AUGUST 2007 VOLUME 32 NUMBER 4

THE USENIX MAGAZINE

OPINION Musings RIK FARROW

SYSADMIN Building BitTyrant, a (More) Strategic BitTorrent Client MICHAEL PIATEK, TOMAS ISDAL, TOM ANDERSON, ARVIND KRISHNAMURTHY, AND ARUN VENKATARAMANI Should the Root Prompt Require a Road Test? ALVA COUCH An Introduction to Logical Domains, Part 1 OCTAVE ORGERON Some Lesser-Known Laws of Computer Science EMIN GÜN SIRER AND RIK FARROW Migration of Secure Connections Using SockMi MASSIMO BERNASCHI, FRANCESCO CASADEI, AND SAMUELE RUCO

COLUMNS Practical Tools: Peter Piper Picked a Peck of PDFs DAVID BLANK-EDELMAN iVoyeur: A View from Someplace Nearby DAVID JOSEPHSEN Deviating Alternatives to Asterisk HEISON CHAK /dev/random ROBERT G. FERRELL

STANDARDS An Update on Standards: Revision Fever NICK STOUGHTON

BOOK REVIEWS Book Reviews ELIZABETH ZWICKY ET AL.

USENIX NOTES Summary of USENIX Board of Directors Meetings and Actions TONI VEGLIA Flame and STUG Awards USACO Update ROB KOLSTAD USENIX Association Financial Report for 2006 ELLIE YOUNG

CONFERENCES NSDI ’07; HotBots ’07; HotOS XI; CHIMIT ’07; BSDCan

The Advanced Computing Systems Association Upcoming Events

2007 KERNEL DEVELOPERS SUMMIT 2008 ACM INTERNATIONAL CONFERENCE ON

SEPTEMBER 4–6, 2007, CAMBRIDGE, U.K. VIRTUAL EXECUTION ENVIRONMENTS (VEE ’08) http://www.usenix.org/kernel07 Sponsored by ACM SIGPLAN in cooperation with USENIX MARCH 5–7, 2008, SEATTLE, WA, USA INTERNET MEASUREMENT CONFERENCE 2007 http://vee08.cs.tcd.ie (IMC 2007) Abstracts due: August 27, 2007 Sponsored by ACM SIGCOMM in cooperation with USENIX 5TH USENIX SYMPOSIUM ON NETWORKED OCTOBER 24–26, 2007, SAN DIEGO, CA, USA http://www.imconf.net/imc-2007/ SYSTEMS DESIGN AND IMPLEMENTATION (NSDI ’08) 21ST LARGE INSTALLATION SYSTEM ADMINISTRA- Sponsored by USENIX in cooperation with ACM SIGCOMM and ACM SIGOPS TION CONFERENCE (LISA ’07) APRIL 16–18, 2008, SAN FRANCISCO, CA, USA Sponsored by USENIX and SAGE http://www.usenix.org/nsdi08 NOVEMBER 11–16, 2007, DALLAS, TX, USA Paper titles and abstracts due: October 2, 2007 http://www.usenix.org/lisa07 2008 USENIX ANNUAL TECHNICAL CONFERENCE ACM/IFIP/USENIX 8TH INTERNATIONAL (USENIX ’08) MIDDLEWARE CONFERENCE (MIDDLEWARE 2007) JUNE 22–27, 2008, BOSTON, MA, USA NOVEMBER 26–30, 2007, NEWPORT BEACH, CA, USA http://www.usenix.org/usenix08 http://middleware2007.ics.uci.edu/ Paper submissions due: January 7, 2008

6TH USENIX CONFERENCE ON FILE AND STORAGE TECHNOLOGIES (FAST ’08) Sponsored by USENIX in cooperation with ACM SIGOPS, IEEE Mass Storage Systems Technical Committee (MSSTC), and IEEE TCOS

FEBRUARY 26–29, 2008, SAN JOSE, CA, USA http://www.usenix.org/fast08 Paper submissions due: September 12, 2007

For a complete list of all USENIX & USENIX co-sponsored events, see http://www.usenix.org/events. OPINION 2 Musings RIK FARROW SYSADMIN 8 Building BitTyrant, a (More) Strategic BitTorrent Client MICHAEL PIATEK, TOMAS ISDAL, TOM ANDERSON, ARVIND KRISHNAMURTHY, AND ARUN VENKATARAMANI contents 14 Should the Root Prompt Require a Road Test? ALVA COUCH 20 An Introduction to Logical Domains, Part 1 OCTAVE ORGERON 25 Some Lesser-Known Laws of Computer Science EMIN GÜN SIRER AND RIK FARROW 29 Migration of Secure Connections Using SockMi MASSIMO BERNASCHI, FRANCESCO CASADEI, AND SAMUELE RUCO COLUMNS 37 Practical Perl Tools: Peter Piper Picked a Peck of PDFs DAVID BLANK-EDELMAN 42 iVoyeur: A View from Someplace Nearby DAVID JOSEPHSEN 46 Deviating Alternatives to Asterisk HEISON CHAK 49 /dev/random ROBERT G. FERRELL VOL. 32, #4, AUGUST 2007 EDITOR ;login: is the official STANDARDS Rik Farrow magazine of the [email protected] USENIX Association. 52 An Update on Standards: Revision Fever MANAGING EDITOR ;login: (ISSN 1044-6397) is NICK STOUGHTON Jane-Ellen Long published bi-monthly by the [email protected] USENIX Association, 2560 BOOK REVIEWS COPY EDITOR Ninth Street, Suite 215, David Couzens Berkeley, CA 94710. 56 Book Reviews ELIZABETH ZWICKY ET AL. [email protected] $85 of each member’s annual PRODUCTION dues is for an annual sub - Lisa Camp de Avalos scription to ;login: . Subscrip - USENIX NOTES Casey Henderson tions for nonmembers are $120 per year. 62 Summary of USENIX Board of Directors TYPESETTER Meetings and Actions Star Type Periodicals postage paid at TONI VEGLIA [email protected] Berkeley, CA, and additional offices. USENIX ASSOCIATION 63 Flame and STUG Awards 2560 Ninth Street, POSTMASTER: Send address 63 USACO Update Suite 215, Berkeley, changes to ;login: , ROB KOLSTAD California 94710 USENIX Association, Phone: (510) 528-8649 2560 Ninth Street, 65 USENIX Association Financial Report for 2006 FAX: (510) 548-5738 Suite 215, Berkeley, ELLIE YOUNG http://www.usenix.org CA 94710. http://www.sage.org ©2007 USENIX Association CONFERENCE SUMMARIES USENIX is a registered trade - 68 NSDI ’07 mark of the USENIX Associa - tion. Many of the designa - 84 HotBots ’07 tions used by manufacturers and sellers to distinguish their 90 HotOS XI products are claimed as trade - 100 CHIMIT ’07 marks. USENIX acknowl - edges all trademarks herein. 105 BSDCan Where those designations ap - pear in this publication and USENIX is aware of a trade - mark claim, the designations have been printed in caps or initial caps. I AM NO EINSTEIN, BUT I READ RE - cently that when researchers showed peo -

RIK FARROW ple pictures of smart-looking people, they did better on the multiple-choice test that followed. People shown pictures of bad role models had scores a full 33% lower. In that vein, and with a serious-looking guy in an musings old suit staring at me, I plan to carry out a thought experiment about the state of

[email protected] computer security.

Like Einstein himself, I will stand on the shoulders of those who have gone before me. Unlike Ein - stein, most computer security researchers are still alive today, because the field is still young, even if some of us no longer are ungrayed. First off, I can say with great certainty that the state of computer security is poor. You can see for your - self that it has actually gotten better over time, but even so, you can’t browse the Web in safety today. The Provos et al. paper, one of my favorite presen - tations during the HotBots workshop (see the Hot - Bots summaries later in this issue), points out what Google has started doing as a service to its visitors. Instead of presenting links to Web sites that Google considers harmful, Google instead presents a “Malware Warning” page. If you still want to visit the site you have been warned about, you must cut and paste the link. Provos mentioned that 30–40% of people were clicking through the link on the warning page until Google engineers converted it into plain text. That points to another reason why the Internet will never be safe, but improving good sense in people is not something that can be done with software—at least, not yet. In six months of searching Google’s immense store of cached Web pages, Provos et al. found 450,000 examples of pages that resulted in the compromise of a Windows system when that page was visited using IE. The Google team runs IE and Windows within a VM environment, and it monitors that en - vironment for changes to the registry, new files, and, best yet, new processes. The team also cap - tures downloaded content and scans it for known examples of malware. Based on what its system discovers, a score gets assigned to the page in question, and high-scoring pages get labeled as harmful. Google’s approach appeared a conservative one to me, but when you consider the potential harm of labeling someone’s site as harmful, that is a safe ap - proach. I actually searched for examples of harmful

2 ;LOGIN: VOL. 32, NO. 4 pages and discovered, on my very first hit, a nice example of a