2012-11-18
Posted in Computers, Gaming, Personal, PlanetDebian at 21:11 UTC (+0000) by sven
As some may have noticed, Google launched something that is unusual for the company: A game. A mobile alternate reality game, to be precise. See allthingsd article for a bit more information. In my opinion this game is most interesting to people who are mildly interested in geo-caching. You spend most of the gaming time either looking for the right “portals” (geo-location that is an interesting place for one reason or another, many located at sculptures, murals or (more scarcely) interesting local businesses), or trying to solve the puzzles that appear in the game itself or on http://www.nianticproject.com/. I was one of the beta testers and really enjoy the game, especially in areas with more players.
As the game is most fun when people coordinate a bit, I started a google group for the munich area for one of the two teams (the enlightenment), but I will only let people enter that group who can be verified to be on that team.
On a side note: I still have a few invites to the game left, so if you are interested, please leave a comment and enter your gmail.com email address (you need a Google account to play anyway) while doing so. I will send out invites in the order I received the requests (which I admit might not always be the same in which they were submitted. First come first serve and no guarantee to get an invitation though. Your email address you enter when commenting isn’t shown to anyone and I don’t share them with anyone but the game (and thus Google).
EDIT: So short time went past, but I already ran out of invites (note that I didn’t approve comments that really only were like “please send me an invite”, but still did sent one out). Feel free to still ask me for an invite, I will send some out as I get new ones, but this might take anything between a few days and some weeks.
PS: For the lucky ones who got invites: You don’t strictly need to do the training offered when you start the game for the first time, but I strongly encourage you to do so.
PPS: I’m opening my group to any enlightened players in Germany. I will share some useful information about some game details there in the near future (nothing company confidential of course, just information anyone can gather in the game or from the published information).
EDIT: As noted before, I don’t have any more invites to give away. As I still get like 4 requests for invites per day, and now have more than 30 unfulfilled requests pending (with no new invites to give in sight), I’m now disabling comments.
Disclaimer: I work for Google since a few months ago, but this post solely represents my own opinions and hasn’t been endorsed by Google in any way.
See also No related posts
Permalink
2012-08-14
Posted in Computers, IT-Security, Personal, PlanetDebian, Random links at 16:46 UTC (+0000) by sven
It seems that the UK government recently passed a law that makes it illegal to be unable to decrypt what the law enforcement entities think is encrypted:
From http://falkvinge.net/2012/07/12/in-the-uk-you-will-go-to-jail-not-just-for-encryption-but-for-astronomical-noise-too/:
But it’s worse than that. Much worse. You’re not going to be sent to jail for refusal to give up encryption keys. You’re going to be sent to jail for an inability to unlock something that the police think is encrypted. Yes, this is where the hairs rise on our arms: if you have a recorded file with radio noise from the local telescope that you use for generation of random numbers, and the police asks you to produce the decryption key to show them the three documents inside the encrypted container that your radio noise looks like, you will be sent to jail for up to five years for your inability to produce the imagined documents.
This is just insane.
Edit: The law was created several years ago, but the blog post somehow made me think it was more recent.
See also Steve Kemp’s weblog » Blame it on rock and roll
See also Re: voting on sponsorship
See also Microsoft Windows Vista – They did it all wrong
Permalink
2012-04-20
Posted in Personal, PlanetDebian, Random links at 11:26 UTC (+0000) by sven
I came across this article today and really found it noteworthy:
http://online.wsj.com/article/SB10001424052702303815404577335783535660546.html
Original title: Why Airport Security Is Broken—And How To Fix It
Kip Hawley, TSA head from July 2005 to January 2009, writes about how the current TSA procedures came into being, how he failed at some of his goals (to make the checks less annoying) during his involvement and what could be done to fix procedures. I especially liked these points:
By the time of my arrival, the agency was focused almost entirely on finding prohibited items. Constant positive reinforcement on finding items like lighters had turned our checkpoint operations into an Easter-egg hunt. When we ran a test, putting dummy bomb components near lighters in bags at checkpoints, officers caught the lighters, not the bomb parts.
(also quoted on LWN.net)
And this one:
The public wants the airport experience to be predictable, hassle-free and airtight and for it to keep us 100% safe. But 100% safety is unattainable.
I think the most important thing he mentioned is the fifth and last of his action items to improve both experience by passengers and security:
5. Randomize security: Predictability is deadly. Banned-item lists, rigid protocols—if terrorists know what to expect at the airport, they have a greater chance of evading our system.
He got it nailed there, in my opinion: If security measures are predictable, the loopholes in it are also predictable, so you basically give attackers a handbook of what to avoid when planning the attack. This, by the way isn’t limited to physical security and air travel, but also applies to IT security (though it is much easier to hide your IT security measures and make them somewhat unpredictable that way, then it is to do so with physical security and passenger screening on airports.
See also No related posts
Permalink
2009-07-07
Posted in Computers, Personal, PlanetDebian, rant at 10:57 UTC (+0000) by sven
Oh well, I think RHELs support for multiple architectures installed at the same time (and thus the same support in CentOS) really needs some rethinking.
While the following might not be able to happen with the default installation media (I didn’t verify), it still can happen if you run your own mirrors and actually need both architectures listed in your yum repositories…
Anyway, what happened today is just one example of how the multi-arch support caused problems for me:
On a Xen Dom0, I needed to apply a kernel upgrade (from 2.6.18-92something to 2.6.18-128something) and as a result, a reboot. At this point you should memorize that the old kernel worked quite fine and all I did was a yum update followed by a reboot. A procedure I did on quite a number of Dom0 machines in the past weeks.
Well, the reboot this time didn’t work, the kernel halted after printing:
request_module: runaway loop modprobe binfmt-464c
Well, reboot again, select old kernel, systems boots fine….
What happened was that both the x86_64 and i686 versions of the old kernel was installed, so yum update updated both, probably first the x86_64 version, then the i686 version (but I didn’t check). Well, while for the old kernel, grub booted the x86_64 kernel with the x86_64 initrd, for the new kernel it tried to boot the i686 kernel with the x86_64 initrd. (verified by unpacking the initrd and the vmlinuz kernel image and running file on the binaries therein)
Now the big question is: How could the stupid yum/rpm/postinstall script system end up doing this? It is supposed to warn about conflicts if two packages ship different versions of the same file AFAICT, but there is no way the i686 and x86_64 versions of /boot/vmlinuz* could be identical. So there should have been a warning about this. And after that, how come the mkinitrd tool doesn’t even try to check wether the kernel architecture and that of the initrd binaries match? It happily packed 64bit binaries and 64bit kernel modules(sic!) when run against a 32bit kernel….
OK, enough of my frustration….
I really wished I had to maintain not RHEL/CentOS machines but Debian (based distro) machines here at work. Unfortunately, that won’t happen for various reasons…
While the bi-arch support in RHEL/CentOS is helpful in many ways, RPM and the way bi-arch works on these distros caused almost as much trouble to me already as it helped avoid.
See also Unifying config file syntaxes with nesting
See also Why is VoIP/SIP so hard?
See also init script generators
Permalink
2009-06-22
Posted in Computers, Personal, PlanetDebian at 08:45 UTC (+0000) by sven
I seem not to post anything but links lately, but anyway,
Eddy Petrișor has a post about transitioning from lilo to grub2 (considering usage of LVM).
Romain Beauxis writes about what he dislikes about git (or probably most distributes version control systems) when it comes to team-maintained packages, to which Martin F. Krafft responded with an interesting post that puts some aspects of distributed versioning into a more balanced perspective then Romain had. After all though, I agree that there are uses to DVCSs which make sense (like being able to commit while not having any sort of connection to the “central” repository). However, I still think that relatively small “projects” like maintaining Debian packages have more to gain from the central repository then from the ability to commit while not connected. That is, at least as long as upstream doesn’t use a DVCS already, in which case there are other benefits from using the same DVCS, like easily pulling in upstream changes.
David Welton posted about a small script that swaps virtual desktops (please note that you will need to enable javascript to actually see the script).
While not technologically new to me, this post by David Pashley about copying files with netcat was a nice summarization of how to do it (and why it is sometime preferable over scp or rsync, plain or over ssh). One of the comments refers to mbuffer, which might also prove useful if you need really high speeds (>200MByte/s) or want some more advanced buffering options. The pv tool (alias Pipe Viewer) might be of interest to meter the throughput.
Phil Hands writes about getting an USB stick to boot (certain) ISO images with the help of grub4dos.
See also Link collection 2009/03
See also Link collection 2009/05/18
See also Unifying config file syntaxes with nesting
Permalink
2009-05-18
Posted in Computers, Personal, PlanetDebian, Uncategorized at 14:06 UTC (+0000) by sven
That’s it for now, will update the post if I find more interesting links in the next few days.
See also Link collection 2009/03
See also Another link collection 2009-06-22
See also Dual boot and full encryption – Part 2
Permalink
2008-10-08
Posted in Personal, PlanetDebian at 12:16 UTC (+0000) by sven
Anand Kumria wrote:
If IBM were to go bankrupt, would the government step in? Unlikely. Investors would lose (money), staff — another word for investors — would lose (jobs), but customers would win (their computers would keep working). Some customers would win more than others (especially those who had the equipment on lease); if no one is collecting, why pay?
I’m wondering here where Anand got the idea that once a company went bankrupt, that you don’t need to pay to that company anymore. When a company goes bankrupt, at least in Germany the following happens: A trustee/liquidator is selected. This liquidator is then collecting the information who owes money to the company and who still needs to get (how much) money from it. The liquidator also has to check the option of selling company assets (which might include the contracts of customers that still have to pay) to fulfill the debts of the bankrupt company. After he turned all assets into money, the money is distributed among those who still have to get money from the bankrupt company.
Anyway, regarding his main argument that the (average) customer of a company (bank in this case) should never have to pay for the failed speculations of that company, I somehow have to agree with him. Someone putting money into a regular bank account or papers with fixed interest rate should never lose his money. But there are also customers buying bank shares with a chance of higher revenue than with fixed interest rate papers. These should suffer from failure of the bank management, as they more or less explicitly wanted to be tied to the success (or failure) of the bank.
However, this is mostly irrelevant, since the failure of so many “investment banks” has side affects that might cost the average inhabitant of the affected countries even more than the discussed rescue plans. One of these effects is that the banks are now much more conservative regarding lease and mortgage plans, effectively leaving many home owners with no option to fulfill previous obligations (remaining debt after a previous mortgage expired can’t be refinanced by a new mortgage), causing them to have to sell their homes to pay the first mortgage. This is in some way stupid because this causes people who were perfectly paying their mortgage rates to loose their house, while the bank which would be giving them a new mortgage could get a new and good customer, improving their income. On the other hand, if the other side effects of the current crisis cause those “good” mortgage customers to loose their jobs, they might turn into bad customers who are unable to pay their rates. All in all, this is a spiral that could cause the whole economy to break down (a small example: The bank is not giving out mortgages, so no one will build new houses so the builders loose their jobs so they don’t pay their mortgage rates anymore,…. – over simplified, but still shows what I mean). Unless the spiral is terminated in time, before too drastic things happen.
All in all, I do understand why the politicians try to rescue those banks (or at least the customers of those banks), though I think that in an economy with slightly higher regulation, there wouldn’t be the need for such a rescue plan. I know there are some german banks affected by the crisis as well (among them Hypo Real Estate and others), but the average private customer of such banks shouldn’t loose money due to the regulations we have in place.
In general, there should be some security fund which makes sure that private customers never loose money put into regular bank accounts or fixed interest papers, vice-versa, banks should calculate mortgages so that they can be pretty sure their customers are actually able to pay off their rates – it doesn’t make sense if someone starts off having to pay 500$/month for their mortgage and has to pay over 1000$ a few years (as in 2-3 years) later, because the bank raised the interest that much. I have no problem with people loosing money from shares of banks or other companies directly or indirectly through investment funds.
See also Ingress
Permalink
2007-12-27
Posted in IT-Security, Personal at 16:24 UTC (+0000) by sven
Leider hat unser geschätzter Bundespräsident Köhler das Gesetz zur Vorratsdatenspeicherung unterzeichnet. Daher rufe ich hiermit jeden dazu auf, Widerstand gegen dieses Gesetz zu leisten. Wie man das (legal) machen kann, steht unter anderem auf o.g. Webseite.
See also No related posts
Permalink
2007-10-22
Posted in Personal, PlanetDebian at 13:56 UTC (+0000) by sven
I really dislike posts like (sorry AJ, you are just one example) AJ Towns blog post
“Some fun”. What I dislike? Well, the post lacks critical information: Which slashdot post inspired him? What data is he talking about? How did he turn the data into those graphics?
Sorry AJ, your post is just the latest example of this style of post, and I really got frustrated over such posts, this is not meant as a personal attack.
Edit:
So to make my wish clear: Please, fellow bloggers, don’t assume that your readers are following your favourite web resources as closely as you do (and with the same specific interests). Explicitly say what you are writing about, reference resources needed to understand what you are doing, at least give readers a chance to find out what you did.
In AJs case, it would probably have been enough to reference the /. article or comment which inspired him.
See also Ingress
See also Rescueing files from lost+found
See also Link collection 2009/03
Permalink
2007-10-17
Posted in Computers, Personal, PlanetDebian at 15:03 UTC (+0000) by sven
Since I never really found a nice overview of which CPU flags (see /proc/cpuinfo) mean what, so I gathered some information using the web, with the most notable sources being the BOINC FAQ entry on CPU Register Acronyms at [1] and the output of the nice little (though seemingly mostly unmaintained) cpuid utility. See my results at [2]. Any suggestions for enhancements and completions are highly welcome, just leave a comment to this post.
[1]: href=”http://boincfaq.mundayweb.com/index.php?language=1&view=176
[2]: http://blog.incase.de/index.php/cpu-feature-flags-and-their-meanings/
See also CPU feature flags and their meanings
See also Why is VoIP/SIP so hard?
See also another vote
Permalink
« Previous entries Next Page » Next Page »
