www.archive-net-2013.com » NET » D » DAEMONOLOGY

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".

    Archived pages: 710 . Archive date: 2013-12.

  • Title: daemonology.net
    Descriptive info: .. I started out using this domain strictly for my BSD-related activities, but it is turning into a dumping ground for all sorts of personal work.. I've got a variety of work here:.. The.. FreeBSD-on-EC2 status page.. My.. FreeBSD Update.. utility.. An advisory about a.. security flaw in Intel Hyper-Threading.. A short set of instructions on how to.. upgrade a FreeBSD 4.. 8 system to FreeBSD 4.. 11.. instructions to.. upgrade a FreeBSD 5.. 3 system to FreeBSD 5.. 4.. 4 system to FreeBSD 6.. 0.. and a script to  ...   An extremely minimalist.. pipelined HTTP client.. which I wrote in order to speed up portsnap.. binary diff.. tool.. A.. port of NetBSD's makefs.. depenguinator.. An.. Enhanced Speedstep.. driver for FreeBSD.. list of work I've published and/or had cited by other authors.. Hacker News Daily.. , a summary of top-ranked articles from.. Hacker News.. Ask Hacker News Weekly.. , a summary of top-ranked "Ask HN" (aka.. "self post") articles from.. My quasi-blog,.. Daemonic Dispatches.. Not on this site, but still likely to be of interest, is my.. Tarsnap online backup service..

    Original link path: /
    Open archive

  • Title: FreeBSD on EC2 status
    Descriptive info: FreeBSD on EC2.. If you want to run FreeBSD on a Cluster Compute, High I/O instance or m3.. * instance, stop reading here and instead go to the.. FreeBSD entry in the AWS Marketplace.. The following FreeBSD AMIs are available (additional obsolete AMIs are listed at the bottom of this page).. For most users and applications, the.. FreeBSD 9.. 2-RELEASE for 64-bit Windows.. AMI will be the most appropriate one to use.. To use FreeBSD/EC2:.. Look in the table below and find the correct AMI number for the version of FreeBSD you want (most likely the highlighted row) and the EC2 region you want to launch the EC2 instance into.. Launch the EC2 instance.. Adjust your security group if necessary to allow incoming TCP connections on port 22 (SSH) from your IP address.. (Optional) Look at the EC2 instance console output ("Get System Log" on the EC2 console) for the SSH host keys.. Note that you may need to wait about five minutes for these to appear.. (You can also use my.. ec2-knownhost.. script to parse the EC2 console log and add keys to your ssh known_hosts file automatically.. ).. SSH in as "ec2-user" (using the SSH key you created for EC2), and su to root (no password).. You can now use the EC2 instance like any other FreeBSD system, with the exception that on versions prior to 10.. 0-BETA1 you can't use FreeBSD Update to fetch kernel security updates (you'll need to manually rebuild and reinstall the XENHVM kernel).. FreeBSD version.. us-east-1.. (N Virginia).. us-west-1.. (N California).. eu-west-1.. (Ireland).. ap-southeast-1.. (Singapore).. ap-northeast-1.. (Tokyo).. us-west-2.. (Oregon).. sa-east-1.. (Sao Paulo).. ap-southeast-2.. (Sydney).. FreeBSD 10.. 0-RC2.. For 64-bit m1, m2, c1, and t1 instances.. ami-c71739ae.. ami-0ee1d14b.. ami-680ae31f.. ami-f8cc98aa.. ami-c3d2b1c2.. ami-5c75116c.. ami-ab6fceb6.. ami-594cd363.. For 32-bit m1, c1, and t1 instances.. ami-4d173924.. ami-64e1d121.. ami-000be277.. ami-dccc988e.. ami-8fd2b18e.. ami-7e75114e.. ami-b56fcea8.. ami-734cd349.. For m3, c3, and HPC instances.. ami-bd1638d4.. ami-40e1d105.. ami-4e0be239.. ami-d6cc9884.. ami-67d2b166.. ami-7a75114a.. ami-bb6fcea6.. ami-7b4cd341.. 2-RELEASE.. For 64-bit "Windows" instances.. ami-538eda3a.. ami-fa3f0bbf.. ami-3e1ef949.. ami-a6165cf4.. ami-578e1056.. ami-12f96722.. ami-1d42e500.. ami-9773eead.. For 32-bit "Windows" instances.. ami-418eda28.. ami-ea3f0baf.. ami-4e1ef939.. ami-b4165ce6.. ami-358e1034.. ami-2af9671a.. ami-e743e4fa.. ami-a573ee9f.. For Cluster Compute, High-I/O, and "m3" instances.. ami-498eda20.. ami-da3f0b9f.. ami-461ef931.. ami-8a165cd8.. ami-1f8e101e.. ami-26f96716.. ami-ef43e4f2.. ami-a973ee93.. FreeBSD 8.. 4-RELEASE.. ami-29611440.. ami-31eac474.. ami-bb9080cf.. ami-978cc2c5.. ami-f743cbf6.. ami-5769f867.. ami-30de7b2d.. ami-bfe07385.. ami-5f611436.. ami-21eac464.. ami-d79080a3.. ami-eb8cc2b9.. ami-eb43cbea.. ami-5369f863.. ami-3ade7b27.. ami-43e07379.. ami-4761142e.. ami-15eac450.. ami-11908065.. ami-e38cc2b1.. ami-cf43cbce.. ami-6369f853.. ami-3ede7b23.. ami-59e07363.. EC2 quirks.. In order to work with EC2, the FreeBSD AMIs are slightly modified from what you would have immediately after installing FreeBSD from a release CD:.. The network is configured and the sshd daemon is enabled, for obvious reasons.. On AMIs up to and including FreeBSD 9.. 1-RC1 or 8.. 3-RELEASE: SSH logins as root are enabled, but root's password is starred out (i.. e.. , password logins as root will fail until a password is set).. From FreeBSD 9.. 1-RC2 and 8.. 4-BETA1 onwards, you will need to login as "ec2-user" and su to root.. The first time an AMI is booted, a script fetches the public half of an SSH keypair from EC2 and arranges for root logins using that key.. Every time the the AMI boots, it prints the SSH host keys to the console in the same format as Amazon Linux AMIs do.. /etc/motd.. file contains some comments about FreeBSD/EC2 and a link to this page.. In the default configuration, kernel panics (including backtraces) are reported to the FreeBSD/EC2 maintainer to assist him in identifying and fixing bugs.. Some EC2-specific patches have been applied to FreeBSD in order to improve performance and work around bugs.. These are contained in.. /root/ec2-bits/*.. patch.. Because EC2 AMIs prior to 10.. 0-BETA1 have non-GENERIC kernels, FreeBSD Update cannot update their kernels.. Updating should be performed by using FreeBSD Update to update the.. /usr/src.. tree and then rebuilding the kernel from source.. (10.. 0-BETA1 and later have GENERIC kernels and can use FreeBSD Update for everything.. Packaging new AMIs.. The process of building FreeBSD AMIs from scratch is non-trivial; it is much easier to modify and re-bundle one of the existing FreeBSD AMIs:.. Launch the FreeBSD AMI you want to base your AMI on.. Make your changes (installing packages, adjusting configurations, etc).. Delete the file.. /root/.. ssh/authorized_keys.. or.. /home/ec2-user/.. (otherwise your SSH  ...   ami-7295a237.. ami-45896a32.. ami-c23f6a90.. ami-3fad373e.. ami-fac25aca.. ami-39872124.. ami-27b12d1d.. ami-c3e3bcaa.. ami-6095a225.. ami-63896a14.. ami-2c3f6a7e.. ami-35ad3734.. ami-f8c25ac8.. ami-0387211e.. ami-d1b02ceb.. 0-BETA1.. ami-fb590a92.. ami-74665131.. ami-eeff1e99.. ami-c69dd794.. ami-d79a02d6.. ami-52c85162.. ami-e11bbcfc.. ami-c3d64af9.. ami-af5a09c6.. ami-64665121.. ami-0aff1e7d.. ami-dc9dd78e.. ami-c79a02c6.. ami-6cc8515c.. ami-ef1bbcf2.. ami-cfd64af5.. ami-315b0858.. ami-886750cd.. ami-5eff1e29.. ami-d69dd784.. ami-939a0292.. ami-6ac8515a.. ami-c71bbcda.. ami-d3d64ae9.. 0-ALPHA5.. ami-bb9fced2.. ami-e4be8aa1.. ami-66638511.. ami-7c612b2e.. ami-af4bd2ae.. ami-da66f8ea.. ami-ab399eb6.. ami-1f36ab25.. ami-c99fcea0.. ami-dcbe8a99.. ami-866284f1.. ami-74612b26.. ami-a14bd2a0.. ami-e066f8d0.. ami-a9399eb4.. ami-1936ab23.. ami-119fce78.. ami-cebe8a8b.. ami-a86284df.. ami-48612b1a.. ami-7b4bd27a.. ami-8a66f8ba.. ami-ad399eb0.. ami-2d36ab17.. 0-ALPHA4.. ami-f1c09798.. ami-b00b3ff5.. ami-b48462c3.. ami-8a367cd8.. ami-810c9280.. ami-d4bc22e4.. ami-a75cfbba.. ami-c91a87f3.. ami-0bc09762.. ami-b60b3ff3.. ami-dc8462ab.. ami-9c367cce.. ami-f90f91f8.. ami-e2bc22d2.. ami-af5cfbb2.. ami-cb1a87f1.. ami-43c0972a.. ami-980b3fdd.. ami-ee846299.. ami-94367cc6.. ami-1d0f911c.. ami-febc22ce.. ami-ad5cfbb0.. ami-d11a87eb.. 0-ALPHA3.. ami-71d18518.. ami-f83f0bbd.. ami-321ef945.. ami-a0165cf2.. ami-518e1050.. ami-c0ce50f0.. ami-e343e4fe.. ami-8b73eeb1.. ami-bfd084d6.. ami-f43f0bb1.. ami-4c1ef93b.. ami-b6165ce4.. ami-318e1030.. ami-d8ce50e8.. ami-e543e4f8.. ami-9b73eea1.. ami-f3d0849a.. ami-e43f0ba1.. ami-441ef933.. ami-88165cda.. ami-218e1020.. ami-5ace506a.. ami-e943e4f4.. ami-af73ee95.. 0-ALPHA2.. ami-41367c28.. ami-8cae9bc9.. ami-3e678349.. ami-dcd2998e.. ami-e79d02e6.. ami-1e7ae52e.. ami-1f963102.. ami-e7a33edd.. ami-6f367c06.. ami-f0ae9bb5.. ami-40678337.. ami-d0d29982.. ami-cf9d02ce.. ami-107ae520.. ami-e79730fa.. ami-e3a33ed9.. ami-af317bc6.. ami-ecae9ba9.. ami-60678317.. ami-08d2995a.. ami-b99d02b8.. ami-2e7ae51e.. ami-e59730f8.. ami-eda33ed7.. 0-ALPHA1.. ami-f34a029a.. ami-38f6c37d.. ami-ca58bdbd.. ami-94a8e3c6.. ami-63b52962.. ami-e4e778d4.. ami-8dae0990.. ami-0f851835.. ami-0d4a0264.. ami-7af6c33f.. ami-ce58bdb9.. ami-eea8e3bc.. ami-5db5295c.. ami-fce778cc.. ami-93ae098e.. ami-09851833.. ami-3349015a.. ami-74f6c331.. ami-dc58bdab.. ami-e6a8e3b4.. ami-59b52958.. ami-f8e778c8.. ami-95ae0988.. ami-1d851827.. 2-RC4.. ami-11ace578.. ami-9e1d28db.. ami-ba6683cd.. ami-e69fd4b4.. ami-27e27e26.. ami-c6c659f6.. ami-5dda7d40.. ami-9f920fa5.. ami-3bace552.. ami-801d28c5.. ami-ce6683b9.. ami-c49fd496.. ami-69e77b68.. ami-e8c659d8.. ami-0bda7d16.. ami-d5900def.. ami-4bace522.. ami-f81d28bd.. ami-e2668395.. ami-2c9fd47e.. ami-0df06c0c.. ami-e2c659d2.. ami-eddb7cf0.. ami-f7900dcd.. 2-RC3.. ami-996022f0.. ami-3813397d.. ami-67fde613.. ami-fa0942a8.. ami-6327b462.. ami-5cd64a6c.. ami-8f379392.. ami-8336a4b9.. ami-af6022c6.. ami-30133975.. ami-79fde60d.. ami-f20942a0.. ami-3d27b43c.. ami-6ed64a5e.. ami-9137938c.. ami-8f36a4b5.. ami-df6022b6.. ami-14133951.. ami-7ffde60b.. ami-cc09429e.. ami-2927b428.. ami-6ad64a5a.. ami-9b379386.. ami-8936a4b3.. 2-RC2.. ami-bee7a6d7.. ami-2a68426f.. ami-4bfde53f.. ami-36ca8264.. ami-8b3bab8a.. ami-7a4ad74a.. ami-3d47e320.. ami-c966f4f3.. ami-e2e7a68b.. ami-22684267.. ami-57fde523.. ami-08ca825a.. ami-973aaa96.. ami-724ad742.. ami-0547e318.. ami-d166f4eb.. ami-02e7a66b.. ami-10684255.. ami-7ffde50b.. ami-00ca8252.. ami-6d3aaa6c.. ami-044ad734.. ami-0d47e310.. ami-dd66f4e7.. 2-RC1.. ami-7c226515.. ami-60163d25.. ami-73d0c907.. ami-32703860.. ami-0d6bfa0c.. ami-e9d548d9.. ami-a38e2abe.. ami-9150c2ab.. ami-b22364db.. ami-ba173cff.. ami-e3d1c897.. ami-06703854.. ami-7568f974.. ami-8dd548bd.. ami-a58e2ab8.. ami-9f50c2a5.. ami-ba2364d3.. ami-aa173cef.. ami-f9d1c88d.. ami-00703852.. ami-6b68f96a.. ami-89d548b9.. ami-ad8e2ab0.. ami-9950c2a3.. 2-BETA2.. ami-8cb0cae5.. ami-6e614a2b.. ami-37c0de43.. ami-783e762a.. ami-1363f512.. ami-c55fcdf5.. ami-79da7e64.. ami-b587158f.. ami-dab0cab3.. ami-4c614a09.. ami-5dc0de29.. ami-423e7610.. ami-cb62f4ca.. ami-e75fcdd7.. ami-43da7e5e.. ami-b3871589.. ami-c2b0caab.. ami-ba6249ff.. ami-7fc0de0b.. ami-583e760a.. ami-c162f4c0.. ami-f35fcdc3.. ami-41da7e5c.. ami-bb871581.. 2-BETA1.. ami-42e69f2b.. ami-eaf6deaf.. ami-a7f3ecd3.. ami-b6fdb4e4.. ami-cd6afdcc.. ami-5dc95b6d.. ami-3bf25626.. ami-93fa68a9.. ami-ace79ec5.. ami-eef6deab.. ami-bbf3eccf.. ami-8cfdb4de.. ami-bf6afdbe.. ami-55c95b65.. ami-3df25620.. ami-9ffa68a5.. ami-c2e79eab.. ami-def6de9b.. ami-b3f3ecc7.. ami-8efdb4dc.. ami-b76afdb6.. ami-69c95b59.. ami-03f2561e.. ami-99fa68a3.. 2-BETA0 (aka 9.. 1-STABLE @ 2013-07-07).. ami-3ea5d957.. ami-987951dd.. ami-6f3a261b.. ami-1490d946.. ami-7fae3a7e.. ami-b9a83b89.. ami-f4389de9.. ami-743ba84e.. ami-9ea4d8f7.. ami-947951d1.. ami-613a2615.. ami-6e90d93c.. ami-71ae3a70.. ami-4da83b7d.. ami-fe389de3.. ami-723ba848.. ami-8aa4d8e3.. ami-f87951bd.. ami-7d3a2609.. ami-6090d932.. ami-45ae3a44.. ami-5fa83b6f.. ami-c6389ddb.. ami-043ba83e.. 1-RELEASE.. ami-5339bb3a.. ami-4c8baa09.. ami-c0b2bfb4.. ami-35054767.. ami-cef348cf.. ami-aa09819a.. ami-05fc2418.. ami-d54addef.. ami-9d38baf4.. ami-9c88a9d9.. ami-68b2bf1c.. ami-0905475b.. ami-b6f348b7.. ami-b2098182.. ami-0dfc2410.. ami-d34adde9.. ami-d738babe.. ami-7cb2bf08.. 1-RC3.. ami-eaf44e83.. ami-22082e67.. ami-17cecd63.. ami-2e23607c.. ami-844af485.. ami-6c58d15c.. ami-58419845.. ami-5fbb2c65.. ami-d6f44ebf.. ami-c6082e83.. ami-e5cecd91.. ami-d0236082.. ami-944af495.. ami-5658d166.. ami-4e419853.. ami-4bbb2c71.. ami-3cf44e55.. ami-3fcecd4b.. 1-RC2.. ami-a5823ecc.. ami-a7e8cfe2.. ami-235e5e57.. ami-ca9fdf98.. ami-ba803fbb.. ami-fc3ab4cc.. ami-b212cbaf.. n/a.. ami-6f833f06.. ami-a3e8cfe6.. ami-015e5e75.. ami-cc9fdf9e.. ami-c4803fc5.. ami-e63ab4d6.. ami-d812cbc5.. For Cluster Compute / High-I/O instances.. ami-05823e6c.. 1-RC1.. ami-f1249198.. ami-992f0bdc.. ami-5bb5b22f.. ami-c4c78696.. ami-0072cf01.. ami-9633bca6.. ami-d28950cf.. ami-8b2792e2.. ami-af2f0bea.. ami-49b5b23d.. ami-cec7869c.. ami-2a72cf2b.. ami-9a33bcaa.. ami-ce8950d3.. ami-4324912a.. 1-BETA1.. ami-e1b10488.. ami-6f5d792a.. ami-b59691c1.. ami-a8b9f8fa.. ami-b68e33b7.. ami-d624abe6.. ami-9290498f.. ami-a5b104cc.. ami-0d5d7948.. ami-a39691d7.. ami-58b8f90a.. ami-d88e33d9.. ami-3623ac06.. ami-bc9049a1.. ami-05b1046c.. 0-RELEASE.. ami-d560b7bc.. ami-83a9f7c6.. ami-31a69945.. ami-22e2a770.. ami-8ac6708b.. ami-ec4ac7dc.. ami-7a598667.. ami-1d4c9874.. ami-fd6739b8.. ami-ddffc0a9.. ami-ecb8fdbe.. ami-b4f640b5.. ami-cab73afa.. ami-a822fdb5.. ami-479f482e.. 0-CURRENT @ 2011-01-04.. For t1.. micro instances only.. ami-8cce3fe5.. ami-61683824.. ami-e388bd97.. ami-36bdc364.. 0-CURRENT @ 2011-01-01.. ami-f4db2a9d.. ami-c7643482.. ami-5b82b72f.. ami-aabec0f8.. 0-CURRENT @ 2010-12-29.. ami-a0fc0dc9.. 0-CURRENT @ 2010-12-12.. ami-c01aeca9.. 4-RC3.. ami-5b543832.. ami-df17389a.. ami-7d352309.. ami-e0b1feb2.. ami-cbf778ca.. ami-23b92f13.. ami-ce27fdd3.. ami-d360f0e9.. ami-935b37fa.. ami-d7173892.. ami-893422fd.. ami-fcb1feae.. ami-79f77878.. ami-3db92f0d.. ami-d627fdcb.. ami-df60f0e5.. ami-a55b37cc.. ami-c3173886.. ami-913422e5.. ami-f0b1fea2.. ami-4ff7784e.. ami-cbb82efb.. ami-de27fdc3.. ami-e360f0d9.. 4-RC2.. ami-ca7414a3.. ami-b6a28ef3.. ami-72adb906.. ami-71470823.. ami-f455d8f5.. ami-fc74e3cc.. ami-00f52f1d.. ami-90b424aa.. ami-e674148f.. ami-aaa28eef.. ami-86acb8f2.. ami-45470817.. ami-ec55d8ed.. ami-f874e3c8.. ami-08f52f15.. ami-92b424a8.. ami-ee741487.. ami-98a28edd.. ami-9cacb8e8.. ami-bd4807ef.. ami-dc55d8dd.. ami-8a74e3ba.. ami-12f52f0f.. ami-9cb424a6.. 4-RC1.. ami-f8305791.. ami-90200cd5.. ami-d2a4b1a6.. ami-befdb1ec.. ami-8aa0228b.. ami-8ade49ba.. ami-71a8726c.. ami-80fc6cba.. ami-1a305773.. ami-ee200cab.. ami-e6a4b192.. ami-b0fdb1e2.. ami-64a02265.. ami-9cde49ac.. ami-79a87264.. ami-82fc6cb8.. ami-3630575f.. ami-c8200c8d.. ami-0ea4b17a.. ami-8afdb1d8.. ami-56a02257.. ami-96de49a6.. ami-43a8725e.. ami-8efc6cb4.. 4-BETA1.. ami-40a83329.. ami-76d9f433.. ami-2c808a58.. ami-fa81cda8.. ami-432bab42.. ami-deb723ee.. ami-7775ae6a.. ami-f23dacc8.. ami-96a932ff.. ami-6ed9f42b.. ami-32808a46.. ami-f081cda2.. ami-232bab22.. ami-d4b723e4.. ami-7f75ae62.. ami-843dacbe.. ami-aaa932c3.. ami-5ed9f41b.. ami-4e808a3a.. ami-c481cd96.. ami-6528a864.. ami-e4b723d4.. ami-4375ae5e.. ami-803dacba.. 3-RELEASE.. ami-978d55fe.. ami-6d154e28.. ami-05794271.. ami-628acd30.. ami-5c1dac5d.. ami-70fd7140.. ami-e2a876ff.. ami-358e565c.. ami-79154e3c.. ami-e3794297.. ami-328acd60.. ami-6c1dac6d.. ami-74fd7144.. ami-18a97705.. 3-RC2.. For 32-bit Windows instances.. (More expensive than "linux/unix" instances).. ami-6d13cd04.. ami-a7aef6e2.. ami-e5f0c891.. ami-6e4a0d3c.. ami-0454e505.. ami-72d95542.. ami-1abd6307.. For 64-bit Windows instances.. ami-9313cdfa.. ami-59aff71c.. ami-b7f0c8c3.. ami-324a0d60.. ami-1c54e51d.. ami-74d95544.. ami-16bd630b.. 3-RC1.. ami-d6e538bf.. ami-9b1840de.. ami-cbecd5bf.. ami-bace8ae8.. ami-00e95801.. ami-9a109daa.. ami-0063bc1d.. ami-7ae43913.. ami-41194104.. ami-a9ecd5dd.. ami-a0ce8af2.. ami-26e95827.. ami-82109db2.. ami-3a63bc27.. 3-BETA1.. ami-dc4093b5.. ami-67b9e022.. ami-2d695059.. ami-0281c550.. ami-be398fbf.. ami-52098462.. ami-dc76a9c1.. ami-9e4093f7.. ami-73b9e036.. ami-0d695079.. ami-0a81c558.. ami-d0398fd1.. ami-5a09846a.. ami-de76a9c3.. 2b-RELEASE.. ami-b55f99dc.. ami-e3025fa6.. ami-4cd7e738.. ami-36285364.. ami-aaa316ab.. For cc1.. 4xlarge instances only.. ami-290eca40.. ami-c69862af.. ami-0fa4f64a.. ami-78a1910c.. ami-dc93eb8e.. ami-14e15415.. 2a-RELEASE.. ami-646c9e0d.. ami-423bc82b.. ami-0fc3934a.. ami-bfdaeecb.. ami-46f78914.. ami-ce01aacf.. ami-c003f3a9.. ami-b3a0f0f6.. ami-4f1a2e3b.. ami-5490ee06.. 2-RC @ 2011-01-08.. ami-4a15e423.. ami-376e3e72.. ami-f77e4a83.. ami-3eb6c86c.. ami-d29b6abb.. FreeBSD 7.. 4b-RELEASE.. ami-8d985ee4.. ami-59e8ba1c.. ami-541c2c20.. ami-1ad7af48.. ami-96ca7f97.. ami-0d08cc64..

    Original link path: /freebsd-on-ec2/
    Open archive

  • Title: FreeBSD Update
    Descriptive info: Binary Security Updates for FreeBSD -- over 100,000 served!.. FreeBSD Update is a system for automatically building, distributing, fetching, and applying binary security updates for FreeBSD.. This makes it possible to easily track the FreeBSD security branches without the need for fetching the source tree and recompiling (except on the machine building the updates, of course).. Updates are cryptographically signed; they are also distributed as binary diffs using my.. tool, which dramatically reduces the bandwidth used.. NOTE: This page concerns the original FreeBSD Update (version 1.. x) for which the client code was distributed via the FreeBSD ports tree and for which I build binary updates for i386 only.. Starting with FreeBSD 6.. 2, a completely new version of FreeBSD Update is distributed in the FreeBSD base system and updates are being built by the FreeBSD Security Team on hardware donated to the FreeBSD project.. Note to Google users: If you arrived here by searching for "update ports freebsd" or something similar, you probably want.. portsnap.. , my utility for ports tree updating.. FreeBSD Update is designed for updating systems which have started with a binary install of an official FreeBSD RELEASE, and which have not had any files recompiled locally.. Prior to FreeBSD Update 1.. 4, if any files have been modified (or recompiled) locally, they will be silently ignored.. They will not be updated.. If you have recompiled any part of the FreeBSD world locally, make sure you're not running a pre-1.. 4 version of FreeBSD Update.. FreeBSD Update 1.. 4 will complain about files which  ...   before installing them.. Version 1.. 6 of the client (update fetching and applying) code is available from the FreeBSD ports tree as security/freebsd-update.. I used to have a link to the tarball here, but lots of people managed to install it wrong; so I'm not going to link to it.. The ports tree will set it up properly; take advantage of it.. (If you just want to look at the code, rather than wanting to install it.. go look in the ports tree.. I am currently building updates for all branches supported by the FreeBSD Security Team, i.. 4.. 11-RELEASE, 5.. 5-RELEASE, 6.. 0-RELEASE, and 6.. 1-RELEASE.. In the past I have also built updates for 4.. 7-RELEASE, 4.. 8-RELEASE, 4.. 9-RELEASE, 4.. 10-RELEASE, 5.. 0-RELEASE, 5.. 1-RELEASE, 5.. 2.. 3-RELEASE, and 5.. 4-RELEASE; if you run FreeBSD Update on a system with one of these versions, it will download and install all the security updates.. up to the point when those releases ceased to be supported by the security team.. If you are running such an old release, I strongly recommend that you.. upgrade your old FreeBSD 4.. x system FreeBSD 4.. upgrade your old FreeBSD 5.. x system to FreeBSD 6.. x.. Thanks to all the donors who contributed to allow me to purchase the system I'm using the build these updates; in particular,.. BSD Mall.. and the readership of.. slashdot.. jp.. made large contributions.. I presented a paper about this at.. BSDCon'03.. ; the paper is available here in.. postscript.. ,.. pdf.. , and.. HTML.. formats..

    Original link path: /freebsd-update/
    Open archive

  • Title: Hyper-Threading considered harmful
    Descriptive info: Hyper-Threading considered harmful.. Hyper-Threading Considered Harmful.. Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw.. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine.. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately; single-user systems (i.. , desktop computers) are not affected.. I presented details of how to exploit this security flaw at.. BSDCan 2005.. in Ottawa on May 13th, 2005.. For those who were unable to attend my talk, I have written a 12-page paper,.. Cache Missing for Fun and Profit.. , discussing this flaw and related problems, both realized and theoretical.. Vendor statements.. The following statements have either been provided to me by vendors or quoted from vendor advisories:.. CVE.. : The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2005-0109 to the problem of information disclosure resulting from cache evictions in simultaneous multithreading processors.. This is a candidate for inclusion in the.. CVE list.. , which standardizes names for security problems.. FreeBSD.. : This issue affects FreeBSD/i386 and FreeBSD/amd64, and is addressed in advisory FreeBSD-SA-05:09.. htt.. NetBSD.. : The NetBSD Security-Officer Team believes that workarounds will be suitable for the majority of our users.. Since this issue is a complex one, the 'right' solution will require a larger discussion which is only possible once this issue is public.. This issue will be addressed in advisory NetBSD-SA2005-001, which will provide a list of workarounds for use until the 'final' conclusion is reached.. OpenBSD.. : OpenBSD does not directly support hyperthreading at this time, therefore no patch is available.. Affected users may disable hyperthreading in their system BIOS.. We will revisit this issue when hyperthreading support is improved.. RedHat.. : Updated OpenSSL packages that fix security issues are now available [.. ] The OpenSSL library has been patched to add a new fixed-window mod_exp implementation as default for RSA, DSA, and DH private-key operations.. This patch is designed to mitigate cache timing and potentially related attacks.. [Quoted from RedHat Security Advisory RHSA-2005:476-08.. Note: I do not believe that the patch used in OpenSSL is sufficient to avoid disclosure of cryptographic keys on a hyperthreaded system, although it does block the very specific attack which I demonstrated in my paper.. ].. SCO.. : This affects OpenServer 5.. 7 if an update pack is applied and SMP is installed; it also affects UnixWare 7.. 4 and 7.. 3 with hyperthreading enabled, but hyperthreading is disabled in UnixWare by default.. This is covered by advisory SCOSA-2005.. 24.. Ubuntu Linux.. : Since it is not possible to provide a safe patch in a short time, HyperThreading has been disabled in the updated kernel packages for now.. You can manually enable HyperThreading again by passing the kernel parameter "ht=on" at boot.. [Quoted from Ubuntu Security Notice USN-131-1.. ].. (Other vendors are affected, but they haven't provided any statements.. UPDATE: There are some comments from Intel in an.. eWeek story.. about this issue.. UPDATE: Linus Torvalds has commented on this on the  ...   "EM64T" use this architecture.. Where do you work?.. I'm unemployed.. For the past three months, I've spent almost all of my time working on this security flaw -- investigating how serious it was, contacting all of the affected vendors, explaining how this should be fixed,.. et cetera.. I simply haven't had time to go out and get a job -- and I decided that making sure that this issue was properly reported and fixed was far more important than earning some money.. I think it's really great that you spent three months doing unpaid work to improve the security of other peoples' computers.. What can I do to thank you for your efforts?.. Money is always good.. In all seriousness, I'd like to spend a few months writing a completely new cryptgraphic library which is designed from the ground up to be immune to this attack, as well as all other timing attacks.. If you think you or your company could offer me some funding to allow me to do this, please.. let me know.. Why do you hate Intel so much?.. I don't hate Intel -- in fact, I think Intel makes great CPUs, and I have an Intel processor in every computer I own.. (Not that I have anything against AMD; it just happened to work out this way.. ) But as someone who works in the field of computer security, I don't play political games: If I find a vulnerability, I'm going to report it and work with vendors to fix it, regardless of what the problem is or who it affects.. Why should operating systems fix this? Isn't this Intel's fault?.. As a computer security researcher, I'm not concerned with assigning blame; rather, I'm concerned with making sure that systems are secure.. At this point, the fastest and easiest way to fix this problem is via the operating system, so that is what I have recommended.. While Intel can fix this problem on its future processors, I do not see any way for them to fix this problem on existing processors without a complete recall (similar to the result of the famous FDIV bug), which would be pointless when the problem can be so easily fixed via the operating system.. I have a question which isn't on this list.. Feel free to.. contact me.. with any questions about this security flaw.. I can't guarantee that I'll be able to reply to everyone -- I have no idea how many emails I'll get -- but I will make an effort to address every serious question I receive either via personal email or on this web page.. Disclosure timeline.. Late October, 2004.. : Initial discovery.. December 2004.. : Proof-of-concept exploit written and tested.. December 31, 2004.. : FreeBSD Security Officer Team notified of upcoming security issue.. February 2005.. : First draft of paper completed.. February 27, 2005 - March 18, 2005.. : Other security teams and vendors (including Intel) contacted.. May 13, 2005 @ 00:00 UTC.. : Official public disclosure that a security flaw exists in Hyper-Threading.. May 13, 2005 @ 15:00 UTC.. : Full details released.. Copyright 2005 Colin Percival..

    Original link path: /hyperthreading-considered-harmful/
    Open archive

  • Title: FreeBSD 4.8 to FreeBSD 4.11 binary upgrade
    Descriptive info: FreeBSD 4.. 8 to FreeBSD 4.. 11 binary upgrade.. Shortly before the End-of-Life for FreeBSD 4.. 8, I sent out a "heads up" to a few fora warning people that now was the time to upgrade to FreeBSD 4.. Unsurprisingly, several people replied with the obvious question: "How?".. The most standard approach to upgrading FreeBSD between versions has always been to update the.. tree (usually using cvsup) and run the "buildworld", "buildkernel", "installkernel", and "installworld" steps.. Since unnecessary compilation is undesireable, I decided to put together a step-by-step guide to upgrading to FreeBSD 4.. 11 using the published ISO image.. Of course, this is only useful if you are happy with a.. GENERIC.. kernel.. What follows are the steps I used to upgrade my FreeBSD 4.. 8-RELEASE-p27 box to FreeBSD 4.. 11-RELEASE; I can't guarantee that they'll work for everyone, but this should be at least a good starting point.. N.. B.. I only install the "bin", "crypto", "dict", "doc", and "manpages" distributions here -- I don't want the "catpages", compat, "games", "info", "ports", "proflibs", or "src" distributions.. If you want a different set of distributions, change the lists in steps 6, 9, and 10.. If you haven't done so already, install.. cd /usr/ports/security/freebsd-update && make install clean cp /usr/local/etc/freebsd-update.. sample /usr/local/etc/freebsd-update.. conf.. Using FreeBSD Update, generate a list of files from the base system which have been locally modified.. We might not want to overwrite these.. freebsd-update -v IDS | tail +8 | grep.. | lam -s '.. ' - > /root/base-modified.. Edit this list and delete files for which you don't want to  ...   /mnt.. For the files which have been locally modified, extract the new versions to a temporary directory.. mkdir /usr/release for dist in bin crypto dict doc manpages; do cat /mnt/${dist}/${dist}.. ?? | tar -xpzf - -I /root/base-modified -C /usr/release done 2>/dev/null.. For each of these files (in.. /root/base-modified.. ), compare the existing and new versions to see if you need to update anything.. (I didn't, but sometimes there are necessary changes in configuration files -- for example, in FreeBSD 4.. 7 a new "sshd" user was added.. diff -u /etc/group /usr/release/etc/group diff -u /etc/ttys /usr/release/etc/ttys etc.. Clear the immutable flag on files from the base system to make sure that we can overwrite or delete them.. xargs chflags noschg.. Extract the new release (minus the locally modified files that we don't want to overwrite).. for dist in bin crypto dict doc manpages; do cat /mnt/${dist}/${dist}.. ?? | tar -xpzf - -X /root/base-modified -C / done.. Generate a list of files which belong to the new release, and compare this to the list of files which were in the old release, so that we can clean up the garbage left behind.. ( for dist in bin crypto dict doc manpages; do cat /mnt/${dist}/${dist}.. ?? | tar -tzf - done; cat /root/base-modified ) | sort | uniq | cut -c 2- > /root/base-new comm -13 base-new base-old | xargs rm.. Link the GENERIC kernel into /kernel.. ln /kernel.. GENERIC /kernel.. Clean up.. umount /mnt vnconfig -u vn0c rm -r /usr/release rm /usr/miniinst.. iso rm /root/base-modified /root/base-old /root/base-new.. Reboot into your new 4.. 11-RELEASE system.. shutdown -r now..

    Original link path: /freebsd-upgrade-4.8-to-4.11/
    Open archive

  • Title: FreeBSD 5.3 to FreeBSD 5.4 binary upgrade
    Descriptive info: FreeBSD 5.. 3 to FreeBSD 5.. 4 binary upgrade.. In February 2005 I put instructions online explaining how to perform a.. binary upgrade from FreeBSD 4.. When it came time to upgrade my FreeBSD 5.. 3 system to instead run FreeBSD 5.. 4, I found that some slightly different steps were needed, so I decided to put together a 5.. 3-to-5.. 4 upgrade guide as well.. What follows are the steps I used to upgrade my FreeBSD 5.. 4-RELEASE; I can't guarantee that they'll work for everyone, but this should be at least a good starting point.. I only install the "base" "dict", "doc", and "manpages" distributions here -- I  ...   mount -t cd9660 -o ro /dev/md9 /mnt.. mkdir /usr/release for dist in base dict doc manpages; do cat /mnt/5.. 4-RELEASE/${dist}/${dist}.. grep ^etc /root/base-modified | while read f; do diff -u /${f} /usr/release/${f} done | more.. for dist in base dict doc manpages; do /mnt/rescue/cat /mnt/5.. ?? | /mnt/rescue/tar -Uxpzf - -X /root/base-modified -C / done.. ( for dist in base dict doc manpages; do cat /mnt/5.. ?? | tar -tzf - done; cat /root/base-modified ) | sort | uniq | lam -s '/' - > /root/base-new comm -13 /root/base-new /root/base-old | xargs rm.. umount /mnt mdconfig -d -u 9 rm -r /usr/release rm /usr/disc1.. Reboot into your new 5.. 4-RELEASE system..

    Original link path: /freebsd-upgrade-5.3-to-5.4/
    Open archive

  • Title: FreeBSD 5.4 to FreeBSD 6.0 binary upgrade
    Descriptive info: 4 to FreeBSD 6.. 0 binary upgrade.. My earlier instructions on performing a.. and.. binary upgrade from FreeBSD 5.. proved quite popular, so I thought I'd prepare a similar set of instructions for upgrading to FreeBSD 6.. This upgrade is more tricky than the earlier "minor version" upgrades, since you have to be running a 6.. 0 kernel before you can install binaries for 6.. 0, and you have to replace everything which used 5.. 4 libraries before you can delete them safely.. 4-RELEASE systems to FreeBSD 6.. 0-RELEASE.. I only install the "base" "dict", "doc", and "manpages" distributions here -- I don't want the "catpages", "games", "info", "ports", "proflibs", or "src" distributions.. If you want a different set of distributions, change the lists in steps 7, 8, 12, 13, and 16.. #2.. This will obviously result in a system which is running a GENERIC kernel.. If you need support for hardware or kernel options which aren't in that kernel, follow the instructions in src/UPDATING to upgrade via source.. and portupgrade.. conf cd /usr/ports/sysutils/portupgrade && make install clean.. > /root/base-modified.. /usr/.. /etc/.. /var/log/.. Add the new.. _dhcp.. user and group.. pw groupadd _dhcp -g 65 pw useradd _dhcp -u 65 -c "dhcp programs" -d /var/empty -s /usr/sbin/nologin echo "_dhcp: root" >> /etc/mail/aliases.. Download an ISO image for the new release, verify its hash, and mount it.. org/pub/FreeBSD/ISO-IMAGES-i386/6.. 0/6.. 0-RELEASE-i386-disc1.. iso md5 /usr/disc1.. iso.. (the hash printed should be.. cfe3c1a2b4991edd6a294ca9b422b9d5.. mdconfig -a -t vnode -f /usr/disc1.. Copy the base system components off the ISO image (this is necessary because we won't be able to mount the ISO after rebooting into the new kernel.. for dist in base  ...   (w, ps, top, mdconfig, etc.. ) will not work!.. Extract the new release (minus locally modified files which we don't want to overwrite), and reboot again to get into a fully functional FreeBSD 6.. 0 system.. for dist in base dict doc manpages; do /rescue/tar -Uxpzf /usr/${dist}.. tgz -X /root/base-modified -C / done shutdown -r now.. Generate a list of files which belong to the new release, and compare this to the list of files which were in the old release, so that we can clean up the garbage left behind, and delete everything apart from libraries (which need to be left for the benefit of applications installed from the ports tree for now).. for dist in base dict doc manpages; do tar -tzf /usr/${dist}.. tgz done | lam -s '/' - | sort -u - /root/base-modified > /root/base-new comm -13 /root/base-new /root/base-old | grep -v /lib/ | xargs rm.. UPDATE, 2006-04-14.. : Due to some database format changes between FreeBSD 5.. 4 and FreeBSD 6.. 0, it's a good idea to rebuild portupgrade now, before rebuilding everything else.. portupgrade -fR portupgrade.. Recompile all applications installed from the ports tree.. portupgrade -af.. If you have any other compiled programs installed, you should also recompile them at this point.. Clean up (including removal of old libraries which are now unneeded).. comm -13 /root/base-new /root/base-old | grep /lib/ | xargs rm rm -r /usr/release rm /usr/disc1.. iso rm /usr/base.. tgz /usr/dict.. tgz /usr/doc.. tgz /usr/manpages.. tgz rm /root/base-modified /root/base-old /root/base-new.. If you have.. installed from the ports tree.. , you should uninstall it and move its data directory.. cd /usr/ports/sysutils/portsnap && make deinstall rmdir /var/db/portsnap && mv /usr/local/portsnap /var/db/portsnap..

    Original link path: /freebsd-upgrade-5.4-to-6.0/
    Open archive

  • Title: FreeBSD 6.0 to FreeBSD 6.1 binary upgrade
    Descriptive info: FreeBSD 6.. 0 to FreeBSD 6.. 1 binary upgrade.. In the course of my.. work on FreeBSD Update.. and other security-related FreeBSD development, I realized that I had accumulated most of the bits (both code and data) which I would need to construct a very easy-to-use script for performing binary upgrades between FreeBSD versions.. In the past I have provided instructions on performing a.. , a.. , and a.. , but they have all involved multiple steps and some understanding on the part of the user.. Using my newly written script should make FreeBSD 6.. 1 upgrades a bit easier; and since this script uses patches generated by.. bsdiff.. it uses far less bandwidth -- around 15-20MB, compared to 650MB for downloading a complete release ISO image.. Note that this script only works for the i386 platform.. It will refuse to run on alpha, amd64, pc98, or sparc64 systems.. As root, download the script and check that it has the right hash:.. # cd /usr/ # fetch http://www.. daemonology.. net/freebsd-upgrade-6.. 0-to-6.. 1/upgrade-6.. tgz # sha256 upgrade-6.. tgz.. The hash displayed should be.. 29075fc5711e0b20d879c69d12bbe5414c1c56d597c8116da7acc0d291116d2f.. Note: This script needs quite a lot of disk space (anywhere from a couple hundred MB  ...   to have an SMP kernel installed, you should.. # mv /boot/kernel/SMP /boot/kernel/kernel.. remove the ".. bootfile="SMP".. " line from.. /boot/loader.. reboot.. before running the upgrade script.. Note.. : This almost certainly only affects people who used FreeBSD Update to obtain a FreeBSD 6.. 0 SMP kernel.. Extract the tarball and run the script.. # tar -xzf upgrade-6.. tgz # cd upgrade &&.. /upgrade.. sh.. Follow the instructions provided by the script.. You will be asked to confirm that what the script plans to do looks reasonable -- it is very unlikely that the script will get anything wrong, but you should read its plans before telling it to go ahead.. If the script has trouble merging your configuration files with changes which occurred between FreeBSD 6.. 0 and FreeBSD 6.. 1, it will ask you to perform the merge manually.. This isn't likely to happen unless you've modified lots of files in /etc which people don't often touch.. When the script finishes, you can delete.. /usr/upgrade-6.. tgz.. and everything in.. /usr/upgrade.. and reboot into FreeBSD 6.. I recommend using.. to apply security updates once you've done this, but.. you must reboot before running FreeBSD Update on your newly upgraded system..

    Original link path: /freebsd-upgrade-6.0-to-6.1/
    Open archive

  • Title: FreeBSD Portsnap
    Descriptive info: FreeBSD Portsnap.. Secure FreeBSD ports tree updating.. Portsnap is a system for securely downloading and updating a compressed snapshot of the FreeBSD ports tree, and using this compressed snapshot to extract or update a (uncompressed) copy of the ports tree.. Historically, most people have used.. CVSup.. to keep their ports tree up to date, but CVSup has a number of limitations:.. CVSup is insecure.. The protocol uses no encryption or signing, and any attacker who can intercept the connection can insert arbitrary data into the tree you are updating.. CVSup isn't end-to-end.. Related to the previous point, this means that anyone who can compromise a CVSup mirror can feed arbitrary data to the people who are using that mirror.. CVSup isn't designed for frequent small updates.. While CVSup is very good at distributing CVS trees, and is very efficient for updating a tree which has been significantly changed (eg, by a month or more of commits), it transmits a list of all the files in the tree, which makes it quite inefficient if only a few files have changed.. CVSup uses a custom protocol.. This can cause problems for people behind firewalls -- outgoing connections on port 5999 need to be permitted -- and it needs a heavyweight server (cvsupd).. Portsnap avoids these problems by operating over HTTP (using FreeBSD's fetch(1) utility and a new experimental.. ), signing the snapshots using OpenSSL, and  ...   seconds of wall-clock time (but since the wall-clock time depends upon network congestion and server loads, it isn't particularly significant).. Portsnap stores a compressed snapshot of the ports tree (around 40 MB) on disk, by default in /usr/local/portsnap.. This compressed snapshot can then be extracted as needed (eg, into /usr/ports).. Portsnap is in the FreeBSD base system for all versions from 5.. 5 upwards (including 6.. 0, which was released before 5.. 5); users of earlier FreeBSD releases can install portsnap from the ports tree (sysutils/portsnap).. I have a nice.. portsnap usage graph.. showing the number of systems running each version of portsnap (as approximated by the updates they fetch).. Usage.. Install sysutils/portsnap from the FreeBSD ports tree.. To fetch a compressed snapshot, or update your current compressed snapshot, run `portsnap fetch`.. To extract the ports tree, run `portsnap extract`.. After extracting a ports tree, to update it to reflect changes in the compressed snapshot, run `portsnap update` -- this is much faster than `portsnap extract` because it avoids extracting directories which haven't changed.. Please note that when extracting a copy of the FreeBSD ports tree, portsnap will remove existing files.. If you have any local changes (eg, extra patches which you've added into a port's files/ directory) then you'll have to put those back after updating the ports tree.. Please send any comments about this to me at "cperciva" at this domain..

    Original link path: /portsnap/
    Open archive

  • Title: Pipelined HTTP GET utility
    Descriptive info: Pipelined HTTP GET utility.. While writing.. , I found myself in need of a utility for performing pipelined HTTP.. This is different from "normal" HTTP in that it allows the HTTP client to have several HTTP requests "in flight" at once, and can dramatically increase performance when a large number of small files need to be downloaded.. (This was the case with portsnap, where downloading 300 files of 200 bytes each is not unusual).. As a result, I've written a minimalist pipelined HTTP client and added it as an experimental feature to the latest version of portsnap; but I've also decided to package it separately here in case anyone else finds themselves in need of such code.. Version 0.. 2 of phttpget is available.. here.. Note that phttpget is currently extremely minimalist.. Of particular note:.. Phttpget can only issue GET requests.. Phttpget cannot download files larger than 2GB (but this can be easily changed -- search for INT_MAX and replace it by something bigger).. Phttpget blithely ignores HTTP  ...   creates downloaded files in the current directory, with names equal to final segment of the download path (i.. , if it downloads.. http://www.. example.. com/foo/bar/baz.. then it will create a file named.. baz.. in the current directory).. Phttpget makes not attempt to check for symlinks or other nastiness.. Do not use phttpget if any other user can write to your current directory!.. If you already have a file where phttpget wants to create a file, it will silently remove the existing file.. I wrote phttpget in about 28 hours, and finished under 12 hours ago.. It has had very little testing and probably still contains lots of bugs.. (12 hours later: bugcount--.. 1 had a deadlock when fetching a very large number of files due to a missing "break"; this is fixed in version 0.. If you use this code, please.. , both because I'm interested to know about these things and so that I can notify you in the unlikely event of a security issue being discovered..

    Original link path: /phttpget/
    Open archive

  • Title: Binary diff
    Descriptive info: Binary diff/patch utility.. bspatch.. are tools for building and applying patches to binary files.. By using suffix sorting (specifically,.. Larsson and Sadakane's qsufsort.. ) and taking advantage of how executable files change,.. routinely produces binary patches 50-80% smaller than those produced by.. Xdelta.. , and 15% smaller than those produced by.. RTPatch.. (a $2750/seat commercial patch tool).. These programs were originally named.. bdiff.. bpatch.. , but the large number of other programs using those names lead to confusion; I'm not sure if the "bs" in refers to "binary software" (because.. produces exceptionally small patches for executable files) or "bytewise subtraction" (which is the key to how well it performs).. Feel free to offer other suggestions.. use bzip2; by default they assume it is in /usr/bin.. is quite memory-hungry.. It  ...   file takes about 90 seconds.. O(n+m).. time; on the same machine, applying that patch takes about two seconds.. Providing that.. off_t.. is defined properly,.. support files of up to 2^61-1 = 2Ei-1 bytes.. Version 4.. 3 is available.. with MD5 hash.. e6d812394f0e0ecc8d5df255aa1db22a.. 2 is available in the FreeBSD, NetBSD, and OpenBSD ports trees as misc/bsdiff, in Darwinports as devel/bsdiff, and in gentoo as dev-util/bsdiff.. It has also been made into a.. Python extension module.. , and there is a.. Windows port.. available.. The algorithm used by BSDiff 4 is described in my (unpublished) paper.. Naive differences of executable code.. ; please cite this in papers as.. Colin Percival,.. net/bsdiff/.. , 2003.. A far more sophisticated algorithm, which typically provides roughly 20% smaller patches, is described in my.. doctoral thesis..

    Original link path: /bsdiff/
    Open archive


  • Archived pages: 710