|
|
Ben Fowler blogs about the issues related to running IRC as root. Google searches for (irc client exploit) and (irc client “buffer overflow”) give a number of interesting web pages. Many of the exploits require the user to perform an action that’s slightly unusual, but why take a chance?
The advice to not run as root while generally sensible (run everything with minimum privileges as much as possible) is IMHO not very useful in recent times (and probably was never very useful). Generally when a user is worried about system compromise they are not worried about attackers having direct hardware access, the ability to corrupt system files, etc. They are worried that the attacker might read their email and access other personal files.
Therefore the instruction should be “don’t run IRC as root or as any account that has access to data which is important to you“. It’s not difficult to start an X-term that runs “exec su – ircuser irc” or “ssh -t ircuser@localhost irc“. Note that the -t option is required for ssh to make it allocate a pty even when receiving a command to run. Note also that in the case of su you need the exec option so that if the irc client is compromised and tries to perform a ioctl(0, TIOCSTI… based attack then it won’t succeed.
In any of these methods make sure that X access is not granted. Until we get Security Enhanced X working in a viable manner any process that can display an X window on your screen can own you totally. There are of course relatively safe ways of doing X, I have previously documented how to configure the Xephyr X server (replacement for Xnest) to allow a process with a different security context to safely display a graphical window on your desktop.
Generally I recommend not using a graphical X client on an untrusted network (IE anything other than an Intranet IRC server). I prefer to do my IRC in an account that’s not even on a machine that I care about and have it run screen so I can disconnect and re-connect from anywhere in the world.
When I first got SE Linux in Debian to be useful (when I could boot and run all programs without problem) I logged on to some IRC channels related to Debian with the security context of root:user_r:user_t. I admit that my actions in this regard could possibly be described as trolling, but I wanted to demonstrate what SE Linux can do. Unfortunately of the many people who told me off for logging in to IRC as root, none of them wanted to hear an explanation of why user_r is safe in this regard. I expect that most of them were running their IRC client in the same Unix account that was used for their email etc (and probably most of them had GPG keys accessible from such an account).
Sigh, it’s so easy to run IRC as a different user – in fact it’s probably the easiest of all network client programs to run in such a manner. There’s no reason not to.
The Australian has a new Environment writer named Matthew Warren who has a history of doing PR work for the coal industry. This has the potential for insightful articles based on knowledge of what the industry is doing or for PR work for the coal industry masquerading as journalism. Unfortunately it seems like the latter is what we are getting.
Matthew’s latest effort is an article claiming a $6.5 billion cost to home-owners because of an “effective ban” on electric hot water systems that Labor might impose. Unfortunately he doesn’t clearly state what an effective ban is, but does note that apartments are exempt.
The specific claim that is used as the basis for the article is that solar hot-water systems cost $2,800 more than electric systems, and that after the solar hot-water rebate ($1,000) the additional cost would be $650,000,000 per annum, and that a period of 10 years would be required to replace all hot-water systems thus giving a cost of $6,500,000,000. So I presume that he expects that there would be 650,000,000/1,800 hot water systems installed per year which would be about 361,111.
According to the Australian Bureau of Statistics there were 6,744,800 households in Australia in 2003. Matthew’s article states that about 40% of homes can have gas hot-water systems fitted that comply with the proposed new regulations, given that and the exemption for apartment buildings let’s assume for the sake of discussion that 50% of homes would require a solar hot-water system. Assuming that each household has a separate hot-water system that means that for these claims to hole we need an average expected lifetime for a hot water system of 6,744,800/2/361,111 = about 9.3 years. If the currently installed hot-water systems are expected to be replaced in 9.3 years then we can expect that hot water systems tend to survive for an average of about 18.6 years. I wonder if that number is correct (some google searching didn’t turn up an answer). One of the disadvantages of old-fashioned media is that they tend not to include calculations or cite sources adequately so we can’t easily verify or disprove their claims, I wonder if this is deliberate…
Matthew admits that using a solar hot water system can be expected to save households $300 per annum in electricity expenses, I presume that this is based on current energy prices and that the savings can therefore be expected to increase as energy prices increase (we have a lack of water which is increasing the cost of producing electricity from coal).
Let’s assume for the sake of discussion that the typical home-owner has a mortgage, the Commonwealth Bank is currently advertising mortgages with a rate of just over 8%, the way things work is that there are various criteria for getting a discount rate which most borrowers can meet so the result will be slightly below 8%. If a solar hot water system costs $1,800 extra to install and the money comes from a mortgage then every year it will cost the home owner about 8% of $1,800 which is about $144 (a saving of $156 per annum). If the solar hot water system saves the home owner $300 per annum then at any interest rate below 300/1800 (16.66%) they will make money.
If there was no government subsidy and the entire $2,800 extra was paid by the home owner then at 8% interest it will cost $224 per annum (a saving of $76 per annum) and the interest rate would need to increase to 300/2800 = 10.7% to make it break even.
So for solar hot water to not save the home-owner money we need to have a significant increase in interest rates (which incidentally would bankrupt many home owners), AND to have electricity prices remain the same (which would require even more of our tax money to be spent on supporting the coal industry).
Finally Matthew complains that the solar hot-water rebate could cost the government $4 billion over the course of the scheme (the next 10 years). This sounds like a lot of money until you think about the 9 billion dollars a year that the government spends on subsidies for the coal, oil, and gas industries! On the current course the government would spend 90 billion dollars of our tax money subsidising polluting industries that cause climate change, but Matthew opposes spending 4 billion subsidising technology that prevents pollution and reduces climate change.
I was recently talking to a client about the lack of guidelines for acceptable personal use of office resources in his company. He rejected the suggestion that he provide any real rules or guidelines (apart from some old rules that most employees were not aware of and of which there was no procedure to remind them to periodically read). He said that he only wanted to hire motivated people who wanted to work, and that people who need rules should work elsewhere.
The results of his approach seem reasonable, everyone who works for him works really hard. In return his attitudes towards employees are more relaxed than most employers, among other things he is very supportive of employees who desire career opportunities greater than his company can offer.
I have been wondering whether rules alone can make people lose interest in working, or whether it’s the type of person who doesn’t want to impose rules that inspires hard work.
My experience is that when working for people who have a rule-free environment I tend tend to work really hard, and that when working for companies that have lots of rules I find it difficult enough to get out of bed in the morning – let alone become motivated to do any work.
I am interested to see comments from other people, both workers and managers. Is my experience common in this regard?
Dell just sent me a letter advertising their new Vostro line “especially for small business“. They say “we listened, then we listened some more” and explain that it’s based on feedback from people in small companies. The problem (which should be familiar to everyone who has ever done any consulting work) is that people don’t ask for what they need! Ask someone what they want in a computer system and the first thing that they will ask for is a fast CPU and a low price, the colour of the box will probably be higher on their priority list than the option of a backup.
Dell have proved this by advertising their small business machines by advertising cheap desktop machines for small business use.
Here is a list of the features that I consider essential in small business systems (based on my experience working for dozens of small companies):
Reliable operation. Using a relatively inexpensive machine as both a desktop machine and a server for the company network is very common in companies with less than 10 people. The Dell PowerEdge Tower systems are reasonably cheap (as little as $800AU – $100 more than a low-end Vostro in the base configuration, although the Vostro includes a bundled monitor). The PowerEdge machines have ECC RAM as a standard feature (avoids data loss due to memory errors) and can be delivered with hardware RAID support (SATA-2 or SAS) and a variety of backup options. A low-end tower PowerEdge server with 250G of hardware SATA RAID-1, a 160G removable disk for backup, and an extra gigabit-ethernet port costs $2015. Such a machine would do really well as a server for a small company while also being quite good as a desk-side workstation (the cooling fans would probably be louder than on most workstations but the money saved would be worth-while for most small businesses). If Dell was to promote PowerEdge tower machines (maybe under the label “Vostro Servers”) it would be good for customers and should be profitable for them.
The next thing that Dell should consider is a laptop with ECC RAM. Many small businesses start out as a sole trader with a laptop. Data loss on such a machine would be catastrophic. At the design stage ECC RAM would not be difficult to add – if there was a company that produced such RAM (I expect that Dell could purchase enough volume to drive the creation of new memory modules).
Another laptop issue is the reliability of mass storage. Laptops tend to get dropped and hard drives tend to break when dropped. Lenovo sells a “ThinkPad Serial ATA Hard Drive Bay Adapter” which allows two hard drives in a Thinkpad which could be used for RAID-1 (if you don’t want a built-in DVD drive). I chose to use regular backups instead of buying the extra hardware for RAID-1 but it would be good if other companies offered such options – especially when promoting their products to small businesses (who often don’t do regular backups). Even Lenovo could improve things in regard to their potential RAID-1 support in Thinkpads by promoting this feature (instead of just having the hardware listed as an optional extra with no mention of why you would want it) and offering a default install with RAID-1. Better still would be hot-swap RAID-1 in a laptop (which would be quite easy to do if the expansion bay was changed to use USB as it’s method of connection). Of course RAID-1 only covers you in the case where the drop is only enough to destroy one disk or if it causes partial damage to both disks but doesn’t destroy the same section of data on both disks.
The next big thing for laptops will be flash storage. One of the major advantages of flash is that it’s almost impossible to destroy it by dropping it. I would rather have my important data on a flash storage than a hard drive (it also saves electricity and therefore makes the battery last longer). The option of having flash as the primary storage device and a hard drive for files that are larger and less important would be useful to most small businesses. Of course hardly any small business owners will ask for this, they will probably ask for a machine that has a fast CPU.
Sometimes when developing a product you have to design something with the features that customers need and get the sales and marketting people to convince the customer of the benefits of the features. Even though the number of people who understand the technology and will jump at the opportunity to buy good things (such as me) is rather small, the number of people who can understand once it’s explained to them is quite significant. I’m sure that if Dell released a new line of computers with the slogan “reliable machines that don’t lose your data” instead of “good-looking new machines” then they would get some interest.
After writing this post but before publication time I happened to be speaking to the owner of a small business on the topic of choice of computers for a company such as his. He seemed convinced of the benefits of a better machine to replace his current desktop PC that is running as a server (it’s yet to be seen whether he considers the benefit to be worth the cost).
I wonder if Matt Domsch reads my blog…
A frequent criticism of solar power is that the sun only shines brightly for part of the day, and that many of the times when there is significant electrical load (EG when people get home from work in winter) the sun light will be weak. One interesting solution to this problem is to store the solar power by splitting ammonia into nitrogen and hydrogen gases, storing them separately, and then reacting them to produce super-heated steam for power generation at any time that power is needed. The technology is based on three decades of research at ANU and the Federal government has allocated $7,400,000 for building a power station near Whyalla in South Australia.
The down-side to this is that it needs water for the steam part of the electricity generation process which is a minor problem as we are having water shortages in most parts of Australia. But the up-side is that the process of combining nitrogen and hydrogen to produce heat should be something that can be turned on rapidly. So it seems that there is potential for having a wind power plant designed to satisfy all the power requirements on windy days and store hydrogen and nitrogen for times when there the combination of sunlight and wind is not adequate to satisfy the power requirements.
Previous plans for the maximum possible use of renewable energy in producing electricity have included gas fired power plants for times when wind and solar power can’t meet the demand. It seems that with technology such as this one it will be practical to have all electricity produced from renewable sources of energy.
Due to climate change and population increases we are having increasing problems with the water supply in Australia. Peter Lieverdink suggests that we have more options for water supply including treated sewage similar to the Netherlands here he grew up. However I believe that in Australia we already do what he proposes (put treated sewage in rivers and then use the same rivers for the water supply). It’s just removing the middle step (of having the treated sewage in a river) that is controversial.
I recently examined a water bill for my house. Among other things it said that my water use was slightly above the average for houses that use water efficiently and significantly below the average for typical water use. The funny thing was that most of the expenses on the bill were not actually related to the amount of water used. My bill for a quarter was $54 service charges for sewerage and water (of which $39 was sewerage), $30 for sewage disposal, $26 for water, and $14 for drainage. So the cost of disposing of sewage was greater than the cost of getting fresh water and the sewerage service charge was the largest single item on the bill.
Australia supposedly has a capitalist economic system in place (except for the communist policies related to farming and the protection of some industries such as car manufacture and coal mining). Surely the right thing to do is to make water expensive enough that people have a financial incentive to conserve it!
The first thing that should be done is to make the majority of the value of a water bill received by a typical household be determined by the amount of water used. This could be achieved by reducing the fixed components of the bill to something small (EG $20 per quarter instead of $98 for me) and then increasing the cost per kilo-litre (EG from $0.85 to $2.50). The end result would be that people who use average amounts of water would pay about the same amount as they do now and people who use less than the average amount would get smaller bills, while government revenue would remain the same.
The next thing to do is to have different tarriffs for different quantities of water used. The first 50L per day could be free (water for drinking and cooking is a right), between 50 and 450L per day (451L per day being regarded as efficient water use for a house with four occupants and a medium garden) could be at slightly more than current prices, and usage greater than 450L per day could be significantly more expensive.
The current situation is that everyone is going to pay through taxes for desalination plants and other expensive methods of producing new fresh water. Having people pay for what they use is the capitalist way.
Here’s an interesting CSPAN interview with Dick Cheney from 1994. It’s amazing how accurate Dick’s analysis of the Iraq situation was in 1994 when justifying the decision to merely destroy Saddam’s army in Kuwait and not try to occupy Iraq or catpure Saddam. It’s a pity that he didn’t stick to that idea.
Since the old CSPAN interview became popular the MSNBC show Countdown with Keith Olbermann covered it (youtube link). Keith initially said some ridiculous things about heart surgery affecting people’s emotions (that was the medical opinion about 2000 years ago, doctors have learned a lot since and Keith should learn from them). Then John Nichols of The Beat blog and author of Dick: The Man Who is President (Dick Cheney) makes some interesting comments. John interviewed the professors who taught Dick at university and their opinion of him matches the current observations – that he believes that the US government can do whatever it wants with no consequences.
When I was about 11 years old I decided that I wanted a career related to computers. My first computer was the TEC-1 single-board Z80 based kit computer from Talking Electronics magazine (see the photo below). I think that I built this when I was 10.
The computer is 16cm high and 25cm wide. The six seven segment displays are the only built-in output device (there were optional kits for other output devices). The keypad has the hexadecimal number keys, an “ad” button for entering addresses, a “go” button for executing programs, and “+” and “–” keys for incrementing and decrementing the address. Below the reset button (labelled “R“) you will see the optional function key (of which I can’t remember the purpose). Programming this computer required entering the hexadecimal code on the keypad with the “+” and “–” keys being the main method of editing (the “ad” key was used to jump to a different section of RAM). In editing mode the first four seven-segment displays showed the address (the Z80 could only address 64K of RAM) and the other two showed the memory contents (the word size was one byte). In terms of user-friendlyness it was probably about equal to punched cards – apart from the lack of non-volatile storage (unless you built the optional NVRAM kit).
My TEC-1 has 2K of RAM (the 83251R chip is equivalent to an Intel 16kilo-bit 6116 static RAM chip) and 2K of ROM (the chip with the orange sticker labeled Mon1 is a 2716 EPROM – 16kilo-bit).
Not long after that my parents bought the first serious computer for the family, a Microbee Z80 based system with a tape drive that used a monochrome monitor of resolution approximately equal to CGA and which had either 16K or 32K of RAM (I can’t recall). The next family computer was a Microbee Premium series 128K which is probably the same model as the one depicted on the Microbee Wikipedia page (a serious omission of the Wikipedia page is that it has no picture of the box containing the PSU and the floppy drives for the Premium Series). My first published article in a computer magazine was when I was about 15 years old and I wrote a long email on a Fidonet echo (mailing list) reviewing a 3rd party update to the CP/M system for the Premium Series Microbee and was surprised by having it published in the Microbee club magazine (in those days we didn’t bother much about copyright so no-one asked for my permission before publishing).
I wonder if starting with computers at such an age is typical for people who now contribute to free software development. I think it would be interesting to see some blog posts from other people in the community about how old they were when they started with computers and what type of computer they started with.
I also wonder about the correlation between the age of starting with computers and career success in the computer industry. One significant benefit of starting early was that I could learn things that would be useful for my career in later decades while other children were wasting time studying what teachers told them to study. It also meant that in later years of high-school I could relax knowing that I could get straight B’s without effort which was more than was required to enter a CS degree program at that time. Until half-way through year 12 I tried to avoid ever doing home-work at home – home-time was computer time! Do you think that the age at which you chose your career significantly affected your success? If so in what way?
If you were asked for advice by parents as to when their child should be given it’s first computer what age would you suggest? Unfortunately I usually get asked for advice about such things by people who have children aged 16+ (which is way too late IMHO).
Update: Dbenn recently gave a talk to his son’s primary school about computers and he used the TEC-1 as an example. They are still in use!
It’s interesting to see that Audi is releasing a car with LEDs for all lights including the headlights. This is being promoted as an environmental benefit, however a quick google search revealed that my Volkswagen Passat apparently takes 55W headlights (giving a total of 110W of electricity used). Even allowing for some inefficiency in the alternator this would make a very small impact on the fuel use of a engine rated at 140KW. The Audi in question is the R8 (wikipedia link because the Audi web site is badly broken) and has a 300KW engine…
A simple implementation of LED headlights will do some good for plug-in hybrid cars and all-electric vehicles where saving power is more important – when the technology filters down to cheaper vehicles. Also one possible use for the technology is to dim the headlights by turning off some of the LEDs in the bank (according to the LED Wikipedia page it is currently impossible to create a single LED that takes more than 1W of power, so a bank of LEDs would be used). Currently you have a choice of using “parking lights” or “head-lights” when driving, and when driving just before sun-set or at night in the city (where the street lights are bright) you need head-lights to allow other drivers to clearly see you but don’t need them as bright as they have to be when driving at night in the country. So a range of levels of luminosity could be effectively used in headlights to increase efficiency in some situations and increase light levels in others.
According to the Luminous efficiency Wikipedia page current LEDs are up to three times as efficient as quartz halogen incandescent globes and future developments are likely to increase that to six times the efficiency. Combine that with more effective use of headlights to provide the light at the location and level that’s needed and the result could be using at little as 10% of the electricity for headlights on average!
Another thing that I would like to see is the Adaptive Headlights feature of the better BMWs (which I referenced in a previous post about the BM 5 and 7 series) implemented in a cheaper and more reliable manner. The feature in question is that the headlights will turn when driving around a corner to show the road ahead instead of just shining off the edge of the corner. Implementing such a feature with incandescent lights is difficult because they have to be physically turned and moving parts tend to break (which increases maintenance costs and decreases the overall reliability of the vehicle). An obvious alternate design is to have a set of LEDs pointing in different directions and which LEDs get power would determine where the light goes (this would also react faster than physically moving a light). Once LED headlights become common the Adaptive Headlights feature could be implemented in the cheapest cars on the road with minimal extra cost – currently it’s a feature that would be expensive to implement and would increase the sale price of a small car and probably the service price too.
A question that is often asked is whether to use SE Linux or a chroot to restrict a program.
In Unix chroot is a way of running a program with a restricted set of directories available (it used to be merely a sub-tree but with bind mounts it can be any arbitrary set of directory trees). A chroot can be implemented in a daemon (it can call the chroot(2) system call before it drops it’s privileges) or by a shell script (through the chroot(8) utility). The disadvantages of a chroot are that root can escape from it, a chroot process can see the existence of non-chroot processes (ps and similar programs work in the same way in all chroot environments), and inter-process communication is not prevented. One solution to this is to have an enhanced chroot environment (which typically requires a kernel patch) where the chrooted processes can not run ps without restriction and have other limits applied to what they are permitted to do (there are several kernel patches that implement such restrictions). In the early days of SE Linux development I implemented similar functionality in SE Linux policy (here is the paper I presented at Linux Kongress 2002).
Configuring a chroot environment is inconvenient. If it is configured in the traditional manner (copying files to the chroot instead of bind mounting the directories) then old versions may exist in the chroot after new versions with security fixes have been installed in the main environment.
SE Linux provides better security than a typical chroot environment by controlling all interaction between processes. It provides more flexibility than an enhanced chroot environment by being configured entirely by policy and not requiring a kernel recompile to change the way it works.
I believe that the correct thing to do is to cease using chroot entirely and use SE Linux instead.
|
|
