February « 2006 « D-kriptik Blog

Archive for February, 2006

Smile like key logger 1 & 2 or implementation error, software as service, and be the best

Monday, February 27th, 2006

Always approach that person behind the counter with a smile and always asked them how they are doing. Not only is it pleasant, but it will get you better service as well. Most people just take them for granted – if you do not, it will stand out in a good way.

This is key when your seat reservation on that last minute, packed flight you had to book for business is awful. You could use electronic checkin, but you know there are better seats being held open (not available via electronic checkin) and you want one of them.

In DIY news,

Here’s how to make a PS/2 keyboard line keylogger

This was of interest because of a generic saying my buddies and I used to have when I was younger that revolved around attacks, such as social engineering techniques, key loggers, implementation errors, and rubber hoses, that often violated the assumptions of threat models and rendered the security mechanisms of a system moot – we used to say “yeah right, crypto this.” The term derived from our feeling that crypto was often not the weakest link and that claims like such and such crypto being used meant a product/system/whatever was amazingly “secure” were often effectively meaningless. (This previous post comes to mind.)

via Schneier on Security

In this same groove… FUD about “crypto for the masses” still exists, as this article about Skype illustrates. But, the interesting item is this.

[...]For the FBI, keyloggers are a popular choice; they obviate the need for backdoors or for sophisticated computer solutions. They simply steal the password. The same (metaphorical) approach may give them access to Skype calls; rather than breaking the encryption, they simply grab the key and decrypt the data.

There we go. “Yeah right, crypto this.”

Also of note,

The FCC ruled last year that VoIP providers need to offer backdoors into their systems for wiretapping reasons, but Skype isn’t based in the US and so is not subject to the rule. It is subject to the EU’s new Data Retention Directive, though, which may require them to retain call logs and decryption keys for a period of time. If so, real-time monitoring of Skype calls would still be out, but after-the-fact review of recorded calls from people of interest might well be possible for the government.

Key escrow. (Even without key escrow, 1024 bit RSA keys are coming within reach – that means a passive adversary could archive the calls, crack the 1024 bit RSA keys used during key transport (thus compromising the 256 bit AES keys used for data encryption), and satisfy those voyeuristic tendencies.)

via cypherpunks

A simple crypto implementation error.

The Perl Crypt::CBC module versions through 2.16 produce weak
ciphertext when used with block encryption algorithms with blocksize >
8 bytes.

Ciphertext encrypted with Crypt::CBC using the legacy RandomIV header
and the Rijndael cipher is not secure. The latter 8 bytes of each
block are chained using a constant effective IV of null, meaning that
the ciphertext will be prone to differential cryptanalysis,
particularly if the same key was used to generate multiple encrypted
messages. Other >8-byte cipher algorithms will be similarly affected.

Whoops, that ain’t AES in CBC mode.

This article discusses IBM’s belief and moves in the “software as service” area.

The growing interest in hosted applications, or software as a service, among corporate customers has prompted IBM to focus its ISV program on hosting, said Buell Duncan, IBM’s general manager of ISV and developer relations.

“Software as service” fits with this old post, in particular as another example for the following paragraph.

Selling software is so last century, much like long distance call fees. New software is distributed for free virtually immediately after its development, regardless of a company’s desire to sell it, and we could chat about ways to control that, but I don’t think there is much point in that. Services are what matter now.[...examples...]

Coming from a small business background, the real-world example of a successful “software as service” that always comes to mind is salesforce.com. They built a great CRM that should be at the top of the list for consideration by any small business looking at deploying such a tool.

Thanks to Potter for the pointer.

And, everyone here enjoyed this post by Lindstrom.

Don’t be first. Be best… at something. It doesn’t even have to be a product function – it could just as easily be customer service or price.

Amen.

(Should I start splitting these into seperate posts?)

Posted in Crypto, Customer service, Security, Skype, VoIP | 3 Comments »

Leaky egotism

Wednesday, February 22nd, 2006

I noticed Bejtlich’s excerpts from this article along with Lindstrom’s comments on it. An excerpt of the article follows, although I never actually read the article.

“Most days, I just sit at home and chat online while I make money,” 0×80 says. “I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days.” He says his work earns him an average of $6,800 per month, although he’s made as much as $10,000. Not bad money for a high school dropout.

Ignoring disinformation campaigns, these sorts of publicity stunts greatly expose the attacker, from spurring on defenders to detailing previously unknown activities. That is good for us, bad for them.

Here it is a little bit more interesting though because the interviewee may have provided his location via details contained in a photo taken during the interview and published with the article. Lindstrom uses this to reinforce the metadata point.

A month ago, Brian Krebs’ excellent Security Fix blog mentioned the problem of metadata mistakenly leaking information.

the SlashDot crowd pulled metadata from the photos to locate 0×80. One guy even has a link to a Google map that factors in other “color” references.

I suspect Brian wasn’t directly involved in the photo work, but it shows how leaky this stuff can be.

At a more fundamental level though, this is an example of the leakiness of egotism. Everyone can be egostical, and many while in the role of attacker (and defender) have made mistakes, such as saying too much or becoming more and more blatant, because of it, from this botnet guy to spies to presidents.

Which got me thinking, if I was going to setup an attack shop, I would look at the manipulatively beautiful as much as I would look at the manipulatively technical. I’d wager that the beautiful would often be more effective than the technical at attack, but the combination of the two would be devastating. Not a new idea, but it seems a little relevant here.

Oh, and why the “ignoring disinformation campaigns” caveat? Well, think of this interview from a disinformation perspective – everything in the interview, including the photo metadata, could easily have been engineered to meet some ends, such as throwing off law enforcement or exposing an enemy. Hey, you don’t know.

Posted in Security | 2 Comments »

Pretty picture of a secrecy system, etc.

Monday, February 20th, 2006

So, I read this post.

“Encryption only provides confidentiality between the point of encryption and the point of decryption.”

I know it’s a “duh” but it appears that many organizations aren’t actually considering this truism when putting together their encryption strategies.

This brought to mind an old diagram by Shannon in Communication Theory of Secrecy Systems published back in the 1930’s or so.

Also, it reminded me of when companies claim that the information I provide to them is “secured using SSL encryption” when SSL/TLS is only being used to establish an encrypted and MAC’d communications channel between the company’s web site and myself. Granting a secured channel between the company and myself (and this can be a big thing to grant, especially as phishing attacks improve – for example, there are many people working on how to make a web browser help people understand when they are securely communicating with a legimate web site), what happens to the information once it reaches the company and exits this secured channel? What mechanisms are in place to provide CIA then?

For a simple example, there was a small retail business that took customer orders (e.g., name, address, item info, payment info) through its web site over an SSL/TLS session and really pushed “SSL encryption” as showing their commitment to security; however, upon receipt of an order through the web site, they immediately and automatically sent an email message containing the order’s information in the clear out over the Internet to an AOL email address for processing when the owner checked their email.

Update: A post/survey that is related to this post.

Posted in Crypto, Security | 1 Comment »

Customer service and Heathers

Sunday, February 19th, 2006

This post varies from recent topics, but customer service is still important here and I wanted to note a relatively new bar, Heathers, built around customer service and reputation.

I ended up in a small bar called Heathers hidden behind a door at 506 E13th street in lower Manhattan for the second time a few days ago. I got there around 5:30PM EST, and pushed open the door to find the owner, Heather, getting the bar ready for opening. It turned out the place did not open until 6PM, but she invited me to sit down and have a drink anyway. A couple of other people wandered in about 15 minutes later, and she did the same for them. Now, that is not a norm in Manhattan, and it definitely signifies a great local bar.

Heather herself was extroverted and ran around talking to everyone that filtered in. She was the owner and filling in for the normal bartender that night. This was the first bar she owned after having experience working in bars, and she just opened it in December 2005. Heather was not big on advertising, favoring word of mouth for speading information about the bar. In other words, reputation will make or break this place. You know we respect and love that.

With all of this, you could tell that customer service was a core focus here and it showed. Both the bartender the first time I went and the owner this time were friendly, positive, energetic, and quick to please, which translated to attentive service and tasty drinks. They really cared about their customers, and that always stands out. It also translated to a very friendly environment with talkative patrons. (Not to mention, the drink specials were hard to beat.)

In all, from the ultra friendly atmosphere to just plain amazing customer service, Heathers should develop a great reputation and a loyal following. Yet another example for us to look up to, with both an understanding of great customer service and a belief in building a solid reputation.

(While on this topic, upstairs at Marquee on Wednesday nights is still a great experience. Late last Wednesday night when one of the regular DJs, Pete, intervened to throw on some classic tracks and the place just erupted in dancing and smiles from business suits to t-shirts was a typical moment there. These guys know their customers. And, the congenial blending of an upscale lounge and its regular crowd with a downtown rock crowd is just nice to see. I have even squeaked in a bit of business networking there, although it always feels surreal to do so.)

Posted in Customer service | 1 Comment »

Dorkbot-nyc Meeting February 2006

Friday, February 17th, 2006

A little late, but better than never… I did make it over to the dorkbot-nyc meeting a bit after 8PM EST. I missed the first speaker, but I was able to catch the other two.

The second speaker, Anton Perich, discussed a painting machine he first built in the 1970’s and still uses today.

The painting machine looked like a giant printer (without its case). An image would be projected on a giant canvas, and then a print head would go back and forth across a massive canvas, painting line by line a giant image. Using an optical sensor, the head would know what areas to paint (for example, when in a dark part of the projected image, apply paint). The artist would manually intervene throughout the process to tweak the painting.

The most interesting point made was when Perich said he viewed technology as a tool through which he applied his creativity to build the works of art. He did not view the machine as a work of art in and of itself, just as a means to create art. Perich was asked about what the machine was built from, and he just glazed over the large amount of effort that went into building such a thing, as his focus was on the art created with it, not the technical details that went into to building it. (As we often say, technology is a means, not an end.)

Oh, and he discussed a portrait he did of Andy Warhol, who was a friend of his.

After that, the third speaker, Carrie Dashow, presented on a few of her projects. She discussed how her projects were focused on using technology to study human interaction, and she discussed three projects in particular.

The first project (“hello“) was Dashow going around saying hello to random people and recording the interaction. She showed one example where she was passing some person of the street and said hello. The person looked quite puzzled.

Anyway, Dashow made it onto television at one point, and she was made to say hello to random people outside while being filmed. At the same time, she brought with her a hidden camera to take control of the experience and make it her own. The result was amusing.

The second project (“10 Cameras, Caumsett L.I.”) was studying multiple people’s perspectives and the synchronicities between them using video cameras. Dashow gave cameras to 10 people and had them wander around a particular zone in Caumsett State Park. This footage was then shown in an installation, which basically showed all 10 perspectives across 10 monitors, so you could see each person’s viewpoint at any given time.

What I found most interesting were the synchronicities across the group. For example, a plane flying overhead would map across all 10 monitors, being just heard in some views, looked at in other views, etc. Quite interesting.

(Side note: I went to camp in Caumsett State Park during the summer back when I was a little kid. Fun stuff, although my mother didn’t enjoy picking the ticks off me.)

The third project (“Red Light Relay”) Dashow discussed was basically connecting the dots. In a town (Troy) in upstate New York where she went to college, she wanted to pull people together and create sort of network that transmitted a beam of light from one point of town to another. Dashow initiated the first light, and then the next person turned on their light when they saw hers, and so on.

This led her to try the concept with the dorkbot-nyc meeting attendees. Dashow had one person holding a balloon and another person holding a needle, and then had everyone connect to each other by holding hands starting from the balloon person’s free hand and ending with the needle person’s free hand. A signal was sent through this network of people by tapping hands, with each person receiving a tap from one person they were connected and then proceeding to tap the other person they were connected to. The signal was initiated by the balloon person tapping the person they were connected to, and this was meant to trasmit through all of us until it reached the needle person, who would then pop the balloon instead of a regular tap.

Unfortunately, as all of us that have debugged network problems have experienced, the signal went off into the ether and failed to reach its destination. After a bit of debugging, it turned out the attendees were divided into two giant networks, and there was no route between them. Time running out for her presentation, Dashow circumvented these difficulties by creating a tiny network with the people closest to her and sent the signal hopping through them. This worked, and the balloon was popped.

(Yes, it was cheesy, but it was also fun and got everyone talking. You know, sometimes cheesiness is the best way to break the ice.)

All in all, I find myself really enjoying these meetings. Thanks to the speakers and to dorkbot.

Posted in Conferences, Off-topic | 1 Comment »

Fuzzing valentine

Tuesday, February 14th, 2006

Evgeny Legerov and the GLEG team have been fuzzing like mad with their ProtoVer toolset. A quick glance at the recent archives of the Daily Dave list shows 0-days have been just been flying by, the latest coming less than a day ago.

Interesting Isode M-Vault Server 11.3 bug revealed with ProtoVer Sample LDAP (platform: FC4):

Program received signal SIGABRT, Aborted.
[Switching to Thread -1534674000 (LWP 3674)]

Previous examples on the list can be found here, here, here, here, and here.

Dave Aitel puts it best.

One of the reporters on this list should do a paper on “why do fuzzers still work?” Surely if you’re implementing a complex protocol of some sort and you follow this new fangled “test driven development” fad, then clearly you’ve written a few fuzzers in your time. But as Evgeny’s latest entry shows: fuzzers are still more fun than a botnet on all of your ex’s computers. Well, maybe not MORE fun. But nearly as fun. Well, pretty damn fun, anyways

And, via Schneier, yet more stories telling you why to leave that cellphone at home.

But the FBI and the U.S. Department of Justice have seized on the ability to locate a cellular customer and are using it to track Americans’ whereabouts surreptitiously–even when there’s no evidence of wrongdoing.

Lovely.

And, what about all those patches?

Microsoft Security Bulletin Summary for February, 2006
Published: February 14, 2006

Version: 1.0

Included in this advisory are updates for newly discovered vulnerabilities. These vulnerabilities, broken down by severity are:

Critical (2)

Important (5)

But, don’t lose HOPE.

Warning:
Don’t make any plans this summer until you read the following.

HOPE Number Six will be taking place at New York City’s Hotel Pennsylvania on
July 21, 22, and 23, 2006.

Now you can make your plans.

What is HOPE?

The HOPE conferences have been running since 1994. HOPE stands for Hackers On Planet Earth and it has become a gathering point for thousands of computer hackers, phone phreaks, net activists, government spooks, and a whole lot of curious people from all corners of the globe. This will be our sixth one (hence the name) and we expect to continue to grow and have more imaginative events, cool speakers, and fun projects than ever before.

And, via BoingBoing, share a little love.

It’s not a flash mob, it’s a

PILLOW FIGHT!!!

Rules:

1) Tell everyone you know about PILLOW FIGHT!!!
2) Wait for the Ferry Building clock to strike 6:00pm
3) Don’t hit anyone with out a pillow (unless they want it)
4) Don’t hit anyone with a camera
5) HAVE FUN!!!

(Rain plan: put your pillow in a plastic bag, see Rules 1 – 5)

It’s Valentine’s Day afterall, and we love you.

Posted in Off-topic, Security | 1 Comment »

Snow post

Sunday, February 12th, 2006

There was (and still is) so much snow outside, and I spent a good chunk of today helping people dig out. That means my back hurts, and I feel like a fluffy post. You may want to stop reading here.

First, I ended up in the basement of Lit at some point last week, escaping all things fashion week that took over the New York nightlife. Two occurrences seemed a little relevant to this blog.

Someone, a complete stranger, asked me to watch their beer to make sure the bartender did not take it away and to make sure no one put anything in it. I did what she asked, and it reminded of my post here.

Someone, feigning interest in what I was interested in, asked me what got me into IT security.

Short answer, MUDing. (I did not realize how difficult it was to explain MUDs, ending up comparing them to a maze of chat rooms, which I guess worked well enough.)

Long answer, my college locked out my IT account due to MUDing. Now, I should have just gone down to the IT offices, gotten a talk about improper use of campus IT resources, and been given back my access, but I felt the policy was inane and I was too full of angst/conceit to cave to such things (I know, stupid kid). So, I went after the IT infrastructure at my college instead, much like the dumb things we used to do in high school.

At some point, I started thinking about simple ways to catch an attacker (simple example, logging on as professors in the middle of the night from lab terminals – an administrator should notice such behavior, and at least go and talk to the professors to see what was up). Later, I started thinking more and more about how to stop a determined adversary that had been delegated a minimum set of permissions, had plenty of time to work in, and had a lot of access to information (e.g., IT staff, profs, students, friends, mailing lists, web sites, etc.) from gaining more access than they were supposed to have. That was (and is) a hard problem and really was my leap into thinking about security, although it was quite a while before that translated into something useful.

It took a few years after college, but I eventually outgrew the poor behavior. However, the interest in security stuck with me, as is probably obvious to readers of this blog.

Second, I was recently offered a position as a security consultant, which I had to decline. I really want to help people with technology hands on, and I do not want to be limited solely to the security arena. Sure, security is a strong interest of mine and it pays quite well to boot, but bringing people and technology together for the better is much more important to me, of which security is just a part. That is what D-kriptik is trying to do for small businesses and home users, and that is where my energy is being spent.

(Of course, I greatly appreciated the offer and the rounds of beer. )

Third, my impressions of New York fashion week (Fall 2006) after a tiny bit of exposure to it. This is a topic because some of you will be at the RSA conference 2006 this upcoming week, which in many ways is to the security industry as fashion week is to the fashion industry, albeit the RSA conference has much more fluff in its presentations.

Fashion is big business, and fashion week in New York is a mountaintop of fashion networking and marketing in the United States of America. It was beautiful to see.

In the midst of these great heights, I saw the three pinnacles of the fashion business.

I saw designers. These people channeled their creativity and inspiration to paint clothing. The New York shows also let you know the designers meant business, and the designs often felt more wearable than arty.

I saw editors (and lowly commentators). These people decided what will receive the big publicity, both positive and negative, and they pushed the trends, the clothing, the style. They lived to observe and comment on fashion, and they had minions, known as commentators.

I saw buyers. (I have a bias here. ) These people decided what you will see in the stores, and they were amazingly powerful in the fashion world. They chose what will actually be put out there in the real world, and they could take a designer’s runway looks and force a translation to mainstream clothing like no one else.

And, what did I like best? Proenza Schouler. Their designs cut like a razor, and I loved them. I also noted Rodriquez (womens line, not the mens) and Valvo just because those designers clearly loved the women they designed for and it showed in the pieces.

Posted in D-Kriptik, Off-topic | No Comments »

Phone tracking, data erasing, BSD talking, stopped reading, and models eating

Wednesday, February 8th, 2006

My mobile phones are mainly turned off these days because they are old, their batteries barely last a day, and I have other means of receiving calls/messages. Plus, the selling of cell phone records and the tracking capabilities do not make me smile. Nevertheless, once a certain line of phones is updated by my provider, I will upgrade and use mobile phones a bit more again – a consumer to the bone.

Anyway, we all know cell phones can be used to track us. Well, here is another example of that.

On the website, I see the familiar number in my list of “GSM devices” and I click “locate”. A map appears of the area in which we live, with a person-shaped blob in the middle, roughly 100 yards from our home. The phone doesn’t go off at all. There is no trace of what I’m doing on her phone.

If you care enough, it has long been time to turn off that cell phone, or just leave it at home (locked in a safe ).

via cypherpunks

NIST has published a draft “Guidelines for Media Sanitization” for public comment.

When storage media are transferred, become obsolete, or are no longer usable or required by an information system, it is important to ensure that residual magnetic, optical, or electrical representation of data that has been deleted is not easily recoverable. Sanitization refers to the general process of removing data from storage media, such that there is reasonable assurance, in proportion to the confidentiality of the data, that the data may not be retrieved and reconstructed.

This guide will assist organizations and system owners in making practical sanitization decisions based on the level of confidentiality of their information. It does not, and cannot, specifically address all known types of media; however, the described sanitization decision process can be applied universally.

Basically, destruction is best, but overwriting may be satisfactory, depending on one’s needs. Of course, the ideal is to never let sensitive data hit the storage media in plaintext, if it has to hit storage media at all. (Still, RAM and what have you will touch plaintext data and keys.)

Peter Gutmann published the classic paper on wiping data from magnetic storage and solid-state media (I normally refer to this as Gutmann grade wipes – 1-4 pass wipes using random data, or 35 pass wipes using particular patterns and random data for those that like security theater on today’s storage media), and his follow-up covering semiconductor devices. The DOD has published techniques for wiping media (I normally refer to this as military grade wipes – 1 or 3 pass wipes using a single character, or a single charater, its complement, and random data).

via Rootsecure.net

bsdtalk has been flying through podcasts with popular figures in the BSD community.

[here i stopped reading] had me rolling with laughter. Perhaps Ptacek didn’t get the memo – everyone is stoopid that does not use Linux[here i ran out of sarcasm]

In case you didn’t know, models eat.

Posted in Anonymity & Privacy, BSD, Off-topic, Security | 1 Comment »

Services and software 2

Tuesday, February 7th, 2006

Someone I know pointed this article out to me.

Instead, the past two years has seen a proliferation of smaller companies building Web-based applications, sometimes referred to as Web 2.0, as well as open-source companies. Many of these firms can get off the ground with relatively small up-front investments, not the tens of millions of dollars that venture capitalists pumped into new software ventures in years past.

Web 2.0 bubbles aside, this brought to mind an old post here, in reference to businesses catering to small businesses and home users.

Selling software is so last century, much like long distance call fees. New software is distributed for free virtually immediately after its development, regardless of a company’s desire to sell it, and we could chat about ways to control that, but I don’t think there is much point in that. Services are what matter now. A company could build custom software into your architecture and then provides services to clients through this infrastructure. Or, a company could give away their software, perhaps even open source it, and then support customers in using it – build a custom architecture for clients out of it, add specific features requested by customers, support customer developers in modifying it, etc. You know, services.

All of this reminded me of a discussion I had over the holidays with a CTO of a medium-sized business. I talked briefly about my business, and my belief that free software was the future for small businesses and home users, and that businesses would sell services, not software, to support small businesses and home users.

This opinion did not go over well at first, and I am not sure why as there was no explanation. However, the concept gained momentum as the day turned to evening, and the rain picked up. (My opinions are well known, so I will just briefly note some of his thoughts.)

There was some discussion about usability improving in many open source projects, and he said that he could see the big boy distributors like Dell saving on costs by removing expensive software licensing requirements and switching to open source in the future.

We discussed how each of our mothers use their computers, and he made the general point that, given Firefox and Thunderbird running on a Debian derivative GNU/Linux distro with a windows manager like KDE (I said Gnome), and they would be all set. (Of course, as things stand now, this would have to be pre-configured to just work, which may not be trivial, but after that, their normal use would be covered. Sure, they would need our help from time to time, but that is no different from Windows XP.)

Most interesting of all and on the small business side of things, we talked about backend servers. He works at a medium-sized business, and they use information technology quite robustly. In this groove, he discussed their choice of Solaris as a rock solid platform a few years ago, but they have now switched to Enterprise Redhat, which they have found to be just as reliable, fully supported by RedHat, and a fraction of the cost of Solaris. (I am partial to BSD flavors myself, and FreeBSD would have been my choice here based on what he told me about their architecture.)

And, that brings us back to the article that began this post.

Freely available open-source software is becoming increasingly robust and powerful hardware servers are relatively cheap. Five years ago, start-ups would have had to spend tens or hundreds of thousands of dollars for equivalent products.

—

Totally unrelated…

A paper providing a security proof for what was already generally accepted.

HMAC (Bellare, Canetti and Krawczyk, 1996) is a cryptographic-hash-function-based MAC that is widely used both as a MAC and as a PRF. To prove it secure as a PRF, BCK96 assumed both that the compression function was a PRF and that the hash function was weakly collision resistant. In this paper we show that the second assumption is unnecessary, proving the construct is a PRF (and hence a MAC) under the sole assumption that the compression function is a PRF. This helps explain the strength that HMAC has shown even when implemented with hash functions like MD5 and SHA-1 whose weak collision resistance is (fully in the first case and partially in the second) compromised by known attacks. (Known attacks do not compromise the compression functions as PRFs.)

Also, I note the following paper because it is by the designers of AES. The results are purely academic and meaningless to someone like me.

In this paper we study the probability of differentials and characteristics over 2 rounds of the AES with the objective to understand how the components of the AES round transformation interact. We extend and correct the analysis of the differential properties of the multiplicative inverse in GF($2^n$). We show that AES has characteristics with a fixed-key probability that is many times larger than the EDP.

Posted in BSD, Crypto, D-Kriptik | No Comments »

NYC BUG Meeting February 2006

Monday, February 6th, 2006

I made my way over to the NYCBUG meeting a few days ago, which was a talk by Johnny Lam on using Xen with NetBSD.

The meeting started out with administrative announcements. The next NYCBUG meeting will be held somewhere else, as the Apple store is about to undergo some rennovations, but where has yet to be determined. NYCBUG has a TOR node, and Roger Dingledine should be speaking at an upcoming meeting about TOR, which is a talking I am really looking forward to hearing. This was the 2nd anniversary of the NYCBUG public meetings. The NYCBUG web site has been redone, and there are some cool new features, such as submitting port requests. There were also requests for other people to present material at BUG meetings. (I’d love to give a presentation, so hopefully a topic will come to my mind that merges my focuses with subject matter relevant to these meetings. As it stands, the majority of my contribution has been meeting attendance and a couple of glossy posts to the NYCBUG mailing lists. Given TOR is going to be a topic, perhaps the gap is not as wide as I thought.)

After this administrative stuff, Johnny Lam arrived and spoke about Xen. He seemed quite used to public speaking, which is not always the case at NYCBUG meeting (the meetings often serve as a practice forum).

The beginning of the talk was just high level discussion about why to use virtualization at all. The main use is to effectively isolate users and processes, which Unix alone should accomplish by design, but which is often quite hard to accomplish in practice. Johnny discussed the two sides of the spectrum in accomplishing this isolation, and then he discussed virtualization as part of the middle between those extremes. On the one extreme, all servers have their own physical machines. So, the FTP server would be on a separate physical machine from the web server, etc., and so forth and so on. On the other extreme, all servers would be on one machine, and the operating system would be relied upon to keep separation between them all. So, the FTP daemon would be kept separate from the web daemon by process separation, permissioning, etc., and so forth and so on. Virtual machines sort of merge these two extremes, allowing for multiple, logical machines to be running on one physical machine. In theory, each virtual machine is distinct from the other virtual machines and can be viewed as its own machine (although how true that is in practice is a question in my mind).

Johnny went on to talk briefly about Xen and his particular setup. He talked about the privileged domain (domain 0 – think root) and the guest (unprivileged) domains (domain U – think everyone else). Domain 0 essentially serves to manage the guest domains, so Johnny runs only the bare minimum needed to do this in domain 0. The guest domains run everything else.

What really caught my attention though was the usage of file-backed guest domains using encrypted (CGD) virtual disks (VND) (pardon my attempt at NetBSD terminology). Domain 0 would setup the encrypted virtual disks and then configure the guest domains to use them. The setup reminded me of my post about using encrypted memory disks in FreeBSD, as this would be a really cool way to use encrypted memory disks. Take those encrypted memory disks and use them for your virtual machines, which could mean that everything that machine tries to write to disk is encrypted first, but without the fanagling necessary to try to setup FreeBSD with boot/root encrypted. Combine that with encrypted swap for domain 0, and perhaps all the bases are covered. Cool stuff.

That is about it for my notes. Slides can be found here, and audio of the presentation can be found here. Put the two together, and there you go.

Thanks to Johnny for a good talk and to the efforts of NYCBUG.

On a related note, I stumbled across the following.

First off, I found this blog, which seems to keep up with lots of virtualization news, and in it was this post. So, it looks like more than a player is going to be out there for free by VMWare. Cool.

An email circulating in these hours reports GSX Server is going to change name in VMware Server, distributed for free from 6th February.

Second, I found this site via that blog, which discusses the efforts to port Xen to FreeBSD. (I am excited about this, as jails seem more like glorified chroots than full blown virtual machines, unless I am missing something.)

This page is intended to document the work on FreeBSD on Xen and the sun4v hypervisor.

No domain 0 yet, but it is coming.

Totally unrelated, I have heard Berlin’s The Metro mixed seamlessly in quite a few DJ sets recently. That icy track is as cool today as it was in 1982. Who would have imagined transitions like Bloc Party’s Banquet to Berlin’s The Metro back 20 odd years ago when the latter came out? It reminds me of UFS or the unix epoch.

Oh, and a brief post on the last dorkbot-nyc meeting is forthcoming.

Posted in BSD, Conferences, NYCBUG | 2 Comments »

D-kriptik Blog