The cinema was a rare and expensive treat in my youth, so I first came across Raiders of the Lost Ark by recording it from television onto a poor quality VHS. I only mention this as it meant I watched a slightly different film to the one intended, as my copy somehow missed off the first 10 minutes. For those not as intimately familiar with the film as me, this is just in time to see a Belloq demand Dr. Jones hand over the Peruvian head (see above), just in time to learn that Indy loathes snakes, and just in time to see the inadvertent reproduction of two Europeans squabbling over the spoils of a foreign land.
What this truncation did to my interpretation of the film (released thirty years ago today on June 19th 1981) is interesting to explore. Without Jones' physical and moral traits being demonstrated on-screen (as well as missing the weighing the gold head and the rollercoaster boulder scene), it actually made the idea of 'Indiana Jones' even more of a mythical archetype. The film wisely withholds Jones' backstory, but my directors cut deprived him of even more, and counterintuitively imbued him with even more of a legendary hue as the elision made his qualities an assumption beyond question. Indiana Jones, if you can excuse the clich , needed no introduction at all.
Good artists copy, great artists steal. And oh boy, does Raiders steal. I've watched this film about twenty times over the past two decades and it's now firmly entered into my personal canon. But watching it on its thirtieth anniversary was different not least because I could situate it in a broader cinematic context. For example, I now see the Gestapo officer in Major Strasser from Casablanca (1942), in fact just as I can with many of Raiders' other orientalist tendencies: not only in its breezy depictions of backwards sand people, but also of North Africa as an entrep t and playground for a certain kind of Western gangster. The opening as well, set in an equally reductionist pseudo-Peru, now feels like Werner Herzog's Aguirre, the Wrath of God (1972) but without, of course, any self-conscious colonial critique.
I can now also appreciate some of the finer edges that make this film just so much damn fun to watch. For instance, the comic book conceit that Jones and Belloq are a 'shadowy reflection' of one other and that they need 'only a nudge' to make one like the other. As is the idea that Belloq seems to be actually enjoying being evil. I also spotted Jones rejecting the martini on the plane. This feels less like a comment on corrupting effect of alcohol (he drinks rather heavily elsewhere in the film), but rather a subtle distancing from James Bond. This feels especially important given that the action-packed cold open is, let us be honest for a second, ripped straight from the 007 franchise.
John William's soundtracks are always worth mentioning. The corny Raiders March does almost nothing for me, but the highly-underrated 'Ark theme' certainly does. I delight in its allusions to Gregorian chant, the diabolus in musica and the Hungarian minor scale, fusing the Christian doctrine of the Holy Trinity (the stacked thirds, get it?), the ars antiqua of the Middle Ages with an 'exotic' twist that the Russian Five associated with central European Judaism.
The best use of the ark leitmotif is, of course, when it is opened. Here, Indy and Marion are saved by not opening their eyes whilst the 'High Priest' Belloq and the rest of the Nazis are all melted away. I'm no Biblical scholar, but I'm almost certain they were alluding to Leviticus 16:2 here:
The Lord said to Moses: Tell your brother Aaron that he is not to come whenever he chooses into the Most Holy Place behind the curtain in front of the atonement cover on the ark, or else he will die, for I will appear in the cloud above the mercy seat.
But would it be too much of a stretch to also see the myth of Orpheus and Eurydices too? Orpheus's wife would only be saved from the underworld if he did not turn around until he came to his own house. But he turned round to look at his wife, and she instantly slipped back into the depths:
For he who overcome should turn back his gaze
Towards the Tartarean cave,
Whatever excellence he takes with him
He loses when he looks on those below.
Perhaps not, given that Marion and the ark are not lost in quite the same way. But whilst touching on gender, it was interesting to update my view of archaeologist Ren Belloq. To countermand his slight queer coding (a trope of Disney villains such as Scar, Jafar, Cruella, etc.), there is a rather clumsy subplot involving Belloq repeatedly (and half-heartedly) failing to seduce Marion. This disavows any idea that Belloq isn't firmly heterosexual, essential for the film's mainstream audience, but it is especially important in Raiders because, if we recall the relationship between Belloq and Jones: 'it would take only a nudge to make you like me'. (This would definitely put a new slant on 'Top men'.)
However, my favourite moment is where the Nazis place the ark in a crate in order to transport it to the deserted island. On route, the swastikas on the side of the crate spontaneously burn away, and a disturbing noise is heard in the background. This short scene has always fascinated me, partly because it's the first time in the film that the power of the ark is demonstrated first-hand but also because gives the object an other-worldly nature that, to the best of my knowledge, has no parallel in the rest of cinema.
Still, I had always assumed that the Aak disfigured the swastikas because of their association with the Nazis, interpreting the act as God's condemnation of the Third Reich. But now I catch myself wondering whether the ark would have disfigured any iconography as a matter of principle or whether their treatment was specific to the swastika. We later get a partial answer to this question, as the 'US Army' inscriptions in the Citizen Kane warehouse remain untouched.
Far from being an insignificant concern, the filmmakers appear to have wandered into a highly-contested theological debate. As in, if the burning of the swastika is God's moral judgement of the Nazi regime, then God is clearly both willing and able to intervene in human affairs. So why did he not, to put it mildly, prevent Auschwitz? From this perspective, Spielberg appears to be limbering up for some of the academic critiques surrounding Holocaust representations that will follow Schindler's List (1993).
Given my nostalgic and somewhat ironic attachment to Raiders, it will always be difficult for me to objectively appraise the film. Even so, it feels like it is underpinned by an earnest attempt to entertain the viewer, largely absent in the affected cynicism of contemporary cinema. And when considered in the totality of Hollywood's output, its tonal and technical flaws are not actually that bad or at least Marion's muddled characterisation and its breezy chauvinism (for example) clearly have far worse examples.
Perhaps the most remarkable thing about the film in 2021 is that it hasn't changed that much at all. It spawned one good sequel (The Last Crusade), one bad one (The Temple of Doom), and one hardly worth mentioning at all, yet these adventures haven't affected the original Raiders in any meaningful way. In fact, if anything has affected the original text it is, once again, George Lucas himself, as knowing the impending backlash around the Star Wars prequels adds an inadvertent paratext to all his earlier works.
Yet in a 1978 discussion prior to the creation of Raiders, you can get a keen sense of how Lucas' childlike enthusiasm will always result in something either extremely good or something extremely bad somehow no middle ground is quite possible. Yes, it's easy to rubbish his initial ideas 'We'll call him Indiana Smith! but hasn't Lucas actually captured the essence of a heroic 'Americana' here, and that the final result is simply a difference of degree, not kind?
The cinema was a rare and expensive treat in my youth, so I first came across Raiders of the Lost Ark by recording it from television onto a poor quality VHS. I only mention this as it meant I watched a slightly different film to the one intended, as my copy somehow missed off the first 10 minutes. For those not as intimately familiar with the film as me, this is just in time to see a Belloq demand Dr. Jones hand over the Peruvian head (see above), just in time to learn that Indy loathes snakes, and just in time to see the inadvertent reproduction of two Europeans squabbling over the spoils of a foreign land.
What this truncation did to my interpretation of the film (released thirty years ago today on June 19th 1981) is interesting to explore. Without Jones' physical and moral traits being demonstrated on-screen (as well as missing the weighing the gold head and the rollercoaster boulder scene), it actually made the idea of 'Indiana Jones' even more of a mythical archetype. The film wisely withholds Jones' backstory, but my directors cut deprived him of even more, and counterintuitively imbued him with even more of a legendary hue as the elision made his qualities an assumption beyond question. Indiana Jones, if you can excuse the clich , needed no introduction at all.
Good artists copy, great artists steal. And oh boy, does Raiders steal. I've watched this film about twenty times over the past two decades and it's now firmly entered into my personal canon. But watching it on its thirtieth anniversary was different not least because I could situate it in a broader cinematic context. For example, I now see the Gestapo officer in Major Strasser from Casablanca (1942), in fact just as I can with many of Raiders' other orientalist tendencies: not only in its breezy depictions of backwards sand people, but also of North Africa as an entrep t and playground for a certain kind of Western gangster. The opening as well, set in an equally reductionist pseudo-Peru, now feels like Werner Herzog's Aguirre, the Wrath of God (1972) but without, of course, any self-conscious colonial critique.
I can now also appreciate some of the finer edges that make this film just so much damn fun to watch. For instance, the comic book conceit that Jones and Belloq are a 'shadowy reflection' of one other and that they need 'only a nudge' to make one like the other. As is the idea that Belloq seems to be actually enjoying being evil. I also spotted Jones rejecting the martini on the plane. This feels less like a comment on corrupting effect of alcohol (he drinks rather heavily elsewhere in the film), but rather a subtle distancing from James Bond. This feels especially important given that the action-packed cold open is, let us be honest for a second, ripped straight from the 007 franchise.
John William's soundtracks are always worth mentioning. The corny Raiders March does almost nothing for me, but the highly-underrated 'Ark theme' certainly does. I delight in its allusions to Gregorian chant, the diabolus in musica and the Hungarian minor scale, fusing the Christian doctrine of the Holy Trinity (the stacked thirds, get it?), the ars antiqua of the Middle Ages with an 'exotic' twist that the Russian Five associated with central European Judaism.
The best use of the ark leitmotif is, of course, when it is opened. Here, Indy and Marion are saved by not opening their eyes whilst the 'High Priest' Belloq and the rest of the Nazis are all melted away. I'm no Biblical scholar, but I'm almost certain they were alluding to Leviticus 16:2 here:
The Lord said to Moses: Tell your brother Aaron that he is not to come whenever he chooses into the Most Holy Place behind the curtain in front of the atonement cover on the ark, or else he will die, for I will appear in the cloud above the mercy seat.
But would it be too much of a stretch to also see the myth of Orpheus and Eurydices too? Orpheus's wife would only be saved from the underworld if he did not turn around until he came to his own house. But he turned round to look at his wife, and she instantly slipped back into the depths:
For he who overcome should turn back his gaze
Towards the Tartarean cave,
Whatever excellence he takes with him
He loses when he looks on those below.
Perhaps not, given that Marion and the ark are not lost in quite the same way. But whilst touching on gender, it was interesting to update my view of archaeologist Ren Belloq. To countermand his slight queer coding (a trope of Disney villains such as Scar, Jafar, Cruella, etc.), there is a rather clumsy subplot involving Belloq repeatedly (and half-heartedly) failing to seduce Marion. This disavows any idea that Belloq isn't firmly heterosexual, essential for the film's mainstream audience, but it is especially important in Raiders because, if we recall the relationship between Belloq and Jones: 'it would take only a nudge to make you like me'. (This would definitely put a new slant on 'Top men'.)
However, my favourite moment is where the Nazis place the ark in a crate in order to transport it to the deserted island. On route, the swastikas on the side of the crate spontaneously burn away, and a disturbing noise is heard in the background. This short scene has always fascinated me, partly because it's the first time in the film that the power of the ark is demonstrated first-hand but also because gives the object an other-worldly nature that, to the best of my knowledge, has no parallel in the rest of cinema.
Still, I had always assumed that the Aak disfigured the swastikas because of their association with the Nazis, interpreting the act as God's condemnation of the Third Reich. But now I catch myself wondering whether the ark would have disfigured any iconography as a matter of principle or whether their treatment was specific to the swastika. We later get a partial answer to this question, as the 'US Army' inscriptions in the Citizen Kane warehouse remain untouched.
Far from being an insignificant concern, the filmmakers appear to have wandered into a highly-contested theological debate. As in, if the burning of the swastika is God's moral judgement of the Nazi regime, then God is clearly both willing and able to intervene in human affairs. So why did he not, to put it mildly, prevent Auschwitz? From this perspective, Spielberg appears to be limbering up for some of the academic critiques surrounding Holocaust representations that will follow Schindler's List (1993).
Given my nostalgic and somewhat ironic attachment to Raiders, it will always be difficult for me to objectively appraise the film. Even so, it feels like it is underpinned by an earnest attempt to entertain the viewer, largely absent in the affected cynicism of contemporary cinema. And when considered in the totality of Hollywood's output, its tonal and technical flaws are not actually that bad or at least Marion's muddled characterisation and its breezy chauvinism (for example) clearly have far worse examples.
Perhaps the most remarkable thing about the film in 2021 is that it hasn't changed that much at all. It spawned one good sequel (The Last Crusade), one bad one (The Temple of Doom), and one hardly worth mentioning at all, yet these adventures haven't affected the original Raiders in any meaningful way. In fact, if anything has affected the original text it is, once again, George Lucas himself, as knowing the impending backlash around the Star Wars prequels adds an inadvertent paratext to all his earlier works.
Yet in a 1978 discussion prior to the creation of Raiders, you can get a keen sense of how Lucas' childlike enthusiasm will always result in something either extremely good or something extremely bad somehow no middle ground is quite possible. Yes, it's easy to rubbish his initial ideas 'We'll call him Indiana Smith! but hasn't Lucas actually captured the essence of a heroic 'Americana' here, and that the final result is simply a difference of degree, not kind?
Welcome to gambaru.de. Here is my monthly report (+ the first week in December) that covers what I have been doing for Debian. If you re interested in Java, Games and LTS topics, this might be interesting for you.
Debian Games
I updated ufoai, UFO: Alien Invasion, and had to remove its map editor uforadiant because it depends on obsolete GTK 2 libraries. This prevented the removal of the whole game from testing. Upstream is looking for help to port the editor to GTK 3.
ArmagetronAD, a light cycle game, was updated to version 0.2.9.0.1 and then to 0.2.9.1.0. Apparently the developers had some Corona related spare time and fixed various bugs.
I could fix a display error in bastet s highscore list, a ncurses falling block game. (#931550)
At the end of the release cycle I usually update all of my remaining packages which haven t been updated already. Most of the time I check if a package is still Policy compliant with the latest released version of the Debian Policy and I switch to the latest debhelper compatibility level and do some other polishing. This affected the following games: abe, amoebax, late, zangband, brainparty, dangen, and etw.
I also packaged new versions of berusky, a sokoban game, and freeciv, the famous strategy game and
sponsored a bug fix update of whichwayisup for Reiner Herrmann and
did a NMU for fonts-play, patch by Martin Erik Werner, to prevent the removal of Red Eclipse, a first person shooter, from testing.
Debian Java
Similar to games I also update the remaining Java packages at the end of the release cycle with focus on my own packages but also other team maintained packages which haven t seen updates for quite a long time. Hence I touched libjcommon-java, libjemmy2-java, libjfreechart-java, libcsv-java, electric and dbus-java. I dropped dbus-java-bin because it was of little value for users, the tools were not working as intended and buggy. The project itself is no longer actively developed but it appears there is a fork with new updates. As long as the reverse-dependencies of libdbus-java continue to function I don t plan to switch though.
Debian LTS
This was my 57. month as a paid contributor and I have been paid to work 12 hours on Debian LTS, a project started by Rapha l Hertzog. In that time I did the following:
DLA-2447-1. Issued a security update for libxstream-java fixing 1 CVE.
Triaged the open CVE in webcit as ignored in line with the latest version in Buster. The package was recently removed from Debian.
Completed the package upgrade of pacemaker. My local tests finished successfully but I will only upload it if I get positive feedback from the users who reported the previous regression. The update would fix all remaining security issues but as with any new version there is a risk of introducing regressions.
Continued the work on ansible.
ELTS
Extended Long Term Support (ELTS) is a project led by Freexian to further extend the lifetime of Debian releases. It is not an official Debian project but all Debian users benefit from it without cost. The current ELTS release is Debian 8 Jessie . This was my 30. month and I have been paid to work 15 hours on ELTS.
ELA-326-1. Issued a security update for libxstream-java fixing 1 CVE.
ELA-329-1. Investigated the eight remaining CVE in jasper. I could fix four CVE. It looks the rest is either not security relevant or can only be observed when jasper is compiled with ASAN.
Investigated the remaining CVE in phpmyadmin and synced the fixes from Stretch with the released version in Jessie.
An earlier article showed that
private key storage is an important problem to solve in any
cryptographic system and established keycards as a good way to store
private key material offline. But which keycard should we use? This
article examines the form factor, openness, and performance of four
keycards to try to help readers choose the one that will fit their
needs.
I have personally been using a YubiKey NEO, since a 2015
announcement
on GitHub promoting two-factor authentication. I was also able to hook
up my SSH authentication key into the YubiKey's 2048 bit RSA slot. It
seemed natural to move the other subkeys onto the keycard, provided that
performance was sufficient. The mail client that I use,
(Notmuch), blocks when decrypting messages,
which could be a serious problems on large email threads from encrypted
mailing lists.
So I built a test harness and got access to some more keycards: I bought
a FST-01 from its creator,
Yutaka Niibe, at the last DebConf and Nitrokey donated a Nitrokey
Pro. I also
bought a YubiKey 4
when I got the NEO. There are of course other keycards out there, but
those are the ones I could get my hands on. You'll notice none of those
keycards have a physical keypad to enter passwords, so they are all
vulnerable to keyloggers that could extract the key's PIN. Keep in mind,
however, that even with the PIN, an attacker could only ask the keycard
to decrypt or sign material but not extract the key that is protected by
the card's firmware.
Form factor
The four keycards have similar form factors: they all connect to a
standard USB port, although both YubiKey keycards have a capacitive
button by which the user triggers two-factor authentication and the
YubiKey 4 can also require a button
press
to confirm private key use. The YubiKeys feel sturdier than the other
two. The NEO has withstood two years of punishment in my pockets along
with the rest of my "real" keyring and there is only minimal wear on the
keycard in the picture. It's also thinner so it fits well on the
keyring.
The FST-01 stands out from the other two with its minimal design. Out of
the box, the FST-01 comes without a case, so the circuitry is exposed.
This is deliberate: one of its goals is to be as transparent as
possible, both in terms of software and hardware design and you
definitely get that feeling at the physical level. Unfortunately, that
does mean it feels more brittle than other models: I wouldn't carry it
in my pocket all the time, although there is a
case
that may protect the key a little better, but it does not provide an
easy way to hook it into a keyring. In the group picture above, the
FST-01 is the pink plastic thing, which is a rubbery casing I received
along with the device when I got it.
Notice how the USB connectors of the YubiKeys differ from the other two:
while the FST-01 and the Nitrokey have standard USB connectors, the
YubiKey has only a "half-connector", which is what makes it thinner than
the other two. The "Nano" form factor takes this even further and almost
disappears in the USB port. Unfortunately, this arrangement means the
YubiKey NEO often comes loose and falls out of the USB port, especially
when connected to a laptop. On my workstation, however, it usually stays
put even with my whole keyring hanging off of it. I suspect this adds
more strain to the host's USB port but that's a tradeoff I've lived with
without any noticeable wear so far. Finally, the NEO has this peculiar
feature of supporting NFC for certain operations, as LWN previously
covered, but I haven't used that
feature yet.
The Nitrokey Pro looks like a normal USB key, in contrast with the other
two devices. It does feel a little brittle when compared with the
YubiKey, although only time will tell how much of a beating it can take.
It has a small ring in the case so it is possible to carry it directly
on your keyring, but I would be worried the cap would come off
eventually. Nitrokey devices are also two times thicker than the Yubico
models which makes them less convenient to carry around on keyrings.
Open and closed designs
The FST-01 is as open as hardware comes, down to the PCB design
available as KiCad files in this Git
repository. The
software running on the card is the
Gnuk firmware that implements the
OpenPGP card protocol, but you can
also get it with firmware implementing a true random number generator
(TRNG) called
NeuG
(pronounced "noisy"); the device is
programmable through a
standard Serial Wire
Debug (SWD) port. The
Nitrokey Start model also runs the Gnuk firmware. However, the Nitrokey
website announces only ECC and RSA 2048-bit
support for the Start, while the FST-01 also supports RSA-4096.
Nitrokey's founder Jan Suhr, in a private email, explained that this is
because "Gnuk doesn't support RSA-3072 or larger at a reasonable speed".
Its devices (the Pro, Start, and HSM models) use a similar chip to the
FST-01: the STM32F103
microcontroller.
Nitrokey also publishes its hardware designs, on
GitHub, which shows the Pro is basically a
fork of the FST-01, according to the
ChangeLog.
I opened the case to confirm it was using the STM MCU, something I
should warn you against; I broke one of the pins holding it together
when opening it so now it's even more fragile. But at least, I was able
to confirm it was built using the STM32F103TBU6 MCU, like the FST-01.
But this is where the comparison ends: on the back side, we find a SIM
card reader that holds the OpenPGP
card that, in turn, holds
the private key material and does the cryptographic operations. So, in
effect, the Nitrokey Pro is really a evolution of the original OpenPGP
card readers.
Nitrokey confirmed the OpenPGP card featured in the Pro is the same as
the one shipped by
the Free Software Foundation Europe (FSFE): the
BasicCard built by ZeitControl. Those cards,
however, are covered by NDAs and the firmware is only partially open
source.
This makes the Nitrokey Pro less open than the FST-01, but that's an
inevitable tradeoff when choosing a design based on the OpenPGP cards,
which Suhr described to me as "pretty proprietary". There are other
keycards out there, however, for example the
SLJ52GDL150-150k
smartcard suggested by
Debian developer Yves-Alexis Perez, which he prefers as it is certified
by French and German authorities. In that blog post, he also said he was
experimenting with the GPL-licensed OpenPGP
applet implemented by the French
ANSSI.
But the YubiKey devices are even further away in the closed-design
direction. Both the hardware designs and firmware are proprietary. The
YubiKey NEO, for example, cannot be upgraded at all, even though it is
based on an open firmware. According to Yubico's
FAQ,
this is due to "best security practices": "There is a 'no upgrade'
policy for our devices since nothing, including malware, can write to
the firmware."
I find this decision questionable in a context where security updates
are often more important than trying to design a bulletproof design,
which may simply be impossible. And the YubiKey NEO did suffer from
critical security
issue
that allowed attackers to bypass the PIN protection on the card, which
raises the question of the actual protection of the private key material
on those cards. According to Niibe, "some OpenPGP cards store the
private key unencrypted. It is a common attitude for many smartcard
implementations", which was confirmed by Suhr: "the private key is
protected by hardware mechanisms which prevent its extraction and
misuse". He is referring to the use of tamper
resistance.
After that security issue, there was no other option for YubiKey NEO
users than to get a new keycard (for free, thankfully) from Yubico,
which also meant discarding the private key material on the key. For
OpenPGP keys, this may mean having to bootstrap the web of trust from
scratch if the keycard was responsible for the main certification key.
But at least the NEO is running free software based on the OpenPGP card
applet and the
source is still available on
GitHub. The YubiKey 4, on the
other hand, is now closed
source,
which was controversial when the new model was announced last year. It
led the main Linux Foundation system administrator, Konstantin
Ryabitsev, to withdraw his
endorsement
of Yubico products. In response, Yubico argued that this approach was
essential to the security of its
devices,
which are now based on "a secure chip, which has built-in
countermeasures to mitigate a long list of attacks". In particular, it
claims that:
A commercial-grade AVR or ARM controller is unfit to be used in a
security product. In most cases, these controllers are easy to attack,
from breaking in via a debug/JTAG/TAP port to probing memory contents.
Various forms of fault injection and side-channel analysis are
possible, sometimes allowing for a complete key recovery in a
shockingly short period of time.
While I understand those concerns, they eventually come down to the
trust you have in an organization. Not only do we have to trust Yubico,
but also hardware manufacturers and designs they have chosen. Every step
in the hidden supply chain is then trusted to make correct technical
decisions and not introduce any backdoors.
History, unfortunately, is not on Yubico's side: Snowden revealed the
example of RSA security
accepting what renowned cryptographer Bruce Schneier described as a
"bribe"
from the NSA to weaken its ECC implementation, by using the presumably
backdoored Dual_EC_DRBG
algorithm. What makes Yubico or its suppliers so different from RSA
Security? Remember that RSA Security used to be an adamant opponent to
the degradation of encryption standards, campaigning against the
Clipper chip in the first
crypto wars.
Even if we trust the Yubico supply chain, how can we trust a closed
design using what basically amounts to security through obscurity?
Publicly auditable designs are an important tradition in cryptography,
and that principle shouldn't stop when software is frozen into silicon.
In fact, a critical vulnerability called
ROCA
disclosed recently affects closed "smartcards" like the
YubiKey 4
and allows full private key recovery from the public key if the key was
generated on a vulnerable keycard. When speaking with Ars
Technica,
the researchers outlined the importance of open designs and questioned
the reliability of certification:
Our work highlights the dangers of keeping the design secret and the
implementation closed-source, even if both are thoroughly analyzed and
certified by experts. The lack of public information causes a delay in
the discovery of flaws (and hinders the process of checking for them),
thereby increasing the number of already deployed and affected devices
at the time of detection.
This issue with open hardware designs seems to be recurring topic of
conversation on the Gnuk mailing
list. For
example, there was a
discussion
in September 2017 regarding possible hardware vulnerabilities in the STM
MCU that would allow extraction of encrypted key material from the key.
Niibe referred to a
talk
presented at the WOOT 17
workshop, where Johannes Obermaier and Stefan Tatschner, from the
Fraunhofer Institute, demonstrated attacks against the STMF0 family
MCUs. It is still unclear if those attacks also apply to the older STMF1
design used in the FST-01, however. Furthermore, extracted private key
material is still protected by user passphrase, but the Gnuk uses a weak
key derivation function, so brute-forcing attacks may be possible.
Fortunately, there is work in progress to
make GnuPG hash the passphrase before sending it to the keycard, which
should make such attacks harder if not completely pointless.
When asked about the Yubico claims in a private email, Niibe did
recognize that "it is true that there are more weak points in general
purpose implementations than special implementations". During the last
DebConf in Montreal, Niibe
explained:
If you don't trust me, you should not buy from me. Source code
availability is only a single factor: someone can maliciously replace
the firmware to enable advanced attacks.
Niibe recommends to "build the firmware yourself", also saying the
design of the FST-01 uses normal hardware that "everyone can replicate".
Those advantages are hard to deny for a cryptographic system: using more
generic components makes it harder for hostile parties to mount targeted
attacks.
A counter-argument here is that it can be difficult for a regular user
to audit such designs, let alone physically build the device from
scratch but, in a mailing list discussion, Debian developer Ian Jackson
explained
that:
You don't need to be able to validate it personally. The thing spooks
most hate is discovery. Backdooring supposedly-free hardware is harder
(more costly) because it comes with greater risk of discovery.
To put it concretely: if they backdoor all of them, someone (not
necessarily you) might notice. (Backdooring only yours involves
messing with the shipping arrangements and so on, and supposes that
you specifically are of interest.)
Since that, as far as we know, the STM microcontrollers are not
backdoored, I would tend to favor those devices instead of proprietary
ones, as such a backdoor would be more easily detectable than in a
closed design. Even though physical attacks may be possible against
those microcontrollers, in the end, if an attacker has physical access
to a keycard, I consider the key compromised, even if it has the best
chip on the market. In our email exchange, Niibe argued that "when a
token is lost, it is better to revoke keys, even if the token is
considered secure enough". So like any other device, physical compromise
of tokens may mean compromise of the key and should trigger
key-revocation procedures.
Algorithms and performance
To establish reliable performance results, I wrote a benchmark program
naively called crypto-bench
that could produce comparable results between the different keys. The
program takes each algorithm/keycard combination and runs 1000
decryptions of a 16-byte file (one AES-128 block) using GnuPG, after
priming it to get the password cached. I assume the overhead of GnuPG
calls to be negligible, as it should be the same across all tokens, so
comparisons are possible. AES encryption is constant across all tests as
it is always performed on the host and fast enough to be irrelevant in
the tests.
I used the following:
Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz running Debian 9
("stretch"/stable amd64), using GnuPG 2.1.18-6 (from the stable
Debian package)
Nitrokey Pro 0.8 (latest firmware)
FST-01, running Gnuk version 1.2.5 (latest firmware)
I ran crypto-bench for each keycard, which resulted in the following:
Algorithm
Device
Mean time (s)
ECDH-Curve25519
CPU
0.036
FST-01
0.135
RSA-2048
CPU
0.016
YubiKey-4
0.162
Nitrokey-Pro
0.610
YubiKey-NEO
0.736
FST-01
1.265
RSA-4096
CPU
0.043
YubiKey-4
0.875
Nitrokey-Pro
3.150
FST-01
8.218
There we see the performance of the four keycards I tested, compared
with the same operations done without a keycard: the "CPU" device. That
provides the baseline time of GnuPG decrypting the file. The first
obvious observation is that using a keycard is slower: in the best
scenario (FST-01 + ECC) we see a four-fold slowdown, but in the worst
case (also FST-01, but RSA-4096), we see a catastrophic 200-fold
slowdown. When I
presented
the results on the Gnuk mailing list, GnuPG developer Werner Koch
confirmed those "numbers are as expected":
With a crypto chip RSA is much faster. By design the Gnuk can't be as
fast - it is just a simple MCU. However, using Curve25519 Gnuk is
really fast.
And yes, the FST-01 is really fast at doing ECC, but it's also the only
keycard that handles ECC in my tests; the Nitrokey Start and Nitrokey
HSM should support it as well, but I haven't been able to test those
devices. Also note that the YubiKey NEO doesn't support RSA-4096 at all,
so we can only compare RSA-2048 across keycards. We should note,
however, that ECC is slower than RSA on the CPU, which suggests the
Gnuk ECC implementation used by the FST-01 is exceptionally fast.
In
discussions
about improving the performance of the FST-01, Niibe estimated the user
tolerance threshold to be "2 seconds decryption time". In a new
design
using the STM32L432 microcontroller, Aurelien Jarno was able to bring
the numbers for RSA-2048 decryption from 1.27s down to 0.65s, and for
RSA-4096, from 8.22s down to 3.87s seconds. RSA-4096 is still beyond the
two-second threshold, but at least it brings the FST-01 close to the
YubiKey NEO and Nitrokey Pro performance levels.
We should also underline the superior performance of the YubiKey 4:
whatever that thing is doing, it's doing it faster than anyone else. It
does RSA-4096 faster than the FST-01 does RSA-2048, and almost as fast
as the Nitrokey Pro does RSA-2048. We should also note that the Nitrokey
Pro also fails to cross the two-second threshold for RSA-4096
decryption.
For me, the FST-01's stellar performance with ECC outshines the other
devices. Maybe it says more about the efficiency of the algorithm than
the FST-01 or Gnuk's design, but it's definitely an interesting avenue
for people who want to deploy those modern algorithms. So, in terms of
performance, it is clear that both the YubiKey 4 and the FST-01 take the
prize in their own areas (RSA and ECC, respectively).
Conclusion
In the above presentation, I have evaluated four cryptographic keycards
for use with various OpenPGP operations. What the results show is that
the only efficient way of storing a 4096-bit encryption key on a keycard
would be to use the YubiKey 4. Unfortunately, I do not feel we should
put our trust in such closed designs so I would argue you should either
stick with 2048-bit encryption subkeys or keep the keys on disk.
Considering that losing such a key would be catastrophic, this might be
a good approach anyway. You should also consider switching to ECC
encryption: even though it may not be supported everywhere, GnuPG
supports having multiple encryption subkeys on a keyring: if one
algorithm is unsupported (e.g. GnuPG 1.4 doesn't support ECC), it will
fall back to a supported algorithm (e.g. RSA). Do not forget your
previously encrypted material doesn't magically re-encrypt itself using
your new encryption subkey, however.
For authentication and signing keys, speed is not such an issue, so I
would warmly recommend either the Nitrokey Pro or Start, or the FST-01,
depending on whether you want to start experimenting with ECC
algorithms. Availability also seems to be an issue for the FST-01. While
you can generally get the device when you meet Niibe in person for a few
bucks (I bought mine for around \$30 Canadian), the Seeed online
shop says the device is out of
stock
at the time of this writing, even though Jonathan McDowell
said
that may be inaccurate in a debian-project discussion. Nevertheless,
this issue may make the Nitrokey devices more attractive. When deciding
on using the Pro or Start, Suhr offered the following advice:
In practice smart card security has been proven to work well (at least
if you use a decent smart card). Therefore the Nitrokey Pro should be
used for high security cases. If you don't trust the smart card or if
Nitrokey Start is just sufficient for you, you can choose that one.
This is why we offer both models.
So far, I have created a signing subkey and moved that and my
authentication key to the YubiKey NEO, because it's a device I
physically trust to keep itself together in my pockets and I was already
using it. It has served me well so far, especially with its extra
features like U2F and
HOTP
support, which I use frequently. Those features are also available on
the Nitrokey Pro, so that may be an alternative if I lose the YubiKey. I
will probably move my main certification key to the FST-01 and a
LUKS-encrypted USB disk, to keep that certification key offline but
backed up on two different devices. As for the encryption key, I'll wait
for keycard performance to improve, or simply switch my whole keyring to
ECC and use the FST-01 or Nitrokey Start for that purpose.
[The author would like to thank Nitrokey for providing hardware for
testing.]
This article first appeared in the Linux Weekly News.
A long time
ago, I switched my GnuPG setup to a smartcard based one. I kept
using the same master key, but:
copied the rsa4096 master key to a master smartcard, for
when I need to sign (certify) other keys;
created rsa2048 subkeys (for signature, encryption and
authentication) and moved them to an OpenPGP smartcard for daily
usage.
I've been working with that setup for a few years now and it is
working perfectly fine. The signature counter on the OpenPGP basic
card is a bit north of 5000 which is large but not that huge, all
considered (and not counting authentication and decryption key
usage).
One very nice feature of using a smartcard is that my laptop (or
other machines I work on) never manipulates the private key
directly but only sends request to the card, which is a really huge
improvement, in my opinion. But it's also not the perfect solution
for me: the OpenPGP
card uses a proprietary platform from ZeitControl, named BasicCard. We have very few information
on the smartcard, besides the fact that Werner Koch trust
ZeistControl to not mess up. One caveat for me is that the card
does not use a certified secure microcontroler like you would find
in smartcard chips found in debit card or electronic IDs. That
means it's not really been audited by a competent hardware lab, and
thus can't be considered secure against physical attacks. The
cardOS software and the application implementing the OpenPGP
specification are not public either and have not been audited
either, to the best of my knowledge.
At one point I was interested in the Yubikey
Neo, especially since the architecture Yubico used was common:
a (supposedly) certified platform (secure microcontroler, card OS)
and a GlobalPlatform / JavaCard virtual machine. The applet used in
the Yubikey Neo is open-source, too, so
you could take a look at it and identify any issue.
Unfortunately, Yubico transitioned
to a less common and more proprietary infrastructure for Yubikey
4: it's not longer Javacard based, and they don't provide the
applet source anymore. This was not really seen as a good move by a
lot of people, including Konstantin
Ryabitsev (kernel.org administrator). Also, it wasn't
possible even for the Yubico Neo to actually build the applet
yourself and inject it on the card: when the Yubikey leaves the
facility, the applet is already installed and the smartcard is
locked (for obvious security reason). I've tried asking about
getting naked/empty Yubikey with developers keys to load the applet
myself, but it' was apparently not possible or would have required
signing an NDA with NXP (the chip maker), which is not really
possible as an individual (not that I really want to anyway).
In the meantime, a coworker actually wrote an OpenPGP javacard
applet, with the intention to support latest version of the
OpenPGP specification, and especially elliptic curve
cryptography. The applet is called SmartPGP and has been released on ANSSI github
repository. I investigated a bit, and found a
smartcard with correct
specification: certified (in
France or Germany), and supporting Javacard 3.0.4 (required for
ECC). The card can do RSA2048 (unfortunately not RSA4096) and EC
with NIST (secp256r1, secp384r1, secp521r1) and Brainpool (P256,
P384, P512) curves.
I've ordered some cards, and when they arrived started playing.
I've built the SmartPGP applet and pushed it to a smartcard, then
generated some keys and tried with GnuPG. I'm right now in the
process of migrating to a new smartcard based on that setup, which
seems to work just fine after few days.
Part two of this serie will describe how to build the applet and
inject it in the smartcard. The process is already documented here
and there, but there are few things not to forget, like how to lock
the card after provisionning, so I guess having the complete
process somewhere might be useful in case some people want to
reproduce it.
Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you re interested in Java, Games and LTS topics, this might be interesting for you.
Debian Games
The bug fix (#866378) for 3dchess also landed in Stretch and Jessie.
I sponsored Lugaru for Vincent Prat and Martin Erik Werner, a really cool 3D fighting game featuring a rabbit. The game is dfsg-free now and will replace openlugaru.
I uploaded a new revision of clanlib and teg fixing Perl transition bugs. The patches were provided by gregor herrmann. I added myself to Uploaders in case of teg because the package was missing a human maintainer.
I adopted trackballs after I discovered #868983 where Henrique de Moraes Holschuh called attention to a new fork of Trackballs. The current version was broken and unplayable and it was only a matter of time before the game was removed from Debian. I could fix a couple of bugs, forwarded some issues upstream and I believe a nice game was saved.
I uploaded Bullet 2.86.1 to unstable and completed another Bullet transition.
Debian Java
Almost all PDFsam dependencies were accepted into the archive this month. I had to update some of them and removed patches that were needed for the initial bootstrapping. I also uploaded libmetadata-extractor-java to unstable. Now only fontawesomefx is missing to complete the PDFsam update.
Debian LTS
This was my seventeenth month as a paid contributor and I have been paid to work 23,5 hours on Debian LTS, a project started by Rapha l Hertzog. In that time I did the following:
From 24. July until 31. July I was in charge of our LTS frontdesk. I triaged bugs in tinyproxy, varnish, freerdp, ghostscript, gcc-4.6, gcc-4.7, fontforge, teamspeak-server, teamspeak-client, qpdf, nvidia-graphics-drivers and sipcrack. I also pinged Diego Biurrun for more information about the next libav update and replied to questions on the debian-lts mailing list and LTS IRC channel.
DLA 1034-1. Issued a security update for php5 fixing 5 CVE. I discussed CVE-2017-11362 with the security team. We came to the conclusion that it was no security issue but just a normal bug.
DLA 1036-1. Issued a security update for gsoap fixing 1 CVE.
DLA 1037-1. Issued a security update for catdoc fixing 1 CVE.
DLA 613-2. Issued a regression update for roundcube.
DLA 1045-1. Issued a security update for graphicsmagick fixing 10 CVE.
DLA 1047-1. Issued a security update for supervisor fixing 1 CVE.
DLA-1048-1. Issued a security update for ghostscript fixing 8 CVE.
Non-maintainer upload
I uploaded the security fix for spice to unstable which was already fixed in Stretch and earlier versions.
In one of the good parts of the very mixed bag that is "Lo and Behold:
Reveries of the Connected World",
Werner Herzog asks his interviewees what the Internet might dream of, if it
could dream.
The best answer he gets is along the lines of: The Internet of before
dreamed a dream of the World Wide Web. It dreamed some nodes were
servers, and some were clients. And that dream became current reality,
because that's the essence of the Internet.
Three years ago, it seemed like perhaps another dream was developing
post-Snowden, of dissolving the distinction between clients and servers,
connecting peer-to-peer using addresses that are also cryptographic public
keys, so authentication and encryption and authorization are built in.
Telehash is one hopeful attempt at this, others include snow, cjdns, i2p,
etc. So far, none of them seem to have developed into a widely
used network, although any of them still might get there. There are a lot
of technical challenges due to the current Internet dream/nightmare, where
the peers on the edges have multiple barriers to connecting to other
peers.
But, one project has developed something similar to the new dream,
almost as a side effect of its main goals:
Tor's onion services.
I'd wanted to use such a thing in git-annex,
for peer-to-peer sharing and syncing of git-annex repositories. On November
13th, I started building it, using Tor, and I'm releasing it concurrently with
this blog post.
git-annex's Tor support replaces its old hack of tunneling git
protocol over XMPP. That hack was unreliable (it needed a TCP on top of XMPP
layer) but worse, the XMPP server could see all the data being transferred.
And, there are fewer large XMPP servers these days, so fewer users could
use it at all. If you were using XMPP with git-annex, you'll need to switch
to either Tor or a server accessed via ssh.
Now git-annex can serve a repository as a Tor onion service, and that can
then be accessed as a git remote, using an url like
tor-annex::tungqmfb62z3qirc.onion:42913. All the regular git, and
git-annex commands, can be used with such a remote.
Tor has a lot of goals for protecting anonymity and privacy. But the
important things for this project are just that it has end-to-end
encryption, with addresses that are public keys, and allows P2P
connections. Building an anonymous file exchange on top of Tor is not my
goal -- if you want that, you probably don't want to be exchanging git
histories that record every edit to the file and expose your real name by
default.
Building this was not without its difficulties.
Tor onion services were originally intended to run hidden websites,
not to connect peers to peers, and this kind of shows..
Tor does not cater to end users setting up lots of Onion services.
Either root has to edit the torrc file, or the Tor control port can be
used to ask it to set one up. But, the control port is not enabled by
default, so you still need to su to root to enable it. Also, it's difficult
to find a place to put the hidden service's unix socket file that's
writable by a non-root user. So I had to code around this, with a git
annex enable-tor that su's to root and sets it all up for you.
One interesting detail about the implementation of the P2P protocol in
git-annex is that it uses two Free monads to build up actions. There's a Net
monad which can be used to send and receive protocol messages, and a Local
monad which allows only the necessary modifications to files on disk.
Interpreters for Free monad actions can chose exactly which actions to
allow for security reasons.
For example, before a peer has authenticated,
the P2P protocol is being run by an interpreter that refuses to run any
Local actions whatsoever. Other interpreters for the Net monad could be
used to support other network transports than Tor.
When two peers are connected over Tor, one knows it's talking to the
owner of a particular onion address, but the other peer knows nothing about
who's talking to it, by design. This makes authentication harder than it
would be in a P2P system with a design like Telehash.
So git-annex does its own authentication on top of Tor.
With authentication, users would need to exchange absurdly long
addresses (over 150 characters) to connect their repositories. One very
convenient thing about using XMPP was that a user would have connections to
their friend's accounts, so it was easy to share with them. Exchanging long
addresses is too hard.
This is where Magic Wormhole
saved the day. It's a very elegant way to get any two peers in touch
with each other, and the users only have to exchange a short code
phrase, like "2-mango-delight", which can only be used once. Magic Wormhole
makes some security tradeoffs for this simplicity. It's got vulnerabilities
to DOS attacks, and its MITM resistance could be improved. But I'm lucky
it came along just in time.
So, it takes only installing Tor and Magic Wormhole,
running two git-annex commands, and exchanging short code phrases with
a friend, perhaps over the phone or in an encrypted email, to get
your git-annex repositories connected and syncing over Tor.
See the documentation
for details. Also, the git-annex webapp allows
setting the same thing up point-and-click style.
The Tor project blog has throughout December been featuring all kinds of
projects that are using Tor.
Consider this a late bonus addition to that. ;)
I hope that Tor onion services will continue to develop to make them easier
to use for peer-to-peer systems. We can still dream a better Internet.
This work was made possible by all my supporters on
Patreon.
About 10 months ago, we enabled an auto-decrufter in dak. Then after 3 months it had become the top 11th remover . Today, there are only 3 humans left that have removed more packages than the auto-decrufter impressively enough, one of them is not even an active FTP-master (anymore). The current score board:
5371 Luca Falavigna
5121 Alexander Reichle-Schmehl
4401 Ansgar Burchardt
3928 DAK's auto-decrufter
3257 Scott Kitterman
2225 Joerg Jaspert
1983 James Troup
1793 Torsten Werner
1025 Jeroen van Wolffelaar
763 Ryan Murray
For comparison, here is the number removals by year for the past 6 years:
5103 2011
2765 2012
3342 2013
3394 2014
3766 2015 (1842 removed by auto-decrufter)
2845 2016 (2086 removed by auto-decrufter)
Which tells us that in 2015, the FTP masters and the decrufter performed on average over 10 removals a day. And by the looks of it, 2016 will surpass that. Of course, the auto-decrufter has a tendency to increase the number of removed items since it is an advocate of remove early, remove often! .
Data is from https://ftp-master.debian.org/removals-full.txt. Scoreboard computed as:
They are filling old bottles with new wine! This is what the physicist Werner Heisenberg heard exclaiming by his friend and colleague Wolfgang Pauli who, criticizing the approach of the scientists of the time, believed that they had been forcibly glued the notion of quantum on the old theory of the planetary-model of Bohr s atom. Faced with the huge questions introduced by quantum physics, Pauli instead began to observe the new findings from a different point of view, from a new level of reality without the constraints imposed by previous theories.
Newton himself, once he theorized the law of the gravitational field, failing to place it in any of the physical realities of the time, he merely
While I was pondering if I should drop the tclcurl package and get it removed from
Debian Christian Werner from Androwish
(a Tcl/Tk port for Android) started to fix the open bugs.
Thanks a lot Christian!
I've now uploaded a new TclCurl package to unstable based on the code in the new
upstream repository plus the patches from Christian.
In case you're one of the few TclCurl users out there please try the new package.
I'm still pondering if it's worth to keep the package. For the last five years or so I could get along
with the Tcl http module just fine and thus no longer use TclCurl myself. In case someone would like to
adopt it just write me a mail, I'd be happy to give it away.
Finally I found the time and peace to watch one of the strangest movies that I have ever seen, Werner Herzog s (Offical Site, Wikipedia) Fata Morgana (Wikipedia, IMDb). Footage prepared for a SF movie that never realized, converted into an impressionistic allegory and movie full of phantasms.
Fata Morgana is a movie that escapes every description. Having read several critics voices, as well as Herzog s comments in the excellent interview/(auto)biography book Werner Herzog A guide for the perplexed, I was eager to see this old and special movie. Having laid my hand on a collection of Werner Herzog s old movies recently, I prepared some good Japanese sake, and was ready to enjoy the move.
The initial sequence of airplanes landing on a very hot day, again and again, sets the stage for a series of dream-like sequences in this movie. Divided into three parts, the movie tells its story only by visual impressions and the reading of the Mayan creation myth Popol Vuh, at times intermixed with some Leonard Cohen songs. Part One Creation introduces the desert as the origin of the world, accompanied by the initial creation myth before humans were formed. Part 2 Paradise is when humans enter into the desert. Full of ramshackle houses and rotten buildings, the contrast of the spoken words and imaginary cannot be more stunning. The final part 3 The Golden Age is full of absurdities and strange appearances, not surprisingly also most humans appear here.
Watching this movie is more a visual experience for me than about seeing a story line. While there are many ways to interpret the relation between the Popol Vuh and the movie sequences, for me it is more a visual experiment that tries in some sense to hypnotize the audience.
For those who love strange movies, an absolute must. For all others probably a torture.
This year, on top of the many excellent contributed talks, BoFs, and other
events always part of DebConf (some of which have already been announced) we
are excited to have confirmed the following keynote speakers.
During the Open Weekend (Saturday, August 15th and Sunday, August 16th), we
will have keynotes delivered by:
Bradley M. Kuhn,
President, Software Freedom Conservancy / Board of Directors, Free Software Foundation
(Wikipedia page)
Werner Koch,
Creator and Lead Developer, GnuPG Project / g10 Code GmbH
(Wikipedia page)
Bdale Garbee,
Chief Technologist Open Source and Linux, HP / Debian Project
(Wikipedia page)
On the last day of DebConf, we look forward to the closing keynote by:
Jacob Appelbaum,
Security Researcher and Journalist / Tor Project
(Wikipedia page)
For more information about our invited speakers, please see
http://debconf15.debconf.org/invited_speakers.xhtml
Citizenfour Screening
Additionally, there will be a screening of the
Citizenfour movie,
winner of the Best Documentary Feature Academy Award on the evening of Friday,
August 21st.
You still have time to submit your talk
There are only a few days left before the end of the Call for Proposals on June
15th. Events submitted after that date might not be part of the official
DebConf schedule. So, please, hurry, check out the
proposal submission guide
and submit your event.
Regards from the DebConf Team
A small project I worked on during the last few weeks has now come together in new package RcppTOML which arrived on CRAN yesterday.
It provides R with a reader for TOML files. TOML stands for Tom's Obvious Markup Language. And before you roll your eyes, glance at the TOML site. It really is different, and has a number of rather wonderful features:
free-format indentation as you please
comments anywhere, even on the same line
actual types such as string, integer, float, bool and datetime (!!) which are all native
vectors, of course, of the above
arbitrary nesting of tables
Here is a simple illustration where we parse the TOML example file derived from what is part of the main TOML README
R>p <-parseTOML(system.file("toml", "example.toml", package="RcppTOML"))
R>summary(p)
toml object with top-level slots:
clients, database, owner, servers, title
read from /usr/local/lib/R/site-library/RcppTOML/toml/example.toml
R>p
List of 5
$clients :List of 2
..$data :List of 2
.. ..$:chr [1:2] "gamma""delta"
.. ..$:int [1:2] 12
..$hosts:chr [1:2] "alpha""omega"
$database:List of 4
..$connection_max:int 5000
..$enabled :logi TRUE
..$ports :int [1:3] 800180018002
..$server :chr "192.168.1.1"
$owner :List of 4
..$bio :chr "GitHub Cofounder & CEO\\nLikes tater tots and beer."
..$dob :POSIXct[1:1], format: "1979-05-27 07:32:00"
..$name :chr "Tom Preston-Werner"
..$organization:chr "GitHub"
$servers :List of 2
..$alpha:List of 2
.. ..$dc:chr "eqdc10"
.. ..$ip:chr "10.0.0.1"
..$beta :List of 2
.. ..$dc:chr "eqdc10"
.. ..$ip:chr "10.0.0.2"
$title :chr "TOML Example"NULL
R>
See much more at the TOML site. I converted one first project at work to this and it really rocks. Point to a file, get a list back and index all components by their names.
We also added really simple S3 classes to the default print() method uses str() for a more compact presentation of what (in R) is of course nested list types.
Internally, the RcppTOML packages use the splendid cpptoml parser by Chase Geigle. This brings in modern C++11 and makes it that CRAN simply cannot build a binary for R on Windows as the g++ version (still, as of April 2015) in Rtools is too old. There is word of an update to Rtools and that point should we able to support Windows as well. Until then, no mas.
A bit more information is on the package page here as well as as the GitHub repo.
Somalia's chief exports appear to be morally-ambiguous Salon articles about piracy and sophomoric evidence against libertarianism. However, it is the former topic that Captain Phillips concerns itself with, inspired by the hijacking of the Maersk Alabama container ship in 2009.
What is truth? In the end, Captain Phillips does not rise above Pontius Pilate in providing an answer, but it certainly tries using more refined instruments than irony or leaden sarcasm.
This motif pervades the film. Obviously, it is based on a "true story" and brings aboard that baggage, but it also permeates the plot in a much deeper sense. For example, Phillips and the US Navy lie almost compulsively to the pirates, whilst the pirates only really lie once (where they put Phillips in greater danger).
Notice further that Phillips only starts to tell the truth when he thinks all hope is lost. These telling observations become even more fascinating when you realise that they must be based on the testimony of the, well, liars. Clearly, deception is a weapon to be monopolised and there are few limits on what good guys can or should lie about if they believe they can save lives.
Even Phillip's nickname ("Irish") is a falsehood he straight-up admits he is an American citizen.
Futhermore, there is an utterly disarming epilogue where Phillips is being treated for shock by clinical efficient medical staff. Not only will this scuttle any "blanket around the shoulders" clich but is probably a highly accurate portrayal of what actually happens post-trauma. This echoes the kind of truth Werner Herzog aims for in his filmmaking as well his guilt-inducing duality between uncomfortable lingering and compulsive viewing.
Lastly, a starter for a meta-discussion: can a film based on real-world events even be "spoilered"? Hearing headlines on the radio before you read your newspaper hardly robs you of a literary journey...
Captain Phillips does have some quotidian problems. Firstly, the only tool for ratcheting up tension is for the Somalians to launch verbal broadsides at the Americans, with each compromise somehow escalating the situation. This technique is effective but well before the climatic rescue scene where it is really needed it has been subject to the most extreme diminishing returns.
(I cannot be the first to notice the "Africans festooned with guns shouting incomphensively" trope I hope it is based on a Babel-esque mechanism of disorientation from miscommunication rather than anything more unsavoury.)
The racist idea that Africans prefer an AK-47 rotated about the Z-axis is socially constructed.
Secondly, the US Navy acts like a teacher with an Ofsted inspector observing quietly from the corner of the classroom; far too well-behaved it suspends belief, with no post-kill gloating or even the tiniest of post-arrest congratulations. Whilst nobody wants to see the Navy overreact badly to other military branches getting all the glory, nobody wants to see a suspiciously bland recruitment vehicle either. Paradoxically, this hermetic treatment made me unduly fascinated by them as if they were part of some military "uncanny valley". Two quick observations:
All US Somali interactions are recorded by a naval officer. No doubt a value-for-money defense against a USS Abu Ghraib, but knowing the plot is based on factual events, it was perhaps a little too Baudrillardian to ponder how the presence of the Navy's cameras in a scene actually lent weight to the film's version of events, crucially without me even knowing whether the parallel "real-life" footage is verifiable or not.
The navigational computers not only seem to require lines to drawn repeatedly between points of interest, but the Maersk Alabama's arbitrary relabelling as MOTHERSHIP seems to imply that an officer could humourously rename a radar contact to something unbecoming of a 12A classification.
The drone footage: I'd love to write an essay about how Call of Duty might have influenced (or even be) cinema.
Finally, despite the title, the film is actually about two captains; the skillful liar Phillips and ... well, that's the real problem. Whilst Captain Muse is certainly no caricatured Hook, we are offered little depth beyond a "You're not just a fisherman" faux-revelation that leads nowhere. I was left inventing reasons for his akrasia so that he made any sense whatsoever.
One could charitably argue that the film attempts to stay objective on Muse, but the inability for the film to take any obvious ethical stance actually seems to confuse and then compromise the narrative. What deeper truth is actually being revealed? Is this film or documentary?
Worse still, the moral vacuum is invariably filled by the viewer's existing political outlook: are Somali pirates victims of circumstance who are forced into (alas, regrettable) swashbuckling adventures to pacify plank-threatening warlords? Or are they violent and dangerous criminals who habour an irrational resentment against the West, flimsily represented by material goods in shipping containers?
Your improvised answer to this Rorschach test will always sit more haphazardly in the film than any pre-constructed treatment ever could.
6/10
Somalia's chief exports appear to be morally-ambiguous Salon articles about piracy and sophomoric evidence against libertarianism. However, it is the former topic that Captain Phillips concerns itself with, inspired by the hijacking of the Maersk Alabama container ship in 2009.
What is truth? In the end, Captain Phillips does not rise above Pontius Pilate in providing an answer, but it certainly tries using more refined instruments than irony or leaden sarcasm.
This motif pervades the film. Obviously, it is based on a "true story" and brings aboard all that well-travelled baggage, but it also permeates the plot in a much deeper sense. For example, Phillips and the US Navy lie almost compulsively to the pirates, whilst the pirates only really lie once where they put Phillips in greater danger.
Notice further that Phillips only starts to tell the truth when he thinks all hope is lost. These telling observations become even more fascinating when you realise that they must be based on the testimony of the, well, liars. Clearly, deception is a weapon to be monopolised and there are few limits on what good guys can or should lie about if they believe they can save lives.
Even Phillip's nickname ("Irish") is a falsehood he straight-up admits he is an American citizen.
Lastly, there is an utterly disarming epilogue where Phillips is being treated for shock by clinical efficient medical staff. Not only will it scuttle any "blanket around the shoulders" clich but is probably a highly accurate portrayal of what actually happens post-trauma. This echoes the kind of truth Werner Herzog often aims for in his filmmaking as well his guilt-inducing duality between uncomfortable lingering and compulsive viewing.
Another angle worthy of discussion: can a film based on real-world events even be "spoilered"? Hearing headlines on the before you read the newspaper hardly robs you of a literary journey...
Captain Phillips does have some quotidian problems. Firstly, the only tool for ratcheting up tension is for the Somalians to launch verbal broadsides at the Americans, with each compromise somehow escalating the situation further. This technique is genuinely effective but well before the climatic rescue scene where it is really needed it has been subject to the most extreme diminishing returns.
(I cannot be the first to notice the "Africans festooned with guns shouting incomphensively" trope I hope it is based on a Babel-esque mechanism of disorientation and miscommunication rather than anything, frankly, unsavoury.)
The racist idea that Africans prefer a AK-47 rotated about the Z-axis is socially constructed.
Secondly, the US Navy acts like a teacher with an Ofsted inspector observing quietly from the corner of the classroom; far too well-behaved it suspends belief, with no post-kill gloating or even the tiniest of post-arrest congratulations. Whilst nobody wants to see the Navy overreact badly to other military branches getting all the glory, nobody wants to see a suspiciously bland recruitment vehicle either. Paradoxically, this hermetic treatment made me unduly fascinated by them, as if they were part of some military "uncanny valley". Two quick observations:
All US Somali interactions are recorded by a naval officer. No doubt a value-for-money defense against a USS Abu Ghraib, but knowing the plot is based on a factual events, it was perhaps a little too Baudrillardian to ponder how the presence of the Navy's cameras in a scene actually lent weight to the film's version of events, crucially without me even knowing whether the parallel "real life" footage is verifiable or not.
The navigational computers not only seem to require lines to drawn repeatedly between points of interest, but the Maersk Alabama's arbitrary relabelling as MOTHERSHIP seems to imply that an officer could humourously rename a contact to something unbecoming of a 12A classification.
The drone footage: I'd love to read (or write) an essay about how Call of Duty might have influenced cinema.
Finally, despite the title, the film is actually about two captains; the skillful liar Phillips and ... well, that's the real problem. Whilst Captain Muse is certainly no caricatured Hook, we are offered little depth beyond a "You're not just a fisherman" faux-revelation that leads nowhere. I was left inventing reasons for his akrasia so that he made any sense whatsoever.
One could charitably argue that the film attempts to stay objective on Muse, but the inability for the film to take any obvious ethical stance actually seems to confuse and then compromise the narrative. What deeper truth is actually being revealed? Is this film or documentary?
Worse still, the moral vacuum is invariably filled by the viewer's existing political outlook: are Somali pirates victims of circumstance who are forced into (alas, regrettable) swashbuckling adventures to pacify plank-threatening warlords? Or are they violent and dangerous criminals who habour an irrational resentment against the West, flimsily represented by material goods in shipping containers?
Your improvised answer to this Rorschach test will always sit more haphazardly in the film than any pre-constructed treatment ever could.
6/10
Already chilled by Wheezy freeze? It s been a long ride since the release of Squeeze, and your beloved FTP Team tried to assist our tireless developers and contributors at its best. Here are some hot stats to give you a figure about what happened behind the scenes.
Since the release of Squeeze, 7462 .changes files with NEW components were processed by dak, with an average of 14.660 NEW packages per day. On the FTP Team side, we had 6877 accepts (13.511 per day), 641 rejects (1.259 per day) and 280 comments to maintainers (0.550 per day). This table represents the activity by single team member:
Login
Accepts
Rejects
Comments
ansgar
407 accepts (0.800 per day)
71 rejects (0.139 per day)
53 comments (0.104 per day)
dak
12 accepts (0.024 per day)
1 rejects (0.002 per day)
0 comments (0.000 per day)
dktrkranz
4319 accepts (8.485 per day)
381 rejects (0.749 per day)
104 comments (0.204 per day)
joerg
100 accepts (0.196 per day)
12 rejects (0.024 per day)
1 comments (0.002 per day)
mhy
214 accepts (0.420 per day)
14 rejects (0.028 per day)
5 comments (0.010 per day)
stew
67 accepts (0.132 per day)
16 rejects (0.031 per day)
7 comments (0.014 per day)
tolimar
1480 accepts (2.908 per day)
93 rejects (0.183 per day)
84 comments (0.165 per day)
twerner
278 accepts (0.546 per day)
53 rejects (0.104 per day)
26 comments (0.051 per day)
Who were the most prolific maintainers who got a NEW processing? Here is our special top ten:
Debian Perl Group (559 accepts)
Debian Haskell Group (491 accepts)
Debian Ruby Extras Maintainers (285 accepts)
Debian Java Maintainers (257 accepts)
Debian Med Packaging Team (164 accepts)
Debian Multimedia Maintainers (160 accepts)
Debian Fonts Task Force (156 accepts)
Debian Javascript Maintainers (137 accepts)
Debian Python Modules Team (129 accepts)
Debian Qt/KDE Maintainers (98 accepts)
That doesn t reflect the real developers, though. Here s our Changed-By top ten:
Clint Adams (216 accepts)
Jonas Smedegaard (208 accepts)
Ben Hutchings (203 accepts)
Joachim Breitner (153 accepts)
TANIGUCHI Takaki (112 accepts)
Alessio Treglia (101 accepts)
David Paleino (95 accepts)
Nicholas Bamber (76 accepts)
Mathieu Parent (68 accepts)
Jeff Breidenbach (63 accepts)
Clint rocks with tons of Haskell packages, followed by Jonas (mostly Perl packages), and Ben (kernel uploads). Italian cabal stands still, with Alessio and David respectively at 6th and 7th place
How long does a package stay in NEW? Some more, some less, but the average is 3 days, 15 minutes and 21 seconds. Now go and check your dak mails to see whether you had a fast processing or not
liblog4ada 1.2-1 surely had, as it was accepted after 30 seconds! gsoap 2.7.17-1 was not so lucky, it took 103 days, 8 hours, 20 minutes and 43 seconds to clear NEW, but then made its way to the archive. Better late than never
FTP Team is not just accepting NEW packages, but also removing obsolete ones. Here are some details about this task:
Summary: It is important that we (the Debian community that relies on OpenPGP through
GNU Privacy Guard) stop using short key IDs. There is no vulnerability in OpenPGP and GPG.
However, using short key IDs (like 0x70096AD1) is
fundementally insecure; it is easy to generate collisions for short key IDs.
We should always use 64-bit (or longer) key IDs, like: 0x37E1C17570096AD1
or 0xEC4B033C70096AD1.
TL;DR: This now gives two results: gpg --recv-key 70096AD1
Some background, and my two keys
Years ago, I read
dkg's instructions
on migrating the Debian OpenPGP infrastructure. It told me that the time and
effort I had spent getting my key into the strong set wasn't as useful as I
thought it had been.
I felt deflated. I had put in quite a bit of effort over the years to strongly-connect my
key to a variety of signatures, and I had helped people get their own keys into
the strong set this way. If I migrated off my old key and revoked it, I'd be abandoning some
people for whom I was their only link into the strong set. And what fun it was
to first become part of the strong set! And all the eyebrows I raised when I told
people I was going meet up with people I met on a website called
Biglumber... I even made it my
Facebook.com user ID. So if I had to generate a
new key, I decided I had better really love the short key ID.
But at that point,
I already felt pretty attached to the number 0x70096AD1. And I couldn't come up with
anything better. So that settled it: no key upgrade
until I had a new key whose ID is the same as my old key.
That dream has become a reality. Search for my old key ID, and you get two keys!
$ gpg --keyserver pgp.mit.edu --recv-key 0x70096AD1
gpg: requesting key 70096AD1 from hkp server pgp.mit.edu
gpg: key 70096AD1: public key "Asheesh Laroia <asheesh@asheesh.org>" imported
gpg: key 70096AD1: public key "Asheesh Laroia <asheesh@asheesh.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 2
gpg: imported: 2 (RSA: 1)
I also saw it as an opportunity: I know that cryptography tools are tragically easy
to mis-use. The use of 32-bit key IDs is fundamentally incorrect -- too little entropy.
Maybe shocking people by creating two "identical" keys will help speed the transition
away from this mis-use.
A neat stunt abusing --refresh-keys
Thanks to a GNU Privacy Guard bug, it is super easy to get my
new key. Let's say that, like many people, you only have my old key
on your workstation:
$ gpg --keyserver pgp.mit.edu --refresh-keys
gpg: refreshing 1 key from hkp://pgp.mit.edu
gpg: requesting key 70096AD1 from hkp server pgp.mit.edu
gpg: key 70096AD1: public key "Asheesh Laroia <asheesh@asheesh.org>" imported
gpg: key 70096AD1: "Asheesh Laroia <asheesh@asheesh.org>" not changed
gpg: Total number processed: 2
gpg: imported: 1 (RSA: 1)
gpg: unchanged: 1
gpg: no ultimately trusted keys found
You can see that it set out to refresh just 1 key. It did that by querying
the keyserver for the short ID. The keyserver provided two hits for that
query. In the end, GPG refreshes one key and actually imports a new key
into the keyring!
Now you have two:
There is a
bug filed in GNU Privacy Guard about this.
It has a patch attached. There is, at the moment, no plan for a new release.
A faster attack, but nothing truly new
My friend Venkatesh tells me there is an apocryphal old Perl script that
could be used to generate key ID collisions.
Here in the twenty-first century, l33t h4x0rz like Georgi Guninski are
trying to create collisions.
In May 2010, "halfdog" posted a note to the full-disclosure list that generates PGP keys
with chosen short key IDs. I haven't benchmarked or tested that tool, but I have used a
different tool (private for now) that can generate collisions in a similar fashion.
It takes about 3 hours to loop through all key IDs on a dinky little netbook.
You don't have to use any of these tools. You can just rent time on an elastic
computing service or a botnet, or your own personal computer, and generate keys
until you have a match.
I think that it's easy to under-estimate the seriousness of this problem: tools
like the PGP Key Pathfinder should be updated to only
accept 64-bit (or longer) key IDs if we want to trust their output.
My offer: I will make you a key
I've been spending some time wondering: What sort of exciting demonstration
can I create to highlight that this is a real problem? Some ideas I've had:
Publish a private/public key pair whose key ID is the same as Phil Zimmerman's, original author of PGP
Publish a private/public key pair whose key ID is the same as Werner Koch's, maintainer of GNU Privacy Guard
Publish a set of public keys that mimic the entire PGP strong set, except where I control the private key of all these keys
The last one would be extremely amusing, and would be a
hat-tip to some work discussed in Raph Levien's
Google Tech Talk about Advogato.
For now, here is my offer: If you send me a request signed with a key in the strong
set, I will create a 4096-bit RSA public/private key pair whose 32-bit key ID is one greater
than yours. So if you are 0x517DD4E4 I will generate 0x517DD4E5.
I will post the keys here, along a note about who requested it, and instructions on how
to import them into your keyring. (Note: I will politely decline to create a new key whose 32-bit key ID would create a collision;
apologies if your key ID is just one away from someone else's.)
P.S. The prize for best sarcastic retort goes to Ian Jackson. He said, "I should go and create a lot of keys with your key ID. I'll set the real name to 'Not Asheesh Laroia' so everyone is totally clear about what is going on."
This announcement was provided by Martin Erik Werner. I m reproducing it for Planet Ubuntu.
The Debian/Ubuntu Games Team is organizing another meeting. If you re into developing and/or packaging of games, or just generally curious about games in Debian/Ubuntu, you should join!
It will be held next Saturday, the 26th of November, in the #debian-games channel on irc.debian.org (also know as irc.oftc.net) at 10:00 UTC. More information is available on the wiki page Games/Meetings/2011-11-26.
The agenda starts off with the usual round of introductions, so if you re new to the Team, say hi! Then we ll be going through the action items from the last meeting, including work on the Debian Games LiveCD, and what s up with the /usr/games/ path anyways?
Next we ll be moving onto how the Games Team is faring in terms of members: are new recruits finding it comfortable, should we advertise more?
Next up it s the squeeky penguin: Wheezy is somewhere in the not-completely-distant future, how does that affect the Games Team, should we be scuffling to get specific tasks done?
Then onto the recurring question of Sponsoring, and how to improve it, should we be utilising DebExpo more? What about our favourite PET?
Lastly, PlayDeb is doing some really neat stuff, would it make sense for our team to push some changes to PlayDeb? Would it make sense for PlayDeb to push changes to Debian Games?
Hopes are for a good discussion, and a merry time, hope to see you all there!
Related posts:
The Debian/Ubuntu games team is organizing another meeting,
if you're into developing and/or packaging of games, or just generally curious
about games in Debian/Ubuntu, you should join!
It will be held next Saturday, on the 26th of November, in the #debian-games
channel on irc.debian.org (also know as irc.oftc.net). More information is
available on the meeting wiki page.
The agenda starts off with the usual round of introductions, so if you're
new to the team, say hi! Then we'll be going through the action items from
the last meeting, including work on the Debian Games LiveCD, and what's up
with the /usr/games/ path anyways?
Next we'll be moving onto how the games team is faring in terms of members:
are new recruits finding it comfortable, should we advertise more?
Next up it's the squeeky penguin: Wheezy is somewhere in the
not-completely-distant future, how does that affect the games team, should
we be scuffling to get specific tasks done?
Then onto the recurring question of sponsoring, and how to improve it,
should we be utilising DebExpo more? What about our favourite
PET?
Lastly, PlayDeb is doing some really neat stuff, would it make
sense for our team to push some changes to PlayDeb? Would it make sense for
PlayDeb to push changes to Debian Games?
Hopes are for a good discussion, and a merry time, hope to see you all there!
(This text provided by Martin Erik Werner)
We all love stats, don t we? So, here we go!
Let s start with a graph:
It shows the number of packages in the NEW queue since last year. You can see a big drop during April 2011, and a reasonably low rate during the last six months. You could think fellow Debian Developers stopped to upload NEW packages. Sorry, you re wrong!
Since Squeeze release, 3.832 .changes files with NEW components were processed by dak, with an average of 14,85 NEW packages per day. On the FTP Team side, we had 3.732 accepts (14,47 per day), 339 rejects (1,31 per day) and 178 comments to maintainers (0,69 per day).
Who were the most prolific maintainers who got a NEW processing? Here is our special top ten:
Debian Haskell Group (362 packages)
Debian Perl Group (343 packages)
Debian Java Maintainers (161 packages)
Debian Ruby Extras Maintainers (124 packages)
Debian Multimedia Maintainers (100 packages)
Debian Fonts Task Force (96 packages)
Debian Med Packaging Team (79 packages)
Debian Install System Team (61 packages)
Debian Javascript Maintainers (54 packages)
Debian Python Modules Team (50 packages)
That s bad packaging teams cannot bake cookies!
Let s do the same with Changed By, this time:
Ben Hutchings (159 packages)
Joachim Breitner (138 packages)
Clint Adams (134 packages)
Jonas Smedegaard (124 packages)
TANIGUCHI Takaki (97 packages)
Nicholas Bamber (61 packages)
Alessio Treglia (60 packages)
maximilian attems (54 packages)
David Paleino (51 packages)
Torsten Werner (45 packages)
Much better now go and heat up your ovens, we know who you are
Another nice aspect to look at is the speed of NEW processing. Some maintainers were very happy for a fast NEW processing, someone even complained for having been too quick! So, let s find out which upload was the quickest ever. Try to gamble a bit before reading the answer, to see whether you are near to the real value
Alessio Treglia, you probably already know, because your gwc_0.21.16~dfsg-1 upload has been processed in 41 seconds (yes, forty-one seconds!). Here s an excerpt from ftp-master log to certify it:
20110516120252 process-upload dak Processing changes file gwc_0.21.16~dfsg-1_amd64.changes
20110516120258 process-upload dak Moving to new gwc_0.21.16~dfsg-1_amd64.changes
20110516120339 process-new tolimar NEW ACCEPT: gwc_0.21.16~dfsg-1_amd64.changes
Alex was the super-fast FTP Team member behind the quickest accept, do you want to beat him? Join FTP Team