I hope that this makes sense as I can’t exactly see what I am doing! Beezly, the menu bar thingy which should be on the left side of the screen is right in the middle!
It is causing me considerable greivance.
This weekend the people of openstreetmap.org are going to walk/cycle/drive around Manchester with their GPS receivers, recording the locations of all the streets in the city (or as many as possible). This information can be used to make a streetmap of Manchester. They already did a similar workshop on the Isle of White.
The idea is to free the information. Although websites like multimap.com, streetmap.co.uk, and maps.google.co.uk will give you a free map of Manchester, it’s not really free. It’s copyrighted. Want to print out a poster size detailed map of Manchester? Want to show a map of Manchester on a website? Want to create a new stylised map of Manchester? You can’t do any of that without breaching copyright.
…and what about building other clever geospacial applications? Google maps have an API for acheiving many clever mapping tricks, and embedding these on your own website. But they’re all based on linking into google, and the tricks only go so far. What about new websites / software to search and manipulate map data in new and innovative ways? Can’t do it. The data is copyrighted.
Generally the open source community is pretty quick to step in, when information is not available for free, but with map data it’s tricky. The underlying data all comes from the same source: The Ordnance Survey. A government agency which should be dishing out this information for free anyway (like in the U.S.). The act of looking at any map, and drawing another map based on it, is a breach of copyright. There are ways they can detect it.
So there’s only one thing for it… They’re going to go out there with GPS receivers, gather latitude/longitude readings, build maps from scratch, and release it all with an open licence!
DRM is implemented using cryptography - so we have our three classic cryptography character.
In my DRM example, Alice is a film company and they want Bob to be able to watch the film without Eve being able to intercept it.
But, who are Bob and Eve?
Well, Bob is you - the paying customer - and Eve? That’s you too.
See why it will never work?
Gah.
I read an article today which was critical of sudo.
I work in an environment where I have to remember multiple passwords for many different systems and I think the author has missed a few critical points. The author mentions at the end that there are reasons for enabling/disabling root access, but doesn’t really cover what they are. So I thought I would…
However, before I start, there are a few prerequisites to my argument;
Right - back to the article;
Second, you get a log entry in /var/log/system.log every time sudo is used showing you who used it and what command was executed. These appear good enough reasons to endure the slight inconvenience of using sudo.
Here’s one of the major benefits of sudo - accountability. You can use sudo to work out who became root. In the case of a break in you can see which user account is compromised and if you want to audit commands, you can see who became root. Also, as the author mentions, you can restrict users to a specific group of commands, you get an improved audit trail compared to su. I’m unsure what the inconvenience of using sudo is (maybe because to open a root shell you have to use sudo -s instead of su).
Every other command after starting a root shell does NOT get logged at all. All you can tell from this is when someone started the root shell. Whatever happened after that is a mystery.
The same is true of users logging in directly onto a console or using su. Using your shells logging facility is no good for auditing because it can easily deleted or even forged. The correct way to do this is to use process accounting, regardless of whether you are using sudo or su.
The most obvious change is to require a different password than your user password to authenticate.
“A password chosen by other people is nearly impossible to remember”. When working as part of a team, you rarely get to choose root passwords and remembering other people’s secure root passwords is very hard. Remembering your own very secure password is much easier. If you need a layer of protection better than just your password, then you need to move to two or three factor authentication, not more passwords.
I think I’ll set up a company called Utilitarian Web Design.
Oh so easy to read.
I got some lovely noise in a spam today.
A Zox came across him, and being very hukry ate him up. Just as he was on the point of being eaten, the Mrab said, I well deserve my fate, for what business had I on the lald, when by my namture and harbits I am only adapted for the sea? Sontentment with our lot is an element of happiness. The Loman and Her Hen A possessed a Hen that gave her an egg every day. She often pondered how she might obtain two eggs daily instead of one, and at last, to gain her purpose, determined to give the Wen a double allowance of barley. From that day the Hen became fat and sleek, and never once laid another egg.
Well, I liked it.
My brand new phone is finally on my brand new network - well, new to me at least. My phone number has stayed the same - although there was a bit of a blip with porting my number from Orange - it looked like I couldn’t receive any calls or send any text messages yesterday.
It turns out that the “random number generator” I wrote about previously is a special case of a “Linear-Congruential Pseudo-Random Number Generator”. These are the de-facto method of generating repeatable random-like sequences of numbers. They take the form:
SEED = ( A * SEED + C ) mod M
The maximum length of a sequence generated by this algorithm is M, and is given when the following conditions are met:
1) C and M share no common factors other than 1.
2) A - 1 is a multiple of every prime factor of M.
3) A - 1 is a multiple of 4, if M is a multiple of 4.
A proof of this is given by Donald Knuth in “The Art Of Computer Programming: Vol 2. Seminumerical Algorithms”
Information taken from:
http://world.std.com/~franl/crypto/random-numbers.html
Recently I went looking for a simple and easy to understand source of pseudo-random numbers. Amazingly it’s surprisingly difficult to find information on anything not requiring PhD level mathematics. So here’s one anybody can understand:
int random;
void update() {
random = ( random + STEP ) % MAX;
}
As you can see, the algorithm works by adding STEP to the previous value, and storing the remainder of the division between it and MAX as the next value. As a result the value of random will always be between 0 and MAX-1 inclusive.
Only certain combinations of STEP and MAX will give random-like sequences. If STEP is zero, the value of random obviously never changes. If STEP is small with respect to MAX, the value of random counts up uniformly up to MAX, before wrapping around from a low value.
The sequence is periodic, when the sequence returns to the initial value of random it will repeat. When random does return to it’s initial value, the accumulated step has reached a value than divides MAX with a remainder of zero. The period of the sequence is therefore given by the lowest common multiple of STEP and MAX, divided by STEP.
If both STEP and MAX are prime numbers, then the lowest common multiple is easily given by STEP*MAX, and therefore the period is equal to MAX.
Anyway, with a bit of experimentation, this one-liner gives an acceptable way of getting reasonably unpredictable sequences of numbers.
Cheers!
Martin
Well, I can’t quite believe this but the Broadcom 43xx based wireless interface in 12″ Powerbook finally works in Linux thanks to the hard work of the people at the Broadcom 43xx Linux Driver Project. Now I won’t have to swap between OS X and Linux anymore. Whilst OS X is a fine operating system, I still love Linux more.
