An Analysis of Some Password Managers

Over at the Independent Security Evaluators site they have an interesting article on the security of of several password managers. It’s virtually universal advice from security experts that you should use a password manager and the authors of the article emphatically agree. They note, however, that every one they examined leaked some information. An attacker would have to have access (either physical or network) to the machine the password manager was on to exploit these leaks but it’s good to have the problems revealed so that the vendors can fix them.

The article begins by proposing a list of security guarantees a password manager should provide and then examines how we those guarantees are met. They look at

  • 1Password4
  • 1Password7
  • Dashlane
  • KeePass
  • LastPass

all running under Windows 10.

The article doesn’t call out any actions for users other than to use a strong master password. My only experience has been with 1Password and they are diligent about fixing problems that come up. On the other hand, it’s discouraging that version 7 leaked more information than version 4 but they’re undoubtedly aware of this research and I expect they will fix things.

The other caveat is that only the Windows 10 versions were tested but there’s probably little reason to expect that the versions for other operating systems would be much different. Again, even the researchers say that password managers great applications and that you should continue to use one.

Posted in General | Tagged | Leave a comment

Open Offices Again

I thought I was finished with writing about the horror known as Open Offices for a while but I just came across an article that so fully mirrors my feelings on the subject that I had to wade into the morass once more. The article, Open-Plan Office: Great for Photo Shoots, Terrible for Collaboration, is over at the Nuclino Blog and does a good job of summarizing the problems with open offices. I’ll let you read the post for those reasons and while you’re there, take a look at the pictures and see if they don’t make your blood run cold. The first one, with its high ceiling and lack of walls reminds me of a local mall whose architecture amplifies every sound and makes it painfully noisy. But there’s one aspect of the article that bears more comment.

I’ve been pretty vocal in my belief that the real driver of open offices is cost savings on real estate and buildout. Sometimes I felt that maybe I was being a bit too cynical or overwrought. The real problem is that I was being naive. I had no idea how large those saving were. I thought it was probably a few hundred thousand dollars for a Google-sized company. Silly me. It turns out that Google—Alphabet, actually—saves about $350 million a year on real estate charges by moving to open offices. That’s chump change, though. JPMorgan & Chase saves over a billion dollars a year with open offices. The article has a chart showing the savings for several large companies.

Those savings, as the article points out, make it unlikely that we’ll ever get rid of open offices. It offers a few suggestions for living with them but, really, your best option is to find a job with a sane office arrangement or that will let you work from home.

Posted in General | Tagged | Leave a comment

Benchmarking in Emacs

Marcin Borkowski (mbork) has posted an instructive article on benchmarking Elisp code. He had a theory on the run time of alternative implementations for some code he’d written and rather than wave his arms, he did what we all tell ourselves we’ll do but often don’t: he benchmarked the run time of the two implementations.

He used the benchmark library to do this. It’s worth reading his post just to remember (or familiarize yourself with) the details of benchmark. In any event, he confirmed his suspicions about the implementations but discovered that he was right for the wrong reasons.

Take a look at his post to see the details and discover what he learned about working with strings.

Posted in General | Tagged | Leave a comment

Employees Hate Open Offices

I’m not sure why I bother but here’s another report (from last year) belaboring the obvious: workers hate open office spaces. They hate them for all the obvious reasons: too much noise, lack of privacy, lack of ability to concentrate, and so on.

Oh, and by the way, Mr. Employer, they aren’t buying that nonsense about increased collaboration. They know that that’s a bunch of hooey meant to disguise the real reason you love them: it saves money on office space and buildout.

One interesting result from the survey that the report is based on is that many employees would consider changing jobs to escape an open office environment. Perhaps that’s what it will take to put an end to this abomination. But probably not. Employers will still want to save money and the fairy tale about increased collaboration allows them to convince themselves that open spaces are in everybody’s best interest despite research that shows collaboration decreases in open offices.

Posted in General | Tagged | Leave a comment

Vivek Haldar Reads “Solution of a problem in concurrent programming control”

Last week, I wrote about Vivek Haldar’s reading of Dijkstra’s famous paper, “Go to Statement Considered Harmful.” It turns out that Haldar has a series of posts like that in which he reads a foundational paper from Computer Science. One recent example is his reading of another Dijkstra paper, Solution of a problem in concurrent programming control.

The paper is from 1965 and offered the first solution to locking critical code regions. That seems like old news today. You protect the critical region with a semaphore but back in 1965 computers didn’t have the specialized “test and set” instructions that we use to implement semaphores. At the time Dijkstra wrote his paper, it was an open question as to how to implement what we now know as semaphores.

Haldar does a great job in covering the paper. Dijkstra’s papers are always dense but this one is particularly difficult. The code that Dijkstra presents is in ALGOL or at least is ALGOL-like and the syntax is easy to understand. Although comprising only 16 lines it’s very difficult to figure out what’s going on. Haldar refactors the code a bit and explains what’s happening.

It’s amazing how something we now consider elementary, if not trivial, was once considered so hard that it was an open problem. Of course, a lot of that is that once it was understood that a semaphore was what was needed, hardware primitives were introduced to make implementing them simple.

Posted in General | Leave a comment

Taking Notes in LaTeX

This is astounding. Gilles Castel uses LaTeX to take notes in his Math classes. These aren’t simple notes with a smattering of elementary math symbols; they’re notes for classes like Complex Variables and other advanced topics. Take a look at his post for some examples.

I say it’s astounding because I wouldn’t have believed you could type the LaTeX fast enough to keep up with the instructor. Castel’s goal is to be able to type the LaTeX as fast as the instructor could write the mathematics on the board. To make this possible, Castel uses UltiSnips snippets and Vim. He’s got a number of custom snippets—some quite complicated—that intelligently expand to LaTeX and enable him to enter the mathematics at speed.

Naturally, I started wondering how his procedures would port to Emacs and AUCTeX. I’ve never used UltiSnips but it seems similar to yasnippet except for supporting regular expressions in the keys. On the other hand, AUCTeX provides a lot of functionality that Castel implements with snippets. The post contains several animated GIFs that show how his system works in practice. Watch them and be amazed. If you’re an UltiSnips user, Castel’s snippets are available here for you to try.

Regardless of which editor and snippet package you use, I’d guess that it’s going to take some concentrated practice to get fast enough to actually use in class.

Posted in General | Tagged , , | Leave a comment

Deleting Blank Lines

The Learn Emacs Twitter feed has a handy tip for dealing with blank lines:

It turns out that the delete-blank-lines command is a little more nuanced than that. The actual rules for invoking it (according to the documentation) are:

  1. If the point is on a blank line surrounded by others, delete all the surrounding blank lines, leaving just one.
  2. If the point is on an isolated blank line, delete that line.
  3. If the point is on a nonblank line, delete any blank lines that immediately follow.

This isn’t a command that I’d use everyday but it seems perfect for cleaning up a text file with lots of blank lines. Often times, I see imported data like this so it’s worth remembering the command.

Posted in General | Tagged | Leave a comment

Release Candidate 1 for Emacs 26.2 Is Out

Nicolas Petton announced on the Emacs-Devel list that Emacs 26.2 RC1 is out. If you verify Nico’s signature—as you should—you’ll notice that GPG says the key has expired. As Nico explains, the key is still good but the GNU keychain has not been updated. You can safely ignore the message.

I compiled and installed it on my Mac in the usual way without problem and am using it to write this post. The installation is brand new so I don’t have much experience with it yet but so far everything seems excellent.

As usual, thanks to John, Eli, Nico, and all the others for their work in bringing us this release.

Posted in General | Tagged | Leave a comment

An Application of Bayes’ Theorem to Differential Privacy

In a nice followup to yesterday’s post about differential privacy, John Cook, the proprietor of the Data Privacy Twitter feed, has a nice post that uses Bayes’ Theorem to implement a simple differential privacy scheme.

The problem is to gather a yes/no answer to a question from a group of people without revealing any individual’s “true” answer. The post is nice because the method it uses is a simple application of Bayes’ theorem, making the mathematics accessible to most Irreal readers. The protocol involves each respondent flipping a coin once or twice to determine their answer—see Cook’s post for the details.

Differential privacy appears to be emerging as the go-to solution for anonymizing data in a way that protects the privacy of the respondents but still allows useful aggregate data to be extracted from the information. Even the U.S. Census Bureau will be transitioning to differential privacy for the 2020 census. If you’re interested in such things, the Census Bureau has a paper describing some of the details.

Last Minute Addition:
Just as I was getting ready to publish this, I came across this talk by John Abowd of the Census Bureau that talks about their plans for the use of differential privacy. The talk is an hour long so here are a couple of interesting points if you don’t have the time or interest to watch it. Abowd say that noise infusion is an absolute necessity to protect the data. As an example of why this is true and of how easy it is to identify respondents from limited data, the bureau combined commercial data bases with just 3 items from the 2010 census data: age, sex, and census block (a relatively small area that the bureau uses to group respondents by location). That was enough to uniquely infer the identity of the respondent for 48% of the population. When those results were checked against the actual data, it turned out that the inference was correct for 38% of the population.

Posted in General | Tagged | Leave a comment

Differential Privacy

One of the tough problems in ethical data gathering is how to collect statistics while respecting the privacy of those the data is being gathered from. It’s widely known that most forms of data anonymization are not robust and that it takes surprisingly little information to deanonymize it.

One method that does show promise is differential privacy. The basic idea is that the data is perturbed in such as way that its origin can not be reconstructed but such that statistical measures, such as mean values, can still be estimated. That allows the collection of aggregate data while protecting the individual targets of the collection.

Recently John Cook’s excellent Data Privacy Twitter feed had a pointer to an interesting post on the Microsoft Research Blog on how they collect user telementry anonymously using differential privacy techniques. The idea, they say, is to encode the data on the user’s device in such a way that the output of the encoding is approximately equally likely to have come from any other user. At the same time, the encoding allows the recovery of useful aggregate data.

The post describes a method of encoding the value of \(x \in [0,M]\) in a single bit in such a way that the mean can still be estimated. It’s a nice trick and the post is worth a read just to see how effective differential privacy can be.

Posted in General | Tagged | Leave a comment