bin/passwd will prevent users from taking over the machine if my PAM configuration ever gets broken, having multiple layers of protection is always a good thing.
The end result is that the Debian package and the upstream code base are improved, and my Debian Etch repository has the code in question.
My Etch back-port repository of SE Linux related packages (which I documented in a previous post [1]) now has a complete set of packages for AMD64. From now on I aim to make AMD64 and i386 be my main supported platforms for SE Linux development.
There is a guy who may be able to give me a stack of well configured PowerMacs (2gigs of RAM), if he comes through with that then I may add PPC-32 to the list of architectures I support. If that happens then probably the machines will have their hard drives smashed for security reasons, so I’ll want to swap some G3 PowerMacs for hard drives.
At the moment I’ve got more time to work on these things than I have had for a while.
I’ve got Etch support going quite well (see my post about my Etch repository [1]), the next step is to back-port some packages for AMD64 to get it working as well as i386.
I’ve got an i386 Xen server for SE Linux development (which is also used for my Play Machine’s [2] DomU – so it’s definitely not for anything secret). I can give accounts and/or DomU’s to people who have a good use for them (the machine has 512M of RAM so could have 4-5 DomU’s).
Currently it seems that the 2.6.24 kernel in Debian doesn’t work for Xen (at least on with an i686 CPU). I have filed bug report #472584 about it not working as a DomU [3]. This combined with the fact that according to bug report #466492 it doesn’t work as a Dom0 (which I have verified in my own tests) [4] makes the package linux-image-2.6.24-1-xen-686 unusable.
Due to the inability to use 2.6.24 Xen I can’t do SE Linux development for Lenny in a DomU (Lenny tools build policy version 21 and the Etch kernel I’m using only supports policy version 20). So I have repurposed one of my servers for Lenny (unstable) development. I can give user accounts on that machine to anyone who has a good reason (and there are some people who I would give root access to if they need it).
The current policy packages in Unstable are built without MCS support. This is a problem as converting between a policy which has MCS or MLS and one which doesn’t is rather painful (purge policy, reinstall policy, and reboot are all required steps). I have filed bug report #473048 with a patch for this – my patch may not actually be much good (I don’t understand some aspects of Manoj’s code) but it does achieve the desired result [5]. I won’t be making Apt repositories for such things as I expect that the changes will get into Debian fast enough.
The next thing I am starting to work on is MLS support for Debian (currently it only supports the Strict and Targeted policies). See the Multilevel Security Wikipedia page for some background information on the technology [6].
I don’t expect that many people will use MLS on Debian in production environments, and it wouldn’t surprise me if no-one used it on a production server (although of course it would be impossible to prove this). But I still believe that it’s worth having for educational purposes. I am sure that there are packages in Debian of a similar size that will get less use so it’s not a waste of disk space on mirror servers!
The only real down-side to adding MLS support is that it will increase the build time for the Debian SE Linux policy packages, currently they take 13 minutes to build on a 1.1GHz Celeron system (the Xen server I mentioned previously) and I expect that the machine in question will have build times greater than 20 minutes with MLS included. I will probably need to set up an Unstable DomU on a dual-core 64bit machine for the sole purpose of building policy packages. I will also have to investigate use of the “-j” option to make when building the policy to take advantage of the dual cores. I often do small tweaks to policy and it’s annoying to have to wait for any length of time for a result.
The version of Coreutils that is currently in Unstable will have ls display a “+” character for every file when running SE Linux (I have filed bug report #472590) about this [7]. It is being actively discussed and at this stage it seems most likely that the functionality from Etch in this regard will be restored (which is using “+” to represent ACLs only not SE Linux contexts). It seems likely to me that I will find a few other issues of a similar nature now that I have started seriously working on Unstable.
For the benefit of Debian and upstream developers who get involved in such discussions, please do not be put off if you join a discussion that is CC’d to the NSA SE Linux mailing list and have your message rejected by the list server. The code of conduct is much the same on most mailing lists, and the SE Linux list is not much different to others. The difference is that before your get your email address white-listed for posting you have to agree to the terms of service for the list. The people who run the list server appear to work more than 40 hours a week so there should not be a great delay. If anyone wants to get a message about Debian SE Linux development sent to the list without delay on a weekend then they can send it to me for forwarding.
I am aware of some discussions about SE Linux and the Debian installer. I have not responded to them yet because I wanted to get some serious coding done first as an approach of “I haven’t done much coding recently but trust me I’ll fix the problems for you” might not be accepted well. I will start investigating these issues as soon as I have my Debian/Unstable server working well in enforcing mode.
Update: I’ve just filed bug report #473067 with a patch to enable MLS policy builds [8].
|
|
