This is my discussion blog. The way it works is that when any pages in this wiki have a discussion page created for them, the discussion pages show up below. Also, any comments on my blog posts also show up here.

comment 7
Good piece of information regarding version numbers found in this article. It's very rare to have this kind of information because very few people have proper knowledge about version number and author of this article is one of those people. Use of these numbers in advance level of math is very important. However, I want essay writing service scams but this site have a lot of more posts for the learning of students.
Comment by noahlucas079
Update blog to tell about debuerreotype

Hello!

Please update this blog post. Many sites seem to link to it. It did raise a valid concern at the time it was written. Things have changes since, however.

Nowadays anybody can independently build the same Docker images as published under the so called official Docker Debian account thanks to the new build system using debuerreotype: https://github.com/debuerreotype/debuerreotype

Also, as a side note, if you want to have Debian images that are slightly more optimized for Docker in an opinionated way, you might want to check out https://github.com/jgoerzen/docker-debian-base

Comment by otto
kinda answered

Had a chat with Sesse about ASLR.

ASLR operates on a page basis, and with 4k pages that's why the lower bytes are zero. When mapping a program into memory, it's necessarily page aligned.

It does seem that it would be possible for binaries have their code be offset by some fraction of a page, but it would have overhead. Somewhere between the overhead of copying the whole binary's content into memory and the overhead of (non-dynamic) linking. And no executable pages could be shared between processes if that were done.

Comment by joey
comment 2

@larry which is the approach being used in the browsers, but seems very hard to prevent timing information being available to native code.

Comment by joey
Spectre mitigation
My possibly naive perspective is that Spectre is one of a large class of weaknesses based on incomplete virtualization/abstraction of the CPU. As others have pointed out, modern hardware emulates a simple abstract machine in terms of execution order and memory models, where the reality is actually quite different. The key item that is not abstracted is time. All side channels I know of (including the ones on which the Spectre work depends) require access to high-resolution non-virtual time. Take that away, reserve those high-res timers for privileged-mode only, and I think you'll find problems like this just disappear.
Comment by larry
comment 5

I've recently got a 2017 Lenovo Yoga 11 inch, which is actually a pretty sweet little netbook, fanless and light and a lot smaller than older 11 inch screen computers.

Comment by joey
development machine

Sorry that comment is off-topic for this post but I just found your interview at https://usesthis.com/interviews/joey.hess/. I was wondering what your current development set up is? Are you still using a little netbook?

I currently use a recent MacBook Air to develop Haskell but it can be fairly slow. I've recently set up a Ubuntu-based server on GCE which is quite nice to use (preemptible i.e. cheap) and their network is heaps faster than my network at home (ADSL2+). I'm unable to use local SSDs with preembible GCE instance and the performance of persistent SSDs isn't really as fast as I'd like. Therefore I'm considering buying a workstation (tower/server) to put on my local network with latest Intel i9, lots of ram (32/64G) and fast SSD(s), probably running linux or freebsd with ZFS but wondering if it might be overkill. I've gotten used to remoting-in (ssh) to my GCE server, so remoting in to a local workstation would present little problems, workflow-wise. I tend to use tmux and spacemacs (with intero). I like Atom and it's haskell-ide plugin but luckily I switched to Spacemacs a few months ago now. I still occasionally use Atom-Beta on my local MacBook and haven't tried X11 forwarding yet to see if that workflow would still be useable. I've got a bad back — from too much time crouched over a keyboard — and it's nice to be able to use a laptop (or network) as my primary interface to my workstation (or server-in-the-cloud) so that I can mix up my work environment i.e. stand up desk with large monitor, sit down desk (aka dining room table) or couch/sofa.

Appreciate any advice!

Comment by steven
beyond compile error

In an attempt to reproduce the generation of custom ARM images I did get compile errors.

The errors said what to do. e.g. change hasPassword into User.hasPassword.

This gives me a clean compile with propellor version 5.1.0

lime :: Host
lime = host "lime.example.net" $ props
    & osDebian Unstable ARMHF
    & Machine.olimex_A10_OLinuXino_LIME
    & hasPartition (partition EXT4 `mountedAt` "/" `setSize` MegaBytes 8192)
    & User.hasPassword (User "root")
    & Ssh.installed
    & Ssh.permitRootLogin (Ssh.RootLogin True)

Caveat: not tested on actual hardware

Comment by stappers
comment 2
I'm ok with either method for now, if it changes I'll let people know.
Comment by joey
comment 1
I currently donate via Patreon. Would like me to move to LP?
Comment by lamby
HOWTO OLE object collision?

Is it possible to make the both colliding PDFs as OLE objects with same hash? For example so when OLE object is embedded in any file then both objects can be interchanged without changing file hash?

Comment by Oto
long route examples
I think many people working on computers back then have such stories. My personal one involved a Pyramid Unix machine, connected on CSNET, next to an IBM 4381 mainframe, on BITNET, in the Office of Computer Services building at Georgia Tech. Transferring files electronically required using the CSNET/Arpa/BITNET relays, the latter which was either in Minnesota or New York. I can also think of examples even in the early 1980s when the easiest method to get files on modem-accessible machines was to find an old teletype and punch paper tape and then replay it on the second machine. What an improvement Kermit later was!
Comment by don
Great Idea!
Hey Joey, Thanks for the unintended push in the right direction. I've been following along for a little while now. I recently had the cooling fan in my UPS take a nose dive. Trouble is that the UPS is 24V and those little fans are costly (especially from the UPS manufacturer). It wasn't until reading this entry that it occurred to me. I have a pile of LM317 IC's I purchased years ago for a lighting project. I used one of them to build a small circuit that allowed me to use a 12 volt fan like this one ( https://www.12volt-travel.com/small-12-volt-fan-for-electronics-airflow-cooling-p-23647.html ) instead of a 24 volt fan. For R2 in the circuit I added a thermistor so the fan runs slower when the UPS is cooler, but speeds up when the UPS is charging and creating more heat. So far so good. Thanks again, Dan McEntire
Comment by macdanny
Nice Work

Hi Joey,

I read your blog for a few month now and it is great to see what you accomplished with your cabin. Keep expanding and blogging about it.

Greetings from Germany, Andreas

Comment by A.Steinel
discussion

re. protobufs - i think that would be an improvement: it seems like a good idea to decouple language-specific data structures from the protocol, if only to make debugging easier, but it seems like a good idea also to allow for better extensibility (e.g. writing different client/servers implementations)...

An interesting approach I have found is the language-neutral kaitai.io specification system. it's a YAML-like metadata description language that translates into multiple languages like Java, Python, PHP, Ruby, C++ but, unfortunately, not Haskell just yet. I find it an interesting alternative to protobufs because you are not bound by a certain data format - you can just write your own binary language (or port existing ones) by specifying its metadata clearly... --?anarcat

discussion

Not sure if you're aware of the Linux network emulation framework, but if not: https://wiki.linuxfoundation.org/networking/netem — that will let you simulate all kinds of terrible networks.