TCP/IP Lab

Operating systems were invented to replace or help computer operators. Operators were people who sat in data centers and managed the computers' memory, and hard disk space. They were also the people who input programs and data into the computer. This was important because there was usually a shortage of memory and disk space. Often the operator had to manually type the program into the computer's memory by using a teletype machine. This was basically writing a program beginning to end without the help of a compiler or integrated developing environment  telling you your language syntax was wrong. Once the program was loaded into memory, meaning it was digitized, you had to free up the memory by outputting the program onto some kind of temporary media. Often this was put onto punch cards, or sometimes magnetic tape.



Setting the stack of punch cards aside, the operator then had to go find whatever data was to be processed. This could be on punch card, magnetic tape, or perhaps on the hard drive.

Here is where I lose my way in this process - I was in grade school during all this. However, you can see that all this could become pretty complex and unwieldy once computers became more complex and more and more business functions became computerized.

Mainframe computers have a reputation for being old fashioned and outdated. However they are still for sale and are still used for very large computing needs. For example airline reservation and flight scheduling systems used by airlines are made of large groups of mainframes working in unison, real-time. Try doing that with Windows 2003!



As far as I know, the major difference between mainframes and today's client/server systems is in how they implement their programming logic. In mainframes at least some of their programming logic is actually built into processor hardware; today's servers have general purpose processors and so rely completely on software for their programming logic.  This makes mainframes more reliable and faster, yet much less flexible than today's commodity servers. Mainframes are also super expensive, comparatively.

Back in the '80s there began to be an alternative to the mainframe. They were called minicomputers, or simply minis. These were smaller hardware and software packages, and often used operating systems that today would look to us like an operating system and software application rolled into one. This meant that you'd often have to run one minicomputer for each major program your business needed.

VAX/VMS, PDP-11, TOPS-10 and -20, Pick.

OS diversity that we don't have today. Also a time increasing diversity in programming languages. Also Unix was written on a mini.

 

Body text

L^AT_EX

Arabic is a really cool language for a lot of reasons. It is really a group of several languages, which are actually dialects, but can, in some cases, sound unintelligible to speakers from separate countries. But the crazy thing is that they are all written the same way. The written form is also the "dialect" you'll hear on TV and movies. It is called Modern Standard Arabic (MSA).

Groups of nouns, verbs, adjectives, etc. will often be related in sound and spelling. They'll share a single three-letter root. Like k-t-b is the root of many book- and writing-related words.

kataba        he wrote        كتب
katabû        they wrote     كتبوا
katabat       she wrote      وكتبت
katabnâ      we wrote       كتبنا

Arabic is written from right to left. Which is surprisingly not very disorienting, actually. What is terribly disorienting is that books in Arabic open from right to left too. So handling and reading them never really feels right.

One thing that is hard for Westerners to get used to is that short vowels are rarely written in the words. Exceptions to this are children's' books, language textbooks, and some formal religious texts like the Koran. This means that the reader often has to deduce the actual meaning of the word from the context. "Short vowels" are vowels that are pronounced for a normal duration (normal to us), as opposed to "long vowels" which are pronounced in a lingering fashion and have no equivalent in English.

Kristen Brustad has written an excellent package for learning Arabic. It consists of a textbook and workbook with accompanying DVDs. Together they are the best written and best produced language learning package I've ever encountered.

Learning to recognize Arabic sounds is difficult at first. For example, there are two different versions of the sound for the letters S, T, K, D and DH (the sound at the beginning of "this" or "there"). The difference is subtle, but can be learned. Learning to pronounce Arabic sounds is another matter. You'll need some cough drops for after class and your throat muscles will get a bit sore in the beginning. At first it can feel near impossible to make some of the sounds - like trying to wiggle your ears if you have never done that. But it comes together with practice.

Body text

Body text

Body text

Some people get all political and hung up about so-called Ebonics. Whatever. I'm fascinated by black English for several reasons. I've read that it contains formal grammatical rules and even verb usages that are not available in standard English. Wikipedia has a thorough but exhausting page about his. I stole some of their examples:

I been bought her clothes.

I bought her clothes a long time ago

I been buyin' her clothes.

I've been buying her clothes for a long time.

He workin'.

He is working [right now].

He be workin'.

He works frequently or habitually. Better illustrated with "He be workin' Tuesdays."

He stay workin'.

He is always working.

He been workin'.

He has been working.

He been had that job.

He has had that job for a long time and still has it.

He done worked.

He has worked. Syntactically, "He worked" is valid, but "done" is used to emphasize the completed nature of the action

Many a white person used to standard English might be surprised that there is a system at work here. But it is certainly a system different and pretty much unavailable to many of us. An extreme example of this is that a Chinese immigrant friend of mine, who speaks pretty good English, says that he can not understand anything said by people speaking this dialect. Supposedly real linguists consider AAVE to be a creole rather than a dialect of English. I'm not sure exactly what this means.

While I find rap and hip-hop culture pretty messed up and often seemingly destructive to black America, it looks to me to be the way that a lot of AAVE slang and innovation finds its way into the mainstream of American culture and the English language. It seems that every generation of black Americans produces a pretty constant supply of creative mutilations and purposeful changes to standard English words. Some of my favorites, translated like only a nerdy white guy can:

trippin        =     confused or upset
up in here   =     at this place
natural        =     an afro hairdo
                           (maybe this should be the other way around)
dis               =     to disrespect or humiliate
fit'n 'a          =     getting ready to do something
get your
freak on       =     I think this means to have a fun & get wasted.
cap               =     to shoot someone

While a lot of the phrases and words coming out of this culture seem to be pretty negative and ugly, I think this might be one of the most active areas of change and creative innovation in the English language, alongside Internet related words and more pure technology words.

The more I learn about other languages, the more I've come to think that English is a sort of creole which has spread so far and to so many people as to be called a "language" now. It didn't even have any consistent spelling or usage put down in a dictionary until just a few hundred years ago. It is the result of three or four linguistic collisions over the centuries. One of the outcomes of this is that we have a huge vocabulary compared with some other European languages. For example French has 35,000 words  whereas English as something between 475,000 and 600,000.

One of the reasons for this huge vocabulary is that "native" Celtic and/or formerly "Anglish" (a Germanic dialect from an earlier invasion) words were almost totally ignored by the Norman (French) invaders that ran England for a couple of hundred years. Later the Catholic church ran everything and introduced lots of Latin. There is a hangover from this in that more educated people still tend to use words originally from French or Latin, whereas less educated people tend to use the Celtic/Anglish words meaning pretty much the same thing. I've probably botched the history here, but anyway an example of this phenomenon is drunk versus intoxicated. The former comes from Scottish, whereas the latter is from Latin. I'm in way over my head here so I'll leave it at that.

Code Breakers

The Victorian Internet

Body text

Body text

Body text

Cryptanalysis is not just for mathematicians. It can be very fun for regular folks. My favorite hand cipher is the Playfair cipher. It was used by the British in WW I. The Germans modified it a bit and used it in WW II. The British cracked it by hand (no computers) and read much of the secret communications of the Nazis. You can read about it in this awesome book.

To use it you pre-share a 5 x 5  grid with your buddy. Part of the grid usually has a secret word in it to help you remember which grid to use. This is for when you use a different grid each day, for instance. Divide your message into pairs of letters. Then you encipher your message by replacing each pair with the letters in the exact opposite positions, upside down & backwards, so to speak. The link above will illustrate this so it is clear. deciphering the message is the reverse of that process.



Cracking real encryption (and hashes) can be done with a really cool program called John The Ripper. It runs on Windows, Mac OS X, Linux, and Unix. There are a lot of other programs that do this kind of thing. To use them you have to find the encrypted or enciphered or hashed password and point the program at it. The instructions in the software should tell you how. It can be addictive. By the way, don't get the password hashes by hacking into other people's computers. In any Western country, and much of the rest of the world, it will land you in prison.


You can see that several of the passwords here were cracked and the program is still working on six more. The actual passwords recovered are in the second column. The corresponding usernames are in the first column. The six that it is still working on are in the last two columns of those six rows. The pairs are representations of the starting and ending points of a range of letter & number groups that the program is trying.

For years I have lamented the difficulty of securely storing and retrieving username and password pairs. In my line of work there are a lot of these, too many to remember.

But storing them in specialized software is always risky. Apple's keychain program once erased every password I had. The same happened to my brother. Other GUI password managers risk the same, or worse , they might not run on your new OS when you upgrade your computer. Then when you someday have to get them all out the software you'll probably have to cut/paste each username and each password into something new.

Some guys store their passwords in encrypted MS Word documents. With Word now supporting AES encryption, maybe this is a good system - cryptographically - but versions of Word seem to only take about six or seven years to become unuseable on new computer. Also, Microsoft products turn out to have bugs and backdoors pretty often.

For a long time I've been storing my passwords in a PGP/GPG encrypted text file. This has the advantage of being decryptable on any OS that supports PGP. And if you use a decent length key (>512 bits, I figure), and a decent passphrase (>6 characters, with upper & lower case, numbers, and punctuation too) it should be pretty uncrackable.

But the problems with this system are pretty significant:

1. You must read/write the password file on or at the computer where it lives. Or you have to connect to that computer remotely. If you keep this file on more than one computer then you have to get into manual or automated synchronization.

2. You have to decypt all of your passwords at once which can be a problem if you make any number of mistakes like forgetting to re-encrypt, leaving your terminal unattended and unlocked, etc.

3. As the text file grows, finding the password you need becomes harder.

So recently I've been working on a hand cipher which can be done either on paper or just in your head once you get familiar with it. The weakness of ciphers verses real cryptographic algorithms is that the latter rely on the secrecy of the cipher system itself, instead of the secrecy of a key. In fact modern cryptographic algorithms are almost always published, even with source code. The idea here is that letting anyone and everyone beat on the algorithm lets you see how secure it really is. Even if you, like me, don't feel comfortable with mathematics, reading about how various cipher and cryptographic algorithms work is really fascinating.

Anyway, the cipher system I've come up with, called the Gartshore Cipher, has the usual weakness of simple ciphers that its security is reliant on the secrecy of the encipherment system itself. I'll go out on a limb and call it a hybrid block/stream substitution cipher. This means that the original plaintext is replaced (substituted) in blocks (chunks of several characters) as well as being substituted as a stream of characters (one after the other, in sequence). This description gives the reader a couple of clues as to how to crack it. Here are two enciphered strings for you to beat on. One of them contains my email address. If you break all or part of this cipher system, please email me with the result and how you broke it. That would be fun and cool. But while cracking it is possible, can you figure out why this system is so easy to use (without pencil and paper) as opposed to a traditional table lookup substitution cipher?

113 14 102 92 11 0012346789 21 83 11 103 11 113 81 82 55 83 123 121

031 102 81 21 102 81 21 102 0101 123 91 31 13 123 22 101 102 21 00123680

That should be plenty of information for a motivated cipher-nut to crack this cipher. This is a great illustration of the trade off between security and usability. This cipher can be done in your head and, once you learn it, deciphered in your head, but this simplicity makes it vulnerable to the most basic attack used against substitution ciphers: frequency analysis. This is where you start guessing about letters which are most often used. In English the letter E is the most used letter, so in long blocks of text, that is a good place to start guessing. Another obvious technique is to look for anomalies that stand out and could be used as a crib. For example, in the cipher messages above, there are two obvious outliers.

This brings up the interesting and controversial topic of “security-through-obscurity”. This is something that is much criticized in computer security circles. Since computer attacks and exploitation attempts are almost always automated, sole reliance on hiding secrets, rather than securing secrets, is a big mistake. An example of this is if you keep your passwords in an unencrypted MS Word file named Holiday_Recipes.doc. It may sound like hiding a needle in a haystack, but a malicious user could easily launch a search for the strings “password” or “username” inside every file on your hard drive.

This example makes the lameness of security-through-obscurity seem obvious. But wholesale dismissal of this technique are very short-sighted. Security through obscurity is widely used in the clandestine services world (spies and spy tradecraft). It should be a part of most complex, layered, security systems. Imagine the CIA posting their encrypted messages to their field agents up on www.cia.gov. Pretty lame idea right? But by not doing that, the CIA is relying on security through obscurity. But they are not solely relying on it. Another example: if security through obscurity is so stupid, why not make your passwords something like “password” instead of “P@s5\/\/0rd”? Because security through obscurity helps the encrypted (or hashed) password be harder to crack. Despite real world facts like this, hardcore computer geeks can be quite dismissive of security through obscurity. Please don't be an idiot and rely on security-through-obscurity to protect your data; but also don't be afraid to use it as part of a comprehensive layered security system. Got that out of my system.

The funnies in the newspaper really were funny

Telephones sounded better and you didn't have to carry them everywhere you went

Cars had more leg room and looked cooler

TV was not 24/7/365

TV shows and movies had real actors that looked like real people, not models

Our enemies lived where we could find them

Airports had coffee shops with real food and waitresses instead of corporate franchises with 20 exhausted people waiting in line

Kids rode bikes everywhere and didn't have to have an appointment to play with their friends

Books and mail and shopping and maps reading the news and catching up with old friends didn't involve computers

Gay guys knew it was not cool to hit on straight guys at work or in public

Offices had secretaries

It was easy to find a pay phone and they had phone booths that were quiet inside

There was very little food guilt, eco-guilt, you-didn't-return-my-email guilt, or gas-powered-car guilt

There was way less traffic