Last week at eurocrypt, a small group of researchers announced a fairly serious attack against the SHA-1 digest algorithm, which is used in many cryptosystems, including OpenPGP. The general consensus is that we should be “moving in an orderly fashion toward the theater exits,” deprecating SHA-1 where possible with an …
All articles
NYC public services require Microsoft software
Providing city services only to users of specific proprietary software is bad public policy.
I just discovered that New York City's 2009 Summer Youth Employment Program requires Internet Explorer in order to apply online.
Even downloading the pdf version of the application to print out from the site is impossible …
multiple USB serial adapters on a SheevaPlug
I just noticed Matthew Palmer's Insane/Brilliant idea of the day: he proposes to use large sets of USB serial adapters with a sheevaplug as a cheap serial console server.
As part of upstream on cereal, i feel obliged to mention that package as a tool for managing serial console …
Leslie Pack Kaelbling for Ada Lovelace Day
So i'm a couple hours late for Ada Lovelace Day (in my time zone at least), but i wanted to mention Leslie Pack Kaelbling, an excellent technologist who has also had a significant impact on my life.
Her extremely short biography says (in full):
Leslie Pack Kaelbling is Professor of …
Publicly-funded knowledge should be public
I live in the USA. Our government issues many grants to scientists for research via the National Institute of Health. I recently found out about the NIH's recent requirement that publicly-funded research must be published freely online within 12 months. As you can imagine, i think this is a remarkably …
redundant DHCP service for a sprawling LAN?
I'm supporting a medium-sized (\~70 regular clients and a half-dozen servers) LAN. It's a single logical ethernet segment, but it's built as a tree of cascaded switches. DHCP service is provided by a single host running ISC's DHCPD (via dhcp3-server).
DHCP itself is one of the single points of failure …
Stricter GnuTLS rejects outmoded X.509 certs
Recently, several people noticed that GnuTLS behavior did not match its documentation with respect to two significant security concerns, both regarding X.509 certificate validation:
- Certificates with MD5 digests were considered acceptable for validation. They should not be, because of known weaknesses in that digest algorithm.
- Version 1 X.509 …
Python editor/IDE for new (high school) coders?
I'm supporting a class of high school students who are new to programming, and will be learning some python. Most of these students are comfortable with computers, but not hacker types, and few if any of them have written code before.
I'm looking for an editor or an Integrated Development …
target disk mode (sbp-2 mass storage host mode?)
One very convenient feature of Apple's hardware is the ability for their workstations to enter target disk mode. This effectively transforms the machine into a glorified ieee1394 (firewire) block device, which can then be manipulated from outside the machine using the standard SBP-2 protocol.
Is there a way to provide …
Trancendental Nonsense and the Functional Approach
Poking around the web site for Law in Contemporary Society, a class taught this semester by Eben Moglen, (who is counsel for the Free Software Foundation and founder of the Software Freedom Law Center), i found Felix Cohen's Trancendental Nonsense and the Functional Approach, which (according to wikipedia) is …