The Hacker Factor Blog

Writing a book on an operating system is an interesting process. It does not just end when someone says, "Would you like to write a book on Ubuntu?" In my case, this question was followed almost immediately with another question: "Which Ubuntu version are you going to cover?"

Canonical (the company behind Ubuntu) plans to release a new version every few months, and each release will be supported for 18 months. Considering that the book would take a few months to write and even longer to go through editing, production, and marketing, focusing on any short-duration release would mean the book would be quickly outdated. (As an aside, Hacking Ubuntu went from outline to bookstores in under 9 months. Wow -- the folks at Wiley are amazing.)

Fortunately, Canonical has planned for an occasional release with long term support (LTS). The Dapper Drake release is the first LTS version. Dapper is scheduled to have three years of support for desktop systems, and five years for servers. This means that Dapper will be supported long after the subsequent releases of Edgy Eft, Feisty Fawn, and Gutsy Gibbon lose their support.

My reasons for choosing Dapper over other distributions were as follows:

• Dapper will be around a long time, so the book won't be outdated as soon as it comes out. Then again, much of the book covers elements that won't likely change even in the next five (or more) years.
  
• When I started writing the book, Edgy Eft (the next release) was just a name with a future release date. I didn't want to write about vaporware, particularly if there were going to be major changes before it was finally released. Similarly, Feisty Fawn wasn't even a name until most of Hacking Ubuntu was written. And Feisty was released on the same day as the book. (The timing was coincidental -- the publisher originally wanted to release the book in January, but I couldn't write that fast.)
  
• When I was asked to write the book, I had just moved to Dapper Drake from Hoary Hedgehog (the 2nd Ubuntu release) and I had just finished tweaking my system for my own needs. Many of my friends had also just moved to Dapper and just finished tweaking their own systems. So the available knowledge of different tweaks, problems, and solutions were very fresh.

For the people who want to use Edgy, Feisty, or later versions of Ubuntu, this book should still be a huge help for tweaking and tuning. The biggest difference is that Edgy switched from init to upstart -- a different low-level process management system. For people moving to Ubuntu, I currently recommend Dapper if they don't want to upgrade every 18 months, and Feisty if they want bleeding edge. (The Edgy release started off rough, and while it is now much more stable, it is already halfway through its life cycle.)

In an interesting study on linguistics [1][2], researchers were looking to see if poets who committed suicide were more likely to use darker words than poets who died of natural causes. What they found was an interesting twist: suicidal poets did not write darker thoughts. Rather, they used self-referencing, first-person words (I, me, my, etc.) more often than poets who did not kill themselves. Also, the writings by suicidal poets referenced other people less often than works by other poets.

All of this keeps me thinking about Edgar Allan Poe. Many of his poems use a large number of self-referencing words. For example, "The Raven" includes the word "I" 32 times and "my" 24 times. In contrast, he used "you" twice. He published "The Raven" in 1845, three years before his first suicide attempt (1848). Poe died a year later (1849) under questionable circumstances (possibly suicide) in Baltimore, Maryland.

It is frequently said that suicide is a selfish and self-centered act. It seems that this selfishness may appear in the words authors use. The question then becomes: can people with suicidal tendencies be detected and helped before they commit the act? And can this be used to profile people online?

Then again, there seems to be a large number of poets who commit suicide. And other poets have gone on to do many great things without any suicide attempts. (William Livingston immediately comes to mind (1723-1790). Besides being an artist and poet, he was a Governor of New Jersey, member of the Continental Congress, and even had a town named after him.) While this type of profiling may not be perfect, it could be an interesting start.

It appears that something I mentioned in Chapter 7 of Hacking Ubuntu has become controversial (I've received a few comments on it). In this chapter, I discuss many different steps for improving Ubuntu Linux's performance, including kernel tuning. One of my suggestions was to change the maximum number of running processes. This suggestion has generated some controversy since "nobody would ever want to do this", and some people have argued that changing the maximum number of concurrent threads won't improve performance. I contend that changing the number of processes can improve performance.

Ubuntu's Dapper Drake (covered in the book) uses the Linux 2.6 kernel. You can download the source code from www.kernel.org. In linux-2.6.20/kernel/fork.c, the function fork_init() defines the default value for the maximum number of concurrent processes. It even includes a comment about performance:

/*
* The default maximum number of threads is set to a safe
* value: the thread structures can take up at most half
* of memory.
*/
max_threads = mempages / (8 * THREAD_SIZE / PAGE_SIZE);

The THREAD_SIZE and PAGE_SIZE are dependent on the architecture. The THREAD_SIZE is fairly constant -- most platforms use 8192 bytes. However, PAGE_SIZE varies dramatically among platforms, from as small as 256 bytes to over 8 KB. A general rule of thumb: the faster the processor, the larger the page size. (This correlation is due to faster architectures and not CPU speed.)

What does this means?

• The default value is dependent on the amount of memory your system has, and the hardware platform.
  
• By default, a computer with less memory will allow fewer concurrent processes. Similarly, a system with a smaller page size (usually found with older/slower processors) will have a lower default value.
  
• If you need to allocate more threads, uses sysctl to change the threads-max kernel parameter. (How to do this is covered in Chapter 7). For example, if you are running a program that spawns many subprocesses, but you only have a few available threads, then you can increase this value.
  
• If you have memory-intensive applications with few concurrent processes, then you might want to lower the maximum number of threads so the memory can be used by other processes.
  
• If you need to have two identical installations for testing before deploying code (e.g., mission critical environments), then be sure that the maximum number of threads is set to the same value. If they are not (e.g., same software configuration, but on different hardware configurations), then consider setting it manually.

The average user probably won't want to tweak this option. However, the ExtremeTech series is not about average users. It's about power users; people who want to squeeze the most out of their systems. (This is the "Extreme" in ExtremeTech.)

Hopefully this addresses any concerns.

Of course, this study came out right after I submitted my paper to the Security Focus editor...

A study by the Pew Internet and American Life Project has some very encouraging news about online safety. According to their findings, a majority of teens protect their online profile:

Most don't use their full names.

Most don't mention personal information, such as school or phone numbers.

Most don't include pictures of themselves.

Each of these steps are great for protecting yourself from online identity theft. However, these precautions also make it much more difficult to refute an impersonation. In particular, without personal identification, how can the teen prove that an imposter is not them? Many services (e.g., Yahoo!) want you to mail or fax a copy of your ID as proof that you are you. Most teens don't have any form of government issued ID -- 12-year-olds usually don't have driver's licenses, and most don't get passports until they start visiting foreign countries.

(I won't go into how there is no way for services to validate that the IDs are real. And most school IDs look worse than the "company badges" that small companies print out and laminate for conferences... but I digress.)

This survey is very positive news, but it makes me question some actions taken recently. For example, St. Hugo of the Hills Catholic School is reported to have banned MySpace. Students with MySpace profiles (or profiles at similar web services) are banned from attending school. The news report claims that it is for their own safety. Perhaps it would be better to let them have MySpace profiles, and educate the ones who disclose too much personal information. (Schools are supposed to educate students, right?)

Many people have tried finding alternate ways to report imposters and abuse to MySpace. Some examples of people with contact issues:

• How Not to Distribute Security Patches "Sharon" posted a comment on 6-Dec-2006 describing contact problems.
  
• Consumer complains about MySpace including many people unable to contact the company.
  
• BlogSafety.com reports many people having problems with imposters at MySpace and difficulties with reporting.

In my Security Focus paper, I described the MySpace complaint submission process that has repeatedly worked for me. The biggest problems are that MySpace does not confirm receipt of complaints, takes days to respond (if they are going to respond), and offers no real means to authenticate identities.

Without confirmation or action, people resort to alternate complaint methods. However, each alternative has roadblocks. For example:

• Email. There is no consistent email contact for MySpace. General queries (not deletes) go to mscontact@myspace.com. Privacy policy requests goes to privacy@myspace.com, and if you call the media relations number (800-905-9324), then you are directed to customercare@myspace.com. I received no reply from any of these contact methods.
  
• Phone. According to the phone book, there are two different phone numbers for MySpace in California. The first number, 310-917-4920, is no longer in service. The second number, 415-882-2130, "cannot receive calls at this time."
  
• Messages. There is a third phone number associated with MySpace. In their domain's
  WHOIS record is the number 310-369-1000. The WHOIS entry claims to be the Fox Group Legal Intellectual Property Department. However, if you call it, it actually goes to the Fox corporate office and they will not transfer you to their legal department. If you mention that the call is related to MySpace, then you will be forwarded to "Marlene" (310-969-7400, press 7 for customer service). Unfortunately, you will probably be unable to leave a message because the voicemail box seems to always be full.

While most companies want their customers to contact them, MySpace seems to actively discourage contact.

As an aside, MySpace does not follow other security-oriented best practices. For example, they do ask you to email them account and password information. As my associate Valdis Kletnieks remarked, "The issue is the failure to maintain a 'we will never ask you for your password' mantra."