Leap Second

The next leap second is almost upon us! It is due to be added at the end of this month when at midnight June 30 2015 the clocks will be wound forward by one second. This occasional adjustement is to keep Coordinated Universal Time (UTC) within an acceptable margin of error (approximately 0.9s) of Earth’s rotational time AKA mean solar time.

As harmless as this sounds it is very much the opposite given the rise of computing applications requiring very precise time keeping, financial and scientific applications in particular. This “harmlessness” was clearly demonstrated by the wide-spread commotion caused by the previouse leap second.

It gets even more complex when you consider that that the Earth is constantly decelerating due to the gravitional tug of the moon. Which is currently adding about 1.4ms per day per century and whilst slow this affect will compound over time until a leap second will be needed every day!

More complexity is introduced when telling time due to the implicit assumption it includes information about the event in time and as well as it’s location. As evidenced by the numerous time-zones and daylight saving shenanigans around the worldd. On top of this, there is also the affect that politics can have on time which can result in a country anywhere from 3 minutes to a whole day.

Who would have guessed something as boring as time could be so hard?

Going Static

By now you may have noticed the new décor of my site - the even more observant of you may have also noticed that my blog has migrated from Wordpress to Jekyll.

Besides the fact that all the cool kids have been moving their blogs away from Wordpress, there were three main reasons for the switch:

• The plethora of Wordpress and PHP related security vulnerabilities that are floating around these days.
• Speed. Nothing beats serving static HTML.
• I don’t have to worry about a Ubuntu update breaking anything in my LEMP/LAMP stack - which makes patching security updates a nightmare.

Happy days.

Game of Themes

I’ve adapted the great theme Hyde made by Mark Otto and added a few things like SASS via jekyll-assets and changed a few other things - some small like the fonts, others slightly bigger like removing the sidebar. I’m also proud to say that my site does NOT use jQuery. Yes, no jQuery!

Feel free to grab the theme on Github and try it yourself.

Deploying Jekyll

Deployment is easily done via the use of rsync and adding Rakefile that looks like the following code to your blog’s directory.

#rake generate
task :generate do
puts '* updating jekyll site'
system 'jekyll b'
end

# rake rsync
desc 'Uses rsync to push the contents of ./_site to the server.'
task :rsync do
puts '* rsyncing the contents of ./_site to the server'
system 'rsync -acvz -e "ssh -p $PORT_NUMBER" _site/ user@example.com:/dir/to/website/root/www/example.com/'
end

# rake deploy
desc 'Deploy the content to the server.'
task :deploy => [:generate, :rsync] do
end

Then it’s just a matter of typing rake deploy in your blog’s directory to push your new contents to your web server. That’s one less excuse I now have for my dreadfully lacklustre rate of posting.

Doomed Canon Printer

Canon’s security vulnerability is another man’s challenge to run doom:

So what protection does Canon use to prevent a malicious person from providing a malicious firmware? In a nutshell - nothing, there is no signing (the correct way to do it) but it does have very weak encryption. I will go into the nuts and bolts of how I broke that later in this blog post.

So we can therefore create our own custom firmware and update anyone’s printer with a Trojan image which spies on the documents being printed or is used as a gateway into their network. For demonstration purposes I decided to get Doom running on the printer (Doom as in the classic 90s computer game).

It was not straight forward due to it needing all the operating system dependences to be implemented in Arm without access to a debugger, or even multiplication or division. But that’s a blog for another day.

Reminds me of this gem from Saturday Morning Breakfast Cereal:

Elegance of Constraints

Stumbled across this transcript of an interview with the designer Charles Eames.

Mme. L. Amic: Does the creation of Design admit constraint?

Charles Eames: Design depends largely on constraints.

Mme. L. Amic: What constraints?

Charles Eames: The sum of all constraints. Here is one of the few effective keys to the design problem: the ability of the designer to recognize as many of the constraints as possible, his willingness and enthusiasm for working within these constraints. The constraints of price, size, strength, balance, time and so forth. Each problem has its own peculiar list.

Mme. L. Amic: Does Design obey laws?

Charles Eames: Aren’t constraints enough?

This has strong echoes of Fred Brooks’ notion of conceptual integrity and highlights the importance of constraints and their affect on design. Constraints are what breed elegance, as they are what give you the clearest idea of the problem before you and they relieve you from the oppression of infinite choice — “Form is liberating!”. But it takes discipline to stay within your self-imposed structure of constraints and not succumb to creeping requirements and bloat à la the second-system effect.

Tech News Trends

Some interesting comparisons:

Kinda backs up where I tend to go for my tech news these days. Interesting food for thought regardless.