DOCSLIB.ORG

Cryptographic Device Support for Freebsd Samuel J

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cryptographic Device Support for Freebsd Samuel J Cryptographic Device Support for FreeBSD Samuel J. Leffler Errno Consulting [email protected] ABSTRACT FreeBSD recently adopted the OpenBSD Cryptographic Framework [Keromytis et al, 2003]. In doing so it was necessary to convert the core framework to function correctly in a fully-preemp- tive/multiprocessor operating system environment. In addition several issues with the basic design were found to cause significant performance loss. After addressing these issues we found that FreeBSD outperformed OpenBSD on identical hardware by as much as 100% in tests that exercise only the cryptographic framework. These optimizations result in similar performance improvements for facilities like IPsec that make heavy use of the cryptographic framework. We observed that FreeBSD’s Fast IPsec [Leffler, 2003] typically outperforms OpenBSD’s IPsec implementation [Miltchev et al, 2002] by more than 50% on identical hardware. We conclude that the OCF cryptographic API can be optimized and re-tuned to deliver substan- tially better performance than the original OCF implementation with large gains in both through- put and latency. Moreover these changes can be made with no impact on clients of the crypto- graphic framework: both user and kernel sofware designed for the original OCF is easily ported to the FreeBSD implementation of OCF. 1. Background and Introduction • The OCF was designed for a uniprocessor system Cryptographic transformations are an important com- without kernel preemption. The FreeBSD 5.0 ponent of security applications and protocols. operating system has fine-grained locking and the Because these operations are computationally expen- kernel is fully preemptive. This required a rewrite sive vendors have dev eloped products that accelerate of the core crypto functionality. the calculations and offload the work from the main • The I/O framework used on OpenBSD is different processor. The OpenBSD Cryptographic Framework than that used by FreeBSD. The crypto device (OCF) [Keromytis et al, 2003] was developed to pro- drivers required significant modification to deal vide a uniform interface to cryptographic resources. with these differences. It provides an in-kernel API to cryptographic • The OCF duplicates cryptographic support already resources and a device interface for user-level access present in FreeBSD for the KAME IPsec software. to hardware-accelerated cryptographic operations. In some cases the existing implementations are This functionality is critical for high performance superior to those provided by the OCF. Rather implementations of security protocols such as IPsec than duplicate this software each component was [Kent & Atkinson, 1998], SSL [Freier et al, 1996], evaluated and the best was chosen. TLS [Dierks & Allen, 1999], DNSSEC [Eastlake, 1999], ssh [Ylonen et al, 2002], and Kerberos [Kohl & After addressing these issues we looked at the perfor- Neuman, 1993]. Good cryptographic support is also mance and found that it was suboptimal. [Keromytis important for implementing encrypted secondary stor- et al, 2003] states the ‘‘OCF attains 95% of the theo- age [Gattaneo et al, 2001] and virtual memory retical peak device performance.’’ These results how- [Provos, 2000]. ev erare for relatively slow devices and fail to consider the overhead required to reach that performance. Fur- Recognizing the importance of this facility, FreeBSD thermore, the 95% figure is misleading in that it is recently adopted the OCF. Porting the software how- attained for a case that rarely occurs and where the ev errequired addressing several issues. majority of the overhead of the OCF is hidden by the raw computational cost. In analyzing the performance of OCF we found sev- 1) A core set of code that manages a registry of eral problems that contribute to suboptimal perfor- crypto device drivers, dispatches crypto operations mance for all operations: to drivers, and coordinates the return of results 1) The OCF requires two kernel thread context from drivers to the submitter. switches for each operation. On many systems the 2) Crypto device drivers that submit crypto opera- peak performance of the OCF is limited by the tions to hardware devices and return results to the rate at which the system can do context switches. crypto core. 2) The OCF forces all crypto operations to pass twice 3) The /dev/crypto pseudo-device driver that pro- through a single kernel thread. Combining the vides linkage between user-level software and the dispatch and return processing in a single thread core crypto support. increases latency. The core crypto support and the /dev/crypto driver 3) Crypto device drivers trade off throughput for are simple pieces of software. The crypto device latency. This has a detrimental effect on the per- drivers however represent a significant development formance of network protocols where latency is effort. Some aspects of cryptographic device hard- critical. ware that vendors refuse to disclose have been Furthermore it was observed that when crypto devices reverse-engineered and this work is embodied in these are overloaded the OCF reacts by discarding opera- drivers. In considering the integration of the OCF into tions instead of applying flow-control techniques. FreeBSD it was important to maintain the driver API This results in severe performance loss for network so that existing drivers could be easily reused and so protocols as this action is equivalent to discarding that ongoing development could be shared by both packets. OpenBSD and FreeBSD communities. With these problems corrected FreeBSD was found to The initial port of the OCF to FreeBSD 5.0 was rea- outperform OpenBSD on identical hardware by as sonably straightforward. Instead of using processor much as 100% in tests that exercise only the crypto- priority to insure critical code are not executed con- graphic framework. The overhead of using the cryp- currently, locking primitives were used to guard con- tographic facilities was dramatically reduced raising current access to data structures. This resulted in cer- the peak performance and making more of the CPU tain constructs being recast and some code being available for non-cryptographic work. These opti- rewritten. For example, the OCF blocks concurrent mizations result in similar performance improvements access to all its data structures by raising the proces- for facilities like IPsec that make heavy use of the sor priority to splimp. This effectively blocks all con- cryptographic framework. For example, FreeBSD’s current activity in the lower half of the kernel from re- Fast IPsec [Leffler, 2003] outperforms OpenBSD’s entering the code. In FreeBSD 5.0 however splimp IPsec implementation [Miltchev et al, 2002] by more does nothing; instead concurrency primitives such as a than 50% on identical hardware running netperf over mutex must be used. But simply replacing splimp a 3DES+SHA1 tunnel. usage with a single mutex does not work unless the mutex semantics are relaxed to permit recursive The remainder of this paper is organized as follows. acquisition. Instead each of the data structures used Section 2 describes the cryptographic framework and by the cryptographic framework were given their own discusses the effort needed to make it operate in a mutex and some code was reorganized to insure con- fully preemptive environment. Section 3 discusses sistent lock ordering is used to avoid deadlocks. The performance issues, starting with the tools used to end result is easier to understand and permits greater evaluate performance and progressing through each of concurrency. The only downside is that mutex primi- the issues that were identified in the software. Section tives hav emore overhead than simply manipulating 4 describes performance results for FreeBSD and the processor priority level. In practice this additional compares them to OpenBSD. Section 5 outlines the overhead is swamped by other costs and not critical to the status and availability of this work and talks about overall performance. future work. Section 6 giv esconclusions. 3. Performance Analysis 2. Porting the Cryptographic Framework to FreeBSD 5.0 This section briefly describes the tools and techniques used to evaluate performance and then discusses the The OCF is comprised of three components: performance problems that were identified. 3.1. Tools the peak processing capability of the hardware (mod- OpenBSD provides no statistics or other facilities for ulo the overhead of the device driver). In this case 8 understanding the performance of the OCF. The only kilobytes were processed in an average of 156 mil- tools for evaluating performance treat the system as a liseconds for a peak bandwidth of 410 Mb/s. Profiling ‘‘black box’’; e.g. the openssl tool from the OpenSSL adds a fixed overhead to each operation; reducing per- distribution. formance results by 2-8%. This facility is described in more detail in Section 4. We beg anby instrumenting the core software and each crypto device driver. Every error or failure is 3.2. Problems accounted for separately so problems can be deter- mined immediately. (This is especially important for The normal flow of crypto operations in the OCF is as understanding problems reported by naive users.) follows: Next, tools were developed to exercise the crypto 1) Client formulates a crypto operation and submits functionality. One such tool is the cryptotest pro- it through the ‘‘crypto_dispatch’’ routine. This gram that submits symmetric-key crypto operations routine places the request on a ‘‘dispatch queue’’ through the /dev/crypto device and verifies the and notifies a kernel thread. results. cryptotest measures performance over a 2) The kernel thread removes the operation from the range of operations and parameters and is a basic tool dispatch queue and calls ‘‘crypto_invoke’’ to hand for evaluating software changes and hardware config- the request off to the appropriate crypto device urations1. driver. Finally a profiling facility was added that timestamps 3) The crypto device driver processes the operation. crypto requests as they pass through the system. At Typically this is done by submitting one or more important points in the processing of crypto requests commands to the hardware device.
Load more

Recommended publications
  • Advanced Openbsd Hardening
    Advanced Hardening WrongunWrongun && DCDC JuneJune 20052005 ssh://root:[email protected] Lab Challenge JoinJoin thethe wifiwifi netnet andand sshssh intointo thethe boxbox usingusing thethe accountaccount specifiedspecified inin thethe footerfooter TryTry toto pwnpwn thethe boxbox byby addingadding anan accountaccount forfor yourselfyourself oror backdooringbackdooring sshdsshd ssh://root:[email protected] “Only one remote hole in the default install, in more than 8 years! “ ssh://root:[email protected] So OpenBSD is uber secure, right? Actually,Actually, nono …… TheThe defaultdefault installinstall hashas nothingnothing enabledenabled (except(except ssh)ssh) ““NoNo wonderwonder itit ’’ss secure,secure, itit ’’ss poweredpowered off!off! ”” SourceSource --onlyonly patchingpatching strategystrategy makesmakes itit difficultdifficult toto rollroll outout fixesfixes toto platformsplatforms w/ow/o compilerscompilers (i.e.(i.e. disklessdiskless firewalls,firewalls, etc.)etc.) ssh://root:[email protected] Brief History of OpenBSD Vulnerabilities 30 March 05: Bugs in the cp(4) stack can lead to memory exhaustion or processing of TCP segments with invalid SACK optio ns and cause a system crash. 14 Dec 04: On systems running sakmpd(8) it is possible for a local user to cause kernel memory corruption and system panic by setti ng psec(4) credentials on a socket 20 Sept 04: radius authentication, as implemented by ogin_radius(8) , was not checking the shared secret used for replies sent by the radius server. This could allow an attacker to spoof
    [Show full text]
  • OPENBSD HARDWARE SENSORS FRAMEWORK a Unified and Ready-To-Use System for Hassle-Ee Hardware Monitoring
    OPENBSD HARDWARE SENSORS FRAMEWORK A unified and ready-to-use system for hassle-ee hardware monitoring. Constantine A. Murenin and Raouf Boutaba University of Waterloo AsiaBSDCon 2009 — 12–15 March 2009 — Tokyo, Japan Abstract In this paper, we will discuss the origin, history, design guidelines, API and the device drivers of the hardware sensors framework available in OpenBSD. The framework spans multiple utilities in the base system and the ports tree, is utilised by over 70 drivers, and is considered to be a distinctive and ready-to-use feature that sets OpenBSD apart from many other operating systems, and in its root is inseparable from the OpenBSD experience. 1. Introduction Another trend that has been particularly common in the recent years is the availability of defined inter- We will start by investigating into the matter of what faces for software-based temperature readout from hardware monitoring sensors represent, how common individual components of personal computers, such as is it for them to appear in the general-purpose com- the CPU, or the add-on cards, such as those imple- puter hardware that has been available on the market menting the 802.11 wireless functionality or 10 Giga- in the last decade or so, and what benefits can we gain bit Ethernet. Popular examples include recent Intel by having a unified, simple and straightforward inter- Xeon and Core series of processors (as well as budget face for getting the data out of these sensors. models that are marketed under different brands) Although it may come as a surprise to some users, the [admtemp.4] [cpu.4]; all AMD64 processors from majority of personal computers that have been avail- AMD (Families 0Fh, 10h, 11h) [kate.4] [km.4]; Intel able on the market in the last decade have an inte- WiFi Link 4965/5100/5300 wireless network devices grated hardware monitoring circuitry whose main [iwn.4].
    [Show full text]
  • Cryptanalysis of the Random Number Generator of the Windows Operating System
    Cryptanalysis of the Random Number Generator of the Windows Operating System Leo Dorrendorf School of Engineering and Computer Science The Hebrew University of Jerusalem 91904 Jerusalem, Israel [email protected] Zvi Gutterman Benny Pinkas¤ School of Engineering and Computer Science Department of Computer Science The Hebrew University of Jerusalem University of Haifa 91904 Jerusalem, Israel 31905 Haifa, Israel [email protected] [email protected] November 4, 2007 Abstract The pseudo-random number generator (PRNG) used by the Windows operating system is the most commonly used PRNG. The pseudo-randomness of the output of this generator is crucial for the security of almost any application running in Windows. Nevertheless, its exact algorithm was never published. We examined the binary code of a distribution of Windows 2000, which is still the second most popular operating system after Windows XP. (This investigation was done without any help from Microsoft.) We reconstructed, for the ¯rst time, the algorithm used by the pseudo- random number generator (namely, the function CryptGenRandom). We analyzed the security of the algorithm and found a non-trivial attack: given the internal state of the generator, the previous state can be computed in O(223) work (this is an attack on the forward-security of the generator, an O(1) attack on backward security is trivial). The attack on forward-security demonstrates that the design of the generator is flawed, since it is well known how to prevent such attacks. We also analyzed the way in which the generator is run by the operating system, and found that it ampli¯es the e®ect of the attacks: The generator is run in user mode rather than in kernel mode, and therefore it is easy to access its state even without administrator privileges.
    [Show full text]
  • BSD Projects IV – BSD Certification • Main Features • Community • Future Directions a (Very) Brief History of BSD
    BSD Overview Jim Brown May 24, 2012 BSD Overview - 5/24/2012 - Jim Brown, ISD BSD Overview I – A Brief History of BSD III – Cool Hot Stuff • ATT UCB Partnership • Batteries Included • ATT(USL) Lawsuit • ZFS , Hammer • BSD Family Tree • pf Firewall, pfSense • BSD License • Capsicum • Virtualization Topics • Jails, Xen, etc. • Desktop PC-BSD II – The Core BSD Projects IV – BSD Certification • Main Features • Community • Future Directions A (Very) Brief History of BSD 1971 – ATT cheaply licenses Unix source code to many organizations, including UCB as educational material 1975 – Ken Thompson takes a sabbatical from ATT, brings the latest Unix source on tape to UCB his alma mater to run on a PDP 11 which UCB provided. (Industry/academic partnerships were much more common back then.) Computer Science students (notably Bill Joy and Chuck Haley) at UCB begin to make numerous improvements to Unix and make them available on tape as the “Berkeley Software Distribution” - BSD A (Very) Brief History of BSD Some notable CSRG • 1980 – Computer Science Research Group members (CSRG) forms at UCB with DARPA funding to make many more improvements to Unix - job control, autoreboot, fast filesystem, gigabit address space, Lisp, IPC, sockets, TCP/IP stack + applications, r* utils, machine independence, rewriting almost all ATT code with UCB/CSRG code, including many ports • 1991 – The Networking Release 2 tape is released on the Internet via anon FTP. A 386 port quickly follows by Bill and Lynne Jolitz. The NetBSD group is formed- the first Open Source community entirely on the Internet • 1992 – A commercial version, BSDI (sold for $995, 1-800-ITS-UNIX) draws the ire of USL/ATT.
    [Show full text]
  • IOMMU-Resistant DMA Attacks
    IOMMU-resistant DMA attacks Gil Kupfer Technion - Computer Science Department - M.Sc. Thesis MSC-2018-21 - 2018 Technion - Computer Science Department - M.Sc. Thesis MSC-2018-21 - 2018 IOMMU-resistant DMA attacks Research Thesis Submitted in partial fulfillment of the requirements for the degree of Master of Science in Computer Science Gil Kupfer Submitted to the Senate of the Technion | Israel Institute of Technology Sivan 5778 Haifa May 2018 Technion - Computer Science Department - M.Sc. Thesis MSC-2018-21 - 2018 Technion - Computer Science Department - M.Sc. Thesis MSC-2018-21 - 2018 This research was carried out under the supervision of Prof. Dan Tsafrir and Dr. Nadav Amit, in the Faculty of Computer Science. Acknowledgements who passed ,ז"ל This work is dedicated to my grandfather, Tuvia Kupfer away during the writing of this work. I would like to thank my wife, Odeya, for helping and supporting when needed. Also, I would like to thank all the friends who have been there. Finally, thanks to my advisors, Prof. Dan Tsafrir and Dr. Nadav Amit, for their help and guidance along the way. The generous financial help of the Technion is gratefully acknowledged. Technion - Computer Science Department - M.Sc. Thesis MSC-2018-21 - 2018 Technion - Computer Science Department - M.Sc. Thesis MSC-2018-21 - 2018 Contents List of Figures Abstract 1 Abbreviations and Notations3 1 Introduction5 2 Background9 2.1 DMA Attacks.................................9 2.1.1 Classic DMA Attacks........................9 2.1.2 IOMMU Protection......................... 10 2.1.3 Circumventing the IOMMU..................... 11 2.2 FireWire.................................... 12 3 Attack Mechanics 15 3.1 Sub-Page Granularity Vulnerability....................
    [Show full text]
  • Mengenal Sistim Operasi *BSD
    Mengenal Sistim Operasi *BSD Ada banyak sekali tulisan-tulisan yang membahas tentang BSD, baik tulisan mengenai sejarah, system administrasi, sampai penggunaan BSD kepada end-user sebagai desktop. Tulisan ini memperkenalkan BSD sebagai alternatif lain dari Linux untuk memenuhi kebutuhan akan UNIX-like operating system di Indonesia. Dalam tulisan ini pula, dibahas mengenai beberapa hal yang membedakan antara Linux dan BSD, namun tidak memutuskan mana yang paling baik, karena untuk menentukan mana operating system yang paling baik digunakan adalah Anda sendiri. Daftar Isi 1. Sejarah 2. Distribusi Varian BSD 3. Model Pengembangan 4. Integrasi System 5. Software-software di BSD 6. System Administrasi 7. File System 8. Lain-lain 9. Kesimpulan Sejarah Hampir semua orang telah mendengar Linux saat ini. Namun apa itu BSD? BSD adalah singkatan dari Berkeley Software Distribution. BSD pertama kali dibangun dan dikembangkan oleh Computer System Research Group (CSRG) di University of California at Berkeley (UCB), BSD pertama kali keluar pada akhir 1977 sebagai paket tambahan dan patch dari AT&T UNIX version 6, yang mana waktu itu beroperasi pada mesin PDP-11 minicomputer. BSD pada akhirnya banyak memberikan kontribusi berharga pada pengembangan UNIX secara umum. Ada banyak fitur yang pertama kali diperkenalkan oleh BSD dan beberapa diadopsi dari AT&T dan vendor-vendor lainnya. BSD dibuat, dikembangkan, dan digunakan secara BEBAS sebagai perlawanan terhadap lisensi UNIX yang dimiliki oleh AT&T dan oleh karena itu BSD mempunyai lisensi tersendiri yang memungkinkan setiap orang bebas melakukan pengembangan, dan menggunakan source code BSD. Pada tahun 1993, 4.4BSD dirilis sebagai sebuah Operating System yang utuh. Untuk sejarah lengkap BSD di CSRG, mulai sejarah dari jaman kuda, motivasi orang-orang yang pertama kali mengerjakannya, sampai perseteruan lisensi dan hak cipta dengan AT&T, saya mereferensikan Anda untuk membaca tulisan yang dibuat oleh Kirk McKusick, “Twenty Years of Berkeley Unix“.
    [Show full text]
  • UNIX History Page 1 Tuesday, December 10, 2002 7:02 PM
    UNIX History Page 1 Tuesday, December 10, 2002 7:02 PM CHAPTER 1 UNIX Evolution and Standardization This chapter introduces UNIX from a historical perspective, showing how the various UNIX versions have evolved over the years since the very first implementation in 1969 to the present day. The chapter also traces the history of the different attempts at standardization that have produced widely adopted standards such as POSIX and the Single UNIX Specification. The material presented here is not intended to document all of the UNIX variants, but rather describes the early UNIX implementations along with those companies and bodies that have had a major impact on the direction and evolution of UNIX. A Brief Walk through Time There are numerous events in the computer industry that have occurred since UNIX started life as a small project in Bell Labs in 1969. UNIX history has been largely influenced by Bell Labs’ Research Editions of UNIX, AT&T’s System V UNIX, Berkeley’s Software Distribution (BSD), and Sun Microsystems’ SunOS and Solaris operating systems. The following list shows the major events that have happened throughout the history of UNIX. Later sections describe some of these events in more detail. 1 UNIX History Page 2 Tuesday, December 10, 2002 7:02 PM 2 UNIX Filesystems—Evolution, Design, and Implementation 1969. Development on UNIX starts in AT&T’s Bell Labs. 1971. 1st Edition UNIX is released. 1973. 4th Edition UNIX is released. This is the first version of UNIX that had the kernel written in C. 1974. Ken Thompson and Dennis Ritchie publish their classic paper, “The UNIX Timesharing System” [RITC74].
    [Show full text]
  • Open Source Software Notice
    OPEN SOURCE SOFTWARE NOTICE This product incorporates various open source software packages that are distributed under license terms as described further below. 1. Linux Kernel, GNU C library and Toolchain, Busybox, dsnmasq, ethtool, iproute, iptables, sftpd, smcroute, mtdutils, gdb, uboot, cgi-c, jQuery Library, bootloader are licensed under the GNU General Public License, V2.0, which may be viewed at http://www.gnu.org/licenses/gpl-2.0.html. Copies of the source code for the above may be obtained at the following URLs: https://www.kernel.org https://gcc.gnu.org/ http://www.busybox.net/ http://www.thekelleys.org.uk/dnsmasq/doc.html https://www.kernel.org/pub/software/network/ethtool/) http://developer.osdl.org/dev/iproute2 (now- http://www.linuxfoundation.org/) http://www.cschill.de/smcroute/ http://git.infradead.org/mtd-utils.git http://www.gnu.org/software/gdb/ http://www.denx.de/wiki/U-Boot/SourceCode http://sourceforge.net/projects/cgi-c/ http://jquery.com/ Wolfgang Denk, DENX Software Engineering, [email protected]. Copies of the modified source code for BusyBox, cgi-c, boot loader, and Linux may be requested in writing by contacting: ViaSat, Inc., attn: General Counsel / Source Code Request, 6155 El Camino Real, Carlsbad CA 92009 USA. Your request should clearly identify the product and open source software component(s) to which your request relates. Your request must be sent within three (3) years of the date you received the Viasat product that included the binary that is the subject of your request. 2. OpenNTPD This is a summary of the licences for the files that make up Portable OpenNTPD.
    [Show full text]
  • The Design of the Openbsd Cryptographic Framework
    The Design of the OpenBSD Cryptographic Framework Angelos D. Keromytis Jason L. Wright Theo de Raadt Columbia University OpenBSD Project OpenBSD Project [email protected] [email protected] [email protected] Abstract the design of these systems is intended to impede sim- ple, brute-force, computational attacks. This complexity drives the belief that strong security is fundamentally in- Cryptographic transformations are a fundamental build- imical to good performance. ing block in many security applications and protocols. To improve performance, several vendors market hard- This belief has led to the common predilection to avoid ware accelerator cards. However, until now no operating cryptography in favor of performance [22]. However, system provided a mechanism that allowed both uniform the foundation for this belief is often software imple- and efficient use of this new type of resource. mentation [8] of algorithms intended for efficient hard- ware implementation. To address this issue, vendors We present the OpenBSD Cryptographic Framework have been marketing hardware cryptographic acceler- (OCF), a service virtualization layer implemented in- ators that implement several cryptographic algorithms side the kernel, that provides uniform access to accel- used by security protocols and applications. However, erator functionality by hiding card-specific details be- modern operating systems lack the necessary support hind a carefully-designed API. We evaluate the impact to provide efficient access to such functionality to ap- of the OCF in a variety of benchmarks, measuring over- plications and the operating system itself through a all system performance, application throughput and la- uniform API that abstracts away device details. As tency, and aggregate throughput when multiple applica- a result, accelerators are often used directly through tions make use of it.
    [Show full text]
  • Open Source Software: a History David Bretthauer University of Connecticut, [email protected]
    University of Connecticut OpenCommons@UConn Published Works UConn Library 12-26-2001 Open Source Software: A History David Bretthauer University of Connecticut, [email protected] Follow this and additional works at: https://opencommons.uconn.edu/libr_pubs Part of the OS and Networks Commons Recommended Citation Bretthauer, David, "Open Source Software: A History" (2001). Published Works. 7. https://opencommons.uconn.edu/libr_pubs/7 Open Source Software: A History —page 1 Open Source Software: A History by David Bretthauer Network Services Librarian, University of Connecticut Open Source Software: A History —page 2 Abstract: In the 30 years from 1970 -2000, open source software began as an assumption without a name or a clear alternative. It has evolved into a s ophisticated movement which has produced some of the most stable and widely used software packages ever produced. This paper traces the evolution of three operating systems: GNU, BSD, and Linux, as well as the communities which have evolved with these syst ems and some of the commonly -used software packages developed using the open source model. It also discusses some of the major figures in open source software, and defines both “free software” and “open source software.” Open Source Software: A History —page 1 Since 1998, the open source softw are movement has become a revolution in software development. However, the “revolution” in this rapidly changing field can actually trace its roots back at least 30 years. Open source software represents a different model of software distribution that wi th which many are familiar. Typically in the PC era, computer software has been sold only as a finished product, otherwise called a “pre - compiled binary” which is installed on a user’s computer by copying files to appropriate directories or folders.
    [Show full text]
  • Usenetdht: a Low-Overhead Design for Usenet
    UsenetDHT: A low-overhead design for Usenet Emil Sit, Robert Morris, and M. Frans Kaashoek MIT CSAIL Abstract traction of Usenet is the incredible diversity and volume of content that is available. Usenet is a popular distributed messaging and file sharing ser- vice: servers in Usenet flood articles over an overlay network to Usenet is highly popular and continues to grow: one fully replicate articles across all servers. However, replication Usenet provider sees upwards of 40,000 readers reading at of Usenet’s full content requires that each server pay the cost of an aggregate 20 Gbit/s [35]. Several properties contribute receiving (and storing) over 1 Tbyte/day. This paper presents the to Usenet’s popularity. Because Usenet’s design [1, 19] design and implementation of UsenetDHT, a Usenet system that aims to replicate all articles to all interested servers, any allows a set of cooperating sites to keep a shared, distributed Usenet user can publish highly popular content without copy of Usenet articles. UsenetDHT consists of client-facing the need to personally provide a server and bandwidth. Usenet NNTP front-ends and a distributed hash table (DHT) that Usenet’s maturity also means that advanced user inter- provides shared storage of articles across the wide area. This faces exist, optimized for reading threaded discussions or design allows participating sites to partition the storage burden, streamlining bulk downloads. However, providing Usenet rather than replicating all Usenet articles at all sites. service can be expensive: users post over 1 Tbyte/day of UsenetDHT requires a DHT that maintains durability despite transient and permanent failures, and provides high storage per- new content that must be replicated and stored.
    [Show full text]
  • Interview with Mary Ann Horton RIK FARROWPROGRAMMING
    Interview with Mary Ann Horton RIK FARROWPROGRAMMING Mary Ann Horton has been a met Mary Ann Horton at USENIX ATC ’19 in Seattle. I didn’t know who UNIX developer and sysadmin she was, but somehow discovered that she worked on the control systems since 1977. She contributed to for the grid in the San Diego area, and we exchanged email addresses so Berkeley UNIX, creating the I we could continue the conversation. Later, I read her Wikipedia page [1] and first email attachments and enhancing vi. Her PhD dissertation at Berkeley learned much more about her. led to IDE editors that check your program for Rik Farrow: You have been working with UNIX since its earliest days. errors. While at Bell Labs, she led the UUCP Mapping Project and brought .com domains Mary Ann Horton: I fell in love with UNIX earning my master’s degree at Wisconsin in to UUCP email. She led the growth of Usenet, 1977, but my big break came in 1978 when I transferred to Berkeley for my PhD. We got a an early social media network, in the early VAX, initially with VMS, but quickly changed to UNIX 32/V. There were many amazing grad 1980s. Her EMS email system allowed email students contributing tools to BSD, and it was a treat to get to be part of this effort. It seemed addressing by database query. As a transgender like about half the code was written by Bill Joy, including vi. I got to enhance vi, nurture activist in the 1990s, she convinced Lucent it, and port it to all sorts of UNIX clones.
    [Show full text]