Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

April 22 2010

April 20 2010

March 17 2010

March 16 2010

March 07 2010

99 Bottles of Beer | Language Perl

    ''=~(        '(?{'        .('`'        |'%')        .('['        ^'-')
.('`' |'!') .('`' |',') .'"'. '\\$'
.'==' .('[' ^'+') .('`' |'/') .('['
^'+') .'||' .(';' &'=') .(';' &'=')
.';-' .'-'. '\\$' .'=;' .('[' ^'(')
.('[' ^'.') .('`' |'"') .('!' ^'+')
.'_\\{' .'(\\$' .';=('. '\\$=|' ."\|".( '`'^'.'
).(('`')| '/').').' .'\\"'.+( '{'^'['). ('`'|'"') .('`'|'/'
).('['^'/') .('['^'/'). ('`'|',').( '`'|('%')). '\\".\\"'.( '['^('(')).
'\\"'.('['^ '#').'!!--' .'\\$=.\\"' .('{'^'['). ('`'|'/').( '`'|"\&").(
'{'^"\[").( '`'|"\"").( '`'|"\%").( '`'|"\%").( '['^(')')). '\\").\\"'.
('{'^'[').( '`'|"\/").( '`'|"\.").( '{'^"\[").( '['^"\/").( '`'|"\(").(
'`'|"\%").( '{'^"\[").( '['^"\,").( '`'|"\!").( '`'|"\,").( '`'|(',')).
'\\"\\}'.+( '['^"\+").( '['^"\)").( '`'|"\)").( '`'|"\.").( '['^('/')).
'+_,\\",'.( '{'^('[')). ('\\$;!').( '!'^"\+").( '{'^"\/").( '`'|"\!").(
'`'|"\+").( '`'|"\%").( '{'^"\[").( '`'|"\/").( '`'|"\.").( '`'|"\%").(
'{'^"\[").( '`'|"\$").( '`'|"\/").( '['^"\,").( '`'|('.')). ','.(('{')^
'[').("\["^ '+').("\`"| '!').("\["^ '(').("\["^ '(').("\{"^ '[').("\`"|
')').("\["^ '/').("\{"^ '[').("\`"| '!').("\["^ ')').("\`"| '/').("\["^
'.').("\`"| '.').("\`"| '$')."\,".( '!'^('+')). '\\",_,\\"' .'!'.("\!"^
'+').("\!"^ '+').'\\"'. ('['^',').( '`'|"\(").( '`'|"\)").( '`'|"\,").(
'`'|('%')). '++\\$="})' );$:=('.')^ '~';$~='@'| '(';$^=')'^ '[';$/='`';
Reposted fromjooray jooray

January 14 2010

Deploying Servlets on Smart Cards: Portable Web Servers with Java Card 3.0

Deploying Servlets on Smart Cards:
Portable Web Servers with Java Card 3.0
Reposted fromjooray jooray

January 03 2010

December 20 2009

etherpad - Project Hosting on Google Code

This is the open source release of EtherPad, a web-based realtime collaborative document editor.

This project exists mainly as an exhibition of the code, to help support those who want to run or modify their own etherpad servers, or for those who are curious about how etherpad's algorithms make realtime collaboration possible.

Reposted fromjooray jooray

December 18 2009

The new study suggests the opposite: Newborn neurons weaken or disrupt connections that encode old memories in the hippocampus.
New Brain Cells May Knock Out Old Memories | Wired Science | Wired.com
Reposted fromjzx jzx
 my $a = (@{{ 'a' => ['a']}->{'a'}})[0];

Objectivism-oriented programming - Uncyclopedia, the content-free encyclopedia
Reposted fromjzx jzx

December 06 2009

November 08 2009

"High Performance at Massive Scale – Lessons learned at Facebook" Jeff Rothschild

Facebook has grown into one of the largest sites on the Internet today serving over 200 billion pages per month. The nature of social data makes engineering a site for this level of scale a particularly challenging proposition. In this presentation, I will discuss the aspects of social data that present challenges for scalability and will describe the the core architectural components and design principles that Facebook has used to address these challenges. In addition, I will discuss emerging technologies that offer new opportunities for building cost-effective high performance web architectures.

Jeff Rothschild is Vice President of Technology at Facebook, where he focuses on scalability and performance. Prior to Facebook, Jeff focused on storage management and Internet services as an investor and entrepreneur. He previously co-founded Veritas Software, where he was responsible for product strategy and architecture. Jeff also co-founded Mpath Interactive/Hearme, the Internet multiplayer games and voice chat service, where he served as Vice President of Engineering. He is also a consulting partner with Accel Partners and during his tenure has worked with Walmart.com, Rhapsody Networks and Mendocino Software. Jeff holds a bachelor's degree in psychology and a master's degree in computer science from Vanderbilt University.
Reposted fromjooray jooray
4757 e067 500
Relative speed of language runtimes (server side, i.e. startup time does not matter) from Facebook Dev team (lower is better).

Tell me again, that Java is slow.
Reposted fromjooray jooray

November 06 2009

November 05 2009

Authentication Gap in TLS Renegotiation (a bug in SSL/TLS)

The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer to inject a chosen plaintext prefix into the encrypted data stream, often without detection by either end of the connection. This is possible because an “authentication gap” exists during the renegotiation process at which the MitM may splice together disparate TLS connections in a completely standards-compliant way. This represents a serious security defect for many or all protocols which run on top of TLS, including HTTPS.

I first began to suspect the existence of this category of bug in related software while doing code review on some third-party software in support of the solution we provide at my work, PhoneFactor. That was early August. Many late nights and weekends later, I had enough evidence to talk about, and at the beginning of September, I had a working exploit and demoed it to Steve Dispensa (PhoneFactor CTO).

We realized this situation needed to be handled with a good measure of care. Over the first part of September, 2009, we began disclosing the initial group of independent security consultants for independent verification and advice on how to proceed. An initial group of vendors, which included members of ICASI, the IETF, and multiple open-source SSL implementations were disclosed with technical details over the week of September 21 - 25. A meeting was held at a helpful company’s headquarters in Mountain View, CA on September 29, where tentative agreement was reached on a preliminary solution in the form of a protocol extension. The remediation efforts for this bug have been conducted under the code name “Project Mogul”.

At that meeting, it was pointed out that the proposed solution had many similarities with work being done in the IETF TLS Channel Bindings working group. Indeed, over the coming weeks while vendors made their preparations, we followed the discussions on the IETF mailing list to see how close they might come to uncovering the problem there.

Today, an MitM attack on TLS was proposed by Martin Rex in the public forum. Martin’s early proposal may differ in a few details and lack the research time and working exploit that Steve and I had developed, but it clearly identifies the core problem and effectively represents public knowledge of the bug.  Noted security researcher HD Moore tweeted about the possible attack, and it was quickly re-tweeted by 10 others. Vendors (e.g. PhoneFactor) and security researchers began to get independent requests for more information.

For these reasons, Steve and I feel that public disclosure has now occurred, and the results of our research should be available to all interested parties. I expect some other announcements shortly, including an Internet Draft proposal for the fix.

Technical details are in the attached .zip archive.

renegotiating_tls_20091104_pub.zip

More posts to come on this topic, and I’ll try to be available for whatever questions arise.

I’ll be posting contact info for the multi-vendor coordination efforts as well.

Reposted fromjooray jooray

November 04 2009

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl