DOCSLIB.ORG

Winter 2020 Vol

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Winter 2020 Vol ;login WINTER 2020 VOL. 45, NO. 4 : & Characterizations of Cloud Functions Workloads Mohammad Shahrad, Rodrigo Fonseca, Íñigo Goiri, Gohar Chaudhry, and Ricardo Bianchini & RLBox: Simplifying In-Process Sandboxing Tal Garfinkel, Shravan Narayan, Craig Disselkoen, Hovav Shacham, and Deian Stefan & BIBIFI Contests: Motivated Developers Still Make Security Mistakes Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, and Michael Hicks & SRE Best Practices for Capacity Final Print Issue Specials Management Favorite Articles Luis Quesada Torres and Doug Colish Rik Farrow, Laura Nolan, and Arvind Krishnamurthy Interview with USENIX Member #7 Rik Farrow Interview with Kirk McKusick Columns Rik Farrow Review of Alex Hidalgo’s Book about SLOs Open Access Laura Nolan Laura Nolan Understanding Linux Containers Corey Lueninghoener BPF and Histograms Dave Josephsen Cryptographic Hash Functions Simson L. Garfinkel Software Supply Chain Security Dan Geer, Bentz Tozer, and John Speed Meyers Thanks to our USENIX Supporters! USENIX appreciates the financial assistance our Supporters provide to subsidize our day-to-day operations and to continue our non-profit mission. Our supporters help ensure: • Free and open access to technical information • Student Grants and Diversity Grants to participate in USENIX conferences • The nexus between academic research and industry practice • Diversity and representation in the technical workplace We need you now more than ever! Contact us at [email protected]. USENIX PATRONS USENIX BENEFACTORS USENIX PARTNERS We offer our heartfelt appreciation to the following sponsors and champions of conference diversity, open access, and our SREcon communities via their sponsorship of multiple conferences: Ethyca Equinix Metal Microsoft Azure Goldman Sachs LinkedIn Salesforce More information at www.usenix.org/supporters WINTER 2020 VOL. 45, NO. 4 EDITORIAL EDITOR 2 Musings Rik Farrow Rik Farrow OPINION MANAGING EDITOR 6 Video Conferencing Must Evolve Michael Mattioli Michele Nelson S E C U R I T Y COPY EDITORS Steve Gilmartin Build It, Break It, Fix It Contests: Motivated Developers Still 9 Amber Ankerholz Make Security Mistakes Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, and Michael Hicks PRODUCTION 15 The Road to Less Trusted Code: Lowering the Barrier to Arnold Gatilao In-Process Sandboxing Tal Garfinkel, Shravan Narayan, Craig Disselkoen, Ann Heron Hovav Shacham, and Deian Stefan Jasmine Murcia Olivia Vernetti 23 Using Safety Properties to Generate Vulnerability Patches Zhen Huang, David Lie, Gang Tan, and Trent Jaeger TYPESETTER Linda Davis 29 Interview with Sergey Bratus Rik Farrow USENIX ASSOCIATION SYSTEMS 2560 Ninth Street, Suite 215 35 Characterization and Optimization of the Serverless Workload Berkeley, California 94710, USA at a Large Cloud Provider Mohammad Shahrad, Rodrigo Fonseca, Phone: +1 510.528.8649 Íñigo Goiri, Gohar Chaudhry, and Ricardo Bianchini [email protected] 40 Posh: A Data-Aware Shell Deepti Raghavan, Sadjad Fouladi, www.usenix.org Philip Levis, and Matei Zaharia POSTMASTER: Send address changes to Rik Farrow 46 Interview with Margo Seltzer ;login:, USENIX Association, 2560 Ninth Street, SRE Suite 215, Berkeley, CA 94710, USA. 49 SRE Best Practices for Capacity Management Luis Quesada Torres ©2020 USENIX Association and Doug Colish USENIX is a registered trademark of the 57 The Case for CS Knowledge in SRE Adam McKaig USENIX Association. Many of the designa- tions used by manufacturers and sellers COLUMNS to distinguish their products are claimed 61 Book Review: Implementing Service Level Objectives as trademarks. USENIX acknowledges all by Alex Hidalgo Laura Nolan trademarks herein. Where those desig na tions appear in this publication and USENIX is 64 Systems Notebook: What’s in That Container? Cory Lueninghoener aware of a trademark claim, the designations 68 iVoyeur: BPF and Histograms Dave Josephsen have been printed in caps or initial caps. 71 SIGINFO: The Tricky Cryptographic Hash Function Simson L. Garfinkel Cover Image by BUMIPUTRA, distributed by Pixabay. 76 Programming Workbench: Compressed Sparse Row Format for Representing Graphs Terence Kelly 83 For Good Measure—Counting Broken Links: A Quant’s View of Software Supply Chain Security Dan Geer, Bentz Tozer, and John Speed Meyers 87 /dev/random: Discontent Creator Robert G. Ferrell BOOKS 89 Book Reviews Mark Lamourine and Rik Farrow USENIX NOTES 95 ;login: Enters a New Phase of Its Evolution Cat Allman, Rik Farrow, Casey Henderson, Arvind Krishnamurthy, and Laura Nolan 95 Interview with Clem Cole Rik Farrow 98 Interview with Kirk McKusick Rik Farrow 99 ;login: and Open Access Laura Nolan 100 Our Favorite ;login: Articles, 2005-2019 Rik Farrow, Laura Nolan, and Arvind Krishnamurthy Musings RIK FARROWEDITORIAL Rik is the editor of ;login:. ’ve sometimes been asked why computers are still so insecure, so emi- [email protected] nently hackable. Didn’t Bill Gates once shut down development at Micro- Isoft so they could improve the security of Windows decades ago? While not quite decades ago, Gates really did shut down Windows development in 2002 and sent 7,000 systems programmers to special security training with the goal of “Trustworthy Computing.” It didn’t work. While some things got better, and the rampage of worms slowed down, admin- istrators and users continued to have to install patches frequently. In 2003, Patch Tuesday became a regular feature, followed by Exploit Wednesday for those who had ignored the rou- tine of installing patches on the second Tuesday of the month. Part of Microsoft’s problem was a matter of programming culture, with a focus on new features. Exchange server, the email server product, actually had a good record for security, while the IIS web server certainly did not. Two distinct groups, with a different culture, worked on these products, resulting in very different security outcomes. But the problem of insecurity is not unique to Microsoft. Sun Microsystems started deliver- ing insecure workstations in the early 1980s, and continued to do so through the ’90s. Sun employees announced at USENIX Security that they had a program for securing SunOS, but it was for internal use only. Dan Farmer, Brad Powell, and Matt Archibald released Titan for Solaris in 1998 as a public solution to tightening and securing Solaris. Linux was having severe issues with security at the end of the ’90s but quickly improved over the next couple of years. But today, people build malware specifically for Linux, as Linux servers and desktops have become important targets for invading networks. So far, all I’ve done is write about how the struggle to defend software against exploits has been a failure, but not why. The answer lies partially in the nature of software and largely because of our hardware designs. First, programming is hard. I am constantly amazed at people announcing that they intend to turn everyone into a programmer. Perhaps these well-meaning projects can turn some people into middling programmers, but not ones who will be writing the next generation of services. I have had the misfortune of consulting in IT shops and have seen the carnage firsthand. On the plus side, when I turned out a handful of lines of shell script that did what they had failed to do in weeks, it made me look like a wizard. I have said this before: most programmers, by defini- tion, have an average skill level, and half are below average. This is hard to remember when you work in Silicon Valley or at a top-ten university and all of your coworkers are geniuses. Second, our computer systems were not designed for security. They were designed to be flex- ible. There are hardware security mechanisms that are important to security, such as the so- called rings, with the lowest numbered ring having the most access to hardware, and higher rings being reserved for “untrusted” code. Yet the largest and most complex programs run on most systems are the operating systems, and these run at the innermost ring. That makes the operating system the most important target for any attacker. Microsoft has taken advantage of the ring added to support virtualization, called ADM-V or Intel VT, in Windows 10. They load kernel modules using Virtual Secure Mode, where the 2 WINTER 2020 VOL. 45, NO. 4 www.usenix.org EDITORIAL Musings operating system and critical system modules get executed in Listing 1 depicts the main() function for a “Hello World!” pro- virtual containers. This beats the pants off the Linux model, gram. Compilers produce assembler as an intermediate format, where the kernel resides in a single address space, but still hasn’t and that’s what appears in Listing 1. You can learn to program prevented bootkits from being installed in Windows 10 systems. in assembler, but you have to handle things that compilers make This is supposed to be prevented by UEFI, but this can be worked easy to do, like choosing the register to use (anything beginning around using firmware rootkits and on many motherboards with %), managing the stack, managing memory. Each CPU archi- because of the wrong settings being used. tecture has a different set of registers and assembly instructions, although assemblers themselves, like as, work the same. You still Memory management is the next level of protection, but it have comments, but assembler is hard to read and is not portable was designed to protect programs running in one process from between CPU architectures. programs running in another process. Through
Load more

Recommended publications
  • Userland Tools and Techniques for Board Bring up and Systems Integration
    Userland Tools and Techniques for Board Bring Up and Systems Integration ELC 2012 HY Research LLC http://www.hy-research.com/ Feb 5, 2012 (C) 2012 HY Research LLC Agenda * Introduction * What? * Why bother with userland? * Common SoC interfaces * Typical Scenario * Kernel setup * GPIO/UART/I2C/SPI/Other * Questions HY Research LLC http://www.hy-research.com/ Feb 5, 2012 (C) 2012 HY Research LLC Introduction * SoC offer a lot of integrated functionality * System designs differ by outside parts * Most mobile systems are SoC * "CPU boards" for SoCs * Available BSP for starting * Vendor or other sources * Common Unique components * Memory (RAM) * Storage ("flash") * IO * Displays HY Research LLC * Power supplies http://www.hy-research.com/ Feb 5, 2012 (C) 2012 HY Research LLC What? * IO related items * I2C * SPI * UART * GPIO * USB HY Research LLC http://www.hy-research.com/ Feb 5, 2012 (C) 2012 HY Research LLC Why userland? * Easier for non kernel savy * Quicker turn around time * Easier to debug * Often times available already Sample userland from BSP/LSP vendor * Kernel driver is not ready HY Research LLC http://www.hy-research.com/ Feb 5, 2012 (C) 2012 HY Research LLC Common SoC interfaces Most SoC have these and more: * Pinmux * UART * GPIO * I2C * SPI * USB * Not discussed: Audio/Displays HY Research LLC http://www.hy-research.com/ Feb 5, 2012 (C) 2012 HY Research LLC Typical Scenario Custom board: * Load code/Bring up memory * Setup memory controller for part used * Load Linux * Toggle lines on board to verify Prototype based on demo/eval board: * Start with board at a shell prompt * Get newly attached hw to work HY Research LLC http://www.hy-research.com/ Feb 5, 2012 (C) 2012 HY Research LLC Kernel Setup Additions to typical configs: * Enable UART support (typically done already) * Enable I2C support along with drivers for the SoC * (CONFIG_I2C + other) * Enable SPIdev * (CONFIG_SPI + CONFIG_SPI_SPIDEV) * Add SPIDEV to board file * Enable GPIO sysfs * (CONFIG_GPIO + other + CONFIG_GPIO_SYSFS) * Enable USB * Depends on OTG vs normal, etc.
    [Show full text]
  • Spring 2015 Cybersecurity Reboot
    QUARTERLY VOL. 6 NO. 4 SPRING 2015 cybersecurity:# reboot IQT Quarterly is a publication of In-Q-Tel, Inc., the strategic investment firm that serves as a bridge between the U.S. Intelligence Community and venture-backed startup firms on the leading edge of technological innovation. IQT Quarterly advances the situational awareness component of the IQT mission, serving as a platform to debut, discuss, and debate issues of innovation in the areas of overlap between commercial potential and U.S. Intelligence Community needs. For comments or questions regarding IQT or this document, please visit www.iqt.org, write to [email protected], or call 703-248-3000. The views expressed are those of the authors in their personal capacities and do not necessarily reflect the opinion of IQT, their employers, or the Government. ©2015 In-Q-Tel, Inc. This document was prepared by In-Q-Tel, Inc., with Government funding (U.S. Government Contract No. 2014-14031000011). The Government has Government Purpose License Rights in this document. Subject to those rights, the reproduction, display, or distribution of the Quarterly without prior written consent from IQT is prohibited. EDITORIAL IQT Quarterly, published by In-Q-Tel, Inc. Editor-in-Chief: Adam Dove Lead Theme Editor: Nat Puffer Contributing Theme Editors: Greg Shipley, Seth Spergel, and Justin Wilder Contributing Editors: Brittany Carambio, Carrie Sessine, and Emma Shepard Design by Lomangino Studio LLC Printed in the United States of America QUARTERLY Identify. Adapt. Deliver. TABLE OF CONTENTS On Our Radar 02 By Nat Puffer A Look Inside: Cybersecurity Reboot 05 Building Trust in Insecure Code 06 By Jeff Williams No Silent Failure: The Pursuit of Cybersecurity 10 A Q&A with Dan Geer The Return of Dragons: How the Internet of Things 14 Is Creating New, Unexplored Territories By John Matherly The Insecurity of Things 17 By Stephen A.
    [Show full text]
  • Flexible Lustre Management
    Flexible Lustre management Making less work for Admins ORNL is managed by UT-Battelle for the US Department of Energy How do we know Lustre condition today • Polling proc / sysfs files – The knocking on the door model – Parse stats, rpc info, etc for performance deviations. • Constant collection of debug logs – Heavy parsing for common problems. • The death of a node – Have to examine kdumps and /or lustre dump Origins of a new approach • Requirements for Linux kernel integration. – No more proc usage – Migration to sysfs and debugfs – Used to configure your file system. – Started in lustre 2.9 and still on going. • Two ways to configure your file system. – On MGS server run lctl conf_param … • Directly accessed proc seq_files. – On MSG server run lctl set_param –P • Originally used an upcall to lctl for configuration • Introduced in Lustre 2.4 but was broken until lustre 2.12 (LU-7004) – Configuring file system works transparently before and after sysfs migration. Changes introduced with sysfs / debugfs migration • sysfs has a one item per file rule. • Complex proc files moved to debugfs • Moving to debugfs introduced permission problems – Only debugging files should be their. – Both debugfs and procfs have scaling issues. • Moving to sysfs introduced the ability to send uevents – Item of most interest from LUG 2018 Linux Lustre client talk. – Both lctl conf_param and lctl set_param –P use this approach • lctl conf_param can set sysfs attributes without uevents. See class_modify_config() – We get life cycle events for free – udev is now involved. What do we get by using udev ? • Under the hood – uevents are collect by systemd and then processed by udev rules – /etc/udev/rules.d/99-lustre.rules – SUBSYSTEM=="lustre", ACTION=="change", ENV{PARAM}=="?*", RUN+="/usr/sbin/lctl set_param '$env{PARAM}=$env{SETTING}’” • You can create your own udev rule – http://reactivated.net/writing_udev_rules.html – /lib/udev/rules.d/* for examples – Add udev_log="debug” to /etc/udev.conf if you have problems • Using systemd for long task.
    [Show full text]
  • POLITICAL SCIENCE 444-544-SEM B2– the POLITICS of SOCIAL JUSTICE (Winter Term 2018)
    DEPARTMENT OF POLITICAL SCIENCE https://uofa.ualberta.ca/political-science POLITICAL SCIENCE 444-544-SEM B2– THE POLITICS OF SOCIAL JUSTICE (Winter Term 2018) Instructor: Dr. Malinda S. Smith Time: Thursday, 12:30-3:20 pm Office: 10-23 Tory Building Class Location: 10-4 Tory Building Office Hours: Tues, 1:30-2:30PM, or by appointment Email: [email protected] Office: 780.492.5380 I. COURSE DESCRIPTION AND OBJECTIVES: Global Critical Race Theory explores conceptions of race, racialization and anti-racism from various perspectives in political and social theory, recognizing that such knowledge and understanding are important for making sense of the ambiguities and complexities of political life in modern settler colonial states. Although power and privilege in the polis long have been shaped by ideas about race and its intersections with, for example, gender, class, sexuality, and disabilities – the discipline of political science has not always been in the forefront of theoretical efforts to make sense of this fundamental aspect of the human condition. It is in this context that Critical Race Theory (CRT) emerged as an important body of scholarship first in law and later across the social sciences and humanities. Rather than one perspective or approach, CRT is a constellation of theoretical standpoints that self-consciously views the ‘race question’ and questions about race and intersectionality through a critical lens, posing new questions on the persistence if not magnification of race and the ‘colour line’ in the twenty-first century and an ostensibly post-racial and colour-blind era. This course guides students through anti- racism, intersectionality, settler colonial and the implications for a decolonial politics.
    [Show full text]
  • Security Applications of Formal Language Theory
    Dartmouth College Dartmouth Digital Commons Computer Science Technical Reports Computer Science 11-25-2011 Security Applications of Formal Language Theory Len Sassaman Dartmouth College Meredith L. Patterson Dartmouth College Sergey Bratus Dartmouth College Michael E. Locasto Dartmouth College Anna Shubina Dartmouth College Follow this and additional works at: https://digitalcommons.dartmouth.edu/cs_tr Part of the Computer Sciences Commons Dartmouth Digital Commons Citation Sassaman, Len; Patterson, Meredith L.; Bratus, Sergey; Locasto, Michael E.; and Shubina, Anna, "Security Applications of Formal Language Theory" (2011). Computer Science Technical Report TR2011-709. https://digitalcommons.dartmouth.edu/cs_tr/335 This Technical Report is brought to you for free and open access by the Computer Science at Dartmouth Digital Commons. It has been accepted for inclusion in Computer Science Technical Reports by an authorized administrator of Dartmouth Digital Commons. For more information, please contact [email protected]. Security Applications of Formal Language Theory Dartmouth Computer Science Technical Report TR2011-709 Len Sassaman, Meredith L. Patterson, Sergey Bratus, Michael E. Locasto, Anna Shubina November 25, 2011 Abstract We present an approach to improving the security of complex, composed systems based on formal language theory, and show how this approach leads to advances in input validation, security modeling, attack surface reduction, and ultimately, software design and programming methodology. We cite examples based on real-world security flaws in common protocols representing different classes of protocol complexity. We also introduce a formalization of an exploit development technique, the parse tree differential attack, made possible by our conception of the role of formal grammars in security. These insights make possible future advances in software auditing techniques applicable to static and dynamic binary analysis, fuzzing, and general reverse-engineering and exploit development.
    [Show full text]
  • ECE 598 – Advanced Operating Systems Lecture 19
    ECE 598 { Advanced Operating Systems Lecture 19 Vince Weaver http://web.eece.maine.edu/~vweaver [email protected] 7 April 2016 Announcements • Homework #7 was due • Homework #8 will be posted 1 Why use FAT over ext2? • FAT simpler, easy to code • FAT supported on all major OSes • ext2 faster, more robust filename and permissions 2 btrfs • B-tree fs (similar to a binary tree, but with pages full of leaves) • overwrite filesystem (overwite on modify) vs CoW • Copy on write. When write to a file, old data not overwritten. Since old data not over-written, crash recovery better Eventually old data garbage collected • Data in extents 3 • Copy-on-write • Forest of trees: { sub-volumes { extent-allocation { checksum tree { chunk device { reloc • On-line defragmentation • On-line volume growth 4 • Built-in RAID • Transparent compression • Snapshots • Checksums on data and meta-data • De-duplication • Cloning { can make an exact snapshot of file, copy-on- write different than link, different inodles but same blocks 5 Embedded • Designed to be small, simple, read-only? • romfs { 32 byte header (magic, size, checksum,name) { Repeating files (pointer to next [0 if none]), info, size, checksum, file name, file data • cramfs 6 ZFS Advanced OS from Sun/Oracle. Similar in idea to btrfs indirect still, not extent based? 7 ReFS Resilient FS, Microsoft's answer to brtfs and zfs 8 Networked File Systems • Allow a centralized file server to export a filesystem to multiple clients. • Provide file level access, not just raw blocks (NBD) • Clustered filesystems also exist, where multiple servers work in conjunction.
    [Show full text]
  • [13주차] Sysfs and Procfs
    1 7 Computer Core Practice1: Operating System Week13. sysfs and procfs Jhuyeong Jhin and Injung Hwang Embedded Software Lab. Embedded Software Lab. 2 sysfs 7 • A pseudo file system provided by the Linux kernel. • sysfs exports information about various kernel subsystems, HW devices, and associated device drivers to user space through virtual files. • The mount point of sysfs is usually /sys. • sysfs abstrains devices or kernel subsystems as a kobject. Embedded Software Lab. 3 How to create a file in /sys 7 1. Create and add kobject to the sysfs 2. Declare a variable and struct kobj_attribute – When you declare the kobj_attribute, you should implement the functions “show” and “store” for reading and writing from/to the variable. – One variable is one attribute 3. Create a directory in the sysfs – The directory have attributes as files • When the creation of the directory is completed, the directory and files(attributes) appear in /sys. • Reference: ${KERNEL_SRC_DIR}/include/linux/sysfs.h ${KERNEL_SRC_DIR}/fs/sysfs/* • Example : ${KERNEL_SRC_DIR}/kernel/ksysfs.c Embedded Software Lab. 4 procfs 7 • A special filesystem in Unix-like operating systems. • procfs presents information about processes and other system information in a hierarchical file-like structure. • Typically, it is mapped to a mount point named /proc at boot time. • procfs acts as an interface to internal data structures in the kernel. The process IDs of all processes in the system • Kernel provides a set of functions which are designed to make the operations for the file in /proc : “seq_file interface”. – We will create a file in procfs and print some data from data structure by using this interface.
    [Show full text]
  • Tnpsc Group-2 Current Affairs 2018
    TNPSC GROUP-2 CURRENT AFFAIRS 2018 TAMIL NADU AISHE 2016-17: TAMIL NADU LEADS IN GROSS ENROLMENT RATIO Prakash Javadekar released All India Survey on Higher Education (AISHE) report 2016- 2017. Highlights of All India Survey on Higher Education (2016-2017): As per the findings of the survey, overall enrolment in higher education institutions across India has increased from 27.5 million in 2010-11 to 35.7 million in 2016-17. 1. Gross Enrolment Ratio (GER) has increased from 24.5% in 2015-16 to 25.2 in 2016-17. 2. Gender Parity Index (GP1) too has improved from 0.86 to 0.94. 3. Tamil Nadu topped in terms of Gross Enrolment Ratio (GER) in higher education. Tamil Nadu recorded 46.9% GER. 4. Among Union territories, Chandigarh topped with 56.1% GER. 5. Bihar posted lowest GER of 14.4%. RS PURAM POLICE STATION IN TAMIL NADU RANKS INDIA'S BEST POLICE STATION R.S. Puram Police station in Coimbatore, Tamil Nadu has been adjudged as the best police station in India in SMART Police Stations initiative of Union Ministry of Home Affairs (MHA), • R.S. Puram Police Station House Officer T. JOTHI, received the award from Union Home Minister Rajnath Singh on January 6, 2018 at the all India conference of Director General/Inspector General of Police held at BSF Academy Tekanpur in Madhya Pradesh. • Abbreviation SMART in SMART Police stands for S-Sensitive and Strict; M-Modern with mobility; A- Alert and Accountable; R- Reliable and Responsive; T- Trained and Techno-savvy. 2 | P a g e SHANMUGAM IAS ACADEMY: 46/1, Gokhale St, Opp Senthil Kumaran Theatre, Ram Nagar, Coimbatore, Tamil Nadu 641009 WEBSITE: iasipstnpsc.in TNPSC GROUP-2 CURRENT AFFAIRS 2018 GOVERNMENT STARTS PROCESS TO BUILD INDIA'S FIRST DEFENCE 'QUAD' Union Defence Ministry has started the process to set up India's first defence industrial 'Quad' (quadrilateral corridor) linking Chennai with four other cities of Tamil Nadu to promote industries manufacturing weapons and military equipments.
    [Show full text]
  • Hashtags for Change: Can Twitter Promote Social Progress in Saudi Arabia
    International Journal of Communication 8 (2014), 943–961 1932–8036/20140005 #Hashtags for Change: Can Twitter Promote Social Progress in Saudi Arabia IRFAN CHAUDHRY University of Alberta, Canada Since the Arab Spring uprisings in 2011, Twitter has proven to be a useful mobilization tool for citizens. The power of Twitter to mobilize citizens (as seen in the Arab Spring) worries some governments. In response, a number of countries have begun to censor access to Internet technology. The Saudi monarchy, for example, issued a decree banning the reporting of news that contradicts sharia (Islamic) law, undermines national security, promotes foreign interests, or slanders religious leaders. A key question requiring further examination is why the Saudi government issued this decree. Are these controls in place to manage the Kingdom of Saudi Arabia’s political image on a global level, or are they in place to regulate the morality of its citizens at the local level? Drawing upon the work of Manuel Castells and his discussion of network power, this article asks: Can Twitter usage promote social progress in Saudi Arabia? Keywords: Saudi Arabia, Twitter, communication technology, social progress, gender, #Women2Drive Since the Arab Spring uprisings in 2011, social media has proven to be a useful mobilization tool for citizens to protest perceived injustices. In the Tunisian and Egyptian revolutions, the microblogging site Twitter emerged as a key source for real-time logistical coordination, information, information sharing, and discussion (Lotan et al., 2011). Twitter helps you “helps you create and share ideas and information instantly, without barriers” (About Twitter, 2013). Twitter’s global nature and ability to connect people anywhere in the world through hashtags and retweets1 make it possible for people to share information on topics as mundane as what to cook for this evening’s dinner to something as spectacular as the fall of an authoritarian government regime.
    [Show full text]
  • By James King B.A., Samford University, 2006 M.L.I.S., University
    THE STRUGGLE CONTINUES: ARCHIVAL APPROACHES TO CIVIL RIGHTS IN NORTHERN IRELAND AND THE AMERICAN SOUTH by James King B.A., Samford University, 2006 M.L.I.S., University of Alabama, 2007 M.A., Boston College, 2009 Submitted to the Graduate Faculty of School of Computing and Information in partial fulfillment of the requirements for the degree of Doctor of Philosophy University of Pittsburgh 2018 UNIVERSITY OF PITTSBURGH SCHOOL OF COMPUTING AND INFORMATION This dissertation was presented by James King It was defended on November 16, 2017 and approved by Dr. Sheila Corrall, Professor, Library and Information Science Dr. Andrew Flinn, Reader in Archival Studies and Oral History, Information Studies, University College London Dr. Alison Langmead, Associate Professor, Library and Information Science Dissertation Advisor: Dr. Richard J. Cox, Professor, Library and Information Science ii Copyright © by James King 2018 iii THE STRUGGLE CONTINUES: ARCHIVAL APPROACHES TO CIVIL RIGHTS IN NORTHERN IRELAND AND THE AMERICAN SOUTH James King, PhD University of Pittsburgh, 2018 When police and counter-protesters broke up the first march of the Northern Ireland Civil Rights Association (NICRA) in August 1968, activists sang the African American spiritual, “We Shall Overcome” before disbanding. The spiritual, so closely associated with the earlier civil rights struggle in the United States, was indicative of the historical and material links shared by the movements in Northern Ireland and the American South. While these bonds have been well documented within history and media studies, the relationship between these regions’ archived materials and contemporary struggles remains largely unexplored. While some artifacts from the movements—along with the oral histories and other materials that came later—remained firmly ensconced within the archive, others have been digitally reformatted or otherwise repurposed for a range of educational, judicial, and social projects.
    [Show full text]
  • An ECMA-55 Minimal BASIC Compiler for X86-64 Linux®
    Computers 2014, 3, 69-116; doi:10.3390/computers3030069 OPEN ACCESS computers ISSN 2073-431X www.mdpi.com/journal/computers Article An ECMA-55 Minimal BASIC Compiler for x86-64 Linux® John Gatewood Ham Burapha University, Faculty of Informatics, 169 Bangsaen Road, Tambon Saensuk, Amphur Muang, Changwat Chonburi 20131, Thailand; E-mail: [email protected] Received: 24 July 2014; in revised form: 17 September 2014 / Accepted: 1 October 2014 / Published: 1 October 2014 Abstract: This paper describes a new non-optimizing compiler for the ECMA-55 Minimal BASIC language that generates x86-64 assembler code for use on the x86-64 Linux® [1] 3.x platform. The compiler was implemented in C99 and the generated assembly language is in the AT&T style and is for the GNU assembler. The generated code is stand-alone and does not require any shared libraries to run, since it makes system calls to the Linux® kernel directly. The floating point math uses the Single Instruction Multiple Data (SIMD) instructions and the compiler fully implements all of the floating point exception handling required by the ECMA-55 standard. This compiler is designed to be small, simple, and easy to understand for people who want to study a compiler that actually implements full error checking on floating point on x86-64 CPUs even if those people have little programming experience. The generated assembly code is also designed to be simple to read. Keywords: BASIC; compiler; AMD64; INTEL64; EM64T; x86-64; assembly 1. Introduction The Beginner’s All-purpose Symbolic Instruction Code (BASIC) language was invented by John G.
    [Show full text]
  • A Flexible Framework for File System Benchmarking &Pivot
    ;login SPRING 2016 VOL. 41, NO. 1 : & Filebench: A Flexible Framework for File System Benchmarking Vasily Tarasov, Erez Zadok, and Spencer Shepler & Pivot Tracing: Dynamic Causal Monitoring for Distributed Systems Jonathan Mace, Ryan Roelke, and Rodrigo Fonseca & Streaming Systems and Architectures: Kafka, Spark, Storm, and Flink Jayant Shekhar and Amandeep Khurana & BeyondCorp: Design to Deployment at Google Barclay Osborn, Justin McWilliams, Betsy Beyer, and Max Saltonstall Columns Red/Blue Functions: How Python 3.5’s Async IO Creates a Division Among Function David Beazley Using RPCs in Go Kelsey Hightower Defining Interfaces with Swagger David N. Blank-Edelman Getting Beyond the Hero Sysadmin and Monitoring Silos Dave Josephsen Betting on Growth vs Magnitude Dan Geer Supporting RFCs and Pondering New Protocols Robert G. Ferrell UPCOMING EVENTS NSDI ’16: 13th USENIX Symposium on Networked USENIX Security ’16: 25th USENIX Security Systems Design and Implementation Symposium March 16–18, 2016, Santa Clara, CA, USA August 10–12, 2016, Austin, TX, USA www.usenix.org/nsdi16 www.usenix.org/sec16 Co-located with NSDI ’16 Co-located with USENIX Security ’16 CoolDC ’16: USENIX Workshop on Cool Topics on WOOT ’16: 10th USENIX Workshop on Offensive Sustainable Data Centers Technologies March 19, 2016 August 8–9, 2016 www.usenix.org/cooldc16 Submissions due May 17, 2016 www.usenix.org/woot16 SREcon16 CSET ’16: 9th Workshop on Cyber Security April 7–8, 2016, Santa Clara, CA, USA Experimentation and Test www.usenix.org/srecon16 August 8, 2016 Submissions
    [Show full text]