Interesting that you mentioned kernel security. One of the first rules of kernel security is that every parameter passed into the kernel should be checked for validity before being passed further into the kernel. It’s called “defense in depth” — you should never be able to trigger a crash by passing garbage into a kernel call. Sure, deeper layers of the kernel should also handle the situation, but in production kernels with 3rd party drivers installed you can’t guarantee that, thus that first line of defense. Guess what Linus stripped out of recent kernels in pursuit of the goal of “improving performance”? Yep. π
]]>“For anyone that doesnβt know, I am mainly interested / involved in Free & Open Software hackery, hitting hardware with hammers and have a passion for gambling, snowboarding and other foolhardy exploits with my own health.”
And BTW, he has Cerebral Palsy and other serious ailments, and like me, has been told be assorted *Medical Practitioners* (I have yet to meet a *Medical Expert*) that he would be dead before since he was born. So, we have that in common at least! π π
We even discovered that as well as working well together on IT problems, we work well together at the blackjack table! We went to Crown Casino once, and after an hour had at least 3 dealers and a couple Security guy’s giving us the *evil eye* trying to figure out how we were cheating, ’cause we must have been! π (We weren’t BTW), PD played and I’d suggest now and then when to stay or hit. Don’t ask me, I have no idea how it worked! (There was a bit more involved, PD and I were having a lot of fun with it to the dismay of the dealers, who were changed often, to no avail!) π *shrug*
heh.
]]>My m8, PD, now works at Operational Dynamics and has a blog you might be interested in. π
Operational Dynamics / Blogs / Paul Drain
There’s a lot there, on several topics (including WP annoyances, some you might find useful Bryan) π
I’ve known PD since about ’98, and he’s a really amazing young man. π
Some of his patched 2.4 kernels (circa 2002) are still on Packet Storm:
Files from Paul Drain
PD was also a developer for several projects such as as Firestarter (with Tomas Junnonen).
Firestarter – Contacting the authors
Actually badtux, I’d be surprised if you haven’t come across him somewhere in linux World! π π
We created a security company together in ’98, but for various reasons (mainly health) I had to resign in 2002. We used to go spend our afternoons in our favorite cafe with a stack of napkins (I kid you not! It started one day when an idea struck and we knew we *HAD* to get it down or lose it forever! So We started scribbling madly on napkins (the only paper we had), and yelled for more when we ran out!) and pens, and work on our dream project. The Owner and staff of the Cafe thought it was funy and worderful, and they kinda adopted us and we became a *feature* ! People actually came to see us work (several from the nearby Melb. Uni.) We didn’t mind, and we enjoyed endless free (fantastic) coffee and treats! π When PD and I were working on a problem, not even the *end of the World* could interrupt us. Our #1 Waitress (who was far from dumb, and was the owners daughter) would some times listen to us working on a problem in amazement. She said to us one day (paraphrasing) “You two must be twins! You know you finish each others sentences, and sometimes you just know what the other is thinking! It’s freaky.” We could do more work in one afternoon together than we could do in a week alone. We had an amazing synergy that I miss.
Yeah… good times! *sigh*
]]>And let’s not talk about some of the architectural decisions he made that are still annoying me today. I recently did some work at the block layer to work around locking bugs and bio delivery bugs (in prior Linux kernels you were always guaranteed to get an endio if you did a submit_bio, but on a device pull current kernels just throw the bios away rather than endio’ing them with an error, so I had to deal with that at a higher level by keeping track of my submitted bios and marking my submitted bios as invalid if I got a device pull then invalidating my RAID stripe — since I have no idea what actually got written — and return a write error to whatever filesystem called me). Thing is, this whole block API is a horrific hack to begin with, which was another argument I got into with Linus back in the day when I pointed out that if you were going to have kernel threads and queues anyhow you might as well make them a general purpose thing that was easy and transparent to use, like on Mach or the Amiga, but instead they’ve turned into this horrific mess that is all sorts of inscrutable macros and allocators and deallocators that have magic fields that do magic things that you as a block layer user don’t know about and can run into issues with when their underlying implementation changes especially when locking changes, and … well…. GRRRRR!!!!! I had that discussion with Linus back in I think 1995. I’m still working around Linus’s ego in 2012, 17 years later. SIIIIGH!
And the funny thing was that Linus’s argument in 1995 was *performance*. Well, the only way to make this bogus block layer thingy work in today’s multi-threaded multi-core CPU environment is via spinlocks all over the friggin’ place every time you touch something other than a local variable. Do you know what spinlocks do to performance? Hint: SUCKITUDE! We are no way no how taking advantage of all the CPU power available because the spinlocks are sucking us dry doing nothing but spinning! AGH!
So anyhow, so goes the lament of the unknown Linux kernel programmer :). (Okay, so I do have my name in one module, but all my kernel work other than that has been for commercial companies where I only have to deal with the results of Linus’s ego rather than with Linus himself π ).
]]>It is very hard to talk to them when they miss the point that while the code is elegant and and the logic creative, it doesn’t solve the problem. When people are gathering groups and heating tar, they are not going to appreciate what a great thing the new code is, because it doesn’t do what they need done. I watched a lot of really neat start-ups circle the drain because they forgot they were supposed to be providing customers with solutions.
As soon as Google surrendered to the ‘corporate culture’ they were lost. Everything becomes subsumed to improving profit margins, and nothing else matters.
]]>As someone who has had to try to mediate between Linus Torvalds and one of the top kernel and device driver developers, I can report that he has an ego that rivals Gates & Jobs (RIP). And I sometimes think he’s worse than both. It got so bad (over some serious security concerns my friend had about the kernel code), that my friend told Linus to drop dead and went to work for the BSD consortium as one of their 7 global Code Auditors. He eventually went on to work for Red Hat to develop and manage the security code for their kernel. trust me, Linus can definitely be a *control freak* m8! π
You know that Steve Jobs was the only guy to pull a fast one over Bill, not once, but at least 3 times! The first was in the 70’s (when he got the rights to BASIC for the Apple II for peanuts), the 2nd was in the late 80’s when he had to negotiate a new agreement for that BASIC, and screwed Bill again! gates actually is on record stating that 8that was the biggest mistake he ever made*! I bet Steve is still laughing in his grave. π The third was in the late 90’s, when he caught M$ using code stolen from Quicktime (and other Apple code), and forced M$ to settle out of court and give the code to IE and guarantee to maintain IE, Office and other code for OS-X for a decade, pretty much for free! To save face, and show that *they were really good friends*, M$ bought $150M worth of non-voting Apple stock (which was peanuts as Apple was worth about $4B at that time). Turned out to be not such a bad thing for Gates though, he sold the stock when it was worth a lot more and made a decent profit. Still, Apple was the real winner as they were able to use some of the M$ code to develop their products, and M$ had to *STFU*! π
Jobs was always smarter than Gates, and he was way more creative… but I think he lost the plot when he was forced out and started Next, etc. He was a very changed man when he eventually returned. Sad really.
yes, there is a definite role for thin clients. I think android devices will evolve quickly to fill that niche. You do realize that Google will be even worse than it is now, and worse than M$, Apple and PayPal put together! Now there’s a horrifying thought!
Ahhh, well… π
]]>Aside: just had a feline- caused minor problem with the system and had to kill power to fix it. When I powered back up Firefox came back here and had saved the paragraph above, even though I hadn’t. That was a nice piece of user programming.
The majority of users need an appliance, not a computer.
]]>My mom uses the computer for two things: To send email to her far-flung clan, and to keep up with their Facebook pages. That’s it. So it goes.
]]>