The Rise and Fall of Dark Silicon NIKOS HARDAVELLAS How Perl Added Unicode Support 10 Years Ago Without You Noticing It TOBI OETIKER Data Integrity: Finding Truth in a World of Guesses and Lies DOUG HUGHES APRIL 2012 VOL. 37, NO. 2 Conference Reports from USENIX LISA ’11: 25th Large Installation System Administration Conference UPCOMING EVENTS 4th USENIX Workshop on Hot Topics in 2012 Electronic Voting Technology Workshop/ Parallelism (HotPar ’12) Workshop on Trustworthy Elections SPONSORED BY USENIX IN COOPERATION WITH ACM SIGMETRICS, (EVT/WOTE ’12) ACM SIGSOFT, ACM SIGOPS, ACM SIGARCH, AND ACM SIGPLAN CO-LOCATED WITH USENIX SECURITY ’12 June 7–8, 2012, Berkeley, CA, USA August 6–7, 2012, Bellevue, WA, USA http://www.usenix.org/hotpar12 http://www.usenix.org/evtwote12 Submissions due: May 11, 2012 2012 USENIX Federated Conferences Week June 12–15, 2012, Boston, MA, USA 3rd USENIX Workshop on Health Security and 2012 USENIX Annual Technical Conference Privacy (HealthSec ’12) (USENIX ATC ’12) CO-LOCATED WITH USENIX SECURITY ’12 June 13–15, 2012 August 6–7, 2012, Bellevue, WA, USA http://www.usenix.org/atc12 http://www.usenix.org/healthsec12 3rd USENIX Conference on Web Application Development (WebApps ’12) 6th USENIX Workshop on Offensive June 13–14, 2012 Technologies (WOOT ’12) http://www.usenix.org/webapps12 CO-LOCATED WITH USENIX SECURITY ’12 August 6–7, 2012, Bellevue, WA, USA 4th USENIX Workshop on Hot Topics in Cloud http://www.usenix.org/woot12 Computing (HotCloud ’12) June 12–13, 2012 7th USENIX Workshop on Hot Topics in http://www.usenix.org/hotcloud12 Security (HotSec ’12) 4th USENIX Workshop on Hot Topics in Storage CO-LOCATED WITH USENIX SECURITY ’12 and File Systems (HotStorage ’12) August 7, 2012, Bellevue, WA, USA June 13–14, 2012 http://www.usenix.org/hotsec12 http://www.usenix.org/hotstorage12 Submissions due: May 7, 2012 4th USENIX Workshop on the Theory and Practice of Provenance (TaPP ’12) 21st USENIX Security Symposium June 14–15, 2012 (USENIX Security ’12) August 8–10, 2012, Bellevue, WA, USA http://www.usenix.org/tapp12 http://www.usenix.org/sec12 6th Workshop on Networked Systems for Developing Regions (NSDR ’12) 10th USENIX Symposium on Operating Systems June 15, 2012 Design and Implementation (OSDI ’12) http://www.usenix.org/nsdr12 October 8–10, 2012, Hollywood, CA, USA http://www.usenix.org/osdi12 5th Workshop on Cyber Security Submissions due: May 3, 2012 Experimentation and Test (CSET ’12) CO-LOCATED WITH USENIX SECURITY ’12 26th Large Installation System Administration August 6, 2012, Bellevue, WA, USA Conference (LISA ’12) http://www.usenix.org/cset12 December 9–14, 2012, San Diego, CA, USA http://www.usenix.org/lisa12 2nd USENIX Workshop on Free and Open Submissions due: May 17, 2012 Communications on the Internet (FOCI ’12) CO-LOCATED WITH USENIX SECURITY ’12 August 6, 2012, Bellevue, WA, USA http://www.usenix.org/foci12 FOR A COMPLETE LIST OF ALL USENIX AND USENIX CO-SPONSORED EVENTS, SEE HTTP://WWW.USENIX.ORG/EVENTS EDITOR Rik Farrow [email protected] MANAGING EDITOR Jane-Ellen Long [email protected] APRIL 2012, VOL. 37, NO. 2 COPY EDITOR Steve Gilmartin [email protected] OPINION Musings RIK FARROW . 2. PRODUCTION Arnold Gatilao HARDWARE Casey Henderson Jane-Ellen Long The Rise and Fall of Dark Silicon NIKOS HARDAVELLAS . 7. TYPESETTER SYSADMIN Star Type IPv6: It’s Not Your Dad’s Internet Protocol PAUL EBERSMAN . 18 [email protected] Programming Unicode SIMSON L. GARFINKEL . 25 USENIX ASSOCIATION How Perl Added Unicode Support 10 Years Ago Without You Noticing It TOBI OETIKER . 38 2560 Ninth Street, Suite 215, Berkeley, California 94710 Data Integrity: Finding Truth in a World of Guesses and Lies DOUG HUGHES . 46 Phone: (510) 528-8649 FAX: (510) 548-5738 COLUMNS Practical Perl Tools: Warning! Warning! Danger, Will Robinson! http://www.usenix.org http://www.sage.org DAVID N. BLANK-EDELMAN . 51 ;login: is the official magazine of the USENIX “R” is for Replacement DAVID BEAZLEY . 56 Association. ;login: (ISSN 1044-6397) iVoyeur: Changing the Game, Part 3 DAVE JOSEPHSEN . 62 is published bi-monthly by the USENIX Should You Care About Solaris 11? PETER BAER GALVIN . 70 Association, 2560 Ninth Street, Suite 215, Berkeley, CA 94710. /dev/random : Dark Rhetoric ROBERT G. FERRELL . 75 $90 of each member’s annual dues is for BOOKS a subscription to ;login:. Subscriptions for Book Reviews ELIZABETH ZWICKY, WITH MARK LAMOURINE, TREY DARLEY, nonmembers are $125 per year. Periodicals postage paid at Berkeley, CA, AND BRANDON CHING . 78 and additional offices. CONFERENCES POSTMASTER: Send address changes to USENIX LISA ’11: 25th Large Installation System Administration Conference . 83 ;login:, USENIX Association, 2560 Ninth Street, Suite 215, Berkeley, CA 94710. 5th ACM Symposium on Computer Human Interaction for Management of IT . 122 ©2012 USENIX Association USENIX is a registered trademark of the USENIX Association. Many of the designa- tions used by manufacturers and sellers to distinguish their products are claimed as trademarks. USENIX acknowledges all trademarks herein. Where those designa- tions appear in this publication and USENIX is aware of a trademark claim, the designa- tions have been printed in caps or initial caps. Musings RIK FARROWOPINION Rik is the editor of ;login:. While I was at LISA ’11, I ran into an old friend, Paul Ebersman . Paul was one of [email protected] the first employees at UUNET, and every time I ran into Paul, usually at a USENIX conference, he would tell me how the UUNET office had grown onto another floor of a building . Eventually, UUNETs growth was taking over entire buildings . Paul would also tell me how fast the Internet was growing, with traffic doubling every few months . UUNET was the fastest-growing ISP in the 1990s [1] and was founded with help from USENIX . These days, Paul is working for a company (Infoblox) that makes server appliances, and his own focus is on IPv6 . Paul’s article about issues with making the transition to IPv6 appears in this issue . During our conversations at LISA, I asked Paul about security and IPv6, and Paul said, “It’s like 1994 all over again ”. What Paul meant was that back in the mid-’90s, organizations were beginning to use the Internet without having more than the vaguest notion of security . Also, most IPv4 software stacks were largely untested, leading to root compromises and various denial-of-service (DoS) attacks, such as the Ping of Death [2] . In many ways, as the momentum to enable IPv6 on Internet- facing Web sites rolls onward, we will be facing another moment where most people will not be familiar with the new security issues that come with using a new network protocol . Just the Same Some things won’t be any different: there are still 65535 TCP and 65535 UDP ports in IPv6, just as in IPv4 . If your client or server application has a bug that can be exploited using IPv4, it most likely can also be exploited via IPv6 (once you have connectivity) . But there may also be bugs, such as the PoD, lurking in relatively untested IPv6 stacks . IPv6 brings with it an enormous address space, with billions of network addresses and four billion times four billion host addresses . Some people had hopes that this enormous address space would make automatic scanning for hosts unfeasible . Steve Bellovin, Bill Cheswick, and Angelos Keromytis explained in their 2006 ;login: article [3] that there are a number of strategies worms could use to limit their attacks to existing networks . These same strategies can also be used by attackers when exploring networks they wish to attack . Paul said that it is an excellent idea to monitor your existing networks to check for IPv6 traffic that might already be there . I tried this, both on my home network,and 2 ;login: VOL. 37, NO. 2 looking at traffic outside my firewall, and found a fair amount of IPv6 traffic . I used tcpdump with the ip6 filter (Wireshark uses the same input filter) and dis- covered that Macs and newer Windows systems are both pretty chatty . Both types of systems would occasionally send out Router Solicitation ICMPv6 packets, and both also looked for plug-and-play neighbors . Macs use MDNS (Multicast DNS), Windows boxes are using SSDP (Simple Service Discovery Protocol), and both are sending out IPv6 multicast packets looking for or advertising services . If you’ve been on a public wireless network and noticed other people’s shared disks showing up in a Finder or Explorer window, you have seen these protocols at play . And while these protocols are very helpful in some cases, I consider them harmful when used on non-private networks (hotels, coffee shops, airplanes, conferences, etc ). Noth- ing like an invitation to be hacked, and no scanning looking for victims required . The victims advertise their presence and potentially vulnerable services . Most modern operating systems support IPv6 and will automatically bring up a link-local IPv6 interface on all network interfaces . Link-local addresses begin with the prefix fe80::/10 and, as the name suggests, are valid only on the local sub- net . Link-local packets cannot be routed and are important to IPv6; they are used in network discovery protocol and for address assignment and DHCPv6 (see Paul’s article) . The host portion of these IPv6 addresses (EUI-64) is constructed using each interface’s MAC (Media Access Control) address, with the 2 bytes FFFE inserted into the middle of these 6 bytes, and the 7th bit set to one [5] . Unless you are using DHCPv6, your systems will use the MAC address when automatically generating IPv6 addresses—unless you have a Windows 7 or newer OS . Windows 7 systems use a randomly generated host suffix that changes every 15 minutes for privacy, since including your MAC address in a globally accessible IPv6 address makes your system easy to track on the Internet, as well as possibly identifying your system, since the first 3 bytes of the MAC address are assigned to vendors [5] .