* Posts by Christian Berger

4850 publicly visible posts • joined 9 Mar 2007

Drowning in code: The ever-growing problem of ever-growing codebases

Christian Berger

Well it's a sign of the crapularity

We do essentially the same things now as we did in the past, but with a lot more code. More code means more bugs resulting on the every day experience that computers don't work very well.

There is some hope that this comes in waves, like the terrible software we had in the 1990s being washed away by obsolesce and good ideas like the UNIX philosophy becoming more popular again. It may we that we are just in a current wave of that.

However if we aren't and the current trend continues, we might be heading towards a "Crapularity", a singularity of crap, where the systems around us keep failing and nobody can mend the mending apparatus as in E.M. Forster's "The Machine Stops"

The successor to Research Unix was Plan 9 from Bell Labs

Christian Berger

There is one important legacy from it...

and that's UTF-8 which strips away multiple layers of complexity when dealing with international texts. There are now a lot of cases where you can just handle text as text, not having to worry about whether the characters inside of it are hieroglyphics or Arabic characters.

Google bins integrity API that looked more than a bit like horrible DRM for websites

Christian Berger

Fraud is not the issue they want to solve with it

For Google the more pressing issue is that there are other browsers. Things like HTTP/2 or HTTP/3 essentially make it harder for new competitors to enter the browser market. Just imagine a browser that is truly "Free", one that is not controlled by a large corporation, one every user could modify in a meaningful way. That would greatly shake up the status quo. Things like "noscript" wouldn't be an extension, but something browsers would ship by default. Browsers would ship common files like Google Fonts by default, robbing Google of valuable access data.

I mean Google has no reason to care about "ad fraud". The whole business is a cestpool of fraud. It simply doesn't matter if the ads are actually displayed or not.

Digital Millennium Copyright Act celebrates a quarter century of takedown notices

Christian Berger

It's an attempt at turning back the time

Instead of trying to find innovative ways to get money to creators, the DMCA just tries to turn back the time to the 1970s, claiming that it can keep people from using computers. Essentially they try to maintain business-models that make no sense in the computer age.

In some areas, like mobile phones, they even succeeded, making manufacturers lock down their systems so users no longer can easily upgrade to another operating system. That is why there is so little progress in that field.

Nuclear-powered datacenters: What could go wrong?

Christian Berger

Re: All good...

I believe the technical term for those "thermal events" is "Cloud migration".

Dump these insecure phone adapters because we're not fixing them, says Cisco

Christian Berger

I once was able to test them

... they are almost comically bad.

I mean one of the main tasks of such devices is to capture 20ms of audio samples, package them into a RTP frame and then send them. There's more to building a good ATA, but that's the most basic thing you need to do.

Of course, since they are running normal operating systems, there is a bit of jitter to be expected, so if you compare the expected time of arrival to the actual time of arrival you should see some noise, in a histogram that should resemble a normal distribution close to zero. So the error is more likely to be between 0.1 and 0.2 ms than between 10.1 and 10.2 ms. It may be overlaid by a steady rise or fall because your sampling rate is not precise, but any half decent ATA will compensate for that.

The adapter I've been able to test had a "box shaped" distribution... and to make matters worse, the culminated error rose in discrete steps. Each one of those steps means that not only you will have a glitch in your audio, but also very likely that your modem connection will break. I have no idea how on earth they managed to make their device that bad.

China again signals desire to shape global IPv6 standards

Christian Berger

It actually doesn't matter which megaorganisation wants to controll the Internet

I mean we also see "NEW IP" movements from the west, with Big "Tech" wanting to take over essential services like DNS or the Web.

It doesn't matter if those organizations are motivated by greed or the desire for control, we need to oppose it.

The obvious way to do so is to avoid complexity. Simple protocols are easier to implement. That means you have more implementations and less control from big organizations.

Plain IPv6 is a good step in that direction as it simplifies a lot of things. For example there no longer is a need for NA(P)T which eliminated the need for workarounds for it. You can have end-to-end connectivity which eliminates the need for central servers. You could build things like messaging systems without any need of an organization operating it.

Titanic mass grave site to be pillaged for NFTs

Christian Berger

Yeah, but by NFT logic...

... I can prove that nobody was harmed when the Titanic sank.

There are immutable pieces of paper that were distributed thousands of times that claim "TITANIC SIKNING ; NO LIVES LOST"

https://www.huffpost.com/archive/ca/entry/titanic-headlines-in-vancouver-got-it-very-wrong-photos_n_4178419

Then there is this Italian movie, distributed in immutable DVDs to thousands of people, The Legend of the Titanic (1999). This movie claims that nobody died, as the octopus that was responsible for the ice berg being in the way, saved them all.

It's not like any "Blockchain" is more authoritative than a random newspaper or a movie, except in the eyes of some idiots.

Worried about your datacenter carbon footprint? Why not put it in orbit?

Christian Berger

I'm not sure if they have ever seen a rocket launch

Considering that you need huge rockets filled with propellant that will be turned into CO2 and water in minutes just to send up a shipping container full of equipment, I doubt that this will ever be able to offset the environmental cost of producing electricity on earth.

Also on earth you can just use solar power and wind to power your datacentre.

Elon Musk issues ultimatum to Twitter staff: Go hardcore or go home

Christian Berger

Why would anybody accept this?

...except for maybe those people who are to bad at what they do to not find a new job quickly?

I mean, Twitter isn't infrastructure. If it vanishes tomorrow few people will even notice.

Windows 11 runs on fewer than 1 in 6 PCs

Christian Berger

It actually could be much less

Such services typically determine market shares by trying to run 3rd party Javascript in browsers. Since running extensions like noscript is correlated with running Linux or *BSD, those operating systems are likely under represented in those studies.

There is a good point for this, heise.de, a website mostly browsed by people at work (=>much higher Windows percentage than global) still has lower numbers for Windows than those statistics.

Micro molten salt reactor can fit on a truck, power 1k homes. When it's built

Christian Berger

How does one secure it?

I mean, sure it might be meltdown-proof, but what if someone goes there and either just takes the reactor with them or plants a bomb next to it.

Considering there are decent amounts of radioactive materials inside of it, using it as a "dirty bomb" seems a plausible scenario.

Engineers on the brink of extinction threaten entire tech ecosystems

Christian Berger

Simply put: There aren't many jobs in that area

For example Germany has jettisoned most of its non-automotive companies in the last few decades. There are no solar companies or communications companies any more. Those that do exit have outsourced most of their technical aspects. Most of what's left is in the automotive industry, but you don't want to go there.

To be honest my decision to study electrical engineering was mostly influenced by it's use as a hobby.

COVID-19 contact tracing apps were suggested as saviors. They sometimes delivered

Christian Berger

Well we knew that their use was rather limited

However, at least in Germany they actually have turned into a beacon of hope, but not in the way one would expect.

The German tracing app CWA (Corona Warn App), not only followed the minimal standards you would expect, like having public source code for the app, no they have public source code for all components including public documentation on the rationale behind the scheme they used.

And the design was very decent trying to keep the advantages without compromising privacy. Essentially it was done in a way you only had to expose yourself when you got tested positive.

Now the main point of criticism was that it was hugely expensive... until the Luca App came along which claimed to do the same thing, but was developed a lot less competently yet charged a similar amount. While the CWA people actively engaged with the security community, for example by giving talks at hacker conferences, the Luca people only complained that people were complaining about basic defects of it.

Semiconductor average lead time breaks half-year barrier

Christian Berger

Pasives are not semiconductors

Particularly not resistors, inductors and capacitors.

Passives are more or less defined by not being semiconductors. (there are of course exceptions and gray areas)

IPv6 is built to be better, but that's not the route to success

Christian Berger

Uhm... no

Unless you are really good at converting numbers from decimal and binary and back, IPv4 is much harder.

With IPv6 you no longer have to have inconvenient things like /26 networks, you can put the division between the network and the host addresses at convenient 4 or 16 bit boundaries.

Also most people don't have enough IPv4 space to even give every building its own address, let alone each VLAN... unless of course you are talking about LAN. In that case it doesn't really matter if you use IPv4, NetBIOS or IPv6, or any mixture of them.

Christian Berger

Re: IPv6 is actually there in the home user worls

Well I'd say much of the home users already run on IPv6 particularly as many ISPs ran into trouble getting IPv4 addresses. CGNAT is really expensive to do in scale, so many ISPs try to shift as much traffic to IPv6 as they can.

Christian Berger

Re: NAT is telling us something important

What would actually be much harder to implement than IPv6 leading to even more problems.

Clouds do it, as the cost of an IPv4 address is rather high compared to the cost of running a VM. If your customers allow you to get away with having their servers behind NAT, that can greatly increase your profits.

Christian Berger

It's more a problem of the web really

What we have seen in the last 20 years or so is a shift, first from the Internet to the web, then from a decentralized web everyone can participate easily, to a small web of large platforms.

Essentially the Internet for most users is now just like 1990s "Online Services". Instead of AOL Keywords you have Google search words. Everything discourages you from making your own website.

What we should do now is to find new exciting ways to use end-to-end networks. New services which do not need centralized components.

Imagine, for example, an instant messaging protocol running on IPv6. In order to connect to another user, you both scan a QR code displayed by the other user. This way each side gets the public key of the other side, as well as the current IPv6 address. Regularly (e.g. every n minutes) the devices send pings to each other, updating their IP-address if they changed. In case a connection is lost, one could add a re-establishment protocol via SMS.

Avira also mines imaginary internet money on customers' PCs

Christian Berger

Nobody expects that kind of software to do anything other than...

...waste CPU cycles. After all the only remotely sensible feature (scanning for known bad strings of octets) is only semi-useful so vendors try to proof maths wrong by trying to find out if code is "good" or "bad" by just looking at it.

Secure boot for UK electric car chargers isn't mandatory until 2023 – but why the delay?

Christian Berger

Well why bother with it at all?

I mean after all those are devices where actual security is more important than any kind of security snakeoil. Just build them in a sturdy and locked case and have decent hardware interlocks to prevent bad things from happening.

If bad things can happen from errors in the software, secure boot will not help you much, as in order to change the boot process, you already need very high privileges. On the other hand, the charge process, which can cause harm if interfered with, has to have interfaces so the outside world.

Analogue tones of a ZX Spectrum Load set to ride again via podcast project

Christian Berger

Well the requirements of loading data overlap with the requirements for audio

Essentially audio tape formats in the home computer era work by storing pulses on the tape. This was done in order to keep the hardware simple and to be able to deal with extremely horrible tape decks running at the wrong speed.

If you manage to keep a pulse vaguely coherent, you will be able to get the data through. This is also called a linear phase response, or a constant group delay. This isn't as important for general audio, so back in the analogue days people didn't take the effort of doing so.

Now since everything is digital, it's easy to have filters with linear phase response.

Also any general purpose audio codec has very little reason to mess with the phase, so the data will likely go through given sufficiently high bit rates.

BTW back in the analogue days there was a variety of ways to deal with non-linear phase responses which you could have when the audio was transmitted via television or the radio. The WDR Computer Club (West Germany) had a device which would cup off the overtones of the tape signal. That way they didn't need to care as much about what the overtones contributed to the signal. In (communist) East Germany, the solution was to broadcast the signal in stereo, loud on one channel and with 10dB attenuation on the other one.

Don't rush to adopt QUIC – it's a slog to make it faster than TCP

Christian Berger

I have actually just learned that HTTP-Request pipe-lining is actually used... in between the inbound proxy (a.k.a. load balancer) and the web server... which means that if there is any problem in that (e.g. a POST method with a wrong Content-Length field) you will be able to break into other peoples sessions.

Christian Berger

Well if Latency was such a problem with web browsing, why do people...

a) put images on different domains

b) load Javascript from different domains

c) not use HTTP-Request pipe-lining

d) not use inline resources

?

It seems to me that the "problem" of latency is mostly caused by web designers having no clue what they are doing.

Christian Berger

It's not meant to be faster

After all TCP/IP is already reasonably quick. The main incentive behind QUIC is to cause complexity. For a company like Google complexity is something very valuable as it keeps competitors away. The basic idea of an Internet, where a single person can implement all relevant protocols in their spare time is a threat to the Googles and Facebooks of the world. For them the goal is to have a closed web, with Facebook providing the authentication, Google the indexing and Cloudflare the actual content distribution. To them you are not supposed to run your own web server.

That's why they never address the actual problems of the Internet, like the necessary complexity of web standards. Instead of slimming them down to something reasonable, more and more questionable APIs get added. Browsing a website now is a security risk as Javascript malware can exploit the unavoidable security holes inside of highly complex systems like browsers.

Kubernetes a black hole of unpredictable spend, according to new report

Christian Berger

Some time ago I listened to a talk from one of the Kubernetes proponents

It was a talk about security issues, and when it came to the issue of over boarding complexity often caused by Kubernetes he said that there is a difference between "what people want" and "what people need".

Seriously if you want complexity maybe you shouldn't work in IT, and area where complexity is the main problem.

When software depends on a project thanklessly maintained by a random guy in Nebraska, is open source sustainable?

Christian Berger

Those things happen all the time

Essentially many important projects are "maintained" by a single person. The IANA used to be a single person.

Christian Berger

Re: "Fix it"...?

"You are erroneously assuming, as a programmer/techie, that every business house had the ability in terms of technical wherewithal to just open up the source code and make it their own."

Well if your business depends on software you cannot maintain yourself, maybe you should not be doing that business. It's like running a restaurant without having staff that can cook. It's like running a factory without a mechanic on hand.

Christian Berger

That's why Free Software needs to be small

And that's why the Unix philosophy works so well with Free Software. If your program is small and simple enough that someone can just take the manual and re-implement it from scratch, the software is truly free. If your software package is huge and it takes dozens of people just to maintain it, it cannot be free.

BTW this has nothing to do with funding. Mozilla, for example, is a hugely overfunded company which could hire hundreds of programmers for decades on a singe year of income. Yet they let their main "product" fall into disrepair.

It's 2020 and a rogue ICMPv6 network packet can pwn your Microsoft Windows machine

Christian Berger

I wonder where the myths about IPv6 came from

I mean IPv6 is not inherently more complex than IPv4, in fact it's much easier in many regards (like stateless auto configuration for networks without DHCP).

My guess is that it's because of the "hype" people which crammed more and more "experimental and optional" (read unused) features into it like "IP Mobility" or "NAT64" or "NAT46". However nobody really uses that. In reality IPv6 is not much different to IPv4. It's a separate network sharing some infrastructure, it codifies some nifty ideas you have in IPv4 in a cleaner way (e.g. your local nameserver should always listen to a fixed local anycast address so you don't need to configure it). Nobody uses those advanced features except for experiments.

If you think Mozilla pushed a broken Firefox Android build, good news: It didn't. Bad news: It's working as intended

Christian Berger

There are 2 main underlying problems here:

1. Mozilla doesn't care about its users. They fail to understand what they exist for and instead work against the user.

2. Web standards are so utterly complex, that it's impossible to write a truly free browser. The code of browsers is to complex for a single person or small group to make meaningful changes. The code is, in a way, unfree, but not because of license, but because of complexity.

Foreshadow returns to the foreground: Secrets-spilling speculative-execution Intel flaw lives on, say boffins

Christian Berger

Re: Question

Servers are not the problem here. Servers can be secured physically and they typically only run "trusted" code. (=code that you deliberately installed)

The main issue here is with browsers. Browsers continue to have a missfeature that allows people to send code with their documents. The figleaf is that "sandboxes" will prevent that from getting dangerous. Ignoring for a moment that the mere act of computation on a client can be an attack, this is yet another example for sandboxes failing in more or less unexpected ways.

We must stop using sandboxes as an excuse to do highly dangerous things. A sandbox can be an additional barrier against exploitation, however it is not a cure all that allows you to execute random malware.

What is WebAssembly? And can you really compile C/C++ to it? And it'll run in browsers? Allow us to explain in this gentle introduction

Christian Berger

I should add that...

...we now have a new pre-fetching attack that works with WebAssembly.

Linus Torvalds drops Intel and adopts 32-core AMD Ryzen Threadripper on personal PC

Christian Berger

Virtually all competent IT departments...

... offer Linux desktops, and particularly more technical departments readily gobble them up.

It's just that incompetent IT departments are far more common than competent ones.

Record-breaking Aussie boffins send 44.2 terabits a second screaming down 75km of fiber from single chip

Christian Berger

Actually it's even more impressive

It's not just DWDM on a chip, it's OFDM on a chip. The carriers can be much closer together relative to their bandwidth than on DWDM as they are all coherent and have a well defined distance. Essentially the neighbouring frequencies will interfere with the middle one, but those interference patterns will cancel themselves out over a symbol period.

Honestly I do not think this will require a lot of rack space. After all this is "just" 422 times as much as already established 100 Gbit/s and this can apparently is compatible with CMOS, so you could even place your routing logic on the same piece of silicon.

Google rolls out pro-privacy DNS-over-HTTPS support in Chrome 83... with a handy kill switch for corporate IT

Christian Berger

Well the idea is...

that there may be countries somewhere, where your ISP is less trustworthy than Cloudflare. Of course this doesn't apply to Europe where your ISP could easily get shut down if they were caught exploiting your DNS traffic, whereas Cloudflare only makes a non-enforcable "promise" that they won't mess with your queries.

Apple owes us big time for bungled display-killing cable design in MacBook Pro kit, lawsuit claims

Christian Berger

Well at least they were cheap...

Mac books are cheap, aren't they?

FYI: Your browser can pick up ultrasonic signals you can't hear, and that sounds like a privacy nightmare to some

Christian Berger

Well yeah...

yet another reason not to execute code from untrusted sources like advertisement companies. We really should be working on getting rid of executable code on webpages.

Serial killer spotted on the night train from Newcastle

Christian Berger

It is perfectly adequate technology for this

After all that is just a sign that can display text. Serial lines are more than adequate to get the data there. This probably uses something like RS-485 which works much better for long lines, but is otherwise nearly identical to "normal" serial lines. Also it works over normal twisted pair and doesn't need higher grade cable you would use for Ethernet. BTW you can run such a system in a unidirectional mode so an attacker on the bus can eavesdrop and modify the data, but not access the master.

I mean this makes a lot more sense than what a German railway company did, using Windows PCs to directly drive their station signage... with the obvious result that eventually they were hit by ransomware.

NASA's classic worm logo returns for first all-American trip to ISS in years: Are you a meatball or a squiggly fan?

Christian Berger

BTW they use a somewhat different logo in Germany

https://www.nasa.de/

Planet Computers has really let things slide: Firm's third real-keyboard gizmo boasts 5G, Android 10, Linux support

Christian Berger

It doesn't protect the screen

So whenever it is dropped there is a serious chance of cracking the screen. Why on earth did they copy that design flaw from Apple?

Microsoft staff giggle beneath the weight of a 52,000-person Reply-All email storm

Christian Berger

Wait Microsoft has E-Mail?

I thought they'd only have Outlook and Exchange.

How does Monzo keep 1,600 microservices spinning? Go, clean code, and a strong team

Christian Berger

Banking isn't really a highly computational process

For example on average there are only around 1300 credit card transactions per second in the US. While this may sound like a lot, it's probably less computation than playing an MP3 file takes.

Of course there is _way_ more database activity, but we live in an age where storing your database in RAM or on fast flash memory is feasible.

To put this into context, every fixed line call in Germany has to go through a complete lookup of the portability database. That's a database listing every number that has ever been ported. That's millions of datasets. The lookup works with a simple barely optimized program which rarely takes more than a millisecond to look up a dataset, even on a very modest computer.

BSOD Burgerwatch latest: Do you want fries with that plaintext password?

Christian Berger

Re: Surprised they don't use *NIX

"I wouldn't have thought there would be much reason not to do something like that as a web app, that way anything with a recent browser from a single board computer (such as a Pi) to a full on workstation costing thousands could be powering the screen."

Yes, but web standards change very quickly, and web developers always want to have the newest technology to fail in. Also web browsers are hugely complex systems (more complex than operating system kernels) which are therefore likely to fail in inpredictable ways.

I think the problem is that we do not have propper "graphical multimedia terminal" standards. Sure we have VT100 to which we have added truecolour and mouse support, but if you want to display a photograph or play a sound, your choices are severely limited.

If only 3 in 100,000 cyber-crimes are prosecuted, why not train cops to bring these crooks to justice once and for all, suggests think-tank veep

Christian Berger

It's an insane idea

First of all, it's extremely easy to do something and pin the blame on someone else. Want the Russians to be the culprit, buy a Russian PC to develop your code on and leave Russian language clues. Attribution is basically impossible, unless you are dealing with stupid people.

Then there's the whole area of side effects of doing this. If you want to make attribution easier you have to make sure that things like anonymous communication disappear. This endangers large groups of the population, from whistleblowers to homosexuals. Probably even people like security analysts.

Third it doesn't fix anything. The security holes are still there. If they are not used by criminals they probably are used by "Lawfull" organisations.

In short it's an insane idea, not well thought out and based on assumptions which have been proven wrong many times.

Voyager suffers a power wobble as boffins start the final countdown for Spitzer

Christian Berger

Re: Incredible

Actually there were some firmware updates.

Remember when Europe’s entire Galileo satellite system fell over last summer? No you don’t. The official stats reveal it never happened

Christian Berger

Actually Galileo has reached its most important goal

Since the planing of Galileo both Russia and China have created their own satellite-based navigation system. Most mobile phones today support all 3 fully operational systems now, and they are all operated by different entities meaning that even if one decides that Europe is evil, there are still 2 other systems.

'Trust no one' is good enough for the X Files but not for software devs: How do you use third-party libs and stay secure, experts mull on stage

Christian Berger

There actually was a talk about this problem at the 36c3. The proposed idea for a solution against that was to mark your library "Geek-Code"-style to indicate if you see it fit for use for security critical things.

A typical example would be a crypto library someone started because they wanted to experiment with it. Of course one could use it for serious things, however since it wasn't meant for that there could be serious issues with this. Nevertheless releasing such code may be beneficial for some as a demonstration device.

Christian Berger

Re: It's actually not that hard

"Are you suggesting using CSVs because they are "standard"?"

No of course not, I'm suggesting that because in 99% of the cases it can be done in a very simple way. Often you don't need the ability to have the delimiter character in your data fields, you can simply replace it with another character or reject that input as invalid.

For example if you just have nummerical values, scanf can easily read that for you. With slightly more effort it can also read space delimited colums of strings.

Even if you need arbitrary data, there are way simpler ways then the "Windows CSV". Just use no quoting and add an escape character. That way your parser only needs to read in the input character by character and only have 2 modes. The first is the normal mode, the second is the "after escape character" mode.

One of the worst examples for how you can mess up a simple format is probably the "Windows CSV" which adds things like quoting which makes parsing very hard.

XML and JSON may have their advantages for complex and dynamic data structures. However one rarely needs that. Relying on standards is not always a good idea, particulary when you need more code to use a separate library than an implementation of your own parser would need.

A good summary of the state of the art is here:

http://www.catb.org/~esr/writings/taoup/html/ch05s02.html

Christian Berger

It's actually not that hard

Although you can never be 100% safe, you can always lower your risk by lowering your dependencies.

For example, if you have a simple list, using XML or JSON adds complexity without providing value. If you use simple delimiter separated files you can often use standard library features to parse such a list.

Beware of environments where adding a new dependency is simple. Adding a dependency is a potentially dangerous thing to do, think before you do it, think before pulling in code that adds new dependencies.