mike's blog

My quals paper was on making AES implementations more secure by using vector permutations to compute the S-box. Only recently did I get around to cleaning up and releasing the code. It's hosted at Stanford's crypto site for export control stupid reasons. It's in the public domain, so use it for whatever. Except not anything too important, since it's version 0.5 and needs more testing.

In completely unrelated news, I misbooked my Thanksgiving flight. Delta wants $180-$200 to change it... might as well just get another ticket. This is probably the point, though you'd expect them to make it more worthwhile to fly Delta again instead of rebooking on some other carrier.

It took a while, but catameringue is back online, now hosted from the Riddlair. Thanks, Robert and Shaddin!

CRYPTO 2009 is going well, though I didn't manage to make slides in time for the rump session. I've also been playing too much Civ IV and doing too little mingling between sessions. But I've gotten to see many friends and acquaintances that I haven't seen in a long time.

Long post because I like to geek out over this sort of thing.

I'm in the process of rebuilding the shiftleft.org server, meringue, into a smaller, more power-efficient machine, with the goal of moving it out of my apartment into someone's closet or something. I'm using an M350 case and a pair of notebook hard drives for storage. Because of the way the dual hard-drive mounts look, and because I like dumb puns, I'm calling it “catameringue”.

I've had a few problems so far. First up, I got a 24-pin PSU by mistake instead of the 20-pin version, so the whole thing is currently hooked up to a ginormous ATX PSU. I botched the install (turns out the Hardy /etc/passwd and my earlier Ubuntu /etc/passwd have different UIDs for certain daemons...) and it took me several hours to figure out what was wrong and correct the problem. So that's why the server was down for an evening. What's more, there are lignering stability issues. They might be caused by powernowd, which doesn't meaningfully reduce power consumption anyway, so I've turned it off.

But my biggest concern is cooling. The combination of the M350, EPIA EN12000EG and two hard drives seems like a cooling nightmare:

• The EN12000EG is fanless, but the whole system draws more than 10 watts (if only barely... it's sucking 24 from the wall at idle, but that's through a 380W desktop PSU), which is supposed to be the limit for fanless operation of the M350.
• The hard drives block almost all the top ventillation of the M350. I consider this a serious design flaw of the M350; if it didn't have that solid stripe down the middle, cooling in this configuration would be significantly easier.
• The M350 has a fan mounting slot, but it's perpendicular to the fins of the motherboard heat sink, and even before that it's blocked by the RAM. Right now it adds a ton of noise and reduces the temperature by maybe a degree or two, so I've unplugged it. Low-profile RAM might help here.
• If the M350 supported a tower setup, the heat sink would be vertical and unobstructed, and air could flow very nicely through all the hot spots by convection alone. But it doesn't, and it'd need a big standoff anyway to get airflow through the bottom. It also doesn't support side-mounted fans, which would achieve this without the tower mounting.

Right now it has the top of the case off to accomodate the huge desktop PSU, and despite all of the above it keeps plenty cool with no fan. The northbridge temperature hits 60°C under load (CPU temperature tops out at 44°C), which is fine. But once the case cover is on, who knows? I suppose I could jury-rig it with tower mounting, side fans or no case lid, but this seems like a big hack for a new machine.

If I really can't get it to work, I'll have to either remove one of the hard drives (not sure what RAID 1 is getting me anyway) or get a more efficient motherboard, or both.

Pics will occur when it's done. It's a shame I didn't get any of the machine hooked up to an external hard drive, external DVD drive and ATX PSU; the DVD drive and PSU are each almost as big as the entire case.

Yay! I'm on vacation. I went to the HRSFA house party over the 4th of July in Washington DC. The party was awesome, lots of people I hadn't seen in ages, delicious food, board gaming and geeky conversations for almost 4 days. Dominion went over very well, thanks Mom and Ken!

I'm now in Canada, visiting Esther's folks. It's also really fun, except that I seem to have come down with some sort of cold. And as always with me, every cold is a nasty cold. Boo.

My site should now look good on iPhones and similar mobile devices. Tell me if you see any bugs.

Edit: Bugs include things like not using any CSS in Firefox 3.0. Oops.

I went to the Freedom Summit this past weekend. It was a conference on “human trafficking” (a.k.a. slavery... I honestly don't know why they use that term). While I was vaguely aware that slavery still exists in other countries, I was surprised to find out both the scope of the problem — about 27 million slaves worldwide — and that it's still present in the US — about 200 thousand slaves, including several slave-trade rings in the bay area.

The conference itself was an explicitly Christian event. The main thesis was that individual Christians and the church as a whole are called to fight injustice wherever it occurs, and slavery is one of the greatest injustices of our time. Francis Chan's preaching was spectacular, and he really convinced me that action is required. But of course, I'm a coward. I know that Christianity is supposed to radically change my life, but my life is actually pretty comfortable right now, and I'm afraid of what that change would bring. So as of now, I'm only doing cowardly things to fight slavery, like raising awareness by blogging about it.

So what can be done to fight slavery? The most straightforward is missions to set slaves free, mostly by getting police to break up slave-trade rings, and to help them find an honest living once they're free. But this is an endeavor for the brave. (Well, sort of. You can always google for sketchy massage parlours in your area, investigate them, surveil them, and get them busted for sex slavery.) Aside from that, you can give logistical or financial support to groups which do this, most notably International Justice Mission and Agape International Missions.

On another front, it's important to break the economics of slavery. Unfortunately, the biggest sector of slavery in the US and worldwide is sex slavery, and other than not visiting brothels there's not much you can do about that economically. But agricultural slavery is easier: you can buy fair trade, particularly for coffee and chocolate.

To fight industrial slavery, there's a similar effort called free to work. Free to work companies pledge to avoid slave labor in their contractors and suppliers as well as their own factories. Because this is a fairly high bar and free to work is a fairly new effort, only a a couple dozen companies have taken the pledge, but that's changing. And you can help it change by asking your workplace to take the pledge.

And of course, if you're both cowardly and lazy like me, you can at least get the word out. Blog about it, facebook it, tell your friends, or wear something orange to show your support. More information at Not For Sale.

Yay, my paper got into CHES 2009. I'll need to change it pretty heavily to reflect my work with Intel platforms, though.

I've been reading through the Bible (starting as a Lenten devotion, but hopefully I'll be able to keep it up). Certain verses have struck me as interesting, in odd ways, as I've been reading. Here are some of them, from the NIV (© Zondervan, 1984):

• Exodus 33:3:

  “… ³Go up to the land flowing with milk and honey. But I will not go with you, because you are a stiff-necked people and I might destroy you on the way.”

• Judges 1:19:

  ¹⁹The Lord was with the men of Judah. They took possession of the hill country, but they were unable to drive the people from the plains, because they had iron chariots.

• Judges 3:1-2:

  ¹These are the nations the Lord left to test all those Israelites who had not experienced any of the wars in Canaan ²(He did this only to teach warfare to the descendants of the Israelites who had not had previous battle experience): ³…

• Judges 7:16:

  ¹⁶Dividing the three hundred men into three companies, he placed trumpets and empty jars in the hands of all of them, with torches inside.

I'm adding a recipes section to this site. Right now it just has pancakes on it, but more recipes should be following.

Praise the Lord! I passed quals.

Hopefully the paper I wrote for quals will be publishable... maybe at CHES 2009?

[update] That means don't let your friends do this.

We played the paper game (a.k.a. telephone pictionary) at Saturdinner and it came up. The starting phrase was "We didn't start the fire / It was always burning / Since the world's been turning". Also amusing: "Captain Pirate has no pants" and "Frosty the Snowduck plays the violin".

A very occasional hobby of mine is repurposing quotes from classical works whose words have changed meaning. A few off the top of my head:

• For a web error message:

  Out flew the web and floated wide;
  The mirror cracked from side to side...

  Alfred, Lord Tennyson, The Lady of Shalott
• For Escape Velocity:

  This warp seemed necessity; and here, thought I, with my own hand I ply my own shuttle and weave my own destiny into these unalterable threads.

  Herman Melville, Moby-Dick
• Less awesome but still amusing, for StarCraft:

  The many men, so beautiful!
  And they all dead did lie:
  And a thousand thousand slimy things
  Lived on; and so did I.

  Samuel Taylor Coleridge, The Rime of the Ancient Mariner

I had a lot of free time over break, and used some of it to hack together a new templating system for this site. The site is basically written in XML, with a hodge-podge of perl and XSLT translating it to the shiny form you see here. It's somewhat slow on meringue (stupid Saxon... takes over a second to load up that JVM), but is otherwise pretty usable. Hopefully the upshot is that I'll update this site more often... it's been ages...

There are still some kinks to be worked out, so let me know if stuff doesn't work.

Hopefully this site will have something on it soon. It's been too long...

To do:

• Make the theme less loud. Desaturate, change contrast, shift toward green?
• Make the "shift left" logo less ugly a link.
• Figure out which sections should still be here.
• Get a couple papers and a resume online.
• Make an "about me" section.
• Pick out which, if any, art to keep around.
• Make a decent templating system.
• Grade three dozen more programming projects.