chester's blog

technology, travel, comics, books, math, web, software and random thoughts

Building bash from source (Shellshock mitigation for Ubuntu 13.04 and other unsupported distros)

25 Sep 2014 | Comments

Shellshock is a serious server security issue that was made public yesterday. The best fix is to apply security updates from your Linux distribution, as they become available.

If that is not possible for any reason (e.g., unsupported distros, like the Ubuntu 13.04 boxes we have not killed yet), you will need to compile bash from the source (including all the patches) - which may be confusing if you are not used to build C/C++ software “by hand”.

There are some scripts that compile and install a new bash (like’s curl | sh), but they assume you are ok with the latest bash version (4.3), and I needed to stay with 4.2. Here is how I did it:

Canada Day Comics

01 Jul 2014 | Comments

CC-BY Curly TurkeyAn untrained observer would infer I’d spend this Canada Day lazily reading comics. That isn’t true: to honor the spirit of the day, I’ve been lazily reading Canada-related comic books (by author or subject).

Having already read everything from Alpha Flight on Marvel Unlimited, I’ve started with Sam Logan’s Sam and Fuzzy (one of my favorite webcomics of all time) and two Ty Templeton works: the latest Batman’66 meets The Green Hornet (a team-up brought by a team-up with Kevin Smith and Ralph Garman) and The Northern Guard.

The biggest surprise, however, was Archie Goes to Canada: it collects stories from multiple periods that are not (much) stereotypical, and even doubles as a cultural/travel guide of sorts.

But my day wont’t be just comics: there is also the Captain Canuck animated series, available online for free. It is modern-looking and (judging by a peek) very action-oriented, so I expect a very un-canadian punch-to-apology ratio. Anyway, it’s the red-and-white that counts, so…. Happy Canada Day!

BONUS: Alpha Flight cameo in 90s X-Men: The Animated Series

Netflix Brazil dribbles FIFA with a word game

01 Jun 2014 | Comments

In Portuguese, the word “copa” isn’t just a reference to the FIFA World Cup, or any generic cup. It is also often used to designate a pantry, or a small dining room inside a kitchen - some people even use the term interchangeably with “cozinha”, the word for “kitchen”.

Netflix Brazil used this in a smart commercial that dribbles FIFA’s Orwellian (and borderline unconstitutional) countrywide media ban on expressions (which includes things like “Christmas 2014”). The spot showcases the freedom of not watching any important soccer match (a non-trivial luxury in Brazil, trust me) by playing entirely as a double entendre. Here is a rough translation:

Guy: “You know what? I’m gonna watch Netflix on the [copa].” (grabs a tablet)

Girl: “Oh, you and this [copa], [copa], ewww.”

Guy 2: “Yeah, why not on the living room?”

Guy 3: “…or the office, the bedroom, the porch…”

Guy (walking to the “copa”): “I watch Netflix WHEREVER I WANT. And I want it ON THE [copa].”

Guy 2: “So I can watch movies… on the [copa]?”

Guy 3: “…pausing and returning on the [copa]?”

Guy 4: “Watch exclusive series… on the [copa]?”

Guy: “See? Netflix changes everything!”

Narrator: “Netflix on the [copa]? Why not? Movies and series for you to watch whenever and however you want. Subscribe now.”

Halt and Catch Fire: a series premiere with a huge IBM PC blunder

28 May 2014 | Comments

Just watched AMC’s first episode of Halt and Catch Fire - a TV show that about a hyper-stereotyped bunch (chrarming entrepreneur, family-man engineer and punk-girl hacker) facing “big corps” of the early 80s. And they start by challenging no one less than IBM, so I had to check it out.

Every fiction piece about computers has one innacuracy or another, and I usually just eat my popcorn and enjoy the show. But this one had an issue too close to home to be ignored. And it started with a good idea: they borrowed the plot from Phoenix Technologies’ cloning of the IBM PC BIOS, which I’d summarize like this:

In order to run software made for the IBM PC, a computer would need a piece of software knonw as the BIOS. It was inside every IBM computer, but was dutifully copyrighted. Copying or mimicking it directly would likely result in legal action, but Phoenix got over that (and sold their version to several IBM PC clone manufacturers) by having two teams on the job: one studied the code and wrote specifications on how it worked, and another created a new BIOS only from reading such specifications, making it a “clean room” reverse engineering.

The episode puts the hacker girl in the role of the second team, while the engineer guy replaces the first (helped by the entrepreneur). Also, his task was simplified into just generating a printout of the BIOS that the girl would recreate. Things were fine up to this point, but the male duo would accomplish the task in the most complicated way possible: they hooked the guts of the computer to a LED panel, which would show a binary representation of the codes, one digit at a time. Then they would write each one on a block of paper and then type it all (into the reassembled PC or another computer, not sure), and finally print it all out!

Heck, I understand the need for dramatizing the effort. And I also wasn’t for sure the genius computer designer this engineer is supposed to be, but if you asked me how to do that in the IBM PC era, I would likely just suggest typing these two commands:

d f000:0000

The first line calls debug, the monitor/assembler/disassembler tool that came with DOS since verison 1.0. The second one (typed under debug’s - prompt) will dump (d) the contents of the first 128 bytes of the PC-BIOS. It will even print the characters that match each code (revealing some of the messages printed when you turned the computer on), and typing d again will reveal the next batch of 128 bytes, again and again. Attach a printer and you are done.

But don’t take my word for it: go to James Friend’s nice PC emulator page (based on PCE) and try the commands yourself (the page actually emulates a slightly more modern computer, but it boots in the IBM-PC-like “real mode”). You will get a result like this:

Some people may argue they could not know the location (F000:0000) without Google, but the IBM PC technical manual (PDF) that came with it tells you on page 1-12 that it’s located at F0000 (an absolute 80861 address that can be referred to as F000:0000). Even if IBM had hidden it, the Intel 8086 manual (PDF) reveals (in page 2-29, table 2-4) that the processor boots at the FFFF:0000 address (CS:Instruction Pointer). Typing u FFFF:0000 on debug would reveal the first instruction ran is a JMP to the beginning of the BIOS code (just after a few header bytes), and one would reasonably dump from it until the end of memory, which would match the ROM chip capacity (which was also public information).

But wait, there is more: if they had really bothered reading the aforementioned PC manual, they could have saved some ink and paper. Appendix A contains the fully disassembled BIOS code - meaning those guys spend a whole weekend printing something that was already on the box, in an easier to read format. Geniuses.

Having that out of my chest, I can focus on the episode itself: it was ok-ish. I may check future ones if they appear on the website/over-the-air/Netflix/whatever, but I’m not really holding my breath.

  1. As pointed by Clonejay, the IBM PC actually had an 8088 processor. Programmers (including myself) tend to refer to it as 8086 because software-wise, they were identical. The 8088 had a smaller data bus, compatible with cheaper-but-slower RAM chips). You won’t find much 8088-specific documentation, so I’ll keep the text as-is. 

2048 2600: The 2048 game for the Atari 2600

25 Mar 2014 | Comments

As everyone else on the planet, I got hooked on 2048 and amazed by the variants that sprouted. Its simple rules and graphics are one distinctive characteristic. “It’s so simple”, I thought, “that it really could have been done on an Atari”. And once you have such an idea…

That’s right: this is a version of 2048 for the Atari 2600! It took me about 16 hours of work to get to a playable prototype, and about 50 hours for the final version, spread over a couple weekends and nights during which I was refining the core game and squeezing features like sound, two-player mode, and a high score.

During this period it briefly made the front page of Hacker News, received lots of great feedback on Atari Age and RVG, and got a couple of contributions (bug fix, PAL support). The 2048 source was also helpful - even though I had to rethink the whole shifting/merging strategy, it provided a nice foundation with very readable code.

The project page has all the instructions and files you need to run it on an emulator, on a real console or even in your browser. The remainder of this post shows some technical notes (which can also be found at the main assembly source file).

Running ruby2600 in a browser with Opal

16 Feb 2014 | Comments


Last year I challenged myself into writing an Atari 2600 emulator using Ruby in time to present it at RubyConfBr 2013 - thus ruby2600 was born. When I found Opal, a Ruby-to-JavaScript compiler, I felt it might be fun to run the emulator on a browser.

It runs even slower than in MRI and is far from polished, but works. To watch it, just click the button below and wait until the black lines get replaced by Pitfall Harry slooooowly running to the left (sorry, no key bindings for now).

Keep reading if you want the gory technical details!

London, Paris and Reykjavík: A One-Week Vacation

10 Nov 2013 | Comments

Bani noticed this winter would be one of the best to see the northern lights in this decade. Granted, there are lots of places in Canada for that, but we decided for a stretch and went to Iceland. Adding a flight leg to the UK was cost-effective, and I threw in a train hop into France, ending up with a mix of Icelandic natural landscapes and urban highlights of London and Paris - two iconic cities I always wanted to visit!

Day Job - A Story of Chasing Dreams

20 Oct 2013 | Comments

There is no shortage of documentaries about startups, and that is understandable: the idea of bootstraping an idea into a viable enterprise is fascinating, and the reality is filled with real-life sweat, joy and drama that owes nothing to fiction.

Given that, I jumped at the opportunity of watching the premiere of Day Job, which puts under a microscope the journey of three companies through one of the Extreme Startups accelerator programs. Between the tight schedules and limited budgets, an interesting story ensures. Check the trailer:

<script type="text/javascript" id="vidyard_embed_code_K8cX3Q--akV4WBoP7ZDfQA" src="//"560"&height="315"&v=3.1&type=inline"></script>

How realistic? Well, after the event we had the opportunity of watching a Q&A with the film’s director and the three entrepreneurs, which pretty much backed the film depiction. It is yet unclear how/when the movie will be distributed, but I’d keep an eye if I had not already seen it.

Day Job Premiere Screening - Q&A