po: msgstr entries with unmatched %-format string
The problem of GnuPG key generation only for Japanese was reported: https://dev.gnupg.org/T3619
It is due to unmatched %-format in msgstr (in po/ja.po).
This kind of bug can cause DoS targetted to a specific locale. I think that msgfmt -c should check this, too.
I develop my USB driver with no USB alalyzer or digital alalyzer. I mean, with no looking any signals on wire.
Last week, I looked the signal using Sigrok. With my ZEROPLUS, only it can caputure three frames of USB (3ms). But I can see the transactions: command from host, response from device, seven NAKs while responding an answer.
McClane likes this.
regcomp+regexec with REG_ICASE
On GNU system, regexp \x\y\z doesn't match xyz, while \X\Y\Z does. I tested on FreeBSD, both match xyz.
I learned that grep uses DFA, so its behavior is different.
-1/12: Answer from My Imaginary Calculator
These days, input systems based on prediction are common, even for werstern world. Perhaps, because of phones.
It would be interesting for a calculator to adopt "prediction" feature, I considered.
Then, the temporal output for input: $1+2+3$ is $-1/12$, before pressing '=' key?
P.S. When my friend is teaching math in India, I am reading about Ramanujan. And I'm a fan of Euler.
MicroPython on ESP32
I bought ESP32 thing and installed MicroPython.
While the chip is only 5mm x 5mm, quite easily, I can write a script of simple web service for GPIO control through WiFi.
I wonder if it were "MicroGNU"... Possibly, the scripting would be done by Scheme.
A Solution for the Emulation (of USB device)
I decided to introduce a feature specifying VID:PID at runtime, like:
$ /usr/local/libexec/gnuk --vidpid=VVVV:PPPP
That is, it is the end user who will specify the VID:PID. The distributed binary won't have any VID:PID, thus, no violation (of the USB-IF member agreement) will occur when someone will distribute Gnuk binary for emulation.
And when an end user does specify VID:PID of existing one, with her knowledge of emulation, I don't think it is violation of anything, either.
Claes Wallin (韋嘉誠) likes this.
USB vendor ID for emulation
In the USB Implementers Forum's member agreement, it says:
Vendor ID (VID) Number. Company hereby applies for a USB Vendor ID Number and agrees to the following: The USB Implementers Forum is the authority which assigns and maintains all USB Vendor ID Numbers. Each Vendor ID Number is assigned to one company for its sole and exclusive use, along with associated Product ID Numbers. They may not be sold, transferred, or used by others, directly or indirectly, except in special circumstances and then only upon prior written approval by USB-IF. Unauthorized use of assigned or unassigned USB Vendor ID Numbers and associated Product ID Numbers are strictly prohibited.
That's reasonable for hardware product.
FSIJ owns a Vendor ID (234B) and uses it for Gnuk and NeuG.
Now, I have a problem, because I'm now working for the emulation for those devices on GNU/Linux.
The idea is to allow those who don't have hardware use "virtual" product by a program on GNU/Linux using USBIP. The problem is that we need to use some vendor ID and product ID within the program, which is not the one of hardware product.
It is best if the program can use FSIJ's vendor ID, but it would violate the member agreement if FSIJ allows everyone to use its vendor ID for such a program.
Claes Wallin (韋嘉誠) likes this.
Now it works!
$ /usr/local/bin/gnuk-emulation-setup # To generate flash image
From terminal A:
From terminal B:
# usbip attach -r 127.0.0.1 -b 1-1
From terminal C:
$ gpg --card-status Reader ...........: 234B:0000:FSIJ-1.2.5-EMULATED:0 Application ID ...: D276000124010200FFFEF1420A7A0000 Version ..........: 2.0 Manufacturer .....: unmanaged S/N range Serial number ....: F1420A7A Name of cardholder: [not set] Language prefs ...: [not set] Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: forced Key attributes ...: rsa2048 rsa2048 rsa2048 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] $
Bug fix for Amelia Mary Earhart?It found GnuPG "make check" fails with "UTC-12":
So far, no developers from this timezone.
But I think that it's worth to fix for the aviation pioneer.
Curve25519Probably, I was the worst implementer of Curve25519 ECDH (see CVE-2017-0379).
Given the situation of libgcrypt structure, I had to use general purpose MPI routines, which was far from "constant-time".
I had known that it killed the important point of Curve25519, which is designed to be "constant-time".
I thought that "Still, it's better than nothing". Perhaps, this kind of attitude would not be good.
Well, along with quick fix of the vulnerability, I also do real improvement: https://dev.gnupg.org/T3358; While this becomes better implementation, it has not yet had field specific representation. The representation is still MPI. (Original implementation of Curve25519 uses limb of 2^51 to avoid carry between limbs.)
And... during this CVE handling, I realized that libgcrypt from Fedora/RedHat doesn't support Curve25519, because of ECC patent fear. It only enabled in the development version recently.
... in the development version recently.
I wrote this based on this comment:
But it seems that Curve25519 is already available in F26, with libgcrypt-1.7. If so, security fix by libgcrypt-1.7.9 should be used.
1984 and 2017I remember that the Soviet Union was considered to be a threat for Japanese. I was afraid of their (nuclear) weapons.
On the other hand, it seems that nobody is serious against North Korea, these days.
I wonder why.
Maybe because their leader is seen as a clown (which he is). But it's a very dangerous clown nonetheless.
And now this clown is playing the threat game with another particularly orange, and also dangerous clown.
I think there are plenty of reasons to be afraid.
Stuffed penguin with egg
My daughter lost her stuffed penguin (with egg) around E77 at YYZ or the flight AC005.
I wrote to aircanada.com.
She said that she bought it at biodome, Montreal.I got reply from aircanada, which suggested to contact lost+found by thier "web chat" system. Thus, I told that it didn't work, that's the reason why I wrote by email.
Their web pages has been fixed to remove links to the "web chat" system. That's the improvement. But I don't know they accepted my request to forward my message to lost+found.
For Cat BabeSomeone found that my fingerprint of PGP (RSA) can be read as: For Cat Babe (0x4ca7babe)
It is not intentional, but it's good when it is easy to remember. It's sad that 32-bit is not enough to distinguish a key these days, though.
Here, we have a dog, but no cat. Since she became older, she has tendency to stay inside. We accept the exception (it is unusual for our culture. You know, we take off our shoes when we enter inside).
Claes Wallin (韋嘉誠) likes this.
/bin -> /usr/binI didn't know this move:
Yeah, this has been brewing for years in Fedora. Overall the page is informative and correct and in particular it explains well why they chose to symlink /bin -> /usr/bin rather than the other way around. The only thing that annoyed me was:
The biggest part of Linux software is built with GNU autoconf/automake (i.e. GNU autotools), which are unaware of the Linux-specific /usr split. Maintaining the /usr split requires non-trivial project-specific handling in the upstream build system, and in your distribution's packages.Well. You call ./configure --prefix=/ instead of ./configure --prefix=/usr. But maybe that's instead a bit of an oversimplification, and anyway I do buy the argument that higher uniformity among packages reduces the maintenance burden.
Yutaka Niibe likes this.