Posts

😦 The Real CrowdStrike Flaw Was In Deployment

By now, most of you are familiar with the story of CrowdStrike and the resulting worldwide outages. The initial, and angry, responses were along the lines of "Where are the devs? Where was QA?" As it turned out, the actual patch, or software code, was fine. The problem was in the config file  that governs the behavior of the patch.  Being flawed, it triggered the Microsoft Windows' blue screen of death. In a variation of "Who Watches The Watchers," the config file was indeed tested, but CrowdStrike's testing system was unknowingly broken.  The config file passed when it shouldn't have. Nothing is perfect all the time, but what would have mitigated the fallout would have been a gradual or staggered rollout of the config file instead of the apparent "big-bang" release to all machines at once. The staggered rollout is an old and reliable technique. I can think of 2 reasons why it might have been forgotten or abandoned: inexperience or over-confide

Raspberry Pi Swap Space

Image
Who took my slice of pi ?   Sometimes I ask myself that while looking in the fridge. This time, I am looking at the  top  command and see nearly a quarter of the reserved swap space in use.  The question is purely academic, and spurred by curiosity, I wrote a bash script to learn the answer. The script, swapid,  searches through the process list, identifies the process name and amount of swap used, and then sorts the output by swap size.  With Linux, processes can be viewed and interrogated like a file system. Run $ ls /proc and you'll see it sprinkled with subdirectories named with numbers. These numbers correspond to process ids. Inside each of these subdirectories is a file named status , and running  $  cat status reveals a bunch of process information. At this point, it's simply a matter of using  awk and   grep   to pick out the attributes of interest; in this case, "Name" and "VmSwap." Output is written to the /tmp directory, sorted, printed to the

Raspberry Pi 5 Resource Limits

Image
I was fortunate enough to get a Raspberry Pi 5. I had no particular purpose for it other than to explore it and have fun. On UNIX and Linux based systems, part of that exploration involves checking the default resource limits . The screen shot above is a vimdiff of the rlimits for the Raspberry Pi 400 (left) and the Raspberry Pi 5 (right). Both are running their respective 64-bit versions of Raspberry Pi OS. Four of the 15 resources turned up with diffs, and it's no surprise that the pi5 would have the higher limits. These include the number of processes , the locked-in-memory address space , the number of pending signals , and the realtime priority .  They all serve the common purpose of improving realtime performance.  The last item, realtime priority , is the most telling.  On the pi400, the current and max values are 0.  On the pi5, they are 2.  These settings most likely support hardware destined for the Pi5's new PCIe connector. For a detailed review of the pi5, see J

MR2 Check Engine

Image
Shown here is the 1991 Toyota MR2. Thanks to the mechanical skills of a family enthusiast, it purrs, growls, and turbo whistles like a dream.   My hardware ability doesn't go much further than oil changes. Rather, my expertise is in software, and I wrote an Android App (iOS version is in progress) to diagnose the flashes of the check engine light. This second generation MR2 predates the OBD2 connector, a standard used to diagnose engine, transmission, and emissions problems quickly and easily. Instead, we have a flashing check engine light which needs some deciphering, followed by a lookup in the service manual. Basically, you count flashes to arrive at fault code number. A short pause (~1.5 seconds) indicates the start of the next digit. A medium pause (~2.5 seconds) indicates start of the next fault code. And a long pause (~4.5 seconds) means the sequence has ended and will repeat. The video below corresponds to the codes 41 and 51. Using the the MR2 Check app and selecting the 3

Rust's Other Super Power

Image
If you can't prototype, you can't release prematurely. Memory safety. That's the super power that launched Rust into the minds of modern developers.  Wired describes the popularity of Rust as a "viral secure language," lauding its resistance to buggy memory conditions known as "out-of-bounds access," and "reuse of memory after free."  And yet... I find myself lukewarm to the language. While memory insecurity is a problem, it is not an existential one. Indeed, the problem has largely been addressed in C++ with Resource Acquisition Is Initialization ( RAII ) which uses the symmetry of constructors and destructors for resource allocation and de-allocation.  As for accidentally reusing freed pointers, setting them to NULL after a free neutralizes any downstream threats, but this defensive practice has been largely ignored or forgotten.  The real quandry is finding developers with the interest, patience, and care to actively manage memory, and Rus

The Collatz Conjecture Python Plot

Image
  No, it is not an evil plot. This chart is just another example of how easy it is to do fun things in the Python language. Revisiting the  Collatz Conjecture , I've updated the python code to plot a chart of the hailstones.  If you haven't already done so, you will need to install the Matplotlib in your python environment.  First install pip, then install matplotlib.  The -U option means upgrade dependent packages to the latest version: python -m pip install -U pip python -m pip install -U matplotlib For more information, go to the  matplotlib website . Below is the updated code: #!/usr/bin/python3 from  matplotlib  import  pyplot  as  plt def   even (n):      return  n/ 2 def   odd (n):      return   3 *n+ 1 n =  int ( input ( "Enter a number: " )) peak = n count =  0 hailstones = [] hailstones.append(n) while  n >  1 :     count +=  1      if  n %  2  ==  0 :         n = even(n)         hailstones.append(n)      else :         n = odd(n)         hailstones.appen