It's a security best practice in a multi-user system, so I'm not sure what your point is. It was in Unix long before it was in Windows, but that doesn't change anything. The flow goes both ways.
That said, Monad does offer many things that make it incredibly unique as a shell. You can try it for yourself, or simply read commentary from people who have. There are a lot of unix geeks (myself included) that really think it is a lot of fun. I have a lot of Monad examples on my blog, should you be interested.
Actually, code signing does partially solve this problem, so that's one of the avenues we've taken. See my post about it (although I feel like a whore for posting it again.)
That said, once you have a code signing infrastructure to save you from untrusted script publishers, your signing keys become the attack point. Malicious code can create another malicious script, and then sign it with your keys. To prevent that threat, always password protect your signing keys. When you do so, Windows brings up a dialog asking for your permission before it signs the file in question.
You got it right when you said "it might as well be a batch script." These are just Monad scripts running on the system, just like batch files, perl scripts, Cygwin bash scripts, Ruby scripts, etc.
There is nothing intrinsic in Monad that enables these attacks, aside from it being a new language. In fact, Monad implements several features that help mitigate the dangers of traditional script viruses, as I outline here.
The fact that MSH is used as the execution vehicle is really a side-note, as it does not exploit any vulnerabilities in Monad. The guidance on shell script viruses is the same as the guidance on all viruses and malware: protect yourself against the point of entry, and limit the amount of damage that the malicious code can do.
That's not to belittle the dangers of script viruses, though.
I wrote a blog entry about it here, in relation to Monad.
Well, yes... there have been means to share your own search urls with yourself for quite some time as well. USB Keychains, an FTP account somewhere, rsync, or one of the many dotcoms that busted.
The point is still that it's not social. Until Firefox (and all other browsers, for that matter) can merge them from a public source and promote the good ones, it's still your custom, private, solution.
I wrote this SVG editor in SVG back when I wanted to learn a bit more about it. It's not fully complete, but does allow you do to some interesting things: SVG Editor in SVG.
Note that most of the "self-written" portions are vapid statements such as "But where is nanotechnology involved in this project?"
So, we have 52% of the text coming from plagiarism, ~ 23% of the text coming from introducing / pointing out links, and ~ %25% of the text coming from saying the obvious. That's the problem with the blog.
The technique used on the site is barely better than the spam search engines that link to (and excerpt from) Wikipedia.
They just updated the message in the APOD to suggest people participate here: [Note: This bulletin board is currently experiencing load problems. Please check back later, or participate in the discussion on Slashdot.org here.] Thank you, Slashdot, for enabling the eclectic brain trust of APOD readers!
1. Document summary (text summarization) is nothing like video summary
2. Text summarization is nothing new. Early papers date back to 1958, (more). MS Word has had it (Tools | Autosummarize) since 1997.
Here's your salvation -- get a headphone extension cord. The FM transmitters use their cord as the antenna, but the length (and therefore power) is restricted by the FCC. I attached a 4-foot cord between my Belkin FM transmitter and my Nomad Jukebox, and I haven't looked back.
I wrote a C# performance comparison tool to help me in this respect. When you're trying to optimize a hot-spot in your program, you can click on the "ILDasm Result" tab to see how.Net compiles it down to its Microsoft Intermediate Language (MSIL) representation.
I've also got the book, "Inside Microsoft.Net IL Assembler" that's very helpful. For whatever reason, you can get it for like $2 + shipping used from Amazon.
You're right-on there. I wrote an introduction to programming (w/ Javascript as the language) and thought about the IDE / language problem as well. I ended up writing a "Javascript Testbed" for people to use as their "IDE." Although I would have loved to use Java as the starting language, my main prerequisite was a _zero_ barrier to entry.
I wrote an introduction to programming (w/ Javascript as the language) and thought about the IDE problem as well. I ended up writing a "Javascript Testbed" for people to use as their "IDE."
Not the best, but my main focus was _zero_ barrier to entry.
Think about the first experience you had with programming. For most people, the barrier to entry was very, very low. I.e.: They turned on their computer, and saw a GWBASIC prompt blinking at them. They were at a friend's house who had everything set up already.
I learned Basic that way. I then learned C when my Dad's friend left it on our computer after showing it to me.
It's a factor I spent quite a bit of time thinking about when I wrote my own introduction to computer programming. I really wanted to use Java as my introductory language, but that still requires an install (and command-line interaction.)
I've got to agree 100%. The first language I learned was GWBasic on my school's Apple ][e. My first programs were usually more like:
10 PRINT "Hello "; 20 GOTO 10
... just to watch the neat patterns it made on the screen. I advanced in my programming skill by making much more complex programs, of course. When I first tried to move on to "Turbo Basic," my mind almost couldn't do it. For a while, I simply could not figure out how to program without line numbers. How do you GOTO the beginning of the loop if there's no line number?
Needless to say, I managed to cleanse myself of that problem. However, it sure is a "dead-end" language to learn.
Re:Simple explaination why this works
on
The Golden Ratio
·
· Score: 1
That was really helpful, thanks. I got thinking about this article, and your post really helped clarify some questions.
Re:These are interestingly intertwined
on
The Golden Ratio
·
· Score: 1
What really fascinates me is that all of these methods are closely intertwined.
You just described the generation of an alternate, arbitrary Fibonacci sequence. The standard Fibonacci sequence starts with 1,1 and and then applies the same algorithm you just mentioned. In the end, your algorithm applies the fact that many on this thread have pointed out: the ratio of sequential numbers in the Fibonacci sequence converges to phi.
What your sequence just made me realize, though, is that this is much more generic:
The ratio of sequential numbers in any Fibonacci-generated sequence converges to phi.
Now, for the (1/x)+1 algorithm in the grandparent, play with the algebra for a bit by replacing [x] with [(1/x+1)] a few times. It turns out that the successive iterations of the fraction (in simplest terms) follow the following pattern: the next numerator is the old denominator. The next denominator is the sum of the old numerator and the old denominator. If we ignore the division for a second, we're generating a sequence of numbers where each number is defined as the sum of the previous two. So, essentially we're generating a Fibonacci sequence out of the numbers (1/x + 1) and (1/x + 2), but with the ratio (division) baked in.
So I guess another interesting question would be: why do the ratios of all Fibonacci-generated sequences converge to this golden ratio ((sqrt(5) + 1)/2) ?
... not that I have the answer:) This might be an elementary topic in Number Theory, but it's the first I've thought about it.
Slashdot Mirror
It's a security best practice in a multi-user system, so I'm not sure what your point is. It was in Unix long before it was in Windows, but that doesn't change anything. The flow goes both ways.
That said, Monad does offer many things that make it incredibly unique as a shell. You can try it for yourself, or simply read commentary from people who have. There are a lot of unix geeks (myself included) that really think it is a lot of fun. I have a lot of Monad examples on my blog, should you be interested.
Actually, code signing does partially solve this problem, so that's one of the avenues we've taken. See my post about it (although I feel like a whore for posting it again.)
That said, once you have a code signing infrastructure to save you from untrusted script publishers, your signing keys become the attack point. Malicious code can create another malicious script, and then sign it with your keys. To prevent that threat, always password protect your signing keys. When you do so, Windows brings up a dialog asking for your permission before it signs the file in question.
You got it right when you said "it might as well be a batch script." These are just Monad scripts running on the system, just like batch files, perl scripts, Cygwin bash scripts, Ruby scripts, etc.
There is nothing intrinsic in Monad that enables these attacks, aside from it being a new language. In fact, Monad implements several features that help mitigate the dangers of traditional script viruses, as I outline here.
The fact that MSH is used as the execution vehicle is really a side-note, as it does not exploit any vulnerabilities in Monad. The guidance on shell script viruses is the same as the guidance on all viruses and malware: protect yourself against the point of entry, and limit the amount of damage that the malicious code can do.
That's not to belittle the dangers of script viruses, though.
I wrote a blog entry about it here, in relation to Monad.
Get the C2 Morse Trainer from here. It's really quite amazing, and totally beats the G4FON one.
Well, yes ... there have been means to share your own search urls with yourself for quite some time as well. USB Keychains, an FTP account somewhere, rsync, or one of the many dotcoms that busted.
The point is still that it's not social. Until Firefox (and all other browsers, for that matter) can merge them from a public source and promote the good ones, it's still your custom, private, solution.
Yes, there have been apps that have done this forever. But they've all been standalone, and don't travel with you between machines. I wrote a post about interfacting with YubNub via Monad here: http://www.leeholmes.com/blog/MSHAndYubNubACommuni tyCommandline.aspx
I wrote this SVG editor in SVG back when I wanted to learn a bit more about it. It's not fully complete, but does allow you do to some interesting things: SVG Editor in SVG.
What is the concern with this blog? It's the absolute dearth of original information.
Let's look at the composition of a few recent blog entries, in characters:
Note that most of the "self-written" portions are vapid statements such as "But where is nanotechnology involved in this project?"
So, we have 52% of the text coming from plagiarism, ~ 23% of the text coming from introducing / pointing out links, and ~ %25% of the text coming from saying the obvious. That's the problem with the blog.
The technique used on the site is barely better than the spam search engines that link to (and excerpt from) Wikipedia.
They just updated the message in the APOD to suggest people participate here: [Note: This bulletin board is currently experiencing load problems. Please check back later, or participate in the discussion on Slashdot.org here.] Thank you, Slashdot, for enabling the eclectic brain trust of APOD readers!
The current APOD
Two things about your comment:
1. Document summary (text summarization) is nothing like video summary
2. Text summarization is nothing new. Early papers date back to 1958, (more). MS Word has had it (Tools | Autosummarize) since 1997.
That's not what I suggested. I suggested that he put a headphone extension cord between the FM transmitter and the iPod.
I hope that anybody who drives with headphones ends up ignoring an ambulance on its way to save the driver's mother.
Here's your salvation -- get a headphone extension cord. The FM transmitters use their cord as the antenna, but the length (and therefore power) is restricted by the FCC. I attached a 4-foot cord between my Belkin FM transmitter and my Nomad Jukebox, and I haven't looked back.
Hope this helps.
I wrote a C# performance comparison tool to help me in this respect. When you're trying to optimize a hot-spot in your program, you can click on the "ILDasm Result" tab to see how .Net compiles it down to its Microsoft Intermediate Language (MSIL) representation.
I've also got the book, "Inside Microsoft .Net IL Assembler" that's very helpful. For whatever reason, you can get it for like $2 + shipping used from Amazon.
Wow, that's actually pretty snappy! With two levels of emulation, I was expecting it to take a few more minutes to load!
You just have to look hard enough. Don't look during dinner, though.
I think that the real question should be "Does goatse have a vagina?"
A very pressing question indeed.
You're right-on there. I wrote an introduction to programming (w/ Javascript as the language) and thought about the IDE / language problem as well. I ended up writing a "Javascript Testbed" for people to use as their "IDE." Although I would have loved to use Java as the starting language, my main prerequisite was a _zero_ barrier to entry.
I wrote an introduction to programming (w/ Javascript as the language) and thought about the IDE problem as well. I ended up writing a "Javascript Testbed" for people to use as their "IDE."
Not the best, but my main focus was _zero_ barrier to entry.
Sure it's free, but it's not installed.
Think about the first experience you had with programming. For most people, the barrier to entry was very, very low. I.e.: They turned on their computer, and saw a GWBASIC prompt blinking at them. They were at a friend's house who had everything set up already.
I learned Basic that way. I then learned C when my Dad's friend left it on our computer after showing it to me.
It's a factor I spent quite a bit of time thinking about when I wrote my own introduction to computer programming. I really wanted to use Java as my introductory language, but that still requires an install (and command-line interaction.)
I've got to agree 100%. The first language I learned was GWBasic on my school's Apple ][e. My first programs were usually more like:
... just to watch the neat patterns it made on the screen. I advanced in my programming skill by making much more complex programs, of course. When I first tried to move on to "Turbo Basic," my mind almost couldn't do it. For a while, I simply could not figure out how to program without line numbers. How do you GOTO the beginning of the loop if there's no line number?
Needless to say, I managed to cleanse myself of that problem. However, it sure is a "dead-end" language to learn.
That was really helpful, thanks. I got thinking about this article, and your post really helped clarify some questions.
What really fascinates me is that all of these methods are closely intertwined.
You just described the generation of an alternate, arbitrary Fibonacci sequence. The standard Fibonacci sequence starts with 1,1 and and then applies the same algorithm you just mentioned. In the end, your algorithm applies the fact that many on this thread have pointed out: the ratio of sequential numbers in the Fibonacci sequence converges to phi.
What your sequence just made me realize, though, is that this is much more generic:
The ratio of sequential numbers in any Fibonacci-generated sequence converges to phi.
Now, for the (1/x)+1 algorithm in the grandparent, play with the algebra for a bit by replacing [x] with [(1/x+1)] a few times. It turns out that the successive iterations of the fraction (in simplest terms) follow the following pattern: the next numerator is the old denominator. The next denominator is the sum of the old numerator and the old denominator. If we ignore the division for a second, we're generating a sequence of numbers where each number is defined as the sum of the previous two. So, essentially we're generating a Fibonacci sequence out of the numbers (1/x + 1) and (1/x + 2), but with the ratio (division) baked in.
So I guess another interesting question would be: why do the ratios of all Fibonacci-generated sequences converge to this golden ratio ((sqrt(5) + 1)/2) ?
I also monkeyed around with a program called (drum roll...) "Virtual Singer.." They have samples online, including a German rendition of Ave Maria.
It pretty much sounds like Stephen Hawking with a vocoder, but the idea is there :)