Category Archives: Computers

Miscellanious Computing

MPI-3 Forum Seeks Feedback from Fortran MPI Developers

Posted on by

In a posting to the Open-MPI development list Jeff Squyres has requested feedback from Fortran MPI developers on proposed changes to the bindings of MPI functions in MPI-3. He writes:

In the MPI-3 Forum, we’re working on revamping the Fortran bindings to be “better” (for a variety of definitions of “better”). There’s at least one question that we really need some feedback from the MPI Fortran developer community before proceeding. Craig Rasmussen from Los Alamos National Laboratory, chair of the MPI-3 Fortran Working Group, asked me to post a “request for information” to my blog and pass on the URL to every Fortran MPI programmer that I know

The URL of Jeff’s blog is http://blogs.cisco.com/ciscotalk/performance/comments/mpi-3_fortran_community_feedback_needed/. Please pass this on if you do know other Fortran MPI developers.

WordPress 2.8.5 released – security fix and hardening work

Posted on by

WordPress 2.8.5 has just been released:

As you know over the past couple of months we have been working on the new features for WordPress 2.9. We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought were worth back-porting to the 2.8 branch so as to get these improvements out there and make all your sites as secure as possible.

It includes a fix for a trackback DoS attack that’s apparently going on at the moment. I’ve updated the 3 blogs I look after with a quick svn switch http://svn.automattic.com/wordpress/tags/2.8.5.

Microsoft Silently Installs Firefox Plugins, Introduces Security Vulnerabilities

Posted on by

Oh joy, Microsoft have managed to introduce security problems into Firefox through a plugin for it that they silently install without your knowledge! 🙁

Along with .NET Framework 3.5 SP1, Microsoft have been silently installing a Windows Presentation Foundation Plugin that allows the embedding of XAML applications (an XML-based UI technology) in web pages, called XBAP (XAML Web App). The exploit is drive-by, meaning that the victim only needs to be lured onto a web-page for the attack to be effective. The only safe thing to do until a patch is issued, is to open Firefox’s AddOn Manager and disable the WPF plugin.

Mozilla might already have reacted to this, my brother (who alerted me to the above story) said:

Firefox popped up saying it’s blocking 2 Microsoft add-ons so they must be cracking down on them

Dear Microsoft – please do not stuff about with peoples web browsers that don’t belong to you, you’re just not qualified..

Quake 3 Arena – on the Nokia N900 ?

Posted on by

Wow, this is pretty impressive, there is a WIP port of Q3A to the Nokia N900 using the accelerometers to control movement and there are some videos up to see using the TV-out on the phone:

Someone even video’d a multi-player demo at the Maemo summit.. 😉

It’s not publicly available (for the moment at least) from what I can tell, a comment on YouTube says:

Currently not (“yet” I’d guess) – but remember that this is just a work in progress / feasability study – this is only a developer version that got distributed over the weekend during the Maemo Summit 2009 in Amsterdam.

Still, looks fun! 🙂

Lazyweb Questions After Reading the N900 Manual (updated)

Posted on by

Update: the document linked to below has either been removed or moved on the Nokia site, the link has gone 404. 🙁

OK, so I spotted that the PDF manual for the Nokia N900 was online and so I grabbed a copy of it to read through. Of course, like all user manuals, it talks about lots of bits and pieces but doesn’t go into the technical details for some decisions, so as a result I’m puzzling over a couple of points. They are:

  1. Can you charge the phone whilst it is off ? Might sound like a silly question but the Neo Freerunner has to be on to charge.
  2. Is the Offline mode the N900’s version of Flight Mode or Airplane Mode ? The manual says that you can’t make or receive calls, no wifi, etc. But it goes on to say that “Calls may still be possible to the official emergency number programmed into your device”. I’m guessing that means that if you try that it’ll power up the GSM modem for that call, but it’s just a guess. (Page 33)
  3. Why can’t the A-GPS service use Wifi ? The manual says that only “a packet data Internet access point can be used.”. (Page 77)
  4. Whilst saying that most updates can be installed using the N900 itself the manual also says that “an update using the Nokia Software Updater may sometimes be necessary”. This is Windows only software – any chance of a Linux version, or can something like dfu-util be used instead ? (Page 85)
  5. Does the N900 automatic time update use NTP, GPS or the GSM time information some carriers provide (or some combination) ? (Page 97)

If you’ve any ideas or inside knowledge on any of those points I’d love to know!

Response to Greg Black on ZFS & FUSE

Posted on by

Catching up on PLOA I noticed a posting from Greg Black bemoaning the lack of ZFS in Linux so I thought I should make a couple of quick points in response to it.

  1. The CDDL/GPL thing is just down to the fact that their requirements are incompatible (Sun based the CDDL the MPL), so you can’t mix that code. Just have to live with that.
  2. A major issue with ZFS is that there is ongoing patent litigation in the US between Sun and NetApp over it – it’ll be interesting to see what Oracle do when they finally take over Sun (assuming Sun doesn’t expire before the EU regulators comes to a decision on the takeover)
  3. ZFS-FUSE isn’t dead! Whilst Ricardo has stopped work another group has taken up the challenge and there is a new home page for it – http://rudd-o.com/new-projects/zfs – complete with Git repository (no more Mercurial, huzzah!).
  4. The ZFS-FUSE mailing list is active too, if you want to learn more.

Nominum Ignorant of Own Security History

Posted on by

Oh dear, so Nominum crop up on ZDNet decrying “freeware” (by which they probably mean open source) as bad and closed source as being good by saying:

Nominum software was written 100 percent from the ground up, and by having software with source code that is not open for everybody to look at, it is inherently more secure.

Because, of course, that security through obscurity approach works so well for people like Microsoft (have you patched the SMB2 remote admin attack on your Windows boxes yet?). They go on to justify this by saying that you should look at all the security patches that get applied to BIND et. al and contrast that with their own software.

Nominum has not had a single known vulnerability in its software.

Which would be almost impressive, if it were actually true, which it isn’t. That quote is from 22nd September 2009, but over a year earlier they had to release a security patch for their software (PDF document), because:

Cache poisoning allows an attacker to selectively control destination web sites for users accessing a compromised DNS. For example, if a cache entry for Google is poisoned, a user typing in www.google.com would not get the Google website but rather a site controlled by the attacker.

In fact it wasn’t just one piece of software they wrote that had a bug, it was two..

This vulnerability affects all customers using versions of CNS and Vantio released before June 4th, 2008 regardless of what features are being used.

So perhaps people in (smoked) glass houses shouldn’t try and throw stones…

Microsoft Hypervisor Code to be Removed from 2.6.33 ?

Posted on by

Chris Smart has pointed out an interesting little titbit in Greg K-H’s “Staging tree status for the .32 kernel merge” blog post:

hv (Microsoft Hyper-V) drivers. Over 200 patches make up the massive cleanup effort needed to just get this code into a semi-sane kernel coding style (someone owes me a bit bottle of rum for that work!) Unfortunately the Microsoft developers seem to have disappeared, and no one is answering my emails. If they do not show back up to claim this driver soon, it will be removed in the 2.6.33 release. So sad…

So after all that hope about MS releasing GPL’d code it turns out to be a one off code dump (presumably to get them out of a license violation hole otherwise they’d be showing more interest) with no intention of doing anything further with it.. 🙁

Great Quote on Early Computing

Posted on by

Found this great quote whilst reading up more about Alan Turing being the first person to really comprehend what a modern computer would be like, a quote by Howard Aiken (of Harvard Mark I fame) in 1956 (the year after Turing’s death):

If it should turn out that the basic logics of a machine designed for the numerical solution of differential equations coincide with the logics of a machine intended to make bills for a department store, I would regard this as the most amazing coincidence that I have ever encountered.

Luckily Turing was right and he was wrong.. 😉

Ext4 fall down go boom

Posted on by

After a reboot today whilst installing KDE 4.3.1 I noticed the following messages in my kernel (2.6.31-rc8) logs (courtesy of the KDE file watcher that was following /var/log/kern.log):

Sep 6 13:53:10 quad kernel: [ 142.842723] EXT4-fs error (device dm-7): ext4_mb_generate_buddy: EXT4-fs: group 287: 5812 blocks in bitmap, 5418 in gd
Sep 6 13:53:11 quad kernel: [ 143.452041] JBD: Spotted dirty metadata buffer (dev = dm-7, blocknr = 0). There's a risk of filesystem corruption in case of system crash.
Sep 6 13:53:11 quad kernel: [ 143.486915] JBD: Spotted dirty metadata buffer (dev = dm-7, blocknr = 0). There's a risk of filesystem corruption in case of system crash.
Sep 6 13:53:11 quad kernel: [ 143.486942] JBD: Spotted dirty metadata buffer (dev = dm-7, blocknr = 0). There's a risk of filesystem corruption in case of system crash.

That didn’t look too good, so I immediately did a “git pull” and happily found 2.6.31-rc9 was out so built that and then did a dual backup, rsync’ing to my local ZFS-FUSE drive (which takes snapshots so I can go backwards in time) and also an rsnapshot to a USB external disk. Then with trepidation I rebooted and found myself looking at an fsck error on /home due to shared blocks between an image and part of my local clone of Linus’s kernel git tree (d’oh!). Whilst the fsck got the filesystem mountable again it did result in not being able to view the kernel git tree due to missing files so I decided it was far safer to just revert to my latest backup, which worked like a charm (phew!).

Moral of the story – keeping backups is good – keeping lots of backups is even better, especially when running with release candidate kernels! 😉