2008-07-21 Killing Usenet Is A Bad Idea

In a recent news from the EFF, there is an increase to limit the use or block access to Usenet by some ISPs. But NNTP and Usenet can be still useful for new technologies, a nice example of a NNTP server plug-in in a wiki. In such case, you can benefit of Usenet threading using a standard Usenet client or distributing RecentChanges RSS feed in a more efficient way than regularly fetching RSS feeds via HTTP. Old is new and new is old… don't kill the Usenet infrastructure that could support the next interactive business.

Tags: internet freedom wiki usenet

Syndicated 2008-07-21 10:55:10 from AdulauWikiDiary: RecentChanges

2008-06-23 Hardware Random Number Generator Useful

If you have a system machine generating various cryptographic keys, you really need a non predictable state in your entropy pool. To reach a satisfied level of unpredictability, the Linux kernel gathers environmental information in order to feed this famous entropy pool. Of course gathering enough unpredictable information from a deterministic system, it's not a trivial task.

In such condition having an independent random source is very useful to improve unpredictability of the random pool by feeding it continuously. That's also avoid to have your favourite cryptographic software stopping because lacking of entropy (it's often better to stop than generating guessable keys). In the graph below you can clearly see the improvement of the entropy availability. On an idle system, it is difficult for the kernel random generator to gather noise environment as the system is going in a deterministic way while doing "near" nothing. Here the hardware-based random generator is feeding regularly the entropy pool (starting end of Week 24) independently of the system load/use.

If you are the lucky owner of a decent Intel motherboard, you should have the famous Intel FWH 82802AB/AC including a hardware random generator (based on thermal noise). You can use tool like rngd to feed in secure way the Linux kernel entropy pool. In a secure way, I mean really feeding the pool with "unpredictable" data by continuously testing the data with the existing FIPS tests.

That's the bright side of life but I would close this quick post with something from the FAQ from OpenSSL :

1. Why do I get a "PRNG not seeded" error message?
... [some confusing information]
All OpenSSL versions try to use /dev/urandom by default; 
starting with version 0.9.7, OpenSSL also tries /dev/random 
if /dev/urandom is not available.
... [more confusing information]

If I understood the FAQ, by default OpenSSL is using /dev/urandom and not /dev/random first ? If your entropy pool is empty or your hardware random generator is not active, OpenSSL will use the unlimited /dev/urandom version and use the predictable information. Something to remember if your software is still relying on OpenSSL.

Tags: kernel linux security random prng hrng

Syndicated 2008-06-23 14:32:44 from AdulauWikiDiary: RecentChanges

2008-06-15 Internet Liberties Still In Danger

Everything started when government tried to limit the liberties on Internet, the first major case was the Communications Decency Act. The famous blue ribbon campaign of the EFF started due to that legal non-sense in 1996. We thought that we were safe from such stupid regulation in the cyberspace when the US supreme court admitted that the Communications Decency Act was mainly unconstitutional. But the history proven the opposite, governments are continuously trying to limit civil liberties on Internet (and not only in China). It's a fact and seeing such intensity from government to limit our rights in a space where freedom is there by nature, I really have a confirmation (by repeating so many times so many legal trick to achieve a complete on control on Internet) that's an intended purpose to limit our freedom space.

Hopefully there are still an active (from scientific to citizen) community where interesting paper came such as : Cassell, Justine, and Meg Cramer. “High Tech or High Risk: Moral Panics about Girls Online." Digital Youth, Innovation, and the Unexpected. An interesting part is the comparison with telegraph and telephone. The conclusion of the paper also showed the danger of the "moral panic" for women :

And in each case that we have examined, from the telegraph to today, the result of the 
moral panic has been a restriction on girls’ use of technology. As we have described above, 
the telegraph, the telephone, and then the internet were all touted for how easy they were for 
young women to use, and how appropriate it was for young women to use them. Ineluctably, 
in each case, that ease of use and appropriateness became forgotten in a panic about how 
inappropriate the young women’s use of these technologies was, and how dangerous the 
women’s use was to the societal order as a whole. 
In the current case, the panic over girls’ use of technology has taken the form of believing 
in an increased presence of child predators online. But, as we have shown, there has been 
no such increase in predatory behavior; on the contrary, the number of young women who 
have been preyed on by strangers has decreased, both in the online and offline worlds.

Finally, as with uses of communication technologies by women in the past, it is clear 
that participation in social networking sites can fulfill some key developmental imperatives 
for young women, such as forming their own social networks outside of the family, and 
exploring alternate identities. Girls in particular may thrive online where they may be more 
likely to rise to positions of authority than in the physical world, more likely to be able 
to explore alternate identities without the dangers associated with venturing outside of their 
homes alone, more likely to be able to safely explore their budding sexuality, and more likely 
to openly demonstrate technological prowess, without the social dangers associated with the 
term “geek.” And yet, when moral panics about potential predators take up all the available 
airtime, the importance of the online world for girls is likely to be obscured, as are other 
inequalities equally important to contemplate. 

But obviously, I'm still very affected by the continuous flow of bad law (like the recent one from France) or action like blocking Usenet. Do they want to turn Internet into an useless medium where free speech is banned ? and an Internet where so many technical restriction implemented, it becomes impossible to use it.

Tags : freedom internet

Syndicated 2008-06-15 17:07:07 from AdulauWikiDiary: RecentChanges

2008-05-24 My Git To-Do Process

Until very recently, I was using a mixture of text files to maintain a to-do list across my various activities. The problem is some of my to-do and activities are linked and I needed a kind of permanent access to those lists while at work, home or travelling/moving. I also needed to update the list off-line and with the ability to merge them easily. That was working but not perfect and sometime messy.

I found an updated version of the famous todo.txt (a bash script to maintain plain text to-do list) called git-todo.py hosted at (gitorious.org). After a simple test, I decided to move all my to-do lists, idea lists or n lists to git-todo.py. The major work was to recreate all the lists using the simple format of todo.txt but that was straightforward.

So I "centralized" (a big word for a distributed SCM ;-) everything around the to-do master git repository accessible via Internet, nothing really exotic. I have some basic script to always merge the master when I'm starting to work to be sure that the local branch is up to date.

My daily process is roughly described in the diagram but the idea is there. I mixed all my various lists and used the format of todo.txt to tag the entries. That permits me to recover some old ideas lost in my previous messy format. Another big advantage of todo.txt is the ability to change child/parent for each entry. Very handy when you see that a project is going nowhere without making other tasks before.

I have also included the daily idea list where I'm just listing crazy idea coming in my mind or after discussions with a friend or a colleague. That's a way for me to keep a kind of imaginative playground along with more raw task to be done. When an idea is becoming a task (that's often a good news), I just add a tag to link the idea with the current project to work on.

Tags : gtd git todo scm idea

Syndicated 2008-05-24 09:46:47 from AdulauWikiDiary: RecentChanges

2008-05-12 Wiki Creativity Metric An Experiment

Following my past blog entry why creativity metrics are needed , I quickly made an experiment called Wiki Creativity Metric to monitor the activities of some well-known Wiki talking about Wiki (from technology to the use of them). The idea is to have a more positive approach to metrics where we can have more influence. Let's imagine that you have seen that the WCI was down yesterday, that's maybe the time to contribute more to CommunityWiki. If our world is overflowed with today's metrics, indices of all kind, why not inventing our metrics to make the world more free and better. I updated the graph following the excellent feedback from Jean-Etienne Poirrier.

Tags: metrics creativity positivism wiki freedom

Syndicated 2008-05-12 13:31:13 (Updated 2008-05-20 02:06:49) from AdulauWikiDiary: RecentChanges