Surveillance

1. March, 2015

They say that “good” people have nothing to hide and, therefore, nothing to fear from surveillance.

Everyone of us has something to hide. When we are confronted with out dark side, immediate, temporary loss of memory sets in and we say “I have nothing to hide” because we can’t remember on the spot. The source of this behavior isn’t “being good”, it’s peer pressure and guilt.

Everyone reading these lines has hidden something. Maybe you were not 100% honest when filing your last tax return. Or you lied to the police how many drinks you had. You lie to yourself when you’re speeding, thinking that you’re such a great driver, you can’t possible cause an accident. Maybe you had an affair, or a “harmless” flirt or maybe you visit a brothel. A few years ago, it was social suicide to let anyone, even your best friends, know that you’re homosexual. It still is in many parts of the world. In the “first world,” it’s what has happened during the last party, an awkward sickness, embarrassing thoughts, which odd web sites you’re visiting.

Everyone of us has something to hide. The average person, perfect in sync with the medium of society, is a myth.

People lose jobs over Twitter posts, party photos on Facebook. Some never get a job because of a criminal record or their family name. Police officers with access to surveillance equipment spy on their spouses or look into women’s bathrooms. Many partners of NSA agents were under surveillance without any official mandate.

Which brings us to the core of surveillance: The main product of surveillance isn’t security – it’s extortion.

When secret services pile up incriminating evidence against someone, they don’t tell the police. In most states, they aren’t allowed to. They keep it. For when it’s needed. When “someone” decides that “something” needs to be done and there is no legal way.

Not convinced? Well, if “nothing to hide” was true, then why do politicians, agencies and companies absolutely and firmly reject to let us see what they are doing? “Nothing to hide” is always only used as an argument to watch someone else. It implies “I have nothing to hide, so you don’t need to even try. Go away. Nothing to see here.” (Adam D. Moore, author of Privacy Rights: Moral and Legal Foundations, from “Nothing to hide argument“)

That’s why we need to be concerned about surveillance. We need to discuss what we want to achieve and what the costs are.

Do we want to make mass surveillance illegal? We could but we’d have to close down Google and Facebook.

Do we want total surveillance? Can we evolve all the societies on planet Earth to an extent where we can be honest with anyone about absolutely anything? Do we want to? How many people would get that killed?

Or do we have to strike a balance, find out how much surveillance is healthy, what the open and hidden costs are, how to control the people who use it – because it’s in the nature of most humans to do anything as long as they can get away with it.

It’s not a discussion many people want to have, we have so many things on our minds, but as usual: If we don’t make up our minds, someone else will do it for us. Only with out best interests in mind, of course.


TNBT: Proactive IDEs

13. February, 2015

Imagine this situation: You’re working on some code and you get an exception when you run the unit tests. Next to the output is a link with the text: “User Joe had the same exception two months ago and fixed it with the commit b8cfda02.”

How would that work? We’re using big data for all kinds of things, tracking customer happiness, searching the Internet and discovering terrorist threats (or not).

Standard development teams have about 10 people. That means you have a super computer with 40-80 cores, 160 GB of RAM and 20 TB of disk space connected with a fast LAN in your office already. That beast is usually idling while it waits for the developers to press keys. It would be pretty simple to install a clustered log analyzer on this hardware which simply reads all the log files and reports which Maven and running JUnit test creates. It would be as simple to connect the same database to your version control. That means this system could track all the errors and exceptions that you get when you run unit tests or the whole application.

This information could then be used to detect when someone in the team gets a new exception plus the change sets which fixes them. If the system detects an exception which it has seen before, it can tell you which developer has fixed it or who is currently working on it – instead of wasting your time, you could see the code which contains the solution or ask someone who has already solved the problem.

With proper filtering, the data could be split into internal and framework code. That way, the system could report to library projects where consumers struggle most.

On the large scale of things, this system can tell you which parts of the system are most brittle.

As usual with big data, there are some downsides. The same system would tell you which developer breaks the code most often. Who writes the worst code. If your manager isn’t able to see the human value in his charges, this might not be your best bet.

Related Articles:

  • The Next Best Thing – Series in my blog where I dream about the future of software development

Hibernating openSUSE 13.2 (Harlequin)

8. February, 2015

openSUSE 13.2

I had some trouble to get hibernate (suspend to disk with power off) to work properly on openSUSE 13.2. You can find the problems that I ran into and how I solved them below.

Getting a Boot Menu

Since a while, Linux systems try to hide the fact that they’re Linux. You switch the PC on and after a few seconds, you see a desktop. I hate that. So the first step is to get the boot menu back. Edit /etc/default/grub and look for GRUB_TIMEOUT. It’s 0 now, set it 8:

...
GRUB_DEFAULT=saved
GRUB_HIDDEN_TIMEOUT=8
GRUB_HIDDEN_TIMEOUT_QUIET=true
GRUB_TIMEOUT=8
...

Note: You can’t use YaST for this. YaST can only modify GRUB_HIDDEN_TIMEOUT which is not very useful IMO.

After making these changes, run grub2-mkconfig as explained at the top of /etc/default/grub to update Grub 2’s configuration.

See also: GRUB Manual 2.00: Simple configuration

Authorize Hibernate

If you tend to get this dialog when you try to hibernate:

Legitimierung ist zum Aktivieren des Ruhezustands des Systems notwendig, während andere Benutzer angemeldet sind. – PolicyKit1-KDE_016

then someone else is logged in. In my case, I sometimes have a root shell lying around somewhere or an SSH session. There are two solutions to this problem:

  1. Hibernate. Wait. Realize that the system won’t hibernate. Log in again. Find the error dialog. Close it. Find the root shell. Log out root. Try again. Don’t forget to mumble curses all the time since it’s 2:00am and you want to go to bed instead of fighting a security policy.
  2. Tell polkit that if the user in front of the display wants to hibernate, then simply do it!

To do the second, edit the file /etc/polkit-default-privs.local and append this line:

org.freedesktop.login1.hibernate-multiple-sessions auth_self:auth_self:yes

After making the change, you need to run /sbin/set_polkit_default_privs to activate the changes; no reboot or relog necessary.

The first word in the line is the operation, the second one is the permissions. The default for *.hibernate-multiple-sessions is auth_admin:auth_admin:yes which means “ask for root privileges” which makes sense for a server or a shared PC where people connect remotely. auth_self means “Authentication by the owner of the session that the client originates from is required” which should be good enough for any standalone/private PC.

Related: Polkit man page

Hibernate KDE With a Single Click

Something that I’m missing since a long time is a way to hibernate a KDE desktop at the push of a button. Options from worst to best:

  1. Open the start menu. Try to navigate to the shutdown options without accidentally closing the menu. Wonder which of the options is the right one for the millionth time. Click and hope for the best.
  2. Open a root shell, keep it open at all times and run the command /usr/sbin/pm-hibernate
  3. Use KShutdown
  4. Allow yourself to execute the command /usr/sbin/pm-hibernate via sudo without asking for a password. Put sudo /usr/sbin/pm-hibernate into a script and wrap the script with an icon on the desktop.
  5. Issue the hibernate command via shell script and wrap the script with an icon on the desktop.

Options #1 is too cumbersome. #2 wastes too many resources. #3 isn’t standard and I’ve found it increasingly difficult to find the binary for my system. #4 doesn’t lock your screen so anyone able to turn on your computer can mess with it.

So here is how to do #5. First, we need a shell script$HOME/bin/hibernate with this content:

#!/bin/bash
dbus-send \
  --session \
  --dest=org.freedesktop.PowerManagement \
  --type=method_call \
  /org/freedesktop/PowerManagement org.freedesktop.PowerManagement.Hibernate

How let’s create a button for the script:

  1. Make the script executable with chmod +x $HOME/bin/hibernate
  2. Right click on the desktop, add applet “Folder View” (German: “Ordner”).
  3. Create a new folder $HOME/Hibernate and select this new folder in the settings. That gives you a small window on the desktop that you can size and move – perfect to position our button.
  4. Right click in the new window and create a shortcut for a program.
  5. Enter “Hibernate” as name on the first tab.
  6. On the program tab, select the script.
  7. Click OK.
  8. Open the properties for the new shortcut.
  9. Click the icon to replace it.
  10. In the new dialog, select “Actions” and search for “hib” which should offer you “system-suspend-hibernate” Click the icon to select it.
  11. Click OK
  12. Size and move the folder view to have the button where you want it.

Artificial Intelligence Joke

16. January, 2015

Slightly adjusted version of a Dilbert strip:

Boss: I want you to create an artificial intelligence that is as smart as me.

Engineer: OK.

Ten minutes pass.

Engineer: Done.

Boss: Wow, you’re fast.

Engineer: … Yes.


Eclipse is Slow – Finding out Why

8. January, 2015

In this article, I’m trying to collect the steps to find out the reason when Eclipse is suddenly slow:

  1. Java GC. To find out if that’s the culprit, go to Window -> Preferences -> General and enable “Show heap status”. You will get a little gauge at the bottom of the Window. If the gauge is almost full, then you probably have too little memory.
    Solutions:
    a) Give Eclipse more memory
    b) Close some projects
    c) Deinstall or disable unnecessary plugins
  2. Check the Eclipse Error Log. Maybe there is a problem under the hood.
  3. Some plugin is acting up. Enable Eclipse’s own logging (see below) and watch the console.
    Some plugins have their own console (Groovy, Maven). In the Console View, click the arrow of the “Open Console” button to get a list. The Stacktrace Console – a useful tool to examine stacktraces from some external source – is also hidden there.
  4. The metadata got corrupted. Clean it.

Enable Eclipse’s Console Logging

When you start a Java application inside of Eclipse, you can see the output in a console view. You can do the same for Eclipse itself.

Open eclipse.ini and add these lines right before -vm (or -vmargs, if there is no -vm line):

-console
-consoleLog
-debug

See “Debug Mode“, “Eclipse runtime options” and “FAQ How do I use the platform debug tracing facility

On Windows, make sure Eclipse is started with java.exe instead of javaw.exe.

Eclipse will log errors and trace information to the console window. Check the output.

Enable Tracing

Many Eclipse plugins offer a range of trace options. You can see them if you open the plugin JARs. Look for a file called “.options”.

If you copy some of those into a file “.options” in the same folder as “eclipse.ini”, you can able various logging options.

Here is an example what the file could look like:

org.eclipse.ui/debug=true 
org.eclipse.ui/trace/graphics=true

Maven m2e Plugin

If the m2e plugin causes problems:

  1. Look into the Maven console.
  2. Try Maven from the command line to see whether it’s a problem with the project in general or with m2e.
  3. Tweak the logging options of m2e by editing
    WORKSPACE_ROOT/.metadata/.plugins/org.eclipse.m2e.logback.configuration

m2e FAQ


App to Manage Terms and Conditions

28. December, 2014

There is this old joke on User Friendly about license agreements: “Have any of you ever actually read a license agreement?” “I have! A few words, anyway …” “And what did the part you read say?” “umm… ‘I accept.'” (whole story starts here; afterwards, someone actually wrote a version of Clippy for Vim called Vigor).

I remembered all this when I saw this video on YouTube:

And that led me to an idea: How about an app which tracks T&C for you? In general, it should take a license and show you the important bits. Then, you could say “okay, I like that and that and I can live with those.” The app would then remember your preferences. For the rest of the terms, you could chose “I grudgingly accept these” or “no business with me because of this term.”

Even better, the app could notify you of terms which don’t apply to you because of local law or because courts ruled them out.

That way, the app could just show you the parts of a new license which you want to know about, that is the parts which you didn’t already agree to and without the parts that you’d accept anyway.


c’t Inhaltsverzeichnis sortieren

23. December, 2014

Eine kleine Hilfe für alle Leser der c’t, welche einfach(er) einige Artikel archivieren wollen: Das verlinkte Script unten sortiert das Inhaltsverzeichnis im Archiv nach Seitenzahl wenn man auf “aktuell” klickt.


Follow

Get every new post delivered to your Inbox.

Join 340 other followers