Posts

Showing posts from 2016

MacOS X Mystery (Challenge)

(Maybe my MacOS X expert friends will know the answer.) This is a mystery that I cannot seem to figure out.  I think its a bug in the operating system, but I cannot seem to figure out the solution, or even explain the behavior to my satisfaction. Occasionally, a shell window (iTerm2) will appear to "forget" my identity. For example: % whoami 501 That's half right... The same command in other window is more correct: % whoami garrett Further, id -a reports differently: The broken window: % id -a uid=501 gid=20(staff) groups=20(staff),501,12(everyone),61(localaccounts),79(_appserverusr),80(admin),81(_appserveradm),98(_lpadmin),33(_appstore),100(_lpoperator),204(_developer),395(com.apple.access_ftp),398(com.apple.access_screensharing),399(com.apple.access_ssh) The working one: % id -a uid=501(garrett) gid=20(staff) groups=20(staff),501(access_bpf),12(everyone),61(localaccounts),79(_appserverusr),80(admin),81(_appserveradm),98(_lpadmin),33(_appstore),

Security Advice to IoT Firmware Engineers

Last Friday (October 16, 2016), a major DDoS attack brought down a number of sites across the Internet.  My own employer was amongst those affected by the wide spread DNS outage. It turns out that the sheer scale (millions of unique botnet members) was made possible by the IoT, and rather shoddy engineering practices. Its time for device manufacturers and firmware engineers to "grow up", and learn how to properly engineer these things for the hostile Internet, so that they don't have to subsequently issue recalls when their customers' devices are weaponized by attackers without their owners knowledge. This blog is meant to offer some advice to firmware engineers and manufacturers in the hope that it may help them prevent their devices from being used in these kinds of attacks in the future. Passwords Passwords are the root of most of the problems, and so much of the advice here is about improving the way these are handled. No Default Passwords Th

Microsoft Hates My Name (Not Me, Just My Name)

In order to debug nanomsg problems on Windows, I recently installed a copy of Windows 8.1 in a VMWare guest VM, along with Visual Studio 14 and CMake 3.5.2.  (Yes, I've entered a special plane of Hell, reserved for just for people who try to maintain cross-platform open source software.  I think this one might be the tenth plane, that Dante skipped because it was just too damned horrible.) Every time I tried to build, I got bizarre errors from the CMake / build process ... like this: Cannot evaluate the item metadata "%(FullPath) Turns out that when I created my account, using the "easy" installation in VMWare, it created my Windows account using my full name.  " Garrett D'Amore ".  Turns out that the software is buggy, and can't cope with the apostrophe in my full name, when it appears in a filesystem path.  Moving the project directory to C:\Projects\nanomsg solved the problem. Really Microsoft?  This is 2016.  I expect

Leaving github

(Brief reminder that this represents my own personal opinion, not necessarily that of any employer or larger open source project.) I am planning to move my personal git repositories (including mangos , tcell , govisor , less-fork , etc.)  from GitHub to GitLab.com .  The reasons for this are fairly simple.  They have nothing to do whatsoever with technology.  I love the GitHub platform, and have been a happy user of it for years now. I would dearly love it if I could proceed with GitHub.  Fortunately GitLab seems to have feature parity with GitHub (and a growing user and project base), so I'm not trapped. The reason for leaving GitHub is because of the  hostility  of it's leadership towards certain classes of people makes me feel that I cannot in good conscience continue to support them. In particular, their HR department is engaging in what is nothing less than race  warfare against white people.  (Especially men, but even white women are being discriminated a

Stepping Down

Updated Nov 9, 2017: When I originally posted this, nearly two years ago, things were different.  As folks may know, I returned back to leadership of nanomsg, and have since released several significant updates including version 1.0.0 and follow ups.  I'm also in the process of a complete architectural redesign and rewrite ( nng ), which is fast nearing completion.  This post is left here for posterity, but if you've wandered here via search-engine, be certain that the nanomsg community is alive and well. (Quick reminder that this blog represents my own opinion, and not necessarily that of any open source project or employer.) For nearly a year, I've been primary maintainer of nanomsg , a library of common lightweight messaging patterns written in C. I was given this mantle when I asked for the nanomsg community to take some action to get forward progress on some changes I had to fix some core bugs, one of which was a protocol bug.  (I am also the creator of mangos