Thursday, 20 November 2008

IPv6 Yikes

I Just noticed my local internet provider has started giving me an IPv6 address, along with an IPv4 address, over DHCP. Unfortunately, iptables on my Linux machine does not address filtering of IPv6, only of v4. To filter v6 one needs ip6tables (and to start and configure it correctly). Whoops.

I wonder if this could be combinded with DHCP spoofing as a means to bypass firewalls.

Posted by james at 8:38 PM in Tools and Programming
Responses (0)

Wednesday, 19 November 2008

Semantic Digital Signatures

A shameless plug for issues that have occupied my (and my coauthors) thoughts as of late.

We discuss the need of addressing, in a uniform way, digital signatures with rich semantics, for enabling increased automation of signature processing. We present a scheme for combining digital signatures with the formal and extensible semantics of the Semantic Web, as a standard layer in applications using digital signatures. We introduce several constructions and processes towards realizing this end, a new class of attack against semantically enabled applications, and measures of avoiding this attack class. Finally, we simplify a few existing processes that use digital signatures by expressing them in terms of semantic signatures.
By: Daniela Bourges-Waldegg, Christian Hoertnagl, James Riordan

Comments especially welcome.

Posted by james at 9:47 PM in Tools and Programming
Responses (0)

Thursday, 30 October 2008

An open letter to the Swiss concerning driving on ice and snow

First, let me thank you for allowing me to live in your country; I am happy here. My gratitude makes me want to contribute to the society. One of the areas that I feel I can most usefully is in the matter of driving and road safety. I am not a particularly skilled driver. This lack of skill places me in the same category as most drivers on the road. Realizing that I suffer a lack of skill, and trying to adjust for it, seems to be sadly unusual. I thought maybe I could share some observations about being a safe driver (in the snow) despite a lack of basic driving skill.

The first principle of driving on ice or snow is merely realizing that you are driving on ice or snow. You are not going to be able to stop or steer as responsively as you would be able to otherwise; allow for it. Specifically, drive a bit more slowly, especially before turns, and cut down on the insanely aggressive tail gating. Please.

The next principle follows directly from basic physics:

  1. An object at rest, such as a tree, tends to stay at rest.
  2. An object in motion, such as a moving car, tends to stay in motion.
  3. An object in motion being driven by a person with oatmeal in place of a brain, such as a Porsche Cayenne, tends to run into other objects in motion or objects at rest.

As such, even if you allow for problems when driving, keep in mind most of the people do not. You have to allow not only for your own problems but for those of all the oatmeal brained clowns in your vicinity. Twelve years of driving here suggests this is a rather large group. It seem correlated, but not restricted, to license plates beginning with "AG". I am not sure why.

Next, it is far easier to avoid a problem than to get out of one. This one is deceptively succinct yet important so I will add it again: it is far easier to avoid a problem than to get out of one. Really.

With these three principles in mind, everything else is a detail. Here are a few of them:

  • Temperature decreases with altitude. This makes going up and down hills doubly dangerous.
  • Bridges do not have the heat capacity of the ground. Even if the road is not icy, be careful when crossing a bridge.
  • If you have to get out of your car, keep in mind that although you may have the right of way as a pedestrian it doesn't really matter if you end up in a hospital defending it.

Here are two other links: one and two.

Posted by james at 11:49 PM in Commentary and Observations
Responses (4)

Tuesday, 14 October 2008

News Sources

I was chatting with my father recently about the election and he asked about news sources that I read. Aside from The Economist, which I read in print, here are a few of my favorite online news sources:

I was amused to find that delicious suggests the tag "obama" for Real Clear Politics which is a nonpartisan poll data aggregation site. I thought to see what they suggested for www (dot) foxnews (dot) com [I just cannot bring myself to link to them] but nothing interesting came up; I tagged them "liars" in the hopes of creating a "delicious bomb" in the style of "Miserable Failure". Anybody care to join me?

Posted by james at 2:23 PM in Commentary and Observations
Responses (1)

Friday, 10 October 2008

Overly Educated

I was reading David Brooks' opinion piece The Class War Before Palin and I was struck by the sentence The nation is divided between the wholesome Joe Sixpacks in the heartland and the oversophisticated, overeducated, oversecularized denizens of the coasts. I am trying to figure out what overeducated means.

Education has always seemed like a good thing. I can understand "oversophisticated" as a code word for pretentious, and am forced to laugh at myself for twinge I feel in not writing "overly sophisticated", but I remain stuck on "overeducated". I have heard phrases such as "He is overly educated to be working as a janitor" but that seems more a judgemental statement about wasted ability. Could there be some hidden qualifier as in "overly educated to make responsible choices as a citizen" or "overly educated to relate to (or agree with) me, a wholesome Joe Sixpack"?

This leads me to wonder about the "wholesome" claim, particularly in the context of Mrs. Palin. As the marketing campaign, passing as political discourse, strains itself to construct ever more disconnected realities, I find that I often have to double check that words mean what I think them mean.

Perhaps wholesome is one of these words like ravel that mean their own opposite. I understand the "having the simple health or vigor of normal domesticity" take on Mrs. Palin (it seems not to apply to the red states as a whole.. perhaps that's the six pack bit) but could not claim that she bears the "promoting health or well-being of mind or spirit... or body" sense of the word. For the record, cyanide laced Twinkies are not wholesome... they might be sweet in an unctuous and jejune sort of way but are, ultimately, nothing but dangerous.

Posted by james at 6:19 PM in Commentary and Observations
Responses (1)

Wednesday, 17 September 2008

Ruby lambda

I was chatting with a friend yesterday about scripting languages. Ruby has nice lambda functions: 
#!/usr/bin/ruby
lambda{|f|f[f,lambda{|x|lambda{||x+=1;}}[1]];}[lambda{|f,g|
lambda{|n|puts(n);f[f,lambda{|h|lambda{||h[h];}}[lambda{|h|
lambda{|f|(f%n==0)?h[h]:f;}[g[]];}]];}[g[]];}];
Posted by james at 1:53 PM in Tools and Programming
Responses (0)

Saturday, 6 September 2008

Whoops

I realized that I introduced an error in my javascript while obfuscating it. Duh. Anyway the corrected, version is here.
Posted by james at 11:28 AM in Uncategorised
Responses (0)

Monday, 1 September 2008

Java semantics

As part of learning Scala, I have recently gone back and looked at Java semantics. I am amazed at how complicated things have become. I seem to recall that at the time that I first learned Java, there was:

  • java.lang.Object
  • java.lang.Class

and some ugly runts called primitives (byte, short, int, long, float, double, boolean, char) which had big brother equivalents. Objects had fields, methods, and contstructors. Any of these could be public, private, or protected. Fields and methods could be static. There was some syntax for dealing with:

  • java.lang.reflect.Array

In fact, the situation was more complicated that this but to write a program that would generate stubs of a class file, the above was sufficient.

Today matters are more complicated. java.lang.Class is now a typed (java.lang.class<T>) and implements:

  • java.lang.reflect.Type
  • java.lang.reflect.AnnotatedElement
  • java.lang.reflect.GenericDeclaration

Type has four subinterfaces

  • java.lang.reflect.GenericArrayType
  • java.lang.reflect.ParameterizedTypee
  • java.lang.reflect.TypeVariable<D extends GenericDeclaration>
  • java.lang.reflect.WildcardType

There is syntactic sugar both for enumerations (which have the initially confusing declaration ENUM<E extends Enum<E>>) and for java.lang.annotation.Annotation which has implementing classes

  • BindingType
  • ConstructorProperties
  • Deprecated
  • DescriptorKey
  • Documented
  • Generated
  • HandlerChain
  • Inherited
  • InitParam
  • MXBean
  • Oneway
  • Override
  • PostConstruct
  • PreDestroy
  • RequestWrapper
  • Resource
  • Resources
  • ResponseWrapper
  • Retention
  • ServiceMode
  • SOAPBinding
  • SOAPMessageHandler
  • SOAPMessageHandlers
  • SupportedAnnotationTypes
  • SupportedOptions
  • SupportedSourceVersion
  • SuppressWarnings
  • Target
  • WebEndpoint
  • WebFault
  • WebMethod
  • WebParam
  • WebResult
  • WebService
  • WebServiceClient
  • WebServiceProvider
  • WebServiceRef
  • WebServiceRefs
  • XmlAccessorOrder
  • XmlAccessorType
  • XmlAnyAttribute
  • XmlAnyElement
  • XmlAttachmentRef
  • XmlAttribute
  • XmlElement
  • XmlElementDecl
  • XmlElementRef
  • XmlElementRefs
  • XmlElements
  • XmlElementWrapper
  • XmlEnum
  • XmlEnumValue
  • XmlID
  • XmlIDREF
  • XmlInlineBinaryData
  • XmlJavaTypeAdapter
  • XmlJavaTypeAdapters
  • XmlList
  • XmlMimeType
  • XmlMixed
  • XmlNs
  • XmlRegistry
  • XmlRootElement
  • XmlSchema
  • XmlSchemaType
  • XmlSchemaTypes
  • XmlTransient
  • XmlType
  • XmlValue

Oh my.

Posted by james at 2:47 PM in Java
Responses (0)

Thursday, 21 August 2008

Lambda, the ultimate procrastination

I was chatting with a friend about JavaScript's nice treatment of functions. I got a bit carried away writing an example inspired by such a construction I saw ages ago in Scheme by Kenneth Oksanen. The javascript is executable with rhino: 
(function (foo) { return foo(foo,(function (foo) { return function() { return foo+=1;} ;})(1)); })(function (foo, baz) {return (function (prime) 
{print(prime); return foo(foo,(function(foo) {return function () {return foo(foo);};})(function (bar) {return (function(foo) {
return ((foo%prime) ? foo :bar(bar));})(baz());}));})(baz());});
Note that this should not be pasted into a browser as the "print" function has a different meaning in a browser (e.g. send it to a printer versus print it to standard out) and it will throw your browser into a hard to kill loop. I wrapped a version in a web page here which freezes my browser (firefox) for a few seconds but the browser eventually kills the script.
Posted by james at 12:10 PM in Tools and Programming
Responses (1)

Wednesday, 6 August 2008

Javascript conventions

A friend made an interesting comment about a recent post that "it's one of those conventions that makes Javascript workable". This got me thinking: when can and when should conventions be enforced within the language? Take, for example, language support of packages: before languages with package support, conventions provided similar functionality albeit in a limited and inconsistent fashion. Requiring package constraints is an improvement.

I have ofen wondered, why do I find Javascript so painful? Based on the language design, I should really like it. I think the answer might be lack of useful constraints within the language which requires the programmer act more as a language designer: both code and conventions but be produced. I am certain that I do not know the complete collection of useful conventions and figuring them out is a rather long and painful process.

This in turn reminded me of reading a collection of essays by Paul Graham. The particular essay praised Lisp for its macro system which allows one to introduce new syntactic features into the language. He argued that a language with more functionality is better than one with less.

While I share his love of lisp and enjoy his writing, I find the argument troublesome. It's a bit as though he argued that 16/64 equals 1/4 because one "can cancel the sixes". I am fine with the conclusion but that argument... woof. Perhaps the easiest way to win a public argument with a mathematician is to make an obvious and universally accepted claim using a bad argument. The mathematician will insist that you are not allowed "to cancel the sixes" while most of the audience will think "but it is 1/4... why is this idiot arguing?".

I think that more featured in a static sense of a language (the code exists and does not change) is not necessarily more powerful in a dynamic sense of a language (code is being written and will continue to change). For example:

  • static typing is less expressive that dynamic typing but enables refactoring,
  • disallowing destructive assignment is less featureful than allowing destructive assignment but enables concurrency,
  • disallowing access to certain resources is limiting but means that untrusted code may be executed safely

Back to topic, the top google hit on Javascript conventions is interesting reading. Do my few readers have other suggestions?

Posted by james at 11:43 AM in Tools and Programming
Responses (1)

Tuesday, 29 July 2008

Emacs org-mode bindings

As I have continued to play with org-mode for emacs, I cannot seem to get over the rebinding of meta-right, meta-left, and so forth. As such I remap them to super-right, super-left and so on. Changing the "s" right after concat to an "H" should remap to use the hyper key. No word on coke bottle bindings yet. 

(add-hook 'org-mode-hook
	  '(lambda nil
	     (if (lookup-key (current-local-map) (kbd "M-<down>"))
		 (let ((annoying-bindings '("M-S-<down>" "M-S-<left>" "M-S-<return>" "M-S-<right>" "M-S-<up>" "M-<down>" "M-<left>" "M-<return>" "M-<right>" "M-<tab>" "M-<up>")))
		   (mapc (lambda (binding)
			   (let* ((original-binding (eval `(kbd ,binding)))
				  (new-binding (eval `(kbd ,(concat "s" (substring binding 1)))))
				  (bound-function (lookup-key (current-local-map) original-binding)))
			     (message (format "rebinding %s to %s for %s" original-binding new-binding bound-function))
			     (local-unset-key original-binding)
			     (local-set-key new-binding bound-function)
			     ))
			 annoying-bindings)
	       
		   (message "setting other keys")
		   (local-set-key  (kbd "s-o")
				   '(lambda ()
				      (interactive)
				      (org-open-at-point)
				      (delete-other-windows)))
		   (local-set-key (kbd "s-t") 'org-todo-list)))))
Posted by james at 7:23 PM in emacs
Responses (0)

Monday, 21 July 2008

org-mode for emacs

Recently while news grazing, I happened across org-mode for emacs by way of a google tech talk. It is a mode for planning, keeping todo lists, and project planning. It is really nice.

Posted by james at 10:48 PM in emacs
Responses (0)

Thursday, 17 July 2008

Javascript prototypes

As I continue with my firefox extension writing, I wanted to refresh my knowledge of Javascript prototypes. Unfortunately most of the examples that I found were not very good. The normally very good site http://www.w3schools.com/ has an example that doesn't really demonstrate the feature (the result is the same without the prototype line); it also does not have anything to do with math.

The following modification to the w3schools example might be more illustrative:

function employee(name,jobtitle,born)
{
  this.name=name;
  this.jobtitle=jobtitle;
  this.born=born;
}

var fred=new employee("Fred Flintstone","Caveman",1970);
var barney=new employee("Barney Rubble","Caveman",1971);

employee.prototype.salary=19000;
fred.salary=20000;

print("Fred's salary is "+fred.salary);
print("Barney's salary is "+barney.salary);
Posted by james at 11:50 AM in Tools and Programming
Responses (0)

Monday, 14 July 2008

Firefox extensions

I have been playing around with writing firefox extensions as of late. One of the difficulties I kept hitting was that testing is difficult inside the browser. For example, a syntax error in javascript seems to prevent any useful messages from being generated (like "syntax error line X in file Y"). I have found it useful then to split my javascript into three categories:

  • One that actually executes logic such as registering functions to events
  • One that dereferences and abstracts functions specific to the brower
  • One that defines, but never executes, the logic that provides most of the functionality

This offers the advantages that files of the last two categories can be syntactically checked by executing the code with a javascript interpreter (such as rhino) and files of the last category can be functionally and interactively tested by writing stubs of the files in the middle category.

Posted by james at 3:29 PM in Tools and Programming
Responses (0)

Sunday, 13 July 2008

Nostalgia

I had the pleasure of entertaining my daughter last week while being the spouse at a very nice conference. One of my allies was youtube where I found some delightful School House Rock videos whose lyrics I seem to still know from my youth. My favorites concern grammar (warning: earworms):


Posted by james at 7:55 PM in Commentary and Observations
Responses (0)