Sex, Drugs & Compiler Construction


Beer recipes

posted by andreas in Drugs

Due to popular demand, here are the recipes for the Hefeweizen I brewed on Chaos Communication Camp 2011, and for the Double IPA I brought to camp for tasting.

Let's start with the Hefeweizen. Target volume was 30l. Grain bill:

  • 3.0kg pale wheat malt
  • 2.4kg Pilsner malt
  • 0.6kg CaraRed malt

Bring a volume of 22l brewing liquid (that's water for the uninitiated) to a temperature of 45°C. Add the coarsely ground malt. Rest for 15 minutes. Raise temperature to 68°C. Rest for 60 minutes. Check completeness of conversion using iodine, wait longer if necessary. Raise temperature to 78°C, then lauter. Sparge with 22l of sparge water, also at a temperature of 78°C. Bring wort to a rolling boil. 15 minutes into the boil, add hops (I used about 15g of Amarillo). Boil for another 45 minutes. Remove trub using whirlpool or filter, cool down, pitch yeast (I used the Wyeast 3068 "Weihenstephan"). Ferment for about 5 days, carbonate to about 6g/l.

And now for the Double IPA. Target volume is 14l. Grain bill:

  • 3.0kg pale ale malt
  • 0.5kg Melanoidin malt
  • 0.5kg CaraRed malt

Heat 14l of brewing liquid to 68°C. Add coarsely ground malt. Rest for 60 minutes. Check conversion with iodine, wait longer if necessary. Raise temperature to 78°C, then lauter. Sparge with 8.5l of sparging water. Add 30g of Amarillo hops to the wort during lautering (so-called first wort hopping). Bring wort to a rolling boil, keep boiling for 60 minutes. 5 minutes before the end of the boil, add 25g of Citra and Crystal hops each. Whirlpool, cool down. Pitch yeast (Wyeast 1056 "American Ale"), add another 15g of Citra and Crystal each (that is called "dry hopping"). Rack off to bottles for secondary fermentation after about a week, add 3g of dextrose per 0.5l bottle for carbonation. Wait another week, then refrigerate. Drinkable after another week in cold storage.

Me and a chunk of meat - a photo love story

posted by andreas in Drugs

Today, we're having braised beef in a red wine gravy, with dumplings and red cabbage. Here's photos of making it, with updates as cooking progresses. A nice piece of beef. Wash with cold water, dry off. Season with salt, pepper and mustard. Heat oil in a pan. Fry on all sides... ... until you get a nice color everywhere. Take the meat out and put aside. Put some carrots, leek and celery into the pan, fry for a bit. Deglaze with red wine. Set some red wine aside, keep pouring it into the cook. Add beef stock. Put the meat back in. Season with laurel and juniper. Put a lid on the pan. Let it simmer for two hours, turn meat after an hour. Half an hour before the meat is done, start preparing the rest of the food. For the dumplings, we will need croutons. Cut some white bread into cubes... ... and fry in a bit of butter until crispy. It is a good idea to make more than you'll need, it's an excellent snack when the kids come asking when food will be served. I'm cheating on the dumplings here. This stuff is actually edible, in stark contrast to all the ready-made dumplings based on powder. Fill dumplings with croutons... ... form balls ... And place in hot salted water just below boiling point. Make sure water doesn't boil, or you'll end up with a mess. Dumplings are done when they raise to the surface, that takes about 20 minutes. More cheating: this time the red cabbage. I think I'll do a photo love story of how to do dumplings and cabbage from scratch, some other time. Just heat the red cabbage, without boiling it. A happy little meal almost ready to be served. Remove all solid parts from the gravy by putting it through a strainer. Stir a tablespoon of starch with cold water, ... ... bring the gravy to a boil, add the starch, stir, boil for 2 minutes. Everything is ready to be served now. Cut slices off the meat, ... ... and arrange nicely on a plate. Omnomnom!

Elektro-Trike gestohlen

posted by andreas in Meta

Dieses Wochenende wurde mir aus dem Hinterhof (in der Greifswalder Str, Berlin) mein elektrifiziertes Trike geklaut. Das Modell ist "Stein-Trike Nomad", im Hinterrad befindet sich ein Crystalyte 406 Nabenmotor. So siehts aus:

Sachdienliche Hinweise bitte per Mail an trike at Eine Prämie bei Wiederbeschaffung ist selbstverständlich.

The PHP strtod() denial of service bug

posted by andreas in Computer Languages

This rant is dedicated to my favourite gcc moronmaintainer, Andrew Pinski.

Hang on a second, you will say. Andrew Pinski? Not Rasmus Lerdorf? It's a PHP bug, and Rasmus Lerdorf is the lead developer there, right?

Well, PHP does have a bad street rep when it comes to security, and for a reason. However, in this instance, my verdict is "not guilty". This is a gcc bug. Let me show you why.

Precise reading and printing of floating point numbers is surprisingly complex. Complex enough so that people publish papers about their approach (William D. Clinger, "How to Read Floating Point Numbers Accurately", Proc. ACM SIGPLAN '90; Guy L. Steele, Jr. and Jon L. White, "How to Print Floating-Point Numbers Accurately", Proc. ACM SIGPLAN '90). Complex enough that real-world code doing it spans almost 2700 lines of C code, and complex enough that everybody is happy that a certain David M. Gay, working at the AT&T Research Lab, wrote and published code to do this in 1991.

This code is well-analyzed, well-tested and used pervasively. It speaks for Rasmus and the other PHP maintainers that the code handling floats is this code, and not something hand-rolled with dubious precision. To get an idea of just how pervasive usage of this code snippet is, ask google code search for the author's address. It's everywhere: Android libc, gcc libio, gcc java runtime, newlib libc, GNU Mono, Apple's libc, mozilla, etc., etc.

Now, you might ask yourself, if everybody's using this code, why does it fail? I was wondering what exactly went wrong there, having had a passing experience of trying to implement a float reader for a programming language other than C. A look at the PHP bug report enlightened me. What's going on is that there is a loop approximating the correct float value for strtod(), and it contains a comparison of the old and new approximation, to see whether it has reached the termination point. Of course, when dmg wrote that code back in 1991, he thought long and hard about the semantics of IEEE double floats (and even VAX and IBM floats, which behave a bit differently). However, the thing that goes wrong is that the x86 floating point coprocessor actually uses 80 bit float precision internally, and only rounds back to IEEE precision on register or memory store, and, drumroll, gcc exposes this!

To be more precise, what happens is that the gcc optimizer skips stores and loads when values are used again in subsequent computations. This in itself were all fine, all optimizers do that. However, all compilers but gcc make sure that before doing any comparisons on floating point values, these values are rounded back to 64 bits, in order to enforce IEEE semantics. I encourage you to go read the gcc bug report. Their argument for not doing it is, and I'm not making this up, guys, is that this is "the result of excess precision in the FPU". And then they go on and give workarounds that are extremely messy (setting a certain bit in the FPU control register) or just plain wrong (-ffloat-store doesn't help in all situations). And in the next step, about a hundred or so similiar bug reports within the course of ten years, every single one representing a developer who painfully hunted a bug for days, are closed with a laconic "duplicate".

Scattered within the closed duplicates, there are people trying to raise meaningful arguments. My favourite one, which really drives the point home, was given by Jonathan Knispel:

Calling a trivial function twice with an identical parameter may return a value less than, equal to or greater than itself (depending on register allocation in the context of the calls). This is a really nasty piece of nondeterministic behaviour. Weren't compilers and "high level" languages invented to get around exactly this kind of hardware dependency?
Exactly, Jonathan, exactly. Ponder that thought for a moment, dear reader. Writing the same expression twice in gcc is not guaranteed to produce identical results. The gcc maintainers know and don't care for your pain.

But given that this bug has been known for ten years, given that reason has failed to change anything about this situation, given that the single instance of this bug in the PHP strtod() function led to a denial of service situation that forced millions of users to upgrade their installation, given that the very same bug in the very same code lingers everywhere, time is over for politeness and reason. Dear gcc maintainers: you are a bunch of fucking ignorant morons. And Andrew Pinski, you are the worst of them all. Your arrogance has cost millions, and will continue to do so. Please get your collective heads out of your asses, and go fix this bug, before it does more damage. Update; it turns out that gcc 4.5 actually provides a -fexcess-precision=standard switch, that does the sensible thing.

On the other hand, maybe even that was a waste of breath. Maybe we'd all just rather do the smart thing, and move to more sensible compilers. There's clang for those who want and need a feature-complete C/C++/ObjC compiler, but can tolerate a few bugs, and there's CompCert for those hackers who can do with a subset of C, but have low tolerance for compiler bugs.

And of course, there's a whole range of interesting compilers and languages that are not C.

Wer hat eigentlich eine Juristin zur "Bundes-CIO" gemacht?

posted by andreas in Security

Früher, da war ja noch alles gut. Da war die böse Regierung noch die böse Regierung, und man konnte prima dagegen sein, aber immerhin hatte man den Eindruck, daß sie zwar böse, aber wenigstens kompetent war.

Aber diese Zeiten scheinen ganz offensichtlich vorbei zu sein. Das ist natürlich kein Grund, aufzuatmen. Mit Inkompetenz kann man mindestens genausoviel kaputt machen wie mit Bösartigkeit, vielleicht sogar noch mehr.

Jüngstes Beispiel, das diesen Mangel an Fachkompetenz an zentraler Stelle illustriert, sind die Äußerungen von Frau Cornelia Rogall-Grothe, Staatssekretärin im Innenministerium und II-Beauftragte der Bundesregierung, vulgo "Bundes-CIO", zum neuen elektronischen Personalausweis in der FAZ. Die sagt da nämlich zum Beispiel:

Vor Schadsoftware am PC kann sich jeder wirksam schützen, indem er Virenschutzprogramme benutzt und eine Firewall installiert.
Liebe Frau Rogall-Grothe: wenn solche Programme so prima funktionieren, warum hat sich dann unsere Kanzlerin Schadsoftware aus China auf ihrem Rechner eingefangen? Wenn man nur ein paar Firewalls und Virenscanner braucht, warum dann die große Panik vor Cyberterrorismus? Oder vielleicht erklären Sie uns mal, warum zwar 99% aller Unternehmen und Behörden Firewalls und Virenscanner einsetzen, aber laut CSI Cyber Crime Survey 2009 trotzdem 64% der Unternehmen Infektionen mit Schadsoftware hatten?

Dazu kommen dann so Schoten wie

Die gesamte Technik ist sicher.
Nein, keine Technik ist "sicher". Diese pauschale Aussage ist schon ganz pauschal falsch. Als CIO sollte man sich mit Risikomanagement auskennen und wissen, daß eine Sicherheitstechnologie die Entrittswahrscheinlichkeit und/oder die Schadenshöhe eines Risikoereignisses reduziert. Reduziert, nicht beseitigt. Wirtschaftlich sinnvoll ist eine technische Sicherheitslösung genau dann, wenn die Kosten unter dem Erwartungswert des Schadensereignisses liegt (das ist die Eintrittswahrscheinlichkeit multipliziert mit Schadenshöhe). Komplementär dazu wird ein Angreifer einen Angriff nicht durchführen, wenn die für den Angriff entstehenden Kosten höher sind als der zu erzielende Gewinn. "Die gesamte Technik ist sicher" erinnert als nicht nur äußerlich an "Die Rente ist sicher" oder "Die Asse ist sicher", es steckt dieselbe, von Sachzusammenhängen ungetrübte Propagandadenkwese dahinter.

Aber es geht weiter in dem Stil. Der nächste Kracher:

Es gelten dieselben Sorgfaltspflichten, die bereits heute bei Internetanwendungen - etwa beim Online-Banking - zum Tragen kommen. Dazu gehört eine sichere Computerumgebung.
Online-Banking finde ich ein schönes Beispiel. Die Banken sind sich nämlich durchaus darüber im Klaren, daß all die schönen Firewalls und Virenscanner (was nach Frau Rogall-Grothe ja eine sichere Computerumgebung auszumachen scheint) das Risiko vielleicht verringern, aber keineswegs beseitigen. Mit zwei Konsequenzen: erstens übernimmt die Bank die Haftung, falls es trotz Erfüllung aller Sorgfaltspflichten zu Mißbrauch kommt (und ja, es kommt, massenhaft), zweitens beschäftigen die Banken Teams, die sich um solche Fälle kümmern und die das Löschen von Phishing-Seiten, egal wo sie betrieben werden, ungefähr um den Faktor 100 bis 1000 schneller hinbekommen, als das BKA das mit Kinderpornoseiten schafft.

Fast schon niedlich in der Naivität ist der zur Schau gestellte Glaube an Sicherheitsevaluation:

Emulieren kann man nur, wenn man die Geheimnisse aus dem Chip auslesen könnte. Das können Sie aber nicht, weil die Schlüssel nur in einem sicherheitsevaluierten Chip vorhanden sind.
Bei den "sicherheitsevaluierten Chips" handelt es sich um Smartcard-Security-Chips, derzeit NXP SmartMX. Dieser wurde vom BSI nach Common Criteria zertifiziert, und zwar auf dem Level EAL5+. Ganz abgesehen davon, daß man sich bei CC immer fragen muß, welches Protection Profile gemeint ist, ist EAL5 auch der Level, bei dem Schutz gegen Angreifer mit "moderate attack potential" erreicht werden soll. Insbesondere im Bereich der Chipkarten haben die Pay-TV-Hacker mehrfach gezeigt, wie "high attack potential" in der Praxis aussieht. Zu glauben, bei genau dem einen Chip, den noch niemand aufgemacht hat, würde das fundamental anders aussehen, ist schon ziemlich mutig.

Und einen habe ich noch, bevor ich die Lust verliere, da weiter jede Aussage einzeln auseinanderzupflücken. Da fragt die FAZ nämlich nach "Abstrahlung bei der Verwendung privater Schlüssel", also nach side channel attacks. Und die Antwort unserer Bundes-CIO ist doch glatt:

Wir setzen aber starke Kryptographie ein. Die Sicherheit dieser kryptographischen Verfahren ist mathematisch nachgewiesen und bestätigt. Ein Mitlesen ist also nicht möglich.

Da wünscht man sich echt mehr Gesicht zum Palmieren.

Any intelligent life left at

posted by andreas in Security

I'm currently working on migration to Windows Server 2008 and Windows 7 for a customer (don't laugh, it pays my rent). Said customer has a bunch of Solaris boxes, which are used as file servers, running Samba. Obviously, in such a setup you would want to have a single source of login credentials, the Active Directory (with UNIX support added) being a good choice. winbind, a part of Samba, does just that. Now with the existing W2k3 infrastructure, all is fine with the old 3.0 version of Samba. However, Server 2008 moved to NTLMv2, which Samba 3.0 doesn't understand. One could turn off NTLMv2, but this is equivalent to an open invitation to pwn all the boxes, so moving forward to a newer Samba is without alternative.

Ok, so I got myself the latest stable Samba source (3.5.6 at time of writing), spent a day or so installing a gazillion of packages on Solaris to have a working compilation environment, sweared a bit into the general direction of Heimdal, but ended up with a compiled samba. Another day of swearing, removing Solaris-packaged pam_winbind and nss_winbind libraries and replacing them with the freshly-compiled ones, and I was able to join the AD domain. Yay.

Just that it didn't work.

I double-checked nsswitch.conf, smb.conf, krb5.conf, pam.conf etc., but found no mistake. According to the documentation, all was well. But: no login for me.

So I thought I'd move to more familiar territory, and installed a recent Ubuntu server. Stuff actually worked a bit better there. Ok, it keeps forgetting I joined the domain once a day, but other than that, I was able to make it work.


I could authenticate and access the smb shares. However, samba would pull a uid out of thin air, instead of using the one stored in AD (which, by the way, does so in a standard-compliant way, using the schema from rfc2307). Ok, more document reading, and I found there was a idmap plugin for AD, which was supposed to do the right thing. I followed the documentation, and lo and behold, domain user login stopped working for good.

Imagine a day of trying to make sense of the Samba logs and frantic googling here.

Finally, I found a clue in the wiki. There's a section there talking about the use of AD for idmap. And it ends with a comment:

Please note that from 3.0.25 on these values look different as one needs to use the new idmap stuff !
--Schlomo 05:59, 1 May 2007 (CDT)
WTF? This has changed three years ago, and nobody cared to update the documentation?

I finally found a link that helped me solve this issue. Deep inside the bowels of the web site, in the bug tracker, I found a bug somebody opened who ran into the very same problem I did. There also was a helpful comment by Michael Adam, who provided a working config example. Only two years after Schlomo's note in the wiki above. And more than a year later, the bug (which eventually was decided to be a case of "we should go around and document this stuff"), is still open.

But it gets worse.

After having succeeded on Ubuntu, I tried to port my results to Solaris. Unsuccessfully, as you might have guessed. The initial problem was that the build process didn't bother to compile and install the idmap ad module. That was easy to do manually. However, upon loading this module, Samba would complain about:

Error trying to resolve symbol 'init_samba_module' in /usr/local/samba/lib/idmap/ winbindd: fatal: init_samba_module: can't find symbol

Next step: I grep for this symbol in the source. Imagine my surprise to find out that this symbol is referenced exactly twice in the entire source code, both calls to dlsym(), related to loading the module. In the 30 or so modules however, not a single trace of this symbol can be found! I considered some black magic generating the symbol on the fly, but inspection of the .so with power tools ("string") confirmed the symbol is just missing.

Ok, so how did it work on Ubuntu, then?

Back to that box, and checking there. To my mild surprise, I found the symbol in the .so file, unlike on Solaris. Ok, apt-get source samba. And guess what, it downloaded an extensive patch (a whopping 136806 lines), which among other things contains code to add a #define idmap_ad_init init_samba_module line to confdefs.h. And that makes it work.


To sum it up, Samba documentation has been outdated in important parts, and the code base is in such a sorry state that it doesn't even properly build a single plugin, and all this must have been going on for years now. This implies a lot about the QA that's going on in the Samba project. My guess is somebody forgot to turn off the light at and tell us it doesn't exist anymore.

Frau Guttenberg ist entsetzt

posted by andreas in Politik

Stephanie Freifrau von und zu Guttenberg (übrigens eine geborene Gräfin von Bismarck-Schönhausen, Enkelin des SS-Oberführers Gottfried Graf von Bismarck-Schönhausen und Ur-Ur-Enkelin des deutschen Reichskanzlers Otto von Bismarck) sei entsetzt über die Kritik an "Tatort Internet", schreibt die Welt. Dabei funktioniert Lynchjustiz doch schon immer prima. Man macht sich nicht selbst die Finger schmutzig, und zumindest den Spiele-Teil von "Brot und Spiele" hat man damit erledigt. Es geht ja nichts über einen tobenden Mob am Abend, um den angestauten Frust loszuwerden.

Aber ich bin auch entsetzt. Ich habe mir nämlich erlaubt, in den Kommentaren darauf hinzuweisen, daß Udo Nagel, Moderator von "Tatort Internet", Geschäftsführer der prevent AG war, und zwar genau in der Zeit, als diese einem mißliebigen Mitarbeiter der HSH Nordbank Kinderpornos untergeschoben hat, mithin vom Fach ist. Dieser Kommentar wurde innerhalb weniger Minuten gelöscht.

Ok, ich räume ein, so entsetzt bin ich gar nicht, eigentlich nicht mal wirklich überrascht. Aber ganz schön angewidert. Co-Moderatorin Beate Krafft-Schöning hat übrigens schon vor 5 Jahren mal beim CCC angefragt, ob wir für sie nicht ein paar Kinder-Chat-Foren hacken könnten. Konnten wir nicht.

Dangling pointer exploit mitigation in Mozilla

posted by andreas in Security

One of the classic vulnerability patterns in software is use-after-free, i.e., some pointer is accessed by the program even after the memory it points to has been returned to the memory management system. If an attacker can control the memory layout of the region pointed to, by getting the system to allocate some other object there, she gets into the position where control over program flow, and thus code execution, is feasible.

The Mozilla people have recognized this as an issue, and developed a mitigation strategy:

"Our approach is to prevent the first phase of the attack by making it impossible to overwrite fields of deallocated objects with values of the wrong type. We do this by ensuring that whenever the memory used by a deallocated frame object is reallocated to a new object, the new object must always be exactly the same type as the old object and at exactly the same address. Thus whenever code writes a value to a field of the new object, the value must be valid for the type T the program expects when it access that location through a pointer to the new object *or* the old object. Thus, dangling-frame-pointer attacks cannot get started."

This approach indeed makes it harder for an attacker to do something about a use-after-free situation. Now of course this pattern, together with its cousin, the double free, only appears in software that uses manual memory management. It would be entirely possible to use the Boehm-Demers-Weiser conservative garbage collector for automatic memory management in Mozilla, and there wouldn't be any use-after-free oder double-free problems to worry about.

I might be getting old and cynical here, but I fail to understand how people can be proud of such a kludgy workaround when real, solid solutions are available. Using a GC would also help against Mozilla's still present memory leaks...

The state of Lisp

posted by andreas in Computer Languages

Some things have changed in the Lisp world since I first installed nuclblog. Here's a quick summary:

  • asdf-install is unloved and unsupported.
  • asdf is being replaced by asdf2. Some APIs changed, such as asdf-utilities
  • Quicklisp is the new kid on the block when it comes to software installation. So far, it worked just fine for me.
I'm running a bleeding edge sbcl ( now, with hunchentoot 1.1.1, and nuclblog 0.5.0 on top of that. All this in a FreeBSD 6.4 jail.

Und ein neuer Versuch

posted by andreas in Meta

So, Blog erneut hochgefahren. Auf ein neues.