Alan Burlison's Work Related Ramblings

All | General | Java | NetBeans | Perl | Solaris
Main | Next page »

20081101 Saturday November 01, 2008

Multicore cobblers

Found this article on the BBC website about multicore computing. It's written by Andrew Herbert, who seemingly is the head of Microsoft Research in Cambridge. It's just about the biggest load of cobblers I've ever heard about multiprocessing, which has been around forever and is pretty well understood - well, except by Microsoft it appears. Here's a flavour:

A multi-core computer can learn what I'm like- and what I like- and through speculative execution, start making educated guesses about how I want to travel and what I want to do next. Like the perfect PA, the computer will be able to anticipate and know what I'm about to do, even before I do. This has important implications in internet search- our window on the world.

Scary.

Posted by alanbur ( Nov 01 2008, 10:46:03 AM GMT ) Permalink Comments [0]

20080214 Thursday February 14, 2008

Kicking both tyres together - VirtualBox and Indiana

I saw Tim's announcement that Sun were acquiring innotek. innotek provide VirtualBox, which what Tim described as a "high performance type 2 hypervisor". For people who aren't virtualisation wobbleheads, that simply means that it gives you the ability to run operating system on top of another. The host operating system runs on top of the x86 hardware, you run VirtualBox as an application on top of that. VirtualBox emulates the hardware that a guest Operating System needs to run, so that you can run other OSs on top of your host OS. This is in contrast to xVM (Xen), which runs on top of the bare hardware, with the installed OSs running on top of it.

I pulled the Solaris beta binary from the downloads site and had a play with it. The VirtualBox admin GUI is very easy to use, and it was quick and easy to set up a VM to install a copy of Windows XP on top of Solaris - my workstation is running Nevada build 82. Most everything seems to work really well, the only exceptions being sound, which I believe is not implemented yet, and the Solaris/XP file sharing, which seems a little flaky - it works OK for viewing and editing files created on Solaris, however creating new folders from XP works but reports errors, and you can't see the resulting folders in XP. The other nit is that seamless mode doesn't work quite right if you have a dual-monitor (TwinView) setup - details are here.

The other big news this week has been the release of Indiana Preview 2, AKA OpenSolaris Developer Preview 2. Stephen was gently nagging me last week to take a look at Indiana. I didn't want to futz with my machine config as I've just freshly installed build 82 on it, so I decided to see if Indiana2 would run under VirtualBox - and it does.

First you need to make sure you allocate enough memory for Indiana - I set the memory size to 512Mb, and the video memory size to 32Mb. After installing Indiana and rebooting the VirtualBox VM there's a couple of kernel warnings on boot, one about MPO being disabled because the virtualised memory is interleaved and another about their being no randomness provider for /dev/random. The other thing is that Xorg came up by default in 16-bit mode, which caused VirtualBox to complain, although a little tweaking of xorg.conf solved that.

I also figured out how to get the Indiana screen resolution up to 1280x1024 - you need a tweaked xorg.conf, and before you start your VM you need to run VBoxManage setextradata Indiana CustomVideoMode1 1280x1024x32 - replacing "Indiana" with the name of your VM, and note that "CustomVideoMode1" ends in "1" (one) not "l" (L).

The biggest nit is that the virtualised network device used by VirtualBox requires the pcn driver, and it isn't redistributable, which means in turn it isn't part of Indiana. I grabbed a copy from build 82 (the latest SXCE) and installed it into the Indiana image, rebooted and NWAM brought the interface up. If you want to do this yourself, here's the steps:

  1. Get access to the contents of the SXCE ISO image from inside your Indiana VM. Use the VirtualBox Virtual Disk manager (File -> Virtual Disk Manager) to make either the DVD or ISO image available to your Indiana VM.
  2. Extract the files from /Solaris_11/Product/SUNWos86r/archive/none.bz2 - this is a bzip2ed cpio archive.
  3. As root, copy pcn and pcn.conf to /kernel/drv in your Indiana VM.
  4. Run add_drv -i '"pci1022,2000" "pci103c,104c"' pcn to install the driver - note the quotes are important!
  5. Reboot your VM. After rebooting, ifconfig -a should show you now have a working pcn0 network interface.

And of course, if you are worried about brickifying your Indiana VM by doing this, you can always use VirtualBox's snapshot facility to make sure you can roll everything back if something goes wrong.

One important not however: the resulting Indiana VDI image is NOT redistributable, because of licensing restrictions on the pcn driver.

Once I had the Indiana image up and running under Solaris, I copied it onto a Windows XP machine, imported it, attached it to a Solaris VM , started it up and had a preconfigured instance of Indiana running under WinXP, which I thought was kinda neat. I haven't tested it on Linux but I'm sure this would work there too, as well as on OS X. So all you people who have been putting off taking a look at Indiana because it would mean rebuilding your machine now have no excuse :-)

Update - the ae driver

There is an open-source and redistributable alternative to the pcn driver, the ae driver. This is available at http://homepage2.nifty.com/mrym3/taiyodo/ae-2.6.0a.tar.gz#../ae-2.6.0a.tar.gz. The driver tarball contains installation instructions. To make it accessible to your VM, it needs to be made into an ISO image that you can mount into the VM, using the Devices -> Mount CD/DVD-ROM menu of your VM. To make this a little easier I've prebuilt an ISO of the driver tarball which you can download from here. I haven't tried this driver myself, if you use it, let me know how you get on.

Posted by alanbur ( Feb 14 2008, 01:36:58 AM GMT ) Permalink Comments [16]

20080207 Thursday February 07, 2008

Facebook: do I get to say "I told you so?"

Just noticed that slashdot is running a story on Facebook applications and data privacy:

Privacy activists are rallying around yet another major issue at Facebook, in which the company is secretly sharing user data with third parties. Researchers from the University of Virginia recently announced that in a study of the top 150 Facebook applications, more than 90% were given access to information that was not needed to function correctly. That Scrabble or Superpoke application you really like? Its developers get access to your religion, sexuality and home town.

The slashdot article links to articles at The University of Virginia and news.com. The University of Virginia article says that 90% of the top 150 Facebook applications request personal data that they don't need in order to function:

When Jane installs a Facebook application, the application is given the ability to see anything that Jane can see. This means that the application can request information about Jane, her friends, and her fellow network members. The owner of the application is free to collect, look at, and potentially misuse this information. The Facebook Terms of Use agreement tells application developers not to do this, but Facebook has no way of finding out or stopping them.

I'll merely point out that I already told you so :-)

Posted by alanbur ( Feb 07 2008, 08:26:17 PM GMT ) Permalink Comments [0]

20080118 Friday January 18, 2008

Facebook faces privacy questions

Just noticed this report on the BBC News website:

Facebook is to be quizzed about its data protection policies by the Information Commissioner's Office.

The investigation follows a complaint by a user of the social network who was unable to fully delete their profile even after terminating their account. Currently, personal information remains on Facebook's servers even after a user deactivates an account.

Facebook has said it believes its policy is in "full compliance with UK data protection law".

"We take the concerns of the ICO [Information Commissioner's Office] and our user's privacy very seriously and are committed to working with the ICO to maintain a trusted environment for all Facebook users and ensure compliance with UK law," said a statement from the site.

That'll be me they are talking about...

Posted by alanbur ( Jan 18 2008, 11:27:21 PM GMT ) Permalink Comments [1]

20080115 Tuesday January 15, 2008

Number problems

I've just been looking at my son's maths homework, which is from the CGP Year Six Maths Workbook - Year Six in the UK is kids who are 10 to 11 years old. Here's the question:

a) How many hundreds in 4695?

I can think of four possible answers, depending on how you interpret the question:

  1. 6, i.e. the hundreds digit of 4695 is 6
  2. 600, i.e. the hundreds component of 4695 is 600
  3. 46, i.e. 100 goes into 4695 46 times, with 95 left over
  4. 46.95, i.e. 4695 ÷ 100

From previous experience with these books, it could be any of the first three possibilities, although the last one is an equally valid interpretation. No wonder the standard of maths in UK primary schools is so poor, if they have to use such frankly awful source material. Here's another example, from the next page:

Solve this problem.

17 × 6 + 98 ÷ 25 × 301 - 21 + 113 =        

If you think the answer is 1376.92, i.e. (17 × 6) + (98 ÷ 25 × 301) - 21 + 113, you'd be wrong. The answer they seem to be expecting is 2500, i.e. ((((((17 × 6) + 98) ÷ 25) × 301) - 21) + 113). I know that's the case because the kids aren't allowed to use calculators, so the answer will be an integer value. So much for the rules of operator precedence...

p.s. Thanks to @kangcool for spotting the maths error in the original version ;-)

Posted by alanbur ( Jan 15 2008, 09:25:41 PM GMT ) Permalink Comments [3]

20080104 Friday January 04, 2008

Facebook: and so it begins...

I just came across this security advisory via The Register. A malicious Facebook application is using social engineering techniques to persuade people to install spyware/adware on their machines:

What happened is reasonably straightforward, sadly. The tremendous success and lightning fast expansion of Facebook (which, albeit resorting to debatable strategies as noted in a previous roundup, is undeniable) empowered the social networking giant with an impressive user base. Needless to say, in a digital world where web traffic equals money, such a user base attracts spammers, virus/spyware seeders, and other ethic-less online marketers like honey would attract flies.

I'm absolutely certain that this is just the first swell of an approaching tidal wave of Facebook malware. It isn't even a particularly clever example - it would be far more effective to use a Facebook application to harvest personal information whilst apparently offering a useful service, and then use the data elsewhere and/or at some time after the application was harvested. That would make it far more difficult for people to draw the connection between the harvesting app and the subsequent misuse of their personal data.

Currently there are more than 12,000 Facebook applications registered in Facebook. All you need to add an application to Facebook is an API key, and you can get one of those in seconds from the Facebook site, with no checking whatsoever by Facebook. The only mechanism Facebook seems to provide to 'protect' its users from malicious applications is a requirement that developers click on a checkbox to agree to Facebook's Developer Terms of Service. There's no vetting of the person applying for the API key, or of any applications they write.

After my previous experience of fighting with Facebook to get my account closed I'm not in the least bit surprised at their cavalier attitude to Facebook application security. I'm also doubtful that they have the resources necessary to vet 12,000+ applications even if they wanted to, and even if they did there's nothing to stop someone registering a benign version of the application and then activating the malign part after the application has been accepted.

I wonder if there's a need for an application that shows people just how much information they are agreeing to hand over when they install a Facebook application?

Posted by alanbur ( Jan 04 2008, 12:12:44 PM GMT ) Permalink Comments [0]

20071226 Wednesday December 26, 2007

How to leave Facebook - followup 3

On the 14th December the UK Information Commissioner's Office set me an update on my complaint about Facebook's refusal to remove your data when you try to close your account. Here's what the ICO said:

I write to let you know that I am in the process of arranging a meeting with Facebook to discuss a number of privacy related issues. One of these is exactly that you have described in your enquiry. Since this would appear to be a policy Facebook apply to all user accounts, it would be useful if we could use your enquiry as an example of where the ICO believes Facebook policies may be unlikely to comply with the provisions of the Data Protection Act 1998. It certainly appears that the answers you were given by Facebook do not exactly tally with their response to the story on Channel 4.

I believe that by discussing your case with them in the context of their general approach to privacy and personal data, this will assist Facebook in the process of ensuring that all their policies are compliant with the Act and all their users are treated fairly rather than simply achieving compliance in response to individual complaints.

So the ICO clearly believe that Facebook don't comply with the Data Protection Act, and they want Facebook to have a reasonable policy for allowing account closures, rather than forcing people to have to fight to get their accounts closed on a case-by-case basis, as I had to do. Hopefully the process of closing your Facebook account will become much easier in the not-too-distant future.

Posted by alanbur ( Dec 26 2007, 11:39:12 AM GMT ) Permalink Comments [6]

20071205 Wednesday December 05, 2007

OpenSolaris jobs in Manchester

We've just posted two job adverts for people to come and work on the web infrastructure that runs opensolaris.org These are both based in Manchester, UK, working from Sun's office. If you are interested, please submit a CV here or here. Both roles are identical, so it doesn't matter which link you use :-)

Posted by alanbur ( Dec 05 2007, 02:23:38 PM GMT ) Permalink Comments [0]

Here Comes Another Bubble

Someone posted this one one of the internal Sun email aliases. As someone who's 'virtual place of work' is the Bay Area, I found this absolutely hilarious!

Posted by alanbur ( Dec 05 2007, 12:31:03 PM GMT ) Permalink Comments [1]

20071130 Friday November 30, 2007

Facebook privacy roundup

Steven Mansour has written a nice roundup of various articles and blog entries about Facebook's stance on privacy. What is interesting to me is not so much the concentration on Facebook, it is that there seems to be a growing awareness of the importance and breadth of privacy issues amongst the general public, at least in the UK. Although I'm sure in the UK the cause of that interest is mainly because of our hapless government rather than Facebook, it is heartening to see people starting to think about the issues around online identity and data privacy.

Posted by alanbur ( Nov 30 2007, 10:16:42 AM GMT ) Permalink Comments [1]

20071129 Thursday November 29, 2007

A whiff of Garlik

Ages ago I signed up for a free trial of an "online identity protection" service provided by Garlik. They have an impressive list of managers and advisors , including the founders of online bank Egg, a CS professor at a UK university, and Tim Berners-Lee - whoever he is ;-)

Their website describes their service as follows:

At Garlik we believe you have the right to control and protect your personal data. With our range of products and services we aim to:
  • Give power back to you. We give you the tools to manage your personal information.
  • Help you keep track. You can monitor your personal information online.
  • Stop data abuse. With total visibility of your online data profile there's less chance of abuse.
  • Keep you in the spotlight. Data security doesn't mean hiding yourself away. You decide how much or how little of your information is available online.
  • Offer you comfort and assurance. With your personal data under control you can use the web without the worry.

I haven't used it very much, so I thought I'd close my account. I couldn't find any obvious way of doing this, but what I did find in their 'Help' pages is this:

What happens to my details if I cancel my subscription?

Your information will be held on our database in the event that you wish to re-subscribe at a later date. But we will no longer search for or retrieve new data about you.

Which looks to me like it is in breach of UK Data Protection law - something I am mildly clued up on after my recent clash with Facebook. And it is all the more ironic that Garlik claim they are going to help you protect your online data.

Update

I emailed Garlik to point out the discrepancy between the above and the following statement in their Privacy policy:

To request that we close your account and remove your information from the Garlik service, please send your request to XXXXXX-AT-garlik.com. Please send your request using an email account that you have registered with Garlik in your name. You will receive a response to requests sent to XXXXXX-AT-garlik.com within three business days of our receiving it.

I've just got the following reply from them:

Thank you for your email and for drawing our attention to the discrepancy in the wording between our Privacy Policy and the FAQ in our original trial version of DataPatrol.

Our actual policy is in line with the wording in our Privacy Policy and upon cancellation of your subscription your personal information will be removed from the Garlik service. We will therefore update our FAQ accordingly.

A quick, reasonable and totally satisfactory response, and a complete contrast to the attitude of Facebook. Well done Garlik!

Posted by alanbur ( Nov 29 2007, 10:44:28 PM GMT ) Permalink Comments [0]

20071127 Tuesday November 27, 2007

The Government of Wonderland - followup

Following on from my previous rant about the UK government "misplacing" the personal data of 25 million of the UK's citizens, it seems that I'm not alone in my dismay about their proposed "solution" - the National ID Card scheme. A group of six respected academics have written to a Parliamentary committee expressing their disquiet about the proposals:

Furthermore, biometric checks at the time of usage do not of themselves make any difference whatsoever to the possibility of the type of disaster that has just occurred at HMRC. This type of data leakage, which occurs regularly across Government, will continue to occur until there is a radical change in the culture both of system designer and system users. The safety, security and privacy of personal data has to become the primary requirement in the design, implementation, operation and auditing of systems of this kind.

The inclusion of biometric data in one's NIR record would make such a record even more valuable to fraudsters and thieves as it would - if leaked or stolen - provide the 'key' to all uses of that individual's biometrics (e.g. accessing personal or business information on a laptop, biometric access to bank accounts, etc.) for the rest of his or her life. Once lost, it would be impossible to issue a person with new fingerprints. One cannot change one's fingers as one can a bank account.

The story has been picked up by both The Register and that bastion of liberal thinking (!) The Daily Mail.

Posted by alanbur ( Nov 27 2007, 11:40:29 AM GMT ) Permalink Comments [0]

20071122 Thursday November 22, 2007

The Government of Wonderland

In that direction," the Cat said, "lives a Hatter and in that direction lives a March Hare... They're both mad."
"But I don't want to go among mad people," Alice remarked.
"Oh, you can't help that," said the Cat: "we're all mad here. I'm mad. You're mad."
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
Alice didn't think that proved it at all.

Lewis Carroll, Alice in Wonderland

Unless you've been living under a rock for the last few days, you must have heard that the UK Government has managed to lose the personal details of 25 million people. I've just been listening to Newsnight, and Jeremy Paxman was interviewing the hapless minister who was wheeled in to put his head under Paxo's axe. One of the questions asked was "Does this mean the end of the plans for a UK National Identity Card System?". The answer literally made my jaw drop. "No, because if we had everyone's biometric data, it would be much safer". WHAT??!! Unlike bank details, biometrics can't be changed - a point that was actually made by one of the other interviewees prior to the minister's imbecilic comments. How on earth would increasing the amount of sensitive (and in the case of biometrics, irreplaceable) data they collect make it "safer"?

The fact that the people responsible for losing the data actually believe that this tale of mind-boggling incompetence can actually be used to JUSTIFY collecting more of it is utterly, utterly astounding. It is quite frankly terrifying that a group of people who have decided they are going to force us to register on a National ID Database are so completely clueless about both the technology, its implications and the potential abuses of the data they are insisting we give them.

I think as a result of this cock-up of all cock-ups, the storm of protest against ID Cards is going to make the Poll Tax unrest of the 1990s look like a vicarage tea party.

Posted by alanbur ( Nov 22 2007, 12:05:37 AM GMT ) Permalink Comments [1]

20071120 Tuesday November 20, 2007

How to leave Facebook - followup 2

See here and here for the backstory to this post.

I've had a reply from the UK Information Commissioner's Office saying that they are looking at my complaint, so things are moving there too. It also seems that I've sparked some interest in this topic, and it has been picked up by a couple of other sites:

Posted by alanbur ( Nov 20 2007, 01:08:01 PM GMT ) Permalink Comments [0]

20071119 Monday November 19, 2007

How to leave Facebook - followup 1

The electrons were barely dry on my last post when I received an email from TRUSTe about the problems I'd had getting Facebook to close my account; the interesting bit is below:

Thank you for submitting your privacy complaint through the TRUSTe Watchdog Dispute Resolution program. The TRUSTe Compliance Team has reviewed the details of your complaint and we have determined that it is a valid privacy complaint. We have contacted www.facebook.com on your behalf and have outlined the steps necessary for proper resolution.

So my advice to you if you are having problems getting Facebook to close your account is to submit a complaint to TRUSTe.

Posted by alanbur ( Nov 19 2007, 07:31:35 PM GMT ) Permalink Comments [1]