Wanted: Most secure unencrypted email solution

Dear lazy web,

Thanks to the global surveillance disclosures, I am searching for a secure email solution. Using end-to-end encryption seems to be the only secure solution to keep the email content private, but it does not protect your email header. End-to-end encryption has the big drawback that the communication partner has to use it, which is rarely the case. I want to communicate as secure as possible even with people that do not use end-to-end encryption. What is the most secure unencrypted email solution?

Should I rent a (virtual) server in my country (Germany) and run my own email server on it? Do you know any reliable, inexpensive server host for such use case?

Code name for Ubuntu 18.04 LTS

Every Ubuntu release gets an alliterative code name from Mark Shuttleworth. It is a composition of an adjective and an animal. The upcoming Ubuntu 13.04 has the code name “Raring Ringtail”. Since nearly the beginning, the code names follow the alphabetical order. We will reach the letter Z with Ubuntu 17.04 if no letters are skipped. Will we wrap then and begin with A again?

At UDS-R in Copenhagen, Mark Shuttleworth jokingly said between Jono Bacon’s introduction and Mark’s keynote speech, that vegetables will be used once we run out of letters. He proposed the code name for Ubuntu 18.04 LTS: Brilliant Broccoli!

Unreliable SSDs

Today my system froze and failed to reboot. I plugged in an Ubuntu live USB stick and booted from it. Then I discovered the problem that my Intel SSD 320 broke. The output of hdparm is attached to the end of the blog post. You can see that the device size is reduced to 8 MB from 120 GB and the serial number is called BAD_CTX 00000159. The firmware of the SSD was up-to-date and the last firmware update should have fixed the 8 MB bug.

The Intel SSD 320 is my second SSD. My first SSD was a Super Talent Ultradrive GX 64GB, which died after around fifteen month of heavy use. It left a big bunch of my data corruption behind. SSDs seems to be very unreliable. Both SSDs died, but I cant remember that one of my HDDs died.

$ sudo hdparm -I /dev/sda


ATA device, with non-removable media
Model Number: INTEL SSDSA2CW120G3
Serial Number: BAD_CTX 00000159
Firmware Revision: 4PC10362
Transport: Serial, ATA8-AST, SATA 1.0a, SATA II Extensions, SATA Rev 2.5, SATA Rev 2.6
Used: unknown (minor revision code 0x0029)
Supported: 8 7 6 5
Likely used: 8
Logical max current
cylinders 16383 16
heads 16 16
sectors/track 63 63
CHS current addressable sectors: 16128
LBA user addressable sectors: 16384
LBA48 user addressable sectors: 16384
Logical Sector size: 512 bytes
Physical Sector size: 512 bytes
device size with M = 1024*1024: 8 MBytes
device size with M = 1000*1000: 8 MBytes
cache/buffer size = unknown
Nominal Media Rotation Rate: Solid State Device
LBA, IORDY(can be disabled)
Standby timer values: spec'd by Standard, no device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Enabled Supported:
Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
SET_MAX security extension
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* General Purpose Logging feature set
* 64-bit World wide name
* Gen1 signaling speed (1.5Gb/s)
* Gen2 signaling speed (3.0Gb/s)
* Phy event counters
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT LBA Segment Access (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
* Data Set Management TRIM supported (limit 8 blocks)
* Deterministic read ZEROs after TRIM
Master password revision code = 65534
not enabled
not locked
not expired: security count
supported: enhanced erase
Logical Unit WWN Device Identifier: 500151795951d4b9
NAA : 5
IEEE OUI : 001517
Unique ID : 95951d4b9
Checksum: correct

System cleanup

Tonight was system cleanup day. Baobob showed me where are the gigabytes hide. The home directory got rid of huge, old VCS checkouts of various projects. Then it was time to look at the system directories. I cleaned my apt cache

sudo apt-get clean

and the cache from pbuilder. Then I found something that lead to this blog post: /var/log consumed 3.8 GB. The biggest files were

1.8 GB /var/log/kern.log
1.8 GB /var/log/syslog
4.3 MB /var/log/dpkg.log
1.4 MB /var/log/kern.log.1

Hardware review I

This month I built two systems with identical hardware component (except for the case). Here’s the list of components:

Cases often don’t meet my high requirements. Many cases are sharp-edged, bad designed (inside and outside), use cheep plastic, and/or vibrate, because the hard drives confer their vibration to the case. The Sugo SG02-F case is not perfect, but I will recommend it. The Silentium T11 case has no shard edges, but I won’t recommend it. Too much plastic and optical not appealing.

You probably have to replace the boxed CPU heat sink and use a better power supply if you want a silent system.

How well do these components work with Ubuntu 10.10 (and probably other recent GNU/Linux distributions)? Perfectly. Everything that I tested worked:

  • The USB 2.0 and USB 3.0 ports work with everything plugged in (mouse, keyboard, flash drives).
  • Audio works (only stereo output tested; 5.1 sound was available in Pulseaudio)
  • 2D and 3D graphics work with the free (libre) radeon driver (Compiz runs)
  • LAN works

Symptoms of a dying graphic card

All started in December last year. I saw a red and a green pixel on my monitor. Moving the window containing the wrong-colors pixels corrected them. The wrong-colored pixels reappear from time to time in increased quantity. Then a second symptom appeared: The screen went black and came back one second later. This was triggered by moving a window and scrolling. I wasn’t sure what the reason was. Either it was a bug somewhere in the X stack or some hardware was dying. dmesg showed multiple problems with the radeon driver:

[283808.667454] radeon 0000:01:00.0: ffff88021f815c00 unpin not necessary
[283808.667820] radeon 0000:01:00.0: GPU softreset
[283808.667823] radeon 0000:01:00.0:   R_008010_GRBM_STATUS=0xE57024A4
[283808.667825] radeon 0000:01:00.0:   R_008014_GRBM_STATUS2=0×00330302
[283808.667826] radeon 0000:01:00.0:   R_000E50_SRBM_STATUS=0x200000C0
[283808.667832] radeon 0000:01:00.0:   R_008020_GRBM_SOFT_RESET=0x00007FEE
[283808.682844] radeon 0000:01:00.0: R_008020_GRBM_SOFT_RESET=0×00000001
[283808.698840] radeon 0000:01:00.0:   R_008010_GRBM_STATUS=0×00003028
[283808.698843] radeon 0000:01:00.0:   R_008014_GRBM_STATUS2=0×00000002
[283808.698845] radeon 0000:01:00.0:   R_000E50_SRBM_STATUS=0x200000C0
[283808.699845] radeon 0000:01:00.0: GPU reset succeed
[283808.717570] [drm] Clocks initialized !
[283808.765829] [drm] ring test succeeded in 0 usecs
[283808.765838] [drm] ib test succeeded in 1 usecs
[283808.765840] [drm] Enabling audio support
[283812.521265] radeon 0000:01:00.0: GPU lockup CP stall for more than 1000msec
[283812.521269] ————[ cut here ]————
[283812.521294] WARNING: at /build/buildd/linux-2.6.35/drivers/gpu/drm/radeon/radeon_fence.c:235 radeon_fence_wait+0×365/0x3d0 [radeon]()
[283812.521297] Hardware name:
[283812.521299] GPU lockup (waiting for 0x00AE670A last fence id 0x00AE6705)
[283812.521301] Modules linked in: btrfs zlib_deflate crc32c libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs xfs exportfs reiserfs nls_utf8 udf ip6table_filter ip6_tables binfmt_misc ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT xt_tcpudp iptable_filter ip_tables x_tables bridge stp kvm_intel kvm parport_pc ppdev snd_emu10k1_synth snd_emux_synth snd_seq_virmidi snd_seq_midi_emul snd_emu10k1 snd_ac97_codec ac97_bus snd_pcm snd_page_alloc snd_util_mem snd_hwdep snd_seq_midi radeon snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device ttm snd pl2303 drm_kms_helper coretemp usbserial joydev psmouse soundcore drm serio_raw intel_agp i2c_algo_bit lp parport hid_cherry usbhid hid firewire_ohci firewire_core usb_storage crc_itu_t e1000e ahci libahci pata_marvell
[283812.521360] Pid: 2194, comm: compiz Tainted: G        W   2.6.35-24-generic #42-Ubuntu
[283812.521362] Call Trace:
[283812.521370]  [<ffffffff8106089f>] warn_slowpath_common+0x7f/0xc0
[283812.521374]  [<ffffffff81060996>] warn_slowpath_fmt+0×46/0×50
[283812.521390]  [<ffffffffa01bd775>] radeon_fence_wait+0×365/0x3d0 [radeon]
[283812.521394]  [<ffffffff8107f730>] ? autoremove_wake_function+0×0/0×40
[283812.521410]  [<ffffffffa01bdf71>] radeon_sync_obj_wait+0×11/0×20 [radeon]
[283812.521418]  [<ffffffffa01751a3>] ttm_bo_wait+0×103/0x1c0 [ttm]
[283812.521435]  [<ffffffffa01d4e1a>] radeon_gem_wait_idle_ioctl+0x9a/0×150 [radeon]
[283812.521447]  [<ffffffffa010f433>] drm_ioctl+0×463/0×520 [drm]
[283812.521465]  [<ffffffffa01d4d80>] ? radeon_gem_wait_idle_ioctl+0×0/0×150 [radeon]
[283812.521470]  [<ffffffff81162f0d>] vfs_ioctl+0x3d/0xd0
[283812.521473]  [<ffffffff811637e1>] do_vfs_ioctl+0×81/0×340
[283812.521477]  [<ffffffff811535f1>] ? vfs_read+0×181/0x1a0
[283812.521480]  [<ffffffff81163b21>] sys_ioctl+0×81/0xa0
[283812.521484]  [<ffffffff8100a0f2>] system_call_fastpath+0×16/0x1b
[283812.521487] —[ end trace 6d5e03bab743abfa ]—
[283812.521493] [drm] Disabling audio support
[283812.525575] [drm:radeon_ib_schedule] *ERROR* radeon: couldn’t schedule IB(10).
[283812.525579] [drm:radeon_cs_ioctl] *ERROR* Faild to schedule IB !
[283812.527021] [drm:radeon_ib_schedule] *ERROR* radeon: couldn’t schedule IB(11).
[283812.527024] [drm:radeon_cs_ioctl] *ERROR* Faild to schedule IB !
[283812.527921] [drm:radeon_ib_schedule] *ERROR* radeon: couldn’t schedule IB(12).
[283812.527923] [drm:radeon_cs_ioctl] *ERROR* Faild to schedule IB !

The time between going black reduces every time. The system wasn’t usable any more in the end. After testing that the screen was going blank on other systems like a live CD of Ubuntu and a not noteworthy proprietary system, it was clear that some hardware component was dying. My first assumption was verified after replacing it: My graphic card, a Radeon HD 4670, died. This was three weeks ago and around 25 month after I bought the graphics card. So I didn’t have to worry if replacing the fan voided the guarantee, because the guarantee lasts only 24 month.


  1. Not every error is a software bug.
  2. The hardware component with the highest failure rate is the graphics card, followed by the motherboard. Four graphics cards died last year (in four different systems owned by four different people, in three different households).
  3. Not every error is a software bug.