Mobile
My iOS apps
Other apps
Open source
  • Bandwidth benchmark
  • RAVM virtual machine
  • Big integer division
  • Prime numbers
  • AntiJOP sanitizer
  • TouchWidgets UI lib
  • Networking utils
  • Documentation
  • x86 instructions ref
  • GIT quick ref
  • GPG quick ref
  • Avoid Ubuntu
  • Android malware risks
  • iOS malware risks
  • OS/X security tips
  • Tor blockers
  • Software engineering
  • BASH aliases
  • I.B. pro/con
  • Why 64-bit?
  • Vocal programming
  • Nutrition
  • Blog
  • Contact
    1 at zsmith dot co

    An unassuming tech blog

    © by
    All rights reserved.

    A series of random observations organized in reverse chronological order.

    How to defeat the AnC Address Space Layout Randomization exploit

    Apr 2017

    Not long ago, the tragic news was broached that Address Space Layout Randomization (ASLR) can be defeated using a technique of walking page tables and measuring the delays caused by cache line misses. This is possible because it turns out, Intel, AMD and others use the caches to store page table entries (PTEs) rather than bypassing the caches. While putting PTEs in the cache speeds up software, it makes ASLR trivial to defeat.

    The exploit is called ASLR⊕Cache, or AnC for short.

    The essential flaw is that when PTEs are stored in a cache, part of their address is of course used to determine where in the cache the entry will go, and this fact can be used to coax the cache into revealing that part of the address. Remaining address bits can be obtained using a related technique. Once it's known what entries in each page table are in use, a full understanding of what specific virtual pages are in use can be constructed.

    I believe there is a solution to this exploit. Well, two really.

    The first and obvious solution is for CPU manufacturers should in future stop using the caches to speed up accesses to page table entries. They should also provide microcode patches for existing CPUs, when microcode was used to implement the page table walk. The problem is that while some companies put page table entry loading in microcode, which can be updated, not all do; some implement it in hardware.

    My second proposal is slightly tedious but probably should have be done anyway: Use decoy pages. Let's say you're running a web browser that has a 40MB footprint. That's 10,000 4kB pages. If you produce 4 times that in decoy pages, another 40,000 pages, any attacker using the ASLR-defeating exploit will have to scan 5 times the number of true pages to find what it wants. But 80% of the pages will be useless decoys, meaning a 1 in 5 chance of success.

    But what shall you put in those decoys? Assuming the exploit is looking for particular libraries or data structures, you simply need to create fake pages that look real enough while being harmless. They may need to have pointers to one another just like real pages, and real-looking strings and code. But the code shouldn't do anything useful, like make valid system calls. And the strings shouldn't contain anything useful, like real domain names or usernames.

    Object-oriented assembly language (OOA)

    Apr 2017

    My new article on how to write object-oriented code in x86 asm is here.

    iOS: Areas for improvement

    Apr 2017

    While some like to hold Apple above criticism, because for whatever reason they think Apple is perfect, it has become obvious that some aspects of iOS hardware and software need a rethink.

    Realists on this topic can be found everywhere:

    • Reviewers and ranters on Youtube
    • Retail salespeople in Apple stores
    • Bloggers
    • And anywhere else that the Svengali trance of Apple has no hold.
    iOS imperfect? Let us count the ways...
    1. iOS devices really do need SD slots that can read and write files. For a tool to be useful it has to be fit for purpose and a computing device without a serious storage option (iCloud is not that) is not an effective tool.
      • A photo editor running on iOS has to be able to save an edited file somewhere useful like an SD card from where it can then be efficiently archived. The iCloud or Dropbox solution is not ideal for privacy or speed (upload speeds being generally slow). Regarding sensitive photos, uploading to the cloud may be fine for trivial photos but anything at all sensitive or important needs to go somewhere safer than iCloud.
      • The same goes for critical business files like contracts, customer lists and sales data. No business manager worth his salary is going to accept putting important and confidential business documents into the cloud where a hacker or a government operative can steal them, corrupt them, or delete them and thereby disrupt the smooth operation of his company. Files need to be saveable to a physical medium like SD flash and then put into private backups.
      • The fact that an SD card slot is needed is only half the problem. iOS needs the ability to write to SD cards that have encrypted file systems (like macOS can) to protect user data before it is archived.
    2. The app launch screen (Springboard) is no better than it was in 2007. Android's home screens have useful gadgets of various types like a search bar, a calendar, and concise news headlines. It is quite bizarre that Apple, which fanboys claim is a fount of innovation, is clearly being out-innovated by its imitator.
    3. Apple's obsession with streaming sounds very clever to fanboys, who argue that the age of physical media is already over. But there is a problem: WiFi frequencies are in the microwave range and as such they do go straight through your body and they do cook you slightly. While industry scientists claim this is harmless, that is not true according to some research. Microwaves are officially non-ionizing radiation unlike Xrays so genetic damage should not be observed but the problem is, it has been observed nevertheless. Thus WiFi microwaves may be the new smoking: safe only if you trust the industry and ignore the evidence.
    4. Touches too precise? The premise of the touch screen is that tapping is so easy that it is hard to screw it up. Unless you are in motion. Anyone who has been a passenger in a car or bus or just walking down the street knows that taps are harder to get right while in motion. There are several reasons why this is so, but one is that Apple seems to be encouraging user interfaces that require more and more precise taps. Perhaps Apple bigwigs only ride in super-smooth transport like shuttle buses and let their retinue take the bumpier road. But for the Rest of Us there is an obvious solution that at least Apple could embrace for its apps. What is that solution? My secret.
    Certain types of businesses capitalize on bad decisions.
    • Alcohol and tobacco vendors.
    • Junk food manufacturers.
    • Casinos and lotteries.
    • Payday lenders.
    • Narcissism-boosting social media.
    • Subprime mortgage providers.
    Apple, by encouraging cloud storage instead of physical storage to SD cards, by encouraging streaming and electromagnetic radiation exposure, has effectively joined the ranks of these predatory businesses that capitalize on poor reasoning, pretending all the while to be somehow embracing the future. Is anyone besides the fanboys buying it?

    Safari not included with OS/X?

    Mar 2017

    On iOS, I can open Safari by saying Siri, open Safari. Such is not the case on MacOS. Siri disclaims any knowledge of Safari.

    If MacOS were free/open-source software, or a hobby project, this kind of obvious bug might be understandable. But it isn't written by volunteers. It's not a hobby project. What is wrong at Apple?

    How to fetch a file through TOR

    Feb 2017

    Steps:

    1. Run the TOR browser.
    2. On OS/X use this command: curl --socks5 127.0.0.1:9150 $url -o $name
    On GNU/Linux or Windows the port may be different.

    What does MacOS Sierra look like when its windows server malfunctions?

    Feb 2017

    MacOS sierra crash
    How did Apple screw up to even make this possible?

    Reminder: Even X-Windows never looked this bad.

    What did I do to cause it? It's my secret. Did I create an error ticket on Apple's website? Oh hello no. I've done that before; they always deflect my concerns and ignore my ample evidence.

    Ad Age: Apple losing its way.

    If Apple is against computers with touch screens...

    Feb 2017

    Why is it making this then?

    Are they taking a page from Magritte?

    Ceci n'est pas un écran à toucher.

    The meaning of Magritte's painting is the pedestrian observation that a word is not the thing. But in order to think, we need accurate words to describe a thing. If Apple makes a touch-screen computer but then says they don't believe in making touch-screen computers, what are they saying? What is the iPad with keyboard then really? A surveillance device? Without an SD card slot or a USB port, it certainly isn't a serious tool for productivity.

    Consumers want solutions to problems, not doublespeak. Their money is hard-earned. They are not idiots and you treat them like idiots at your peril.

    How to make a universal i.e. fat library for iOS

    January 2017

    Turns out, it's a simple command:

    lipo -create x86.a arm64.a ... -o universal.a
    

    Notice the pun. Lipo is the prefix for "fatty" e.g. liposuction, lipoprotein etc.

    Object-oriented programming in C

    January 2015

    An update to my old page on OOC: Link

    Common QA mistakes

    November 2014

    Testing is, in a sense, like making a hamburger. It is not terribly difficult but it has to be done right.

    • As with making hamburgers, doing testing wrongly can result in a tragedy.
    • As with making hamburgers, some people should not be doing it.

    Some common mistakes:

    • Failing to report obvious bugs therefore letting bugs pass through to the customer.
    • Not reporting critical facts or circumstances about a defect e.g. that Wifi has to be on, that it only occurs right after midnight etc.
    • Not providing any evidence of a defect e.g. screenshot, videos taken with a phone, or log files.
    • Not being knowledgable enough about the product that you are testing to know how it is supposed to behave, leading to the response that is how it is supposed to work.
    • Not taking the effort to write down what happened at the moment when it happened. Instead trying to remember much later.
    • Not wanting to check everything that needs to be checked and/or not prioritizing.
    • Not testing the latest product. Wasting time testing code whose defects are already fixed.
    • Accepting second-hand information (hearsay or rumors or lies) as totally legitimate instead of speculative.
    Some red flag mistakes that may indicate you should not be working in QA:
    • Doing QA because you like to complain.
    • Turning QA into a political tool e.g. to criticize whomever you dislike this week.
    • Declaring that something doesn't work but refusing to say how or why or when.
    • Being opposed to learning a new platform in order to test software on that platform e.g. I don't do iOS. (Yes; I have heard that.)
    • Having a passive-aggressive personality or otherwise unable to be direct.

    Management as a service job

    November 2014

    Human nature being what it is, many people enter management positions even though they don't understand people, therefore they suck at management. Or they don't understand themselves, therefore they suck at management. Why then would such people think they should manage?

    A few hypotheses:

    • He/she is bossy i.e. a micromanager, blamer or control freak.
    • He/she is lazy i.e. actual work is super-hard and to be avoided.
    • He/she is greedy i.e. they think management is the road to riches and therefore use it to climb the ladder.
      • Example: Carly Fiorina.
    • He/she is classist or casteist, i.e. thinking oneself to be above little-people work.

    Just as a wife beater should never be allowed to become a cop...
    Nor a compulsive liar a politician...
    Nor a kleptomaniac a banker...
    Nor a bully a lawyer...
    The person who has some/all of the above-mentioned problems should be kept out of management.

    We're not in the 1970's any more; we can do better, no matter what the venture capitalists say.

    Management is essentially a service job. It's not at the same level as a cashier at a fast-food joint, but a manager cannot manage well unless he puts his ego aside, is humble and admits it when he doesn't know, can step back and just let people work, and realizes he has to serve.

    1. A manager must serve the customers and not deem them disposable, gullible or stupid.
    2. A manager must serve the workers to aid them in bring out their best and achieving goals and not boss them around.
    3. A manager must serve the money people as well; but not by deceiving them nor kissing their asses.

    The blaming manager, the micromanager, the scheming player -- they can ruin products, divisions and even companies.

    Is the 5.5 inch iPhone 6 Plus practical?

    September 2014

    I was one of the vocal proponents of a big-screen iPhone, telling anyone who'd listen that Apple needs to make one with a 5.5 or 6 inch screen.

    I expected the 6 Plus was going to prove me right. After owning the iPhone 6 Plus, I believe I was wrong.

    It's not a terrible phone. But the 6 Plus is rather heavy. While the 6 Plus only weighs 1.52 ounces more than the 6 (6.07 versus 4.55 ounces respectively), that is 1.33 times the weight, and the difference is almost alarming when they're side by side.

    The expense and delicateness of the 6 Plus means a rugged case is vital. That adds substantially to the weight -- at least an ounce. My preferred case is the Magpul field case, but it's heavy.

    Having also owned the cheaper, lighter, and plasticy $150 LG Stylo 2 Plus, which is 5.1 ounces but has a screen that is 5.7 inches, I can say that the 6 Plus compares quite poorly.

    1. The bare 6 Plus is already 1 ounce heavier.
    2. The 6 Plus's high cost and fragility militates for using a rugged case.
    3. The LG Stylo 2 Plus can be used daily without a case because it is cheap and replaceable.
    4. However the 6 Plus with rugged case weighs over 7 ounces.
    Given the weight situation, only software -- iOS -- saves the 6 Plus, because Android is frankly crap.

    So why go with the 6 Plus at all? While a 5.5 inch screen is a good size for web browsing on the go, it's not a great replacement for a tablet or a laptop.

    Let's consider video watching. If you are not working as a security guard or a librarian, or are otherwise idle in a quiet environment, you won't have a strong need for watching video outside of the home or away from a laptop.

    Let's consider web browsing. Even a 10-inch tablet can make web browsing difficult. A 5.5" screen will be much worse, and it isn't going to be a great improvement over say, a 4.7" display. But it will be much better than a 4-inch screen.

    I'd say that if Apple cannot make a less delicate, expensive, and weighty phone, it should settle on a smaller size. A 5-inch screen may be the Goldilocks size: Not too large, not too small, not too heavy. Just right for practical use while keeping the weight down.

    A repeat loop kludge for Objective C

    September 2014

    Many a-time there's a need in C and Objective C for a simple repetition loop à la 8086 instruction LOOPNZ. But one doesn't always need access to the loop counter itself. To this end, here's a simple #define that gives you precisely that. It may not work in every compiler, but it seems to be safe when used in Xcode.

    #define repeat(COUNT)  unsigned long x##__LINE__ =COUNT; while (x##__LINE__ --)
    

    Usage 1: repeat(10) puts ("message");
    Usage 2: repeat(10) { puts ("message"); }

    But why stop there? If you do need the counter value, just provide it like so:

    #define loop(VARNAME,COUNT) for(int VARNAME=0; VARNAME < (COUNT); VARNAME++)
    #define countdown(VARNAME,COUNT) for(int VARNAME=COUNT; VARNAME > 0; VARNAME--)
    

    The only caveat is that as of Xcode 5, llvm is performing a lot of type checking so you may need to type-cast the variable from the loop and countdown macros.

    Jerry Seinfeld explains why he didn't become a mere TV mogul

    September 2014

    But I didn't take that bait... because I know what it is... You can't pull that over on me.
    I've sat in all those chairs.
    I've been in those rooms. I know what it is.

    What is it? You'll just have to listen to Alec Baldwin's interesting and funny interview of Jerry Seinfeld:
    WNYC link

    Resize images from the command line

    August 2014

    On OS/X there is no need to install ImageMagick in order to resize images from the command line. Let's say you want to generate a new set of icons for an iOS app. You can do it with two commands: cp and sips. Below I offer an example, left as an exercise for the reader, on how you might do this from a script:

    cp iTunesArtwork.png Icon-144.png
    sips -Z 144 Icon-144.png  &> /dev/null
    file iTunesArtwork.png Icon-144.png
    




    © Zack Smith