The GCC update has been out for a while, but it looks like last week Apple updated CHUD (the Computer Hardware Understanding Development toolkit) to version 3.0.
It lets you tweak configuration registers in almost all parts of the system, gather and graph lots of profile information (instruction mix, cache stalls, etc...) from programs, and lots of other cool things.
I wonder how long it will be before there are patches for BIND/dnscache/etc. to remap any result containing 64.94.110.11 to a "record not found" result?
If you have access to a Mac, then QuickTime Broadcaster would be an excellent choice, as it supports broadcast and multicast, so you can have several machines playing the same stream without duplicating data.
If you have access to a Unix like system (Linux, OSX, FreeBSD, Solaris, Irix, HPUX, etc...) then mpeg4ip should let you do much of what QuickTime Broadcaster does, with a bit more hassle.
There are worse things that just wiping a hard drive. Wiping all data is obvious, and you know it happened.
What if a virus was capable of recognizing some common file types, and making a few changes?
Every so often adding or subtracting from a cell in a spreadsheet? Finding a CAD file and changing the thickness of some metal?
How about an easy one? Social Security Numbers are easy to identify - what if a virus looked for them in files, and changed a digit in a few of them at random?
What's worse than no data?
Data that you have no idea if it is correct or incorrect, and have no idea if any of your backups are correct or incorrect.
Magicbane (which absorbs curses) (preferably at +2).
Why on earth would you want Magicbane at +2? When you enchant Magicbane, you severely reduce it's curse absorbing ability.
Magicbane is most effective for curse protection when it is at +0 - unenchanted.
In fact is is a common practice to run unverified binaries for one-time bootstrapping purposes.
It may be common, but that doesn't make it a good idea.
I am not even that concerned about the risk of someone replacing one of the startup files with a trojened version - that's why I only used cksum and not something stronger.
When I was trying to download the Gnu-Darwin wget binary to generate the checksum for that example code, it took me 3 or 4 tries. The webserver was overloaded, and kept dropping the connection after a partial transfer. Had I been trying to do an install, it would have failed in an unpredictable manner.
By at least including a simple checksum check (and possibly checking the exit codes from curl and wget rather than assuming success) in the install shell script, the install could have failed cleanly, and let me know what happened.
Re:GNU-Darwin Background - Pudge is right
on
The GNU-Darwin World
·
· Score: 5, Interesting
Plus they are still running unchecked binaries right after they download them.
Take a look at their quickstart script, which they suggest that you use by piping it to csh as root.
The first few steps:
Download a compiled wget binary using curl
chmod 755 wget
put wget in/usr/local/bin
use the new wget to download some other code
They never check to see if the download was corrupted, or if someone had replaced it with something else. Is it so hard to do something like:
...download wget... if [ `cksum wget | cut -f1 -d\ ` != 2989954681 ] then echo "Someone is playing silly buggers..." exit fi ...install wget...
For each of the few programs and libraries that they need to download to get the package manager up and running?
I've complained about this before, and I'm sorry to have to do so again, but running an unverified binary as root right after you download it is one of the STUPIDEST ideas I have seen.
Actually, back in 1994 or so, I was playing around with running sound through a jpeg compressor to hear what it would sound like.
I would take an 8 bit.wav file, figure out dimensions that were needed to hold the whole file, and import it info piclab as a raw grayscale file. I'd then run it through cjpeg and back out at different compression levels to hear what it sounded like.
As I recall, the distortion was rather cool - pre and post echos with a delay determined by the row width.
It wasn't anything i would use for music, or anything i wanted to keep at a high quality, but it was fun to play with!
here - salvaged from my archives - is one of those jpeg files. The date stamp is June 14, 1994 so I think it's one of the first ones I tried.
This new sequel looks pretty good - I like the updated graphics.
However, if you want an experience which is more true to the original game, you should check out Indenture - an old DOS game that is an expanded re-creation of Adventure, done in the same style.
It also has a better easter egg than the new joystick based multi-games...
I've been thinking about this problem for a while - how to verify that an actual human is performing an action on a web site, and that the request was not sent in by a script, or a web robot of some kind.
Graphics are an easy solution, but it is unfair to the blind.
Sound files are a little more trouble to generate, but they are unfair to the deaf
Ideally, the means used to screen out everything except actual people should be:
Quick and easy for the server to generate and validate
Representable as plain text, so the blind and deaf are not disadvantaged
Solvable by anyone over some arbitrary level of intelligence
The thought occurred to me of using puzzles - simple math problems, logic puzzles, and inferring facts from a short passage.
I've been writing scripts to generate simple math problems (an example is here), logic puzzles (a bunch of facts about people, with a question along the lines of "Who ate pie" that can be solved via inference from the given facts), and other simple tasks of mental skill.
My goal is to build a module that will generate and check a simple puzzle (randomly selected from several different types of puzzles) that should take a normal person 15-30 seconds of thought.
It would also be useful to have scalable levels of difficulty - some discussion forums might want harder problems as part of account creation, to make the creation of new accounts a more burdensome task so that people would be (hopefully) more likely to restrict themselves to a single identity.
If you are trying to learn everything you need to know in a few months, you are doomed.
The computer science GRE is not an easy test.
The normal GRE is a test of basic skills, everything you need to know for it you should have known when you graduated from high school.
The Computer Science Subject GRE is an overview of the entire field of study. Take a look at the courses you have taken over the past few years, and look for gaps, or subjects you avoided. These gaps need to be filled in. Look at the higher level elective classes you didn't take, and try to gain an overview of what would be covered in them.
When you think you've filled in the gaps, re-read some books covering the basics of computer science (Knuth's Art of Computer Programming; Cormen, Leiserson, Rivest, and Stein's Introduction to Algorithms; Hennessy and Patterson's Computer Architecture: A Quantitative Approach, etc...).
Personally, I like using "cd/usr/ports/databases/postgresql7 && make install" rather than using a binary package, as that way you have the source code on your system, and you can use all of the wonderful things in the contrib directory.
tsearch is a very nice GIST indexed full text search that does word stemming. reindexdb is a handy way to regenerate all of the indices in a database without interrupting anything. earthdistance is far faster than writing the same thing as a SQL function. ltree is wonderful when you have to deal with a hierarchy.
What you are describing sounds like one of the most basic techniques for biometric authentication. I remember being assigned to write programs to do what you describe for a class several years ago. It was one of the easier assignments we had.
I do know that those pest repellers can drive me out of a room pretty quickly. Whenever I get near one I get a horrible headache after a few seconds that just keeps getting worse and worse until I flee, or can disable the damned device.
My advice would be to avoid them. Never let one into your house or workplace, destroy any you find, and try to drive the companies that make them out of business, sterilize the ground on which the factories that built them once stood (after your burn the buildings, and before you salt the ashes), and force the people who invented/built them into a lonely exile in Antarctica.
Of course, I might be slightly biased.
Re:Wouldn't the problem with bit torrent be
on
BitTorrent Guide
·
· Score: 1
The ISPs will not like this, and will start either raising rates or capping bandwidth.
Actually, they have a simpler plan - kick anyone they catch using Bittorrent off their system.
From what I've heard, BitTorrent infuriates the cable ISPs. Apparently their whole infrastructure was designed for users accessing one or two web sites, and downloading files, not each user randomly connecting to hundreds/thousands of other systems. Bittorrent users generate a load equal to several hundred normal users. A few of them can slow down an entire area for everyone else. Plans are underway to set up systems to detect and disable accounts that are using BitTorrent.
They are taking this seriously, and you probably will not like their response.
Your bank is really screwing you over - find another one.
The last time I had to dispute a charge ($15.00 turned into $150.00, and the retailer insisted they only charged me $15) I had a credit for the difference in about 5 minutes, and a letter saying that the charge was cleared for good a week later.
The time before that (when an online retailer I used to use quite often double charged me a week after my order for $5000 of computer parts, and then they stopped answering the phone) I had to go to a second level of fraud prevention, but I had the credit in about 15 minutes. It did take close to a month for the letter clearing the charge for good to arrive, but I didn't have the charge on my card for that time.
This was all with Discover - I've been very pleased with their security. Once or twice I've had them call my cell phone shortly after I've placed a large online order to verify that I had actually placed the order.
Start by walking around aboveground with a GPS, marking the locations of manhole covers, and other features that you should be able to identify when underground. Maybe drop some brightly colored markers down storm drain gratings to ensure you will know which grating you are under.
This should give you some points of reference that you can build the rest of your map around.
You might also want to plot those locations on a topographic map, or an arial photo, and play "connect the dots" to try to figure out a simple overview of how the drain system is layed out. Once you have the overview, you can fill in more details as you explore.
Slashdot Mirror
The GCC update has been out for a while, but it looks like last week Apple updated CHUD (the Computer Hardware Understanding Development toolkit) to version 3.0.
It lets you tweak configuration registers in almost all parts of the system, gather and graph lots of profile information (instruction mix, cache stalls, etc...) from programs, and lots of other cool things.
I wonder how long it will be before there are patches for BIND/dnscache/etc. to remap any result containing 64.94.110.11 to a "record not found" result?
- If you have access to a Mac, then QuickTime Broadcaster would be an excellent choice, as it supports broadcast and multicast, so you can have several machines playing the same stream without duplicating data.
- If you have access to a Unix like system (Linux, OSX, FreeBSD, Solaris, Irix, HPUX, etc...) then mpeg4ip should let you do much of what QuickTime Broadcaster does, with a bit more hassle.
Some other choices would be:- Live Channel
- Sorenson Broadcaster
- Real Encoder
and probably many more.There are worse things that just wiping a hard drive. Wiping all data is obvious, and you know it happened.
What if a virus was capable of recognizing some common file types, and making a few changes?
Every so often adding or subtracting from a cell in a spreadsheet? Finding a CAD file and changing the thickness of some metal?
How about an easy one? Social Security Numbers are easy to identify - what if a virus looked for them in files, and changed a digit in a few of them at random?
What's worse than no data?
Data that you have no idea if it is correct or incorrect, and have no idea if any of your backups are correct or incorrect.
They need to start over
I thought they did.
Wasn't Windows 2000 supposed to be a complete rewrite, throwing out most of the old NT4 code?
I seem to recall a Microsoft rep giving that as the reason that NT5 was taking so long to be released...
Formatting hard drives? Screwing up the BIOS? We'd still be lucky if that was all that happens.
The idea that scares me is a slowly spreading virus - hiding as well as it can, and remaining on systems for months or years.
I had a full description of a possible payload, and the effects it could have, but I thought better and deleted it.
All I will say, is that a virus that targeted not the computers, but the business processes of the company that uses them could do some major damage.
Magicbane (which absorbs curses) (preferably at +2).
Why on earth would you want Magicbane at +2?
When you enchant Magicbane, you severely reduce it's curse absorbing ability.
Magicbane is most effective for curse protection when it is at +0 - unenchanted.
In fact is is a common practice to run unverified binaries for one-time bootstrapping purposes.
It may be common, but that doesn't make it a good idea.
I am not even that concerned about the risk of someone replacing one of the startup files with a trojened version - that's why I only used cksum and not something stronger.
When I was trying to download the Gnu-Darwin wget binary to generate the checksum for that example code, it took me 3 or 4 tries. The webserver was overloaded, and kept dropping the connection after a partial transfer. Had I been trying to do an install, it would have failed in an unpredictable manner.
By at least including a simple checksum check (and possibly checking the exit codes from curl and wget rather than assuming success) in the install shell script, the install could have failed cleanly, and let me know what happened.
Take a look at their quickstart script, which they suggest that you use by piping it to csh as root.
The first few steps:
They never check to see if the download was corrupted, or if someone had replaced it with something else.
Is it so hard to do something like:
For each of the few programs and libraries that they need to download to get the package manager up and running?
I've complained about this before, and I'm sorry to have to do so again, but running an unverified binary as root right after you download it is one of the STUPIDEST ideas I have seen.
And exactly how can you hear a .zip or .jpg file ?
.wav file, figure out dimensions that were needed to hold the whole file, and import it info piclab as a raw grayscale file.
Actually, back in 1994 or so, I was playing around with running sound through a jpeg compressor to hear what it would sound like.
I would take an 8 bit
I'd then run it through cjpeg and back out at different compression levels to hear what it sounded like.
As I recall, the distortion was rather cool - pre and post echos with a delay determined by the row width.
It wasn't anything i would use for music, or anything i wanted to keep at a high quality, but it was fun to play with!
here - salvaged from my archives - is one of those jpeg files.
The date stamp is June 14, 1994 so I think it's one of the first ones I tried.
I have to second the recommendation of "How to Solve It".
The professor of my first discrete math class recommended it to me, and it was very helpful.
This new sequel looks pretty good - I like the updated graphics.
However, if you want an experience which is more true to the original game, you should check out Indenture - an old DOS game that is an expanded re-creation of Adventure, done in the same style.
It also has a better easter egg than the new joystick based multi-games...
Hey - I've stopped itching - someone must be trying to call me!
Now, if they had a tone that would attract bugs, that could be quite useful for pranks...
Graphics are an easy solution, but it is unfair to the blind.
Sound files are a little more trouble to generate, but they are unfair to the deaf
Ideally, the means used to screen out everything except actual people should be:
- Quick and easy for the server to generate and validate
- Representable as plain text, so the blind and deaf are not disadvantaged
- Solvable by anyone over some arbitrary level of intelligence
The thought occurred to me of using puzzles - simple math problems, logic puzzles, and inferring facts from a short passage.I've been writing scripts to generate simple math problems (an example is here), logic puzzles (a bunch of facts about people, with a question along the lines of "Who ate pie" that can be solved via inference from the given facts), and other simple tasks of mental skill.
My goal is to build a module that will generate and check a simple puzzle (randomly selected from several different types of puzzles) that should take a normal person 15-30 seconds of thought.
It would also be useful to have scalable levels of difficulty - some discussion forums might want harder problems as part of account creation, to make the creation of new accounts a more burdensome task so that people would be (hopefully) more likely to restrict themselves to a single identity.
You do that by editing
(random spacing in the second long line inserted by slashdot's anti-page-widening code)
If you are trying to learn everything you need to know in a few months, you are doomed.
The computer science GRE is not an easy test.
The normal GRE is a test of basic skills, everything you need to know for it you should have known when you graduated from high school.
The Computer Science Subject GRE is an overview of the entire field of study. Take a look at the courses you have taken over the past few years, and look for gaps, or subjects you avoided. These gaps need to be filled in. Look at the higher level elective classes you didn't take, and try to gain an overview of what would be covered in them.
When you think you've filled in the gaps, re-read some books covering the basics of computer science (Knuth's Art of Computer Programming; Cormen, Leiserson, Rivest, and Stein's Introduction to Algorithms; Hennessy and Patterson's Computer Architecture: A Quantitative Approach, etc...).
After this, you might be ready for the test.
Good luck!
I hope you do better than I did.
Then use "curl -L -O url " instead.
Personally, I like using "cd /usr/ports/databases/postgresql7 && make install" rather than using a binary package, as that way you have the source code on your system, and you can use all of the wonderful things in the contrib directory.
tsearch is a very nice GIST indexed full text search that does word stemming.
reindexdb is a handy way to regenerate all of the indices in a database without interrupting anything.
earthdistance is far faster than writing the same thing as a SQL function.
ltree is wonderful when you have to deal with a hierarchy.
And those are just the ones I remember offhand...
What you are describing sounds like one of the most basic techniques for biometric authentication. I remember being assigned to write programs to do what you describe for a class several years ago. It was one of the easier assignments we had.
If you are researching the subject, I strongly suggest Biometrics: Personal Identification in Networked Society, and anything else on the subject written or edited by Anil Jain.
(His webpage is here, the webpage of his lab is here).
Dr. Jain is (IMHO) the current leader in biometric research worldwide.
I do know that those pest repellers can drive me out of a room pretty quickly.
Whenever I get near one I get a horrible headache after a few seconds that just keeps getting worse and worse until I flee, or can disable the damned device.
My advice would be to avoid them. Never let one into your house or workplace, destroy any you find, and try to drive the companies that make them out of business, sterilize the ground on which the factories that built them once stood (after your burn the buildings, and before you salt the ashes), and force the people who invented/built them into a lonely exile in Antarctica.
Of course, I might be slightly biased.
The ISPs will not like this, and will start either raising rates or capping bandwidth.
Actually, they have a simpler plan - kick anyone they catch using Bittorrent off their system.
From what I've heard, BitTorrent infuriates the cable ISPs.
Apparently their whole infrastructure was designed for users accessing one or two web sites, and downloading files, not each user randomly connecting to hundreds/thousands of other systems. Bittorrent users generate a load equal to several hundred normal users. A few of them can slow down an entire area for everyone else. Plans are underway to set up systems to detect and disable accounts that are using BitTorrent.
They are taking this seriously, and you probably will not like their response.
Yep - and we can choose to let you talk to our machines or not, all depending on your choice.
You chose to not follow the standard internet conventions, I chose to filter out any email you send.
You chose - I chose, and we're both happy. You are free from the tyranny of the RFCs, and I get much less spam.
In versions of MacOS before OSX, the command line was called MPW - you could download it from here.
Admittedly, installing a development environment is a little overkill to just get a command line, but it would give you one...
Your bank is really screwing you over - find another one.
The last time I had to dispute a charge ($15.00 turned into $150.00, and the retailer insisted they only charged me $15) I had a credit for the difference in about 5 minutes, and a letter saying that the charge was cleared for good a week later.
The time before that (when an online retailer I used to use quite often double charged me a week after my order for $5000 of computer parts, and then they stopped answering the phone) I had to go to a second level of fraud prevention, but I had the credit in about 15 minutes. It did take close to a month for the letter clearing the charge for good to arrive, but I didn't have the charge on my card for that time.
This was all with Discover - I've been very pleased with their security. Once or twice I've had them call my cell phone shortly after I've placed a large online order to verify that I had actually placed the order.
Start by walking around aboveground with a GPS, marking the locations of manhole covers, and other features that you should be able to identify when underground. Maybe drop some brightly colored markers down storm drain gratings to ensure you will know which grating you are under.
This should give you some points of reference that you can build the rest of your map around.
You might also want to plot those locations on a topographic map, or an arial photo, and play "connect the dots" to try to figure out a simple overview of how the drain system is layed out. Once you have the overview, you can fill in more details as you explore.