Aug 04 2013

The Factoring Dead: Preparing for the Cryptopocalypse

[slideshare id=24900065&doc=bhslides-130803155156-phpapp01]

Permanent link to this article: http://negativefoo.org/2013/08/the-factoring-dead-preparing-for-the-cryptopocalypse/

Jul 25 2013

Danger Will Robinson!! New TLDs and the Universal Search Bar

If you haven’t noticed recently, your web-browser’s URL bar doubles as a web-search bar. Type in google.com and you’ll go there. Type in ‘giant fish statue’, and you’ll get you expect. How does the browser know which action to perform?

One might think that the browser first tries to resolve what you typed into an IP address, and it fails, perform a search. That might make sense, but isn’t correct, because:

  • Some ISPs will hijack unknown domains to point to their very unhelpful advertising page (I’m looking at you, Optimum Online!)
  • Some browsers will fail out with a error page:

Chrome Invalid Domain Image

Ok, so what?

Let’s say you’re looking for a very popular document, say, royalbaby.pdf. You type that text into your URL bar, and you expect to get a page of search results, but some time prior, somebody went along and registered the domain royalbaby.pdf. Now you think you’re looking at search results, but you’re actually the that guy’s page, looking at whatever he wants to show you.

This is similar to typo-squatting, but relying on the dual-use nature of URL bars.

So what can we do?

  • First, we could ask users to look at the URL bar, but if there’s anything we’ve learned over the past 15 years, its that that type of training is useless at scale.
  • We could disable URL bars for searching, but that seems like a pretty silly “fix”.
  • Web-browsers could keep (and update) a list of valid TLDs and somehow use that, but suppose I’m looking to do research on the DOS-era COMMAND.COM shell?
  • Web-browsers could ask the user whether they meant to go to COMMAND.COM or do a search for COMMAND.COM.
  • Web-browsers could default to searching unless the http:// prefix was used.

None of these answers are very satisfying. Fortunately, when I took a look at the current and proposed TLD list, only of a few popular file extensions appeared on the list, so until someone registers .PDF or .DOCX, this will likely be a minimal problem at best. I did see .APP on the proposed list, which would certainly conflict with searches for, say, Mail.App or Calendar.App, which I’m sure would be among the first domains to be registered.

 

Permanent link to this article: http://negativefoo.org/2013/07/danger-will-robinson-new-tlds-and-the-universal-search-bar/

Jul 03 2013

Picking up C#

It’s been a while since I’ve done anything with C#, and I figured that now’s a good a time as any to brush things off and get up to speed with the language. I’m a Mac guy now, so I’ll be using Mono to write code. This post will be a list of resources that I’m using to pick up things as quickly as possible.

Development Environments

I came across Xamarin Studio, which is working great so far. It’s free for basic use, and relatively affordable for commercial/business use. It integrates with Xcode and other OSX tools, allowing you to write iOS apps completely in C#. Pretty cool. I’m not sure what the relationship is between this and the MonoDevelop IDE, but I’m getting directed to download Xamarin Studio from the MonoDevelop website, so there’s something going on between the two of them.

You’ll need to install Mono before that, and you can get that at MonoDevelop.

Books & Tutorials

I have a C# book upstairs in the attic somewhere. I don’t feel much like looking for it, so I’ll try some online resources first.

The first free online ebook that I’m reading through is C# School, available at Programmer’s Heaven. It’s a bit outdated, covering up to C# 2.0 (C# 5.0 was released in late 2012), but covers the basics.

I am also supplementing things by watching the Lynda.com C# Essential Training course. Lynda costs $25/month, but the quality of the videos more than makes up for it.

 

C# 3.0 – New Features

Automatic Properties:

Instead of doing:

private string name;
public string Name {
get {
return name;
}
set {
name = value;
}
}

We can just do:

public string Name { get; set; }

Object Initializers

Instead of doing:

Customer c = new Customer();
c.CustomerID = "ABC123";
c.CustomerName = "Mike";

We can just do:

Customer c= new Customer() { CustomerID = "ABC123", CustomerName = "Mike" };

Collection Intiailizers

List<Customer> clist = new List<Customer>() {
new Customer { CustomerID = "ABC123", ... },
new Customer { CustomerID = "DEF456", ... },
...
}

Type Inference

Instead of doing:

List<Customer> clist = new List<Customer>();

We can just do:

var clist = new List<Customer>();
 

Up to Speed on C# Versions

Topic-Specific Videos

Permanent link to this article: http://negativefoo.org/2013/07/picking-up-c/

Jul 03 2013

Machine Learning Talk by Peter Norvig

An interesting talk by Peter Norvig @ Google on 2 July 2013.

7-2-13 ML Meetup SDSK 35392776 from xamdam on Vimeo.

Slides (PDF)

Permanent link to this article: http://negativefoo.org/2013/07/machine-learning-talk-by-peter-norvig/

Older posts «