pmeerw's blog

Jul 2008

Sat, 26 Jul 2008

Server housing @home

Here is the server equipement I run at home: a Linksys NSLU2 (aka 'slug') with two USB memory sticks for applications and swap (128 MB) and data (2 GB). There is also a serial connector (eg. to be used as console) which I soldered on the board. The slug is de-underclocked of course. It serves several Mercurial repositories and this blog.

The router is an Asus WL-500gp which connects to my uplink (a PC Engines WRAP board running an ancient OpenBSD, BTW) and provides WLAN. Not shown: a Linksys WRT54G v2 connecting in bridge mode, and a Buffalo Linkstation HD-HLAN120 (for backup).

Both, the slug and wl500gp, run OpenWrt, a Linux distribution for embedded devices.

posted at: 00:16 | path: /projects | permanent link

Tue, 22 Jul 2008

DNS flaw guessed

rudd-o: The DNS fiasco
halvar:
On Dan's request for "no speculation please"
Kaminsky's DNS Issue Accidentally Leaked?

posted at: 11:03 | path: /rant | permanent link

It's an Austrian site, so forgive the comma abuse

From Slashdot: Firefox's Effect On Other Browsers quoting derStandard: "It's sort of interesting though, part of our strategy is to make sure, that we continue making change and the indirect effect of this is that Microsoft continues to have to do releases, because if we get so far ahead that we're able to drive the platform they are not able to keep up and keep their users. I mean, we have this joke which says "Internet Explorer 7 is the best release we ever did", because they would not have done it, if we would have not built Firefox. And the same is true for Apple, they are doing a lot to keep up with us. Safari 3.1 is a good example, as far as we see it, the only reason they did this release was that Firefox 3 would come out and have Javascript speed which would be twice as fast as theirs, cause that's how it was before. So by pushing other people to make releases we can go on our mission to make sure the web stays healthy."

I count 10 commas; 'commarization' is difficult :)
Would be interesting to have this article corrected...

posted at: 10:32 | path: /rant | permanent link

Mon, 21 Jul 2008

Programs' disk cache

Space in the home directory is not be unlimited, yet with default settings some programs make very liberal use of my precious storage.

Below is a list of programs that reserve disk space for caching purposes. And how to disable the cache altogether or reduce its size. And where it can be found (all paths are relative to the home directory, ~).

posted at: 19:53 | path: /rant | permanent link

Hagengebirge in panorama view

Hugin is a nice frontend to create panorama view; it's based on Panarama tools. The series of 8 images was takes on July 13, 2008 inbetween Ostpreussenhütte and Hochkönig, looking north-west, and stitched together.

2226x256, 85 KB
1867x318, 87 KB

The huge image version is available as well: 22256x2592, 3.87 MB and 18672x3168, 3.95 MB.

posted at: 19:45 | path: /fun | permanent link

Obfuscation pointers

On obfuscating SQL queries,here is an example: 

select"NVL2"(q'<'>',"UTL_RAW".cast_to_varchar2(to_char(stats_mode(column_value)+exp(sum(ln(rownum*tan((select"REGEXP_SUBSTR"(xmltype(oracle).extract('/ROWSET/ROW/_x0032_'),'[^>:D<^]+',9)from(select"MAX"(decode(rownum,316,"+"))ilu,max(decode(rownum,845,"+"))"INU"from(select/*--*/UNIQUE/*@*/KEYWORD"+"from"V$RESERVED_WORDS"))model/*..-*/partition/*----*/by('"DUAL"'world)dimension/*--*/by(7.67e183d"X")measures(ilu,inu,lpad(':*',999)oracle)(oracle[any]=to_char(dbms_xmlgen.getxml(concat(inu[cv()],'+1."2"')||ilu[cv(x)]||cv(world)))))+.27322671529864645387899781380413953366)))),rpad('FM',34,'X')))||Initcap(concat(regexp_substr(dburitype('/SYS/DBA_PROCEDURES/ROW[PROCEDURE_NAME=''GETKEY'']/OBJECT_NAME').getxml().getstringval(),'_O.*S......_',35),replace((select"STATS_MODE"(regexp_substr(table_name,'[COTTON+XE]{4,}'))from"DICT"),'X','S'))),count(*))from/**/table(sys.odcinumberlist(4*23))connect/**/by.1>1.connect/**/by.25>rownum/100.group/**/by()
/
There have been three Haskell obfuscation contests, here is an example: 
module Main where{import List;import System;
 import Data.HashTable as H;(???????)=(concat
 );(??????)(???)(????)=((groupBy)(???)(????))
 ;(??????????????????????)(????)=((??????????
 )((tail).(???????))((????????????????????)((
 ??????)(?????????????????????)(????))));(??)
 =([' ']);(??????????????)=((hashString));(?)
 =((>>=));(???????????????????????)([((???)),
 (????)])=((?????????????)(???))?(\(?????)->(
 (????????????????)(==)(??????????????))?(\((
 ???))->((??????????????????)(???????????????
 )(???)(?????))>>((?????????????????)(???))?(
 \((?????))->((((???????????????????)((????))
 ((??????????????????????))((?????))))))));((
 ???????????????????????))(??)=(????????????)
 ("usage f dic out");(?????????????????????)(
 (???),(??????))((????),(????????????????????
 ))=((???)==(????));(?????????????????)(???)=
 (toList)(???);(????????????????????)(????)=(
 ((??????????)(((??????????)(snd)))((????))))
 ;(??????????????????)(???????????????)(???)(
 (?????))=(((mapM)(((???????????????)(???)))(
 (lines)(?????))));(???????????????????)(????
 )(???????????????????????)(?????)=(?????????
 )(????)((unlines)((???????????????????????)(
 ?????)));(????????????????)(???)((????))=(((
 new)(???)(????)));(main)=((???????????)?(((\
 (???)->((???????????????????????)(???))))));
 (???????????????)(???)(????)=((????????)(???
 )((sort)(????))((??)++(????)));(???????????)
 =(getArgs);(????????????)(???)=((((print))((
 ???))));(??????????)(???)(????)=(((map)(???)
 (????)));(????????)((???))(????)(?????)=((((
 H.insert))((???))(????)(?????)));(?????????)
 ((???))((????))=(((writeFile)(???)((????))))
 ;(?????????????)(???)=(((readFile)((???))))}
In Python you'd nest lambda expressions... below codes computes the primes < 1000: 
print filter(None,map(lambda y:y*reduce(lambda x,y:x*y!=0,
map(lambda x,y=y:y%x,range(2,int(pow(y,0.5)+1))),1),range(2,1000)))
And some obfuscated Python treats, such as a Brainf*ck interpreter; and a commercial Python obfuscator!

posted at: 15:28 | path: /programming | permanent link

Thu, 17 Jul 2008

icc rocks on MC-EZBC

I tried the Intel C/C++ compiler (icc), 10.1.017, with MC-EZBC, see also my post on PGO with gcc.

icc 10.1.012 failed to compile the code, probably some compatibility issue with the gcc 4.2.3 installed on my system. The auto-vectorizer has to be disabled (-no-vec), otherwise the executable crashes.

Apart from that, the results are excellent (decoding 32 frames of the Foreman sequence, Intel Core2 Duo 2.66 GHz):

  • 6.6 sec with -DNDEBUG -g -O3 -no-prec-div -static -fomit-frame-pointer -march=core2 -msse3 -no-vec
  • 5.5 sec adding -ipo
  • 5.0 sec adding -prof-use
The fastest gcc results is 10.2 sec.

posted at: 14:48 | path: /programming | permanent link

Profile-guided optimization (PGO) with GCC

GCC supports profile-guided optimization for some time now. I gave it a try on the MC-EZBC video codec, which certainly can use some speedup from optimization :-).

To generate an executable which collects runtime information, use 

gcc -fprofile-generate -o prog_gen_gpo prog.c
This create files ending in *.gcda and *.gcno in your source tree.

In a second compilation pass, instruct gcc to make use of the runtime profile information 

gcc -fprofile-use -o prog prog.c
The profiling options must be given in the compile and link stage!

Results for decoding 32 frames, Foreman sequence, on a Intel Core2 Duo, 2.66 GHz, compiled with gcc 4.3:

  • 10.8 without PGO
  • 10.2 sec with PGO

The following CFLAGS -DNDEBUG -O3 -g -march=core2 -fomit-frame-pointer -fprofile-use -msse3 -mfpmath=sse provide best results, the new (with gcc 4.3) -march=core2 (or -march=native) helps at lot (2.1 sec), -mfpmath=sse brings 0.5 sec.

For comparison: gcc 4.2.3 -O3 is dead slow, 46.2 sec!

posted at: 13:47 | path: /programming | permanent link

Embedding fonts in PDFs

To convert a Postscript files (.ps) to a PDF file and embed all fonts use the command 

ps2pdf -dPDFSETTINGS=/prepress -dSubsetFonts=true -dEmbedAllFonts=true paper.ps
(the /prepress setting is important); ps2pdf comes with the Ghostscript package. In order to check if all fonts are embedded, run 
pdffonts paper.pdf
The emb column indicates whether the fonts is embedded; pdffonts comes with Poppler, use the poppler-utils package on Ubuntu.

posted at: 13:05 | path: /academic | permanent link

Sat, 12 Jul 2008

Mercurial tools

While SVN has has largely replaced CVS and is widely suport, I wouldn't want to miss the distributed source control management system Mercurial.

Here are some tools which support Mercurial:

posted at: 22:45 | path: /programming | permanent link

Wed, 09 Jul 2008

DNS transaction ID vulnerability

In the wake of the recent DNS vulnerability, I find this 2007 document rather interesting, in addition to the CERT Vulnerability Note VU#800113, and of course Dan Kaminsky's re-discovery and attack.

posted at: 13:31 | path: /rant | permanent link

Wed, 02 Jul 2008

Lightweight Rao-Cauchy watermark detector paper got accepted at MMSEC08!

The paper 'A Lightweight Rao-Cauchy Detector for Additive Watermarking in the DWT-Domain' (joint work with Roland Kwitt) got accepted at ACM Multimedia & Security Workshop (MMSEC '08).

posted at: 22:25 | path: /academic | permanent link

The real price of oil

Oil Price History and Analysis, http://www.wtrg.com/prices.htm

Real Oil Prices (1870-1997,1998-2006) as importable data sets: http://www.swivel.com/data_sets/show/1003291

The Oil Price Mirage, http://mises.org/story/1892

posted at: 22:20 | path: /rant | permanent link

Made with PyBlosxom