April 2007 Archives

2007-04-30 22:49:55

Another note on PHP and errors

I had to debug a rather large piece of PHP code today, and discovered a bunch of weird behaviors:

First of all, if the pgsql.so PHP plugin is not loaded and PostgreSQL functions are called, PHP does not produce any errors, it just fails silently.

Then, pg_connect may fail. This, of course, generates error messages. These error messages can be retrieved by calling pg_last_error() after pg_connect(). This produced the following output:

Could not connect:

Ah, so that's why.

Posted by Tonnerre Lombard | Permanent link | File under: programming

2007-04-26 21:38:43

Microsoft closes deal with Samsung

Microsoft has closed a patent cross-licensing deal with Samsung on April 19th.

Both Microsoft and Samsung are companies which are heavily armed with patents in the software area. Samsung is one of the major sellers of tech equipment, especially embedded devices. For quite some of their devices, they use Linux as an embedded operating system.

Microsoft however has its own embedded operating system called Windows CE. It is mainly a big, barely portable chunk of code which uses their famous microkernel approach in order to be able to load drivers for the hardware it runs on. However, Microsoft owns a couple of patents on several software techniques deployed also by Linux (so-called trivial patents). Based on these patents, many of which haven't seen an examination in court yet, Microsoft claims ownership of nothing other than the Linux operating system itself.

This approach is not new. Microsoft has recently convinced Novell to give in to a «extended partnership», which included a patent deal. In the course, Novell removed such useful things as laptop optimized font rendering from their Novell Linux (formerly SuSE Linux) distribution. The question remains whether this was actually in the interest of the customers.

As a side note, in terms of annual turnover, Microsoft and Samsung play about in the same league.

Posted by Tonnerre Lombard | Permanent link | File under: news

2007-04-25 21:44:36

IPRED2 adapted

Today (Apr 25, 2007), the European Parliament has signed off the IPRED2 directive relatively unchanged, despite the heavy resistance from Open Standards lobbyists.

IPRED2 is the second part of the Intellectual Property Rights Enforcement Directive. It proposes criminal sanctions for infringements on intellectual property rights, such as copyright, patent law or trademark law. However, these specific infringements aren't defined very clearly, so this law actually creates a great legal incertainty about what kinds of infringements are actually criminal.

Following the introduction of this directive in a couple of years, a great period of legal incertainty is bound to follow. IPRED2 will support greatly the current strategies of big mega corporations to dry out innovation by suing the small companies out of business. Also, it is highly probable that this directive is going to harm free and open source software, because there is an ongoing attempt to try and flood the market with trivial patents that apply to Open Source software, so that it practically has to be licensed to litterally thousands of companies who hold patents on such simple elements as click buttons.

The problem is that IPRED2 is going to be handled in criminal law, not civil law. This means that, for example, an invalid patent is going to be examined in a «shoot first» manner, where the CEO of a small company goes to jail first for infringing on a patent, and then has to challenge the patent from jail in order to rehabilitate. This is because patents are supposedly not handled by criminal law, even though they are effectively creating criminal law.

Also, this has weird implications since the European Patent Office is now capable of creating criminal law by granting patents. On the other hand though, every government official is supposed to be capable of telling you whether or not you are a criminal. If you now go to your favorite government official and ask him whether you are a criminal, he can't give you a definitive answer without going through millions of patents and reading through millions of books, assessing whether or not you are actually infringing on intellectual property rights.

Since this is impracticable, IPRED2 clearly puts one of the major properties of a constitutional state out of order, which is legal certainty...

More information can be found on http://www.ipred.org/. FFII press release is on http://press.ffii.org/Press[...]%2C_Innovators

Posted by Tonnerre Lombard | Permanent link | File under: general, chaos, news, politics

2007-04-24 12:17:48

Happy Birthday, ZX Spectrum

The ZX Spectrum home computer is celebrating its 25th birth day today!

The ZX Spectrum has been officially released by Sinclair on April 24th, 1982. It featured a Zilog Z80 processor clocked at 3.5MHz, 16kB ROM and 48kB RAM. With its resolution of 256x192 pixels, it could display games such as Rebelstar II, and even run the CP/M operating system.

So if you still have an old ZX Spectrum in the attic, take it out today and hug it.

Posted by Tonnerre Lombard | Permanent link | File under: chaos

2007-04-24 09:47:59

DeNIC: CEO and co-founder Dolderer resigns

The CEO and co-founder of the german domain registry DeNIC, Sabine Dolderer, has resigned on March 23rd. As a reason she named internal differences within the registrar.

«It's no good when members of the same team work into different directions.», Dolderer wrote in her final mail.

Dolderer has been a member of the DeNIC board since 2001, and has been working with the domain registrar since 1994, when it was still a project of the University of Karlsruhe. She was one of the founders of DeNIC as an organization.

Article: http://www.heise.de/newsticker/meldung/87326

Posted by Tonnerre Lombard | Permanent link | File under: news, network

2007-04-24 07:34:47

Cases of forced abortion turned up in China

Several cases of forced abortion turned up in China. Following their one-child politics, Chinese authorities forced several women to abort their child – even in the last month before their birth.

For quite some time now, China is following the «One-Child Policy». This means that each married couple is allowed to have exactly one child. Normally, those who are unmarried and have a child, or if you are married and have more than one child, are forced to pay a fine, but allowed to keep their child.

However, the Chinese government has imposed restrictions on all of the regulatory areas to reduce the birth rate to 13.5%, and the officials' careers now depend on reaching this 13.5% limit. However, in some areas, the birth rate is somewhat above this limit, so it appears that the officials in those areas felt pressured to these measures.

Chinese officials deny the existence of such forced abortions. A family planning official in Baise, Mr. Nong, said in an interview with npr: «We were very surprised to hear of these accusations, but our investigation concluded some individuals who were dissatisfied with our family planning policies were fabricating stories. These facts simply don't exist. We really love and care for women here.»

If such strong accusations were raised in Europe, there would be a big international media coverage, followed by a media-covered investigation of the affair, and rolling heads. China, however, does not need to take measures this drastic, because the country is under european protection. We need China to create more revenue for our valued share holders, and we don't care about the barbaric atrocities that we allow to be committed.

The full story on NPR

Posted by Tonnerre Lombard | Permanent link | File under: news, politics

2007-04-22 18:56:50

Sonntagszeitung reports: Postcard cracked!

The swiss german news paper «Sonntagszeitung» reports that the swiss Postcard (a kind of credit card from the swiss Postfinance) has been cracked.

The article states claims that it is possible to create and sign a new postcard with a valid card number and arbitrary account data. This is said to be due to the fact that the Postcard is signed with a 320-bit RSA private key, which, if true, is easy to reverse engineer. In 1996, when Bruce Schneier published his «Applied Cryptography», he stated that it would be easily possible to break a 512-bit RSA key within a reasonable amount of time. Also, the amount of additional work to be invested when breaking a larger RSA key is not linear, so in fact it is several orders of magnitude easier to break a 320 bit RSA key. Also, quite a lot of time has passed since 1995. Nowadays, RSA is mostly used with keys that are at least 2048 Bit.

Back to the Postcard: It is also possible to create a copy of a Post card which has an additional «feature» which allows you to type in any PIN that you like. The PIN is used soleily for storing transaction logs on the Postcard itself and is not used in any way for authenticating the card. If appending to the log fails, the terminal aborts the transaction manually. This means that it's not necessary to know the PIN of a person whose Postcard you get hold of (e.g. because he put it into your card reader in your little store, thinking it would be a terminal). You can just make transactions without it.

However, the Postfinance decided to deny the existence of these security holes in their Postcard. Thus, Fix announced to make a public demonstration of the technique on television using soleily data of customers who have given their consent to participate in the demonstration. If there is indeed a security hole, the Postfinance is not going to be looking forward to the next few monthes...

Article: http://www.sonntagszeitung.ch/dyn/news/multimedia/743744.html
More information: http://www.postcard-sicherheit.ch/

Posted by Tonnerre Lombard | Permanent link | File under: chaos, news

2007-04-22 13:28:17

Good news from Linux: it's broken

There are some «good news» from the Linux world: currently, their CPU frequency scaling works effectively just as good as ours.

Actually, Linux has some advantages. They have ACPI CPU controllers, they read the CPU frequency data from ACPI and use ACPI to set the frequencies. This means that they can indeed set more frequencies.

However, they are not capable for some reason to set the CPU frequency to a value below 1GHz. Some FAQ declares that this is a limitation of the Intel Core 2 series, but this is indeed not the case. FreeBSD can set the frequency to 1997MHz, 1747MHz, 1497MHz, 1248MHz, 998MHz, 748MHz, 449MHz and 249MHz. This is well below 1GHz.

So I guess the correct solution is really to port FreeBSD's acpi_throttle driver.

Posted by Tonnerre Lombard | Permanent link | File under: programming

2007-04-22 11:16:32

Help on the Internet (But for AMD)

I found some more information on the Internet, but for AMD. I wonder if I can get any info from it. Unfortunately, the site is currently down:


Also, I wonder whether I can just set the CPU frequency under FreeBSD or Linux and read out the voltage in order to create a table for the time being...

Still, FreeBSD uses this ACPI throttling thing, which I should port sooner or later, since Intel stopped releasing CPU frequency/voltage specs...

Posted by Tonnerre Lombard | Permanent link | File under: programming

2007-04-22 10:24:23

CPU not supported

There we have it: my CPU is not currently listed. The thing attempts to look up a CPU with vendor ID 0, bus clock BUS166, idhi = 3111 and idlo = 1555. However, it seems that not a single BUS166 CPU is defined. So I wonder how FreeBSD does it?

Looking at the FreeBSD dmesg it appears that FreeBSD has found some way to retrieve the data from ACPI? Because the frequencies go down to 250MHz, and none of the frequency lists does even contain an entry for 250MHz.

Maybe I'll need to debug which entry FreeBSD chooses?

Posted by Tonnerre Lombard | Permanent link | File under: programming

2007-04-22 02:29:47

est: a small breakthrough!

Finally, a breakthrough!

machdep.est.frequency.available = 2000 1000

There are a couple of problems still with the current state of affairs though:

  1. cpu_feature2 detection is only available in NetBSD current, not in 4.0_BETA2, so it is quite hard to deduce whether or not to enable est.
  2. Currently, no infrastructure exists for calling CPU specific probing functions. i386 does it extensively, and for each CPU that actually defines this function, which is passed through multiple layers of structs. amd64 deduces that it already knows almost anything about the CPU, and doesn't probe much specific stuff. This makes the probing function small, but it also makes it uneasy to call detection functions such as p3_get_bus_clock().
  3. est appears to be missing quite a bunch of frequencies. In my case, it shows 2000 and 1000, but not 1800, 1600, etc. until 200.

This will still be a work.

Posted by Tonnerre Lombard | Permanent link | File under: programming

2007-04-22 02:00:46

Problems with NetBSD/amd64 and est

It seems that there is quite a number of issues involved with implementing Speed Stepping on NetBSD/amd64, at least in version 4.0_BETA2.

At first I got a relatively easy set of steps that have to be performed in order to implement it:

  • Move p[34]_get_bus_clock() from i386/i386/identcpu.c into x86/x86/intel_busclock.c (I used a single function merging p3 and p4).
  • Move i386/i386/est.c into x86/x86.
  • Update amd64/amd64/identcpu.c to run est_init().
  • Update some required files like x86/conf/files.x86, etc.
  • Update {amd64,i386}/conf/files.{amd64,i386}.

The first major one is the fact that support for cpu_features2 has been added only in NetBSD-current. However, threading in NetBSD-current is completely different than in 4.0_BETA2, which means that all packages have to be recompiled unless you want to have segmentation faults (bad system call) all over.

A temporary circumvention of this was to assume generally that speed stepping is supported (i.e. comment out the cpuid checks) if it is implied by the config.

However, it seems that simply calling est_init() as suggested in step 3 is not sufficient. There is still a requirement to call the *_get_bus_clock functions prior to calling est_init because est_init will assume that the system bus clock is unknown (Which is somewhat true). Thus, my current job seems to be to find out what is usually calling the cpu_info functions.

Posted by Tonnerre Lombard | Permanent link | File under: programming

2007-04-21 00:09:23

Throw away your PHP!

For a long time, it has been said that blogs, wikis and CMS systems are the domains of PHP and nothing else. However, it seems that other languages are discovering this area and are doing just fine, or, even better.

For example, Bricolage also seems to feature a blog mode. It is a Perl based CMS, and as such, performs exceptionally well. It seems that running it on a server requires much less ressources (which means that much more people are capable of accessing it in parallel) than a comparable PHP solution.

Yes, Compiled PHP can improve this situation somewhat, but compiled PHP still seems to be somewhat slower than uncompiled Perl (which is largely due to the fact that the Perl interpreter precompiles all of its code on load, so there's not much of a difference). On the other side, pre-compiling Perl is also possible, and reduces the load speed somewhat. This is only remarkable when running Perl as a CGI or something comparable, because this will require Perl modules to be loaded every time the script is called. The solution to this problem is, for example, mod_perl.

A good solution for Wikis appears to be MoinMoin. It is capable of exporting the pages to HTML once they're written, so it can be used to produce static content which can be loaded at full speed because it does not need to be regenerated all the time. This is a significant advantage over, for example, Mediawiki, which needs to go though the code required in generating a page every time it is being accessed. This slows down the server significantly.

For minimalists, there is a similarly efficient solution for blogs: Bash Blogger. It is a complete blogging engine, including RSS support, navigation links, and a Google search plugin. It should be easy though to replace it and make it link to the BSD projects search engine or other search engines instead.

One of the major problems with Bash Blogger is that it is, as the name suggests, Bash only. However, the author announces that the upcoming 0.3.6 release will also run on saner shells such as ksh. This would make it a full-featured alternative blogging engine for (POSIX-conform) nerds.

Posted by Tonnerre Lombard | Permanent link | File under: general

2007-04-21 00:07:40

C workshop at Hackers Awake

I did a little C workshop at the Hackers Awake. It covers the basics of C and programming in itself as well as process execution.

The slides and example source code can be found in the reviews category.

Posted by Tonnerre Lombard | Permanent link | File under: programming