I'm awfully sure that some script kiddie moron can't alter tens of thousands of paper ballots instantly with a fucking Excel hack.
No, no, no. Why would a script kiddie moron care about the elections when there's all those online casinos they could be attacking? What I worry about are the squads of brainiacs being paid well by their respective governments to find innovative ways to hack the elections to give them a little "nudge".
A neat paper was presented in the Software track at USENIX Security just a week or so ago about a technique that can be used to prevent all SQL injection attacks. It's a source code transformation that tracks one or two bits of "taint" information for every byte address in a program's address space.
The sysadmin or security admin can then define a policy with augmented regular expressions that have three Kleene-style operators that let you say e.g. (expr)^T, which matches the expression 'expr', iff every byte in expr is tainted, or (expr)^t which matches 'expr' iff at least one byte of expr is tainted. The last operator is ^u which means "iff none of these characters are tainted".
They prevent SQL injections by making a policy that says that whenever the function that actually executes the SQL query is called, its arguments are examined, and any string that matches.. (looks it up).. "(StrIdNum|Delim)*(SqlMetachar)^T(any)*", causes the system to either cause the call to fail with a given error, or causes the program to halt.
That's pretty neat, but it's already been done with pre-built binaries. The problem with those systems is that they use library preload hacks and have to run each instruction inside a lightweight VM to track the taint information (because they lack the semantics that come with having the source), giving performance hits of a factor of around 100. Since this solution transforms the source, GCC can optimize the transformed code a fair deal and they end up with around a 17% performance hit, which is an excellent tradeoff for security.
Since it's a C source transformation, they transformed apache, PHP, bash, and even glibc. Their technique can be used (and was demonstrated in the paper) to prevent a number of classes of attacks, not just specific attacks.
I don't have a reference for this, nor a corpus of Yoda's speech to compare with, but I believe Yoda-speech is SVO (like English), but with V-bar raising.
The underlying constituents of this sentence: "He kicks you."
can be labeled: "[TP [T-bar [T present-tense] [VP [NP He] [V-bar [V kick] [NP You]]]]]"
then "he kicks you" is extracted from this by a hierarchy of movement rules. Yoda just has one more rule than English speakers, which causes the V-bar to be raised "higher" than usual.
i apologize to any syntacticians (sp?) -- while i have a BA in linguistics, IANALinguist.
Same with compilers --- the open source crowd loves gcc. Hate to step on any toes but gcc is pretty sucky. Yes it is good for retargeting code, but the performance is terrible....
the OSS crowd loves gcc because part of the spirit of OSS is platform-independence. i'd like to see another compiler, free or otherwise, do better than gcc on the range of languages and architectures that gcc targets.
GCC will be going into the crapper as soon as somebody produces a good fast compiler for linux.
lcc mocka
kylix...
sorry, but i don't see gcc going anywhere.
>The Case: This was the easiest decision to make. >Thinkgeek has by far the the cooler and easiest >case around to get. I went with the precut >window, and put in the window, as well as >ordered the blue neon light to put inside of the >machine. This case frickin' rocks.
.... but... it's $200... for an ostensibly pretty case... i dunno, i put 'em under my desk, no need for 'em to be pretty. my considerations in buying cases are (1) good airflow, (2) number of bays, and (3) lack of fruitiness (those damn purple or hot pink knobblies on these iFruit-looking cases these days).
it never ceases to amaze me how people have such varied experience with hard drives, and it molds them into either brand A fanatics, or anti-brand B crusaders... take me, for example: i've never, ever had a problem with a 7200 rpm hard drive, but i attribute this to the fact that i've never bought a maxtor 7200 hard drive.
i think you should be looking at the mode rather than the average file size to determine savings to be had from shrinking blocksize. consider the situation in which you have 1e7's of 10-byte long files and a couple 1e9-byte files.
seems to me, a domain name is like an office space, whereas a URL is like a telephone number -- the URL provides a path to your services, the domain name provides a place to house your what-have-you.
from this angle, it looks like domain names should be property, whereas URLs should not.
> If a user wants to make a text file (and most > users aren't even clear what a "text file" is) > there is nothing "logical" about typing "vi > newfile.txt." And there is *certainly* nothing > logical about the controls in vi.
and you, sir, are confusing the words "logical" and "intuitive". the controls in vi certainly do follow a certain logic -- following almost any command with a number repeats that command that many times. this is standard across a great number of commands, so one could apply logic thus: "i delete two characters by typing 'x' '2', so i can delete two lines by typing 'dd' '2'."
that's not to say, however, that the controls in vi are intuitive
Just for the record, when I read an article or editorial, I read for content and not delivery. If I wanted to read something for delivery, I'd go read Faulkner or something and revel in the way he actually delivers what's to be said. What I'm trying to say is, as much as a significant percentage (read: the posting one or two percent) of slashdotters thinks that Mr. Katz' writings are inane and pedantic, I for one think that what he writes brings content, if nothing else, to SlashDot. Keep 'em coming, Jon.
Now, on to matters of greater import-- the movie! Personally, I liked it, if only because the character of Max Fisher appealed to a more creative side of me, a part of me that wishes it'd done something as productive with its high school years as write a play or start a fencing club.
A nit to pick: I believe Miss Cross taught the first grade, not preschool as Mr. Katz wrote. (I tried to check my information on this, nothing on the topic on the Rushmore movie page)
p.s. I think I'm biased towards this movie because of Max Fisher's asian girlfriend. If you know me personally, you know what I'm talking about .
Slashdot Mirror
No, no, no. Why would a script kiddie moron care about the elections when there's all those online casinos they could be attacking? What I worry about are the squads of brainiacs being paid well by their respective governments to find innovative ways to hack the elections to give them a little "nudge".
Just to pimp somebody else's work...
A neat paper was presented in the Software track at USENIX Security just a week or so ago about a technique that can be used to prevent all SQL injection attacks. It's a source code transformation that tracks one or two bits of "taint" information for every byte address in a program's address space.
The sysadmin or security admin can then define a policy with augmented regular expressions that have three Kleene-style operators that let you say e.g. (expr)^T, which matches the expression 'expr', iff every byte in expr is tainted, or (expr)^t which matches 'expr' iff at least one byte of expr is tainted. The last operator is ^u which means "iff none of these characters are tainted".
They prevent SQL injections by making a policy that says that whenever the function that actually executes the SQL query is called, its arguments are examined, and any string that matches.. (looks it up).. "(StrIdNum|Delim)*(SqlMetachar)^T(any)*", causes the system to either cause the call to fail with a given error, or causes the program to halt.
That's pretty neat, but it's already been done with pre-built binaries. The problem with those systems is that they use library preload hacks and have to run each instruction inside a lightweight VM to track the taint information (because they lack the semantics that come with having the source), giving performance hits of a factor of around 100. Since this solution transforms the source, GCC can optimize the transformed code a fair deal and they end up with around a 17% performance hit, which is an excellent tradeoff for security.
Since it's a C source transformation, they transformed apache, PHP, bash, and even glibc. Their technique can be used (and was demonstrated in the paper) to prevent a number of classes of attacks, not just specific attacks.
Look it up: "Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks", Wei Xu, Sandeep Bhatkar, R. Sekar, Stony Brook University.
End pimp.
I don't have a reference for this, nor a corpus of Yoda's speech to compare with, but I believe Yoda-speech is SVO (like English), but with V-bar raising.
The underlying constituents of this sentence:
"He kicks you."
can be labeled:
"[TP [T-bar [T present-tense] [VP [NP He] [V-bar [V kick] [NP You]]]]]"
then "he kicks you" is extracted from this by a hierarchy of movement rules. Yoda just has one more rule than English speakers, which causes the V-bar to be raised "higher" than usual.
i apologize to any syntacticians (sp?) -- while i have a BA in linguistics, IANALinguist.
pi is exactly three!!!
m'hey...
lcc
mocka
kylix
but this is an amazing accomplishment for a fantasy movie. ;)
Or a mediocre one for a kid with a script...
Or a mediocre one for a kid (Peter Jackson) with a script (Fellowship of the Rings)...
>The Case: This was the easiest decision to make. >Thinkgeek has by far the the cooler and easiest >case around to get. I went with the precut >window, and put in the window, as well as >ordered the blue neon light to put inside of the >machine. This case frickin' rocks.
.... but... it's $200... for an ostensibly pretty case... i dunno, i put 'em under my desk, no need for 'em to be pretty. my considerations in buying cases are (1) good airflow, (2) number of bays, and (3) lack of fruitiness (those damn purple or hot pink knobblies on these iFruit-looking cases these days).
it never ceases to amaze me how people have such varied experience with hard drives, and it molds them into either brand A fanatics, or anti-brand B crusaders... take me, for example: i've never, ever had a problem with a 7200 rpm hard drive, but i attribute this to the fact that i've never bought a maxtor 7200 hard drive.
eh, cheers, have fun with the rig.
i think you should be looking at the mode rather than the average file size to determine savings to be had from shrinking blocksize. consider the situation in which you have 1e7's of 10-byte long files and a couple 1e9-byte files.
--Phil
i highly doubt that god's rice wine is beer.
seems to me, a domain name is like an office space, whereas a URL is like a telephone number -- the URL provides a path to your services, the domain name provides a place to house your what-have-you.
from this angle, it looks like domain names should be property, whereas URLs should not.
--Phil
; I've certainly never seen my communications interru
:grin:
i just did.
--Phil
> If a user wants to make a text file (and most
> users aren't even clear what a "text file" is)
> there is nothing "logical" about typing "vi
> newfile.txt." And there is *certainly* nothing
> logical about the controls in vi.
and you, sir, are confusing the words "logical" and "intuitive". the controls in vi certainly do follow a certain logic -- following almost any command with a number repeats that command that many times. this is standard across a great number of commands, so one could apply logic thus: "i delete two characters by typing 'x' '2', so i can delete two lines by typing 'dd' '2'."
that's not to say, however, that the controls in vi are intuitive
--Phil
Now, on to matters of greater import-- the movie! Personally, I liked it, if only because the character of Max Fisher appealed to a more creative side of me, a part of me that wishes it'd done something as productive with its high school years as write a play or start a fencing club.
A nit to pick: I believe Miss Cross taught the first grade, not preschool as Mr. Katz wrote. (I tried to check my information on this, nothing on the topic on the Rushmore movie page)
p.s. I think I'm biased towards this movie because of Max Fisher's asian girlfriend. If you know me personally, you know what I'm talking about .