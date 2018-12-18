Routers With 'Back Doors' and Some New CBS/ZDNet FUD Most Routers Have Terrible Security, But There’s One That Doesn’t Suck Of 28 widely used home routers, made by seven different manufacturers, examined by Parker Thompson and Sarah Zatko of the Cyber Independent Testing Lab, "not a single one took full advantage of the basic application armoring features provided by the operating system." All the routers placed on various publications' best-of lists. "Only one or two models" — the Linksys WRT32X and Netgear R7000, they said — "even came close, and no brand did well consistently across all models tested." Ten of the tested routers, made by Asus, D-Link, Linksys, Netgear, TP-Link and Trendnet, use the outdated MIPS processor architecture, which Thompson and Zatko says contains a "seemingly forgotten" flaw that completely undermines system security.

Programming: Git, BH and Python Large files with Git: LFS and git-annex As readers probably know, Linus Torvalds wrote Git to manage the history of the kernel source code, which is a large collection of small files. Every file is a "blob" in Git's object store, addressed by its cryptographic hash. A new version of that file will store a new blob in Git's history, with no deduplication between the two versions. The pack file format can store binary deltas between similar objects, but if many objects of similar size change in a repository, that algorithm might fail to properly deduplicate. In practice, large binary files (say JPEG images) have an irritating tendency of changing completely when even the smallest change is made, which makes delta compression useless. There have been different attempts at fixing this in the past. In 2006, Torvalds worked on improving the pack-file format to reduce object duplication between the index and the pack files. Those changes were eventually reverted because, as Nicolas Pitre put it: "that extra loose object format doesn't appear to be worth it anymore". Then in 2009, Caca Labs worked on improving the fast-import and pack-objects Git commands to do special handling for big files, in an effort called git-bigfiles. Some of those changes eventually made it into Git: for example, since 1.7.6, Git will stream large files directly to a pack file instead of holding them all in memory. But files are still kept forever in the history. An example of trouble I had to deal with is for the Debian security tracker, which follows all security issues in the entire Debian history in a single file. That file is around 360,000 lines for a whopping 18MB. The resulting repository takes 1.6GB of disk space and a local clone takes 21 minutes to perform, mostly taken up by Git resolving deltas. Commit, push, and pull are noticeably slower than a regular repository, taking anywhere from a few seconds to a minute depending one how old the local copy is. And running annotate on that large file can take up to ten minutes. So even though that is a simple text file, it's grown large enough to cause significant problems for Git, which is otherwise known for stellar performance.

BH 1.69.0-0 pre-releases and three required changes Our BH package provides a sizeable portion of the Boost C++ libraries as a set of template headers for use by R. It is quite popular, and frequently used together with Rcpp. The BH CRAN page shows e.g. that it is used by rstan, dplyr as well as a few other packages. The current count of reverse dependencies is at 159. Boost releases every four months. The last release we packaged was 1.66 from February---and a new Boost 1.69 just came out. So I packaged it, being somewhat careful as usual as CRAN insists on suppressing compiler diagnostics #pragma statements and a few other things, see the BH GitHub repo for details.

Advent of code presentation At Boston Python last night, I did a presentation about solutions to a particular Advent of Code puzzle. If you haven’t seen Advent of Code, give it a look. A new puzzle each day in December until Christmas. This is the fourth year running, and you can go back and look at the past years (and days).

Clean Architectures in Python: the book I'm excited to announce that the success of the post on clean architectures encouraged me to expand the subject and to write a book that I titled "Clean Architectures in Python. A practical approach to better software design". The book will be published on Christmas Day 2018, and will contain a complete introduction to TDD and clean architectures, two topics that I believe are strictly interconnected. So far the book is 170 pages long and it is complete, at least for a first edition, but I am already planning to add content that could not fit in this release for several reasons (mostly because still unclear in my mind).

