August 2013 Archives

August 21, 2013

openSUSE 12.3

Here is a random recommendation for openSUSE 12.3.  It seems that, while we were all busy moaning about GNOME's recent-ish design decisions, KDE has gradually been becoming absolutely awesome.  Loads of features, fast, stable and looks beautiful.  Switching to openSUSE with KDE after using Fedora with LXDE (up to version 17) is like waking up from a horrible dream.  There were only a tiny number of things that I needed to tweak or fight against after installation.

To whichever programmer did the extra fiddling to make things such that the assignments of the other mouse buttons, no matter how weird, are preserved when you switch between right or left-handed mode: I noticed it and appreciate your work - thank you.

Fun with linking data files

Here's a neat trick that I recently discovered, from here.  Say you have a data file which is needed by your program, and you don't want to bother with installing it in /usr/share/somewhere and having to "make install" every time you want to test a tiny change.  You would also prefer to edit it as a separate file, not weave it into your other source code somehow.  You can achieve this by creating an object out of the file itself and linking it into your binary.  The procedure is quite simple:

$ ld -r -b binary -o myfile.o myfile.txt
$ gcc myprogram.o myfile.o -o myprogram

Then, in C:

extern void *_binary_myfile_txt_start;
extern void *_binary_myfile_txt_size;

void get_data()
size_t len;
char *v;

len = (size_t)&_binary_myfile_txt_size;
v = malloc(len+1);
memcpy(v, &_binary_myfile_txt_start, len);
v[len] = '\0';
printf("myfile.txt contains '%s'\n", v);

Contrary to what's implied by the original article, I don't think you can assume that the data is zero-terminated (why would it add a terminator?  It's binary data as far as the linker is concerned, not text).  This example code includes some extra faffing around to add the terminator.

This technique works quite nicely with automake as well.  In, I put something like this:

src/myfile.o: src/myfile.txt
ld -r -b binary -o src/myfile.o src/myfile.txt
LDADD += src/myfile.o

I use a single at the top level of my project, avoiding "recursive make" where possible, so everything is prefixed with "src/".  The symbols used to find the data in the program therefore look more like this:

extern void *_binary_src_myfile_txt_start;
extern void *_binary_src_myfile_txt_end;

Disadvantages of this technique?  "ld" is not the linker on all platforms supported by autotools, e.g. Mac OS X, so it's not very portable.

How much security is too much?

I've been discussing the recent controversy over mass surveillance with friends and colleagues.  I was struck by how many of them seem to be absolutely fine with it, because "it's to protect you" and "if you haven't done anything wrong, you have nothing to hide".  Perhaps needless to say, I completely object to this kind of mass surveillance for many different reasons.  At the time, I couldn't quite work out why I was so much more offended by the idea of mass surveillance than the people I was talking to, and we decided that it was "because I do so much more online than other people".

But having thought more about it, I can see that this isn't true.  If anything, my exposure to this kind of thing is less than many other people because I know how to take precautions.  Things like using SSL as much as possible, making careful decisions about where to store my data and knowing one end of a PGP key from the other.

The real reason is simpler.  Killing innocent people is such a heinous crime that almost any measure might be justified to prevent it.  It's very hard to look someone in the eye and say that you honestly believe that certain measures should not be taken if there's a chance - however miniscule - that it could prevent them or their child from being killed.  Try it - it's a really nasty thing to do!  But what measures are too much?  Different people have different opinions on what security measures are acceptable, and that's fine.  But many of the measures already taken are unacceptable to me personally, and I don't like that things are getting worse.

  • I draw the line at having all my personal and private communications rummaged through by people I don't know.
  • I draw the line at having absolutely no rights whatsoever if detained and questioned in the UK while in transit through an airport.
  • When I travel, I draw the line at being forced to have an X-ray beam shone directly into my eyes by a "security" scanning machine, especially when I'm not allowed to know anything about how the machine works [1], and having naked pictures taken of me and my (hypothetical) children at the airport [2].  Seriously, if this is acceptable under child pornography laws, then there's something wrong with those laws.

If we don't fight back, we'll get more and more of this kind of thing.  Where will you draw the line?

[1] I plan my itineraries to avoid Manchester airport, even though it's very often conveniently located for me, because it makes particularly extensive use of these scanners.  They recently switched from X-ray to millimetre wave machines, a big improvement, but they only did so because of an administrative issue.

[2] Yes, I realise that most scanners now use "automated threat detection", and I agree that it's a big improvement.  However, I have very little confidence that the machines don't have some kind of test mode which circumvents this, and that no mistakes will ever be made.  As for "the machine doesn't produce a naked picture" - well, it's an image taken using radiation which interacts strongly with your skin and very weakly with your clothes.  If I had to write a textbook definition of a naked picture, that would be precisely it.  And this looks like a naked picture to me.