Jun 172013
 

The presumed yottabyte capacity of the new Utah Center of the NSA, about which I commented a few days ago, is still making the rounds on news channels and news cites. Someone calculated that a yottabyte is equivalent to 500 quintillion printed pages. CNN helpfully added that a stack of paper with this many pages could reach all the way to the Moon and back 66 million times.

What they ought to have calculated is the size and volume of 250 billion 4 TB hard drives.

A lighter hard drive weighs about 0.4 kg. 250 billion of them? That would be 100 billion kilograms. Or 100 million metric tons. Or roughly 1000 of the largest cargo ships, each the size of a small city, filled to capacity with hard drives.

A hard drive is about 15/16″ tall. That’s 2.38 centimeters. 250 billion of them? Why, it’s a stack tall enough to reach all the way to the Moon and back 8 times.

The volume of a standard hard drive is about 342 cubic centimeters. 250 billion? That would be just a tad under 0.1 cubic kilometers (8.56 × 107 cubic meters, to be a bit more precise). That would be a field that is a kilometer square, filled with hard drives to the height of a small-ish skyscraper, about 25-30 stories high. Large as the Utah facility is, it’s by no means large enough.

Some might want to point out that if the NSA used flash memory instead, the volume (and also the power consumption) would go way down. True. But the price would go up. Flash memory is still roughly an order of magnitude more expensive than hard drives. So if the NSA wanted to build a yottabyte facility using flash memory, instead of spending 1.5 times the GDP of the entire United States, they’d be spending 15 times that amount. Or roughly three times the “gross world product”, estimated at 83 trillion US dollars.

Perhaps CNN and friends should do a little more math, not just to impress their readers but also to fact check the stuff that they report. Would be nice.

For illustration, I chose a Hungarian bank note from 1946, reportedly the highest denomination ever printed anywhere: it is a 100 quintillion pengő note. It is still far short of a yottapengő: you would need 10,000 of these banknotes. Then again, by the time hyperinflation ended and a new currency (the Hungarian forint, still in circulation) was introduced, the exchange rate was 400 octillion pengős to the forint; that would be 400,000 yottapengős.

 Posted by at 11:39 am
Jun 112013
 

In reaction to the news about large scale NSA surveillance, the new NSA data storage facility currently under construction in Utah has been mentioned frequently. Along with the factoid that this facility will supposedly be able to store a yottabyte of data.

Yottabyte? That is a lot of data. And when I say a lot, I mean A LOT. An incredibly large amount of data. And in this case, I mean “incredible” in the literal sense of the word, as in not credible. Despite the fact that this tidbit even appears on Wikipedia.

A yottabyte is a trillion trillion bytes. A trillion terabytes, in other words.

The largest commercially available hard drives currently hold about 4 terabytes of data. To store a yottabyte, you would need a quarter trillion, or 250 billion 4TB hard drives. That would amount to about 35 hard drives for each living person on the planet.

A 4 TB hard drive consumes about 3-6 W of power. Say, 4 W on average. 250 billion drives would therefore consume a trillion watts of power. Which is roughly the peak electrical power generation capacity of the entire United States. We know that the Utah facility will consume a lot of power, but the figure I’ve seen mentioned in one article was a much more modest 75 megawatts. Which is about one ten thousandths the amount of power I just calculated.

Then there is the price. The retail price of a 4TB drive is a tad under $200 these days. Presumably, they would cost a lot less if purchased in bulk; say, $100 per drive, including power supplies, interface circuits, whatever. So 250 billion 4TB hard drives would only cost 25 trillion US dollars.

That is, more than one and a half times the United States GDP.

However important it is for the United Stasi of America to keep a watchful eye over every citizen of the world, I don’t think a price tag like this is feasible. Indeed, the cost of the facility is a lot less, reportedly around 1.5 to 2 billion dollars. Let me round it up to 2.5 billion; after all, government projects are rarely completed within budget. And let me assume that all that money is spent on data storage. Well… that’s still not a yottabyte. It’s one ten thousandths of a yottabyte. Or 0.1 zettabytes. Or 100 exabytes.

Still a staggering amount, but much more modest. After all, large service providers like Google are already storing hundreds of petabytes, even exabytes of data. And the entire world may already have collected a few zettabytes.

But not yottabytes. Never mind the NSA; the world as a whole is still a long way away from a yottabyte. Probably a couple of decades, even assuming continuing exponential growth in global data storage capacity.

In any case, a yottabyte is an insane amount of data, even for an institution like the NSA. It is sufficient to store about eight years worth of broadcast quality video for each individual living on the planet. Or, if you are content with lower video quality, a complete visual record of the entire life of every living person on the planet could easily fit in a yottabyte.

Besides… is it really believable that the NSA sits on top of a technology that increases the efficiency of data storage by 4-5 orders of magnitude, a factor of 10,000 or more? There are some really smart people working for the NSA, to be sure, but they are not space aliens. Exotic storage technologies may be in the works in storage technology labs, but I suspect that when they become practical and usable, we will first see them in our next generation gadgets, not secret US government data centers.

So no, the NSA is not going to store a yottabyte of data, breathless news reports and the hype notwithstanding. Not even a zettabyte. A few exabytes, maybe.

Which is still a lot. Far too much, in fact, for my comfort.

 Posted by at 12:40 pm
Jun 082013
 

Yes, it’s Orwellian, and this time around, it’s no hyperbole.

The US government apparently not only collects information (“metadata”) on all telephone calls, they also have the means collect e-mails, online chats, voice-over-IP (e.g., Skype) telephone calls, file transfers, photographs and other stored data, and who knows what else… basically, all data handled by some of the largest Internet companies, including Google, Facebook, Skype and others.

Last summer, I decided to revamp my e-mail system. The main goal was to make it compatible with mobile devices; instead of using a conventional mail client that downloads and stores messages, I set up an IMAP server.

But before I did so, I seriously considered off-loading all this stuff to Google’s Gmail or perhaps, Microsoft’s outlook.com. After all, why should I bother maintaining my own server, when these fine companies offer all the services I need for free (or for a nominal fee)?

After evaluating all options, I decided against “outsourcing” my mail system. The fact that I did not want to have my mail stored on servers that fall under the jurisdiction of the US government played a significant role in my decision. Not because I have anything to hide; it’s because I value my privacy.

Little did I know back then just how extensively the US government was already keeping services such as Google under surveillance:

 
 

From the leaked slides (marked top secret, sensitive information, originator controlled, no foreign nationals; just how much more secret can stuff get?) and the accompanying newspaper articles it is not clear if this is blanket surveillance (as in the case of telephone company metadata) or targeted surveillance. Even so, the very fact that the US government has set up this capability and recruited America’s leading Internet companies (apparently not concerned about their reputation; after all, a presentation, internal as it may be, looks so much nicer if you can splatter the logos of said companies all over your slides) is disconcerting, to say the least.

True, they are doing this supposedly to keep us safe. And I am willing to believe that. But if I preferred security over liberty, I’d have joined Hungary’s communist party in 1986 instead of emigrating and starting a new life in a foreign country. Communist countries were very safe, after all. (And incidentally, they were not nearly this intrusive. Though who knows how intrusive they’d have become if they had the technical means available.)

One thing I especially liked: the assurances that the NSA does not spy on US residents or citizens. Of course… they don’t have to. This will be done for them by their British (or Canadian?) counterparts. No agency is breaking any of the laws of its own country, yet everybody is kept under surveillance. And this is not even new: I remember reading an article in the Globe and Mail some 20 years ago, detailing this “mutually beneficial” practice. I may even have kept a copy, but if so, it is probably buried somewhere in my basement.

Meanwhile, I realize that the good people at the NSA or at Canada’s Communications Security Establishment must really hate folks like me, though, running our own secure mail servers. I wonder when I will get on some suspect list for simply refusing to use free services like Gmail that can be easily monitored by our masters and overlords.

 Posted by at 7:17 pm
May 222013
 

Today, the weirdest thing happened on my main desktop computer: the right-click menu of Windows Explorer, as well as the Windows desktop, disappeared. I was also unable to bring up the Properties dialog, even through the menu bar.

The worst part of it is, I could not figure out what happened. A reboot didn’t fix things, nor did an obvious Registry hack (making sure that HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu is set to 0. For some reason, it was set to 1.) Eventually, I resorted to the big guns and used System Restore (thanks to the fact that I do backups daily, I had a restore point from 2AM this morning) to fix things. Still, it bugs me that something happened that I do not understand.

In comparison with another, mostly identical system, I noted that the other system had no subkeys under the Policies key whatsoever. So I wonder exactly when and how the Explorer and System subkeys were created on this workstation.

And while I was at it, I searched the Registry a little more and found another, possibly relevant entry: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu. Once again, this Registry value is missing from the other machine, so I wonder how, why and when it was created on this workstation.

This is deeply disturbing. I don’t like mysteries, especially not on a machine that I use on a daily basis. Life is short and one does not need to resolve every mystery, but occasionally, such unexpected behavior can be a sign of a security issue.

 Posted by at 7:02 pm
May 102013
 

So a few weeks ago, I purchased a new laptop. For just a tad over 500 bucks, I was able to get a fairly decent lightweight ASUS machine. Most importantly, it is a machine equipped with a touch screen, allowing me to experience Windows 8 as intended by its designers.

And I really gave it a try. During my recent trip to Europe, I took this laptop along. And, I made it a point not to install software such as a replacement Start menu; I wanted to experience Windows 8 exactly as its designers intended.

What can I say? I am not impressed. The way the world of Microsoft’s “Modern UI” is grafted onto Windows just feels… well, it feels like a kludge. The apps are not bad but they leave a lot to be desired. The built in mail app crashed on me countless of times, and even when it was working, it was rather finicky when it came to synchronizing IMAP folders. The built in Skype app crashed on my countless of times, and even when it was working, it was often stuck in a disconnected state, with no obvious means to initiate a reconnect. Windows itself boots up very quickly, which is a good thing, but unfortunately I needed to reboot it more often than I should have: that is because Windows 8 sometimes just went berserk, for instance during a perfectly ordinary network copy operation that locked up so bad, I had to hard reset the machine to recover from this failure. Simply put, I am not used to having to reboot a modern operating system regularly as a means of recovering from trivial malfunctions.

When things worked, they worked fine. The mail app is actually quite decent. The gestures, one can get used to (again, a touch screen helps a lot.) The laptop played nice with my Bluetooth headset, which made Skype a pleasure to use (when it worked.) Nonetheless, I kept missing the Start menu, and I kept missing the Aero glass interface.

When I finally got back home, sitting down in front of my trusty workstation that runs Windows 7, it actually felt like I was finally using a “proper” version of Windows as opposed to a downgrade or older edition. This is not supposed to happen. Even with Vista, one may have felt that it was misguided in many ways, but it did feel like an upgrade of Windows XP. Windows 8 does not feel like an upgrade of Windows 7. Quite the contrary.

I will continue to use my new laptop, as I have gotten quite fond of this machine. It was very good value for the money. (Finally I have a laptop weighing less than 4 pounds that has zero trouble playing back an ISO image of a Blu-Ray disc and has enough battery power for a feature length movie.) And I don’t really mind Windows 8. It’s just… it’s just… just silly.

 Posted by at 10:46 pm
Mar 242013
 

Here is one of our four cats, Kifli. (Literally, his name means croissant in Hungarian. How did he get this name, you ask? Well, when we got him back in 2001, he was only a few weeks old and he and his brother Szürke actually fit on the palm of my hand, both of them together. Szürke is a gray tabby and perhaps somewhat unimaginatively, that’s exactly what his name means in Hungarian; gray, that is. Kifli has the color of a freshly baked bun, but when he was little, Kifli was very thin and did not look like a bun at all. In Hungarian bakeries, the two most common small bakery products are buns and croissants; not the puffy French type made from leavened dough, but croissants baked from the same dough that is used to make white bread and, well, buns. These croissants are long and thin, just like Kifli. Hence, his name.)

Anyhow, I was testing out an Android photo editing app (PicsArt, in case you’re wondering; seems like an excellent app, by the way) tonight when I snapped this picture of Kifli and applied one of the app’s effects. I think it’s real nice. And while it’s not so nice that Kifli jumped onto a table that he’s not supposed to be on, I certainly approve of his reading choices.

 Posted by at 8:39 pm
Mar 202013
 

I thought my server would break some record in the coming months, perhaps running up to two years without a restart.

Alas, that will not happen: we received notice from Ottawa Hydro that they will be doing maintenance tomorrow morning and our power will be shut off for a while. The duration (3.5 hours) is way more than what my server’s UPS can handle.

Oh well. It was nice while it lasted:

$ uptime
21:30:33 up 582 days,  2:02,  4 users,  load average: 0.85, 0.51, 0.55

 Posted by at 9:32 pm
Mar 102013
 

I am getting close to breaking some of my records here. My main server has now been up 70 days longer than the planned trip to Mars:

There really was no need to reboot, and there won’t be any unless a) there is a critical patch to this version of the Linux kernel, b) I decide to carry out a planned upgrade to Slackware 14.0, c) the system crashes, d) the hardware fails, or perhaps most likely: e) I decide to bring down the server in order to remove a few pounds of cat hair, dust bunnies and whatever else may have accumulated in its case over the course of 19 months.

 Posted by at 2:25 pm
Feb 212013
 

I have been password protecting my smartphone ever since I got one, and more recently, now that Android supports encryption, I took advantage of that feature as well.

The reason is simple: if my phone ever gets stolen, I wouldn’t want my data to fall into the wrong hands. But, it appears, there is now another good reason: it seems that at least in Ontario, if your phone is password protected, police need a search warrant before they can legitimately access its contents.

Privacy prevailed… at least this time.

 Posted by at 3:21 pm
Feb 122013
 

I was reading about full-disk encryption tools when I came across this five-year old research paper. For me, it was an eye-popper.

Like many, I also assumed that once you power down a computer, the contents of its RAM are scrambled essentially instantaneously. But this is not the case (and it really should not come as a surprise given the way DRAM works). Quite the contrary, a near-perfect image remains in memory for seconds; and if the memory is cooled to extreme low temperatures, the image may be preserved for minutes or hours.

Degrade of a bitmap image after 5, 30, 60 seconds and 5 minutes in a 128 MB Infineon memory module manufactured in 1999.

Decay of a bitmap image 5, 30, 60 seconds and 5 minutes after power loss in a 128 MB Infineon memory module manufactured in 1999. From https://citp.princeton.edu/research/memory/.

So even as we worry about public servants losing USB keys or entire laptops containing unencrypted information on hundreds of thousands of people, it appears that sometimes even encryption is not enough. If a lost laptop is in a suspended state, an attacker could access the contents of its RAM using only a rudimentary toolkit (that may include “canned air” dusters turned upside-down for cooling).

I wonder what the future will bring. Tamper-proof hardware in every laptop? In-memory encryption? Or perhaps we will decide that we just don’t care, since we already share most details about our personal lives through social networks anyway?

On that note, Canada’s government just decided to scrap a planned cybersurveillance bill that many found unacceptably intrusive. Good riddance, I say.

 Posted by at 8:58 am
Feb 062013
 

I happen to be using the oldest surviving Linux distribution, Slackware, on my servers. I have been using Slackware for a very long time; in fact, the only other distribution I ever used was the first Linux distribution, SLS (Softlanding Linux System), which was ultimately succeeded by Slackware.

Now I realize that while Slackware is perfect if you actually know what you are doing, it is not the easiest distribution to use. It lacks many of the system management, package installation and dependency resolution tools that users of more recent distributions take for granted.

This is why I was very surprised when I read this morning in PCWorld that in a recent survey conducted by LinuxQuestions.org, Slackware was found to be the most popular desktop Linux distribution. I may have expected to see Slackware fare well on servers, but the desktop? Mind you, I am very pleased to see that Slackware is doing well, even though it appears to have been a somewhat informal survey.

As to servers, Slackware came in as a close second, narrowly beaten by Debian. Even a second place finish is impressive for this venerable distribution.

I just hope that Slackware is here to stay for a long time to come. I would loathe to switch distributions after all these years.

 Posted by at 10:35 am
Jan 172013
 

signonMany years ago, I created a form where players can sign up to play MUD2. To keep things relatively uncomplicated, I just created two fields for the player’s name: one labeled “Last Name” and the other, “First Name and Initials”. To me it was self-evident that if I encountered a form like this, I’d enter “Toth” and “Viktor T.”, respectively, into these fields.

But soon I found out that I was wrong. I got one signup after another like “Doe”, “John JD”. Or “Doe”, “John, JAD” if the delinquient’s middle name happened to start with an A.

What’s wrong with my form, I asked? Perhaps it’s my English? I quickly Googled “First name and initials” and found a great many hits. It was clear from the context that none of them asked for all your initials, only the initials of any additional given names that you might have, just like I did. Yet registrations in the form of Doe, John JD kept on coming. Do these people write “John JD” on passport and other official forms, too, when they are requested to enter their “Middle name and initials”?

Just to be absolutely clear, though, I added an asterisk to the field and a note: “*In case there’s a misunderstanding, this means any EXTRA initials you might have. If you’re called John A. Doe, put John A. in this field, not John JAD. And if you’re John Doe, well, that means that you have no initials to put here next to your first name!

It didn’t help. To this date, I continue getting registrations in the form of Doe, John JD.

Nowadays, this is more amusing than annoying. I needed to know the name and country of residence of players when we charged for MUD2, for tax purposes (among other things, I was obliged to collect the Goods and Services Tax from Canadian players.) But now that the game is free, it really doesn’t matter anymore what your name is. So long as you supply a valid e-mail address, I have a means to contact you if I must (which means almost never. And no, I don’t collect and sell e-mail addresses.) But perhaps it does illustrate why I always found programming so much easier than dealing with people.

 Posted by at 9:52 am
Jan 122013
 

jstor_logoComputer pioneer Alan Turing, dead for more than half a century, is still in the news these days. The debate is over whether or not he should be posthumously pardoned for something that should never have been a crime in the first place, his homosexuality. The British government already apologized for a prosecution that drove Turing into suicide.

I was reminded of the tragic end of Turing’s life as I am reading about the death of another computer pioneer, Aaron Swartz. His name may not have been a household name, but his contributions were significant: he co-created the RSS specifications and co-founded Reddit, among other things. And, like Turing, he killed himself, possibly as a result of government prosecution. In the case of Swartz, it was not his sexual orientation but his belief that information, in particular scholarly information should be freely accessible to all that brought him into conflict with authorities; specifically, his decision to download some four million journal articles from JSTOR.

Ironically, it was only a few days ago that JSTOR opened up their archives to limited public access. And the trend in academic publishing for years has been in the direction of free and open access to all scientific information.

Perhaps one day, the United States government will also find itself in the position of having to apologize for a prosecution that, far from protecting the public’s interests, instead deprived the public of the contributions that Mr. Swartz will now never have a chance to make.

 Posted by at 4:53 pm
Jan 122013
 

The name of John C. Dvorak has been known in the personal computer industry for decades. Sure, he didn’t always get everything right (among his most famous missed predictions was predicting the failure of Apple’s Macintosh and the iPhone) but he is right more often than he is wrong.

This time around, Dvorak set his sights on Windows 8. He is demanding nothing less than a complete makeover of Microsoft’s new operating system: get rid of the touchscreen nonsense and give us back a decent, fully functional desktop operating system that is unhindered by the new touch UI that amounts to little more than a useless, misguided splash page.

I couldn’t agree more. However… I do not plan to hold my breath.

 Posted by at 11:02 am
Jan 122013
 

The SANS Institute is one of the preeminent firms in Internet security. I subscribe to their security-related mailing lists for all the obvious reasons, and I also receive their print course catalog on a regular basis.

I was flipping through the pages of the latest when I came across this gem (which should really belong among Jay Leno’s Headlines, assuming viewers of The Tonight Show could actually tell the difference between Unix and Windows):

winlin

Which leaves me wondering if SANS really can’t tell the difference between the two operating systems. (They probably can.) Or perhaps it’s the US Navy that cannot? (I doubt it.) Or perhaps the real problem, apart from careless proofreading, is that these security training courses have become rigid and mechanical, predictable even, which is precisely why hackers seem to have so little trouble penetrating even military networks?

 Posted by at 10:57 am
Dec 112012
 

fbspamThank you, Facebook. Now I am getting garbage that is apparently coming from some of my Facebook friends, all because (no doubt in your eagerness to please your corporate sponsors and push your sinking share price up a little) you happened to leave open a gaping security hole allowing spammers to “scrape” friend lists and e-mail addresses.

Worse yet, it is possible that the same spammers are sending garbage to others in my name. And while I may know not to click on an unsolicited link even if it appears to come from a good friend, colleague, or close relative, others may not be so cautious.

One of these days, I’ll find myself a spammer and slowly strangle him.

 Posted by at 10:23 pm
Dec 112012
 

ios6mapsI admit I, too, joined the happy chorus of Android phone owners ridiculing Apple’s decision to drop Google Maps in favor of a half-baked homegrown Apple solution in iOS6.

However, those bad maps are no joke. Apparently in Australia, several people found themselves in life-threatening situations when Apple’s mapping program guided them to a snake-infested desert instead of a tourist destination.

 Posted by at 9:14 pm
Dec 082012
 

Not only is Windows 8 a “weird” operating system (I am trying to avoid impolite language here) but it appears Microsoft is hell bent on breaking the “Windows 7 experience” for those of us who did not jump on their “tiles everywhere” bandwagon.

Today, I found out that in the name of Windows 8 support, Microsoft disabled some basic features in their update to the Remote Desktop Protocol on Windows 7. For starters, they disabled “Aero remoting”, so if you are accessing another Windows 7 computer, you will no longer see the transparency, etc. effects. But at least this “improvement” is documented.

Not so the other change: installing RDP 8 disables the “TSCLIENT share”, which is how Windows XP programs that run in Microsoft Virtual PC access files on the host computer. This is extremely annoying for people, myself included, who rely on Windows XP Mode to run older applications. Yes, there are workarounds (including the obvious one, which is to uninstall the RDP 8 update) but I still don’t understand why Microsoft messed up this feature in the first place. Let me just say that this is not the best way to make people like Windows 8 some more!

 Posted by at 6:27 pm
Dec 022012
 

I am reading about this “artificial brain” story that has been in the news lately, about a Waterloo team that constructed a software model, Spaun, of a human-like brain with several million neurons.

Granted, several million is not the same as a hundred billion or so neurons that are in a real human brain, but what they have done still appears to be an impressive result.

I’ve spent a little bit of time trying to digest their papers and Web site. It appears that a core component of their effort is Nengo, a neural simulator. Now the idea of simulating neurons has been at the core of cybernetics for (at least) 60 years, but Nengo adds a new element: its ability to “solve” a neural network and determine the optimal connection weights for a given network to achieve its desired function.

The “brain”, then, is a particular Nengo simulation that is designed to model specific areas and functions of the human brain. Their simulation, equipped with a simple 28×28 pixel “eye” and a simulated “arm” with which to draw, can perform some simple activities such as reading and copying some digits and symbols, or memorizing a list.

I am still trying to make up my mind as to whether this result is just a gimmick like Grey Walter’s infamous cybernetic tortoise or a genuine leap forward, but I am leaning towards the latter. Unlike the tortoise, which just superficially mimicked some behavior, Spaun is a genuine attempt to create a machine that actually mimics the functioning of a human brain. Indeed, if this research is scalable, it may mark a milestone that would eventually lead to the ability to create electronic backups of ourselves. Now whether or not that is a Good Thing is debatable of course.

 Posted by at 6:27 pm
Nov 192012
 

I am reading articles about the slow sales of Windows 8 and complaints about its user interface. All valid, I think. Indeed, there is an easy way to explain in two points why I would not recommend anyone to upgrade to Windows 8 on the desktop:

  1. Value added by Windows 8 over Windows 7 for the typical desktop user: None. (To be sure, there are some minor improvements, including speedups. But they are more than offset by the incomprehensible removal of the Start button and the equally incomprehensible move away from the Aero interface, which is actually quite nice.)
  2. Difficulties created by the schizophrenic nature of Windows 8 (“Modern” vs. “desktop”) and the cumbersome nature of a touch-oriented interface on a desktop computer: Lots.

In other words, you are paying a huge price (not the dollar cost of a Windows 8 license but price in the form of re-training yourself or your employees, and the inevitable productivity loss due to a very confusing schizophrenic interface) and you essentially get nothing in return.

Maybe Microsoft will fix all this with Windows 9. Maybe Ballmer has to go first.

 Posted by at 8:57 pm