fcheblog  -

2011-12-28 08:05 | fche blog tech cacert root distribution license

It appears that CAcert believes it can bind people to this license in order to redistribute their public root certificate. IANAL, but there seems little basis for that. A public key / certificate is just a few computer-generated numbers: no creative spark, so does not appear to qualify for copyright protection. They are by necessity public (or else the essential cryptography wouldn’t work), so no trade secret protection. They are not a process or invention, so no patent protection.

So what’s left? Legalese blurbage protection, whereby Powerful Words impress and frighten.

2011-12-19 10:25 | fche blog tech automation reassurance

Freshly released is this investigation final report for an Airbus accident from 2008. In this event, the on-board computers spontaneously messed up during a routine flight, and harshly pitched the plane down for a second or two. This threw around unrestrained passengers and crew in the back, crashing them up to the ceiling. More than a hundred got injured, some seriously. The captain of the plane responded perfectly: declared an emergency, and diverted to the nearest suitable airport. He did not trust the avionics any more:

He then flew the aircraft without the autopilot or autothrust engaged, and using the standby instruments, for the remainder of the flight.

The bit that bugs me more is the root-cause-analysis and correction of the bugs in the system. The final report unnervingly qualifies this:

The failure mode was probably initiated by a single, rare type of internal or external trigger event …
The spikes in the ADR parameters were probably introduced within the CPU module …
A much more likely scenario was that a marginal hardware weakness of some form made the units susceptible to the effects of some type of environmental factor, which triggered the failure mode.

It goes on like that. They’ve done some impressive analysis of the systems, but the there is quite a collection of maybes and probablys.

But be reassured:

The occurrence was the only known example where this design limitation led to a pitch-down command in over 28 million flight hours on A330/A340 aircraft. ...
It is widely accepted that not all the potential failure modes and failure scenarios for complex systems can be identified in practice, and fault-tolerant design features are included in a system to reduce the risk of such problems. ...
The ADIRU manufacturer conducted a ‘theoretical analysis’ of the potential for a single event upset (SEU) on the LTN-101 ADIRU. The overall result of this analysis was that [...] the ADIRU still met the aircraft manufacturer’s safety objectives …
As a result of this redesign, passengers, crew and operators can be confident that the same type of accident will not reoccur.

It’s an uneasy situation. Having a sense of how much technology and effort goes into this sort of machinery, it’s clear that there are failure scenarios that we don’t know we don’t know. And yet we fly.

2011-10-17 10:05 | fche blog tech using systemtap better

Brendan Gregg, kind enough to engage with us systemtap developers occasionally, posted a long comment about his experiences with our tool. Since his observations appear in good faith, I’m happy to respond to many items in kind. I’ll be brief to avoid tl;dr.

A common refrain is problems with older versions and/or older distributions, which have been fixed for some time. This pattern is not obvious because Brendan’s article lacks version numbers throughout (with handful of exceptions).

2011-10-13 11:50 | fche blog tech keysigning dance party

One can’t help but imagine that a videographer could assemble an entertaining clip from this forthcoming event

6. After everyone has read his key ID information, have all attendees form a line.
7. The first person walks down the line having every person check his ID. The second person follows immediately behind the first person and so on.
8. If you are satisfied that the person is who they say they are, and that the key on the printout is theirs, you place another check-mark next to their key on your printout.
9. Once the first person cycles back around to the front of the line he has checked all the other IDs and his ID has been checked by all others

All you need is a fiddle and a caller and you get a geek square dance. Note by the way how the PGP web of trust concept is itself so untrusted at this event. Every attendee is expected to verify every other attendee’s paper ID. They don’t trust each other to validate the IDs. The web of real trust is just one hop deep.

2011-09-29 18:17 | fche blog tech a happy crash

Just a few minutes ago, my main linux workstation decided to crash. This hardly ever happens, and hardly ever is it pleasant.

But this time, it turned out to have a plus side. The audio card’s buffers were full of a particularly lovely Alan Parsons Project track, and the card was already configured to loop on it. The buffer length was pretty close to the duration of a few bars, so my music sense was not too offended as the phrase repeated over and over. This fortuitous emulation of skipping LPs made me delay the reset & reboot several minutes.

Oh well, back to work.

2011-04-20 12:48 | fche blog tech a gadgeteer's lament

For several years, I’ve been trying to find a replacement for an old teeny computer, what we used to call “PDA”, a Garmin iQue3600a running PalmOS. It’s an amazing little widget, considering that it was made in 2004. Or maybe not even considering that.

2011-04-12 23:56 | fche blog tech IPv6

Today, I finally shed my ipv6 virginity. I did not act alone: friends encouragement, work provided impetus, and private charities provided the connectivity. But now, elastic.org has a proper IPv6 address in addition to its IPv4 one. So someday in 2050, when IPv4 is finally deprecated, this humble web site will remain accessible. Rejoice!

2011-03-31 10:58 | fche blog tech yes, can you file a bug?

Imagine that you're a user of some nice steaming fresh piece of free software. You come across a problem. You are well-informed in the ways of the FOSS world, and so you make contact with the developers to ask them about it. What happens next is a tossup.