copyright © 1986 Gillian Collyer
Plan 9, Inferno and (l)unix system programmer and administrator.
(geoff at collyer.net).
From 1994 through 2001,
I was a Member of Technical Staff at
(originally a part of AT&T, now a part of
in Murray Hill, NJ,
where I worked on operating systems and
messaging systems and protocols, among other things.
I rejoined Bell Labs on 10 July 2006.
pgp public key(s)
RSA public key
was generated by PGP 2.6.2
(i.e. it's in the second of three or four incompatible formats)
and its fingerprint is
Type bits/keyID Date User ID
pub 1024/1F08CB75 1996/06/24 Geoff Collyer <firstname.lastname@example.org>
Geoff Collyer <email@example.com>
Geoff Collyer <firstname.lastname@example.org>
Key fingerprint = 67 08 1E F6 6B F3 1B 1B CF 27 87 7B 3D 59 30 A1
ranting and raving
osx viruses, 18 April 2012
I have just read several clueless articles
(in a long series of them)
by alleged ``technology'' writers
and professional security paranoids flogging their commercial
``security'' snake oil
Macs are no safer than PCs for any technological reason,
it's just that PCs have the bigger market share and so that's
what the criminals spend their energy on.
Wrong and clueless, but thanks for playing.
Unlike Windows, Unix-derived systems have
clean user/kernel mode separation crossed only by system call traps,
which validate their arguments and check permissions.
Programs running as ordinary users (and not root, say)
cannot directly access the hardware.
So an ordinary Mac user running as himself
can't trash the system by executing bogus code.
Unix has had this for about 40 years and it wasn't a new idea then.
That Microsoft still
hasn't figured out that this is a good idea
is a source of continuing amazement.
Windows doesn't get bashed solely because it has or had
the most market share, it's also truly technologically inferior,
and would be even if it had 1% market share.
the sad state of crytographic infrastructure, 17 May 2012
I've been looking at ssh and IPsec again and it's made me realise again
that we (in the computing field)
have made a mess of the artifacts of cryptography
and it's entirely our own fault.
Starting from goals such as privacy and authentication of communication,
we have taken aim at our feet and fired with
PGP is a sad example:
by changing key formats and algorithms repeatedly
(sometimes for compelling legal reasons),
interoperability is so impaired that you pretty much
need to know in advance which version of PGP each recipient uses.
- oids (object ids)
- the X.509 binary encoding used for key certificates
- dozens of certificate `authorities'
- protocols with so many optional parts and choices that systems can barely interoperate
- an array of binary key formats
- and more
The triumph of ssh v2 (a classic second system)
over v1 is another example:
whatever the theoretical weaknesses of v1 were,
it was surely better to encrypt one's communication than not.
We need a v3, a stripped-down and streamlined version closer
to v1 than v2.
We seem to be better at building great steaming piles of crypto
than getting to the core of what needs to be done and doing just that.
ported Plan 9 to Xilinx Virtex 4 and 5 Power-PC-based evaluation boards,
ARM-based systems including the Sheevaplug, Gumstix Overo and Trimslice,
MIPS-based systems including the Routerboard RB450G.
maintained the original
file server kernel
(now upgraded to 64-bit sizes)
and contribute to Plan 9 generally.
merged the big-endian and little-endian MIPS compilers, assemblers and loaders.
wrote the current (new) Plan 9 tar,
which is cleaner and faster than the old one, and is POSIX-compliant
(i.e., can cope with longer path names).
file server kernel to use 64-bit file sizes,
offsets and block numbers internally,
ported the CPU kernel's IDE code, thus enabling the use of DMA, RWM, etc.,
and ported the CPU kernel's Intel gigabit Ethernet driver.
added greylisting and other anti-spam measures to
added multicasting (for IPv6) and shutdown entry points to drivers
for all modern ethernet cards.
updated the connection server to recognise
fixed the kernel to recognise v6 addresses starting with ``20'' as global.
libraries and made them use a consistent byte order on disk,
rendering the databases portable across CPU architectures.
arranged completely diskless booting of Plan 9 PCs using compact flash cards
added device mirroring (think RAID 1) to the Plan 9 file server kernel.
Combined with support for IDE disks,
this enables use of inexpensive hardware to form
a large Plan 9 file server.
set up and ran the largest Plan 9 file server
(with optical disc jukebox)
inside Bell Labs other than the main Plan 9 development file server.
Extended support for jukeboxes with optical disks of varying sizes.
The smaller jukeboxes can now be had second-hand quite cheaply.
distributed operating system,
built a scalable message store that served a broken-out view of MIME
messages, and designed and implemented rsmtp, an SMTP replacement.
Got Inferno running on Mac OS X.
configuring IPv6 tunnelling networks
developed the operating system for the now-defunct AT&T HomeCenter™
set-top box, notably DSP communication, and the C library.
Unix device drivers
Tektronix storage (display) tubes (for V6 Unix),
Nuclear Medicine scintillation counters (for V6 Unix),
and other kernel work
(e.g. putting /tmp in memory).
reverse-engineering (``decompiling'') manual pages from
nroff output to troff -man input:
invented the term const poisoning during development of the
ANSI C standard
Unix system programming and running Unix systems
(including 8th and 9th edition)
for almost a decade at
the University of Toronto,
the computing center,
undergraduate computer science instruction,
the statistics department.
set up the original bell-labs.com servers
during the ATT/Lucent split,
notably DNS and mail servers on Plan 9 and internal and
assigning interrupt priorities in software
via interrupt queueing, in Computing Systems, Spring 1996
evolution of operating systems:
Research Unix in
(updated 23 Dec 1998 to more closely match the printed article
in Microsystems in 1984).
Also, a new, improved draft that fixes a number of errors we missed the
first time around and adds real references, in
stak.c from the appendix,
and a newer, tidier
alignment problems that showed up on the Alpha.
I've retrofitted the above memory-management, directory-reading
and a few other changes into a V7 sh
that should run on POSIXy systems.
It's been run on the BSDs and Linux on x86 PCs without trouble.
Among its other features,
it lacks the GNU
library, so what you type is what you get.
Mon Mar 7 04:03:13 PST 2005:
To get it running on 64-bit Suns, I had to change two declarations;
v7sh.tar and the newer stak.c have been updated.
performance tuning and more software reimplementation:
C news netnews software
automated game referees:
the successor to Unix;
a distributed system
drawing on over 20 years of experience with Unix
of Plan 9 software
an early outline of a proposed-but-rejected book about
why Plan 9 matters.
Pardon the formatting; it was converted to HTML mechanically.
derived from Plan 9,
language, which features particularly helpful support
for processes sharing address space.
If POSIX pthreads give you the willies,
limbo might be for you.
inferno runs on bare 386 or Sparc hardware
and as a `guest OS' on the usual (l)Unixes and MS Windows.
archiving and optical media, notably CD-R.
Plan 9 has a convenient backup system using optical disks,
discussed in its
block store looks promising and I'm running a
store for general experimentation.
the file server built on top of
shows promise too, but is less mature and needs to be shaken down severely.
is the distribution of my
news overview database code.
is now incorporated into essentially all serious newsreaders.
More Taste, Less Greed
strong cryptography as an aid to privacy and civil rights
Mac OS X's Safari is a pretty good web browser.
If you buy a used Mac, I have
my notes from buying an upgraded Mac and
including dealing with OpenFirmware.
My trials with adding PCI Ethernet cards are
These days, I'd recommend buying a new Mac if you can afford it,
or one with built-in USB, so you can run Panther, if not.
undocumented things you may need to know
how to configure Vonage's Motorola VT1005V VOIP phone adapter
The thing won't talk to anybody initially.
It's initially configured to be 192.168.102.1
and listen for web connections; that's documented.
What doesn't appear to be documented is that the machine running
the web browser needs to have,
possibly as one of several,
the IP address 192.168.102.99.
I found this in a discussion forum on broadbandreports.com
and it works.
Also, the RJ-45 Ethernet port labelled `PC' is expecting a cross-over
Ethernet cable if you plug it into a switch rather than directly into a
If you do plug it into a switch, it's a wise precaution to unplug the WAN
port first to avoid the possibility of looping packets.
It's arguably a bug that the box won't respond to pings from anybody else
(nor will vonage.com nor www.vonage.com).
The ``diagnostics'' available when something goes wrong
consists of a single blinking light, the meanings of which
What's apparently not documented is that the light lies.
From personal experience,
some operations seem to just time-out and the box moves onto the next step.
It's entirely possible to get the box into its `light on solid' state,
which is supposed to mean that it's ready to go, without it having
made contact with Vonage's servers.
Adding a serial port, through which one could configure the box and
receive error messages, would be a big step forward.
The box is a little too eager to be your router and NAT translator
and serve DHCP.
This is a test, this is only a test:
smiley: ☺ @ 0x263a
white king: ♔
c cedilla: ç
cyrillic small letter ia: я
hebrew letter bet: ב
latin small letter sharp s: ß
latin small letter thorn: þ
ligatures oe, then ae: œuf Œ æsthetic Æ
scandinavian vowels: å mÖØse
cjk, ideographs, etc.: 逸 逹 @ 0x9038—0x9039, ぴ @ 0x3074
pounds sterling: £
euro: ₠ @ 0x20a0, € @ 0x20ac
section mark: §
w cubed: w³ (0xb3) w (0x2073)
geoff at collyer.net