The BFC Computing Weblog

I’ve written before about the limited usefulness of plausible deniability, especially in relation to software like TrueCrypt, a hard drive encryption program.

The gist of plausible deniability with TrueCrypt is this: You have multiple encrypted hard drive partitions. When your enemy forces you to reveal your keys, you reveal the low-cost key, and the enemy sees some data that he doesn’t care about and sends you on your merry way. The ‘real’ stuff you want to hide is still hidden.

This works if two conditions are true:

• The enemy doesn’t know you employ a product with plausible deniability
• The enemy can merely detain you

If those conditions aren’t true, you’re in big trouble. Say a violent group gets you and your data. They know TrueCrypt has plausible deniability, and they really want your data. You’re going to be tortured until they get what they want, it’s that simple, and ugly.

Now, the worst possible scenario is that you can’t give up ‘your data’ because it doesn’t exist. But only you know that. The bad guys think you have it and they know you have plausible deniability. You’re completely screwed.

For this reason I’ve been against plausible deniability systems for defending against all threats (yes, TrueCrypt would still be fine from hiding that porn you have stashed away on your home PC).

This changed when Cal Harding introduced the concept of Complete Deniability. That is, you can prove that you have no more plausible deniability.

Here’s how it can work: With TrueCrypt, you could have a utility that, once inside a locked data set, could be given a set of keys and ensure that those keys account for all readable data and all blocks of the storage device. Because TrueCrypt is open source, the bad guys can trust this utility to verify that you’re no longer hiding anything. They can review the source and compile it themselves, if they wish.

But, good news for you, you get to go home. Because even bad guys don’t like to waste their time and you’re not otherwise terribly interesting. Odds are you’re not getting your laptop back once the bad guys find your porn bank, though.

I was cleaning up my hard drive today and found some screenshots I took of websites on 9/11, in Apple PICT format. Less than 7 years later, those PICT’s aren’t viewable on OSX in the Preview application (the standard image viewer). Seeing as this OS came out in 2005, it was likely abandoned then. At the time I was running the latest version of Mac OS 9, judging by the screenshots.

So, less than 4 years of support for that presumably very common file format.

I’ve converted the pictures to PNG (Using Photoshop 7, which can parse them), which as an industry standard open format ought to be recoverable for some time to come.

This has been reason #687 to avoid proprietary file formats.

If you run across:

function "lexize" already exists with same argument types
          

in PostgreSQL, when adding tsearch2 to a database, even when you’ve created a fresh new database, you probably have a corrupt copy of tsearch2 in your template1 database, which is used to create your ‘fresh’ database.

To fix this, copy the uninstalltsearch2.sql somewhere temporarily (on a Fedora-derived OS it’s at: /usr/share/pgsql/contrib/uninstalltsearch2.sql) and remove the BEGIN; and END; transaction statements from the file, then run it against your template1, ala:

psql template1 < /tmp/uninstalltsearch2notransaction.sql

and it will go through and delete all of tsearch2. Expect some failure messages if it’s partially deleted already, this is normal.

Now you can load tsearch2 into your new database without complaints.

Apple has gone and done something really wrong in terms of security: they released a critical security update wrapped in a feature update.

So, Quicktime 7.5 is required to be protected from the most recently disclosed vulnerabilities. Problem is, as with every other n.X release of Quicktime, it’s buggy. No doubt 7.5.1 and 7.5.2 will be along in a few weeks’ and months’ time, but until then your only choices are to run with miserable choppy playback or to stay vulnerable to disclosed security problems.

This is a really bad idea. There should have been a 7.4.x rev for security as well as a 7.5 with those security fixes.

Ouch.

Every flash-enabled web browser without a Flash-blocking feature (ala NoScript) is vulnerable to remote compromise.

Having this much exposure completely controlled by one proprietary 3rd-party closed-source vendor is bad for the ecosystem. There’s a Free Flash clone underway, but it’s not good enough to replace Flash for many sites that require Flash, and many sites now require Flash.

Please, website designers: Stop hurting the web. Make sites that can be used without Flash, and add all the glam you want around it. Because Flash isn’t an open standard this problem will always exist. AJAX and SVG can accomplish all or most of what Flash can do, and any talented designer can figure these out.

Update: Adobe has updated their info, and it appears the very latest version (9,0,124,0) is not exploitable, thus this is not zero-day, and I didn’t need to publish this article. Title was: “0-Day Flash Vulnerability In The Wild”.

Photos of Jeff Bonwick of ZFS fame and Linus Torvalds of Linux fame. Turns out that they’re neighbors and Jeff was just helping Linus hook up a new gas grill. (j/k)

ZFS is the ‘one filesystem to rule them all’ but it can’t be brought into the Linux kernel because of patents and licenses. ZFS is licensed under the CDDL, which gets it into FreeBSD and OSX, which are BSD and thus compatible with the CDDL, but not into the Linux kernel, which is GPLv2. If Linux were GPLv3, it would be possible for Sun to also license ZFS as GPLv3 and the twain could meet. However, Sun doesn’t really need to bother if Linux isn’t going to do it.

Note that a cleanroom implementation of ZFS could be GPLv2-compatible, but since it’s not CDDL-based the code wouldn’t have patents grants. “Sun Sues Linux Kernel Developers, News at 11” helps nobody.

I wrote on the ZFS list that having ZFS as a de-facto standard would lift all boats, and help Sun sell Thumpers. Assuming Jonathan dispatched Jeff to broker a “I’ll show you mine if you’ll show me yours” with Linus, we can look forward to the day when digital cameras come with ZFS flash cards instead of FAT32. And that the current owner of the FAT32 patents would be further isolated is really a key point.

Blaine Cook, formerly of Twitter, reminds folks that architectures scale, not languages.

Some folks have been complaining recently that RoR doesn’t scale, yet sites like Yellowpages.com know how to do architecture and do just fine with it. This isn’t to say that Ruby and Rails both couldn’t be faster and better optimized for scaling, but ‘going wide’ should be easy with a good architecture.

The claim of request uniqueness in Twitter’s case is an illustration of an architecture challenge. I’m always amazed how well Slashdot does with that same problem.

In the past I’ve covered security problems in various software packages I don’t use or recommend, and I haven’t been doing that for some time, but I don’t think I wrote a note to that effect. Going forward I’ll try not to replicate the work US-CERT is doing and avoid pointing out anything less than problems that are highly out of the ordinary, like the recent debian OpenSSL problem or where official channels are just simply too slow.

I attempted to summarize what Gartner’s Research unit does based on their own webpage. I failed. Check it out here.

So, the other day I was thinking about what Gartner actually does. In a former life as an IT drone we had a love/hate relationship with Gartner, which was really just whether we agreed with their assessments or not. IIRC, at the time they were recommending doing new development work in Visual Basic, now a discontinued language. We thought that was crazy, and it was, but I never bother to figure out why they were doing that. Here’s what I’ve come up with:

Gartner watches what the beta geeks are doing. The alpha geeks have no need for Gartner, they figure stuff out. Beta geeks watch the alpha geeks, and usually can’t afford to buy Gartner. When the beta geeks start to embrace the stuff the alpha geeks are doing, it’s time for Gartner to write a report predicting that whatever technology is the aim of the report will start to gain in popularity and is a solid bet. (Because they’re predicting the past this is a good strategy for being correct.) The beta geeks have already validated them for this, but the readers of their reports are the gamma geeks (which strains the term ‘geek’) and that audience doesn’t deign to talk to the beta geeks and would have trouble communicating with the alpha geeks, who have already moved on to new technology by time Gartner delivers their report.

This has value to the middle managers of America. They benefit, Gartner benefits, the beta geeks benefit from some validation of what they’re doing. The only people who this hurts are the alpha geeks who work for the companies that buy the Gartner reports, as whatever they want to do is not recommended by Gartner. So, they quit and go work for companies who are not Gartner’s customers.

Overall, this isn’t an awful arrangement, and may even benefit the whole IT ecosystem. It is interesting to study their niche from an anthropology perspective.

Update: Bob Cringely has a perspective on Gartner.

People are a tizzy about some ‘magical’ technology NBC got Microsoft to put into its Zune to prevent ‘unauthorized’ episodes from playing. Of course, a he-said, she-said spat ensued, and they’re probably both lying. Anyway, this magic isn’t, it’s just watermarking. It’s well-defined how to make this unnoticeable and non-trival to remove. NBC just adds watermarking to the shows before they air, the Zune detects the watermark, and refuses to play the file unless there’s also an authorization key.

The trick with this approach is that it’s 100% DRM; hardware player support is required, and any other player will not have a problem. Also of note, this does nothing to stop copying, it’s just a revenue-enforcement model and is anti Fair-Use.

Nah, neither GE nor Microsoft would do something like that… good on Apple for refusing to play Evil Ball.