Skip to main content

Posts

Showing posts from November, 2014

Trust

When UNIX co-progenitor and super-smarty-pants Ken Ritchie was given a Turing Award, he provided a warning to those within ear shot. Admins and developers often find it satisfactory to review the source code of applications to determine maliciousness. And to a certain extent, this works out all right. Over time we have built a series of expectations of where to expect naughty code based on our experience. We have also chosen to trust other types of tools that we use during this process. We discriminate. But there's no reason that bad stuff *has* to be in the applications that we expect to find it in. Yes, the clever among us know that compilers can be bad. But we check the source of our compilers and find no bad stuff, and so we assume we are safe. We do, though, compile the compiler, don't we? Well, alright then some megalomaniac at Intel or somewhere far upstream decided to embed badness in the embedded distro compilation software. We can still look at the binary of com

Chess, Encryption and Comic Books (Mind MGMT)

Lately, I've been hooked on a brilliant comic book from genius Matt Kindt , called Mind MGMT . In a nutshell, Mind MGMT follows a cold war era intelligence service based on the conceit that Men Who Stare at Goats -style ESP spook tactics work, and have silently and secretly played a role in the machinations of world politics throughout the 20th century. Mind MGMT is really clever, the art is striking and the whole business is worth a read on its own. Part of the fun of the comic book is that the creators seamlessly weave the sort of subliminal messaging they use in the plot, into the layout of the comic itself. Fake advertisements in the back of issues contain hidden text, while the margins themselves are formatted like Scantron documents with little limericks where the dotted "fold here" lines usually go. Just today I read through issue 23, which opens with a tale of a man gifted with the fore-mentioned spying super-powers; a reclusive Bobby Fischer type who commun

Programming in C Chapter V - Typecasting

In its simplest sense Typecasting is altering a computer's interpretation of data by implicitly or explicitly changing its data type; for example, by changing an `int` to a `float` and vice verse. To better understand typecasting, we must start with data types themselves. In programming languages like C, every variable has some kind of `type` that determines how the computer and the user interprets that variable. Each of these data types, for instance `int`, `long long`, `float` and `double` all have their own unique characteristics and are use to handle data types of various ranges and precision. Typecasting allows us to take a floating point number, like 3.14, and specifying the number before the decimal - 3 - by parsing it to an `int`. Let's us an example from the English language to better clarify what we mean. example.         WIND Each carefully manipulated line in the example above forms a unique symbol. However, these symbols are immediately identifiable

Programming in C Chapter IV - Precedence

Precedence is how we answer the question: What operations should we perform first? Whether in solving mathematical equations or writing source code, strict procedural rules of precedence allow the same operations to produce the same results every time. The first rule of precedence in the C programming language (and many others) is that we always work from the inner-most parentheses out-ward. This is particularly important to remember during bug-testing. Adding parentheses can be a good debugging tactic, but it is bad form to litter your code with un-needed parentheses. The second rule is that when operators have equal priority, we simply solve from left to right. With simple arithmetic, precedence or order of operations conforms to PEMDAS - from first to last, in pairs: parentheses and  exponents, multiplication and division, and finally addition and subtraction. Multiplication and division share the same precedence in this scenario because, functionally, they are the same oper

Programming in C Chapter III - Boolean Values & Operators

Today we will learn a bit about Boolean values, operators and expressions. Boolean values and conditions are named after 19th century mathematician and logician George Boole who pioneered a field of logic now referred to as Boolean logic; which is based upon grouping and comparing * Boolean values *. * Boolean Value * - a variable that has two possible conditions;  TRUE and FALSE .                                Similar to a light switch that can be either on or off, or how binary                                numbers can be either 1 or 0. Boolean values are seem fairly simply on the surface. However, they allow for a dynamic array of combined values that allow for nearly infinite complexity. * Boolean Operator * - A Boolean Operator combines two Boolean values  into a single value. The two most common of such operators are AND and OR , but there are quite a few additional Operators we will explore as well. * AND * - results in a value of TRUE ONLY if BOTH input

Tamir Rice Video Casts Doubt on Statements from Police

There seems to be a great deal of confusion about what happened between Tamir Rice, a 12 year old who was playing in a park with a BB gun, and the police officer who killed him. Take, for example, this:  Quite a few members of the "public at large" seem to be convinced that young Tamir Rice was brandishing a convincing pistol replica at the police. The police, after begging Rice to lay down his weapon multiple times, were forced to open fire when young Tamir made some sort of furtive movement toward his waist band, in which this make-believe pistol was ensconced.  While I find it quite troubling that so many of our fellow citizens find it reasonable to leap to the defense of today's police force immediately after they gun down a pre-pubescent child, perhaps in this instance the Public can be forgiven. After all, the narrative described above has largely been formed from police statements of what happened.  Here's the police version: A man calls 91

How To Find Files Over a Certain Size Using Redhat/CentOS/Fedora Linux

Here is a quick tip for all of those Redhat/CentOS/Fedora users out there. Do you need to find all files over a certain size, either in a specific directory, your current directory, or in your entire computer/server? No problem, just execute the following: find / -type f -size +500000k -exec ls -lh {} \; | awk '{ print $9 ": " $5 }' In the example above, I am looking for all files over 500MB in size (500000k, where k = kilobytes). The place where I have typed "/" in the above command indicates the path to search in. By selecting "/" I am searching in the entire filesystem; I could easily indicate a specific directory by changing my command as follows: find /path/to/my/directory -type f -size +500000k -exec ls -lh {} \; | awk '{ print $9 ": " $5 }' Alternatively, I could search in my current directory by replacing "/" with "." like so: find . -type f -size +500000k -exec ls -lh {} \; | awk '{ pri

The FBI's Letter to Martin Luther King Jr - Uncensored for the First Time

The vile letter above speaks for itself. The letter you see above, published for the first time fully unredacted by the New York Times yesterday , was sent by the FBI to Martin Luther King Jr, in order to compel him to commit suicide. The letter was apparently enclosed with a recording that the FBI believed could provide King was cheating on his wife; the impetus for their suicide demand. The sections that have for decades remained redacted explicitly reference the tape - it becomes apparent that the only possible reason for censoring this material is that it contains proof that the FBI was conducting warrantless surveillance of US citizens for purely political reasons. Fortunately we live in an enlightened age where such warrantless eavesdropping is merely a curio of the distant past. Oh, wait ...

I Ran Windows 7 Updates and My Desktop Went Completely Black! What Do I Do?!

So last night (11-12-14) or this morning you ran a package of `Important` Windows Cumulative Security Updates. Gee those do sound important! There were about 11 or so - specifically, the ones most likely to give you trouble are these: Update for Windows 7 for x64-based Systems (KB3008627) Security Update for Windows 7 for x64-based Systems (KB3003743) Security Update for Windows 7 for x64-based Systems (KB2993958) Security Update for Windows 7 for x64-based Systems (KB2991963) Security Update for Windows 7 for x64-based Systems (KB3005607) Security Update for Windows 7 for x64-based Systems (KB2992611) Security Update for Windows 7 for x64-based Systems (KB3010788) Security Update for Windows 7 for x64-based Systems (KB3002885) Security Update for Windows 7 for x64-based Systems (KB3006226) After diligently downloading and installing these updates, you allow your computer to reboot. The boot process goes smoothly, you log into your computer, only to find a stark black s

Programming in C - Chapter II - It Really IS Rocket Science

Problems arise with numerical expression in computing. In reality, there are an infinite number of real numbers. However there is clearly not an infinite amount of infinite memory even in the largest of super-computers, and memory that is addressable by an application is only a fraction of the total finite available memory. How to we deal with these obstacles? We will explain more in a moment. First let's overview in more detail how the C compiler handles numeral types. Consider the application below: #include <stdio.h> int main (void) {     float f = 1 / 10;     printf("%.2f\n", f);     return 0; } Here we declare a float, 1/10 which should clearly resolve to 0.1 or 0.10 since I am declaring that printf provide a float with two digits after the decimal point. However, upon complation and excecution the program will stubbornly return a value of "0.00". Why? The issue is that I am declaring a float as an operation of two integers - 1 and

"The Box" - New Short Film Shows NY Kids in Solitary

A 5 minute animated short film, called "The Box", recently won a well-deserved award from the New Orleans Film Festival . "The Box" is directed by Michael Schiller and produced in part by the Center for Investigative Journalism The film follows Ismael “Izzy” Nazario, a 16 year old child who spends 300 days in solitary confinement while imprisoned in Rikers Island. This time was done before Izzy was convicted of a crime. Izzy's mother had fallen victim to cancer before his arrest, leading Izzy to become less engaged in school and try to escape a suffocating situation at home by falling in with friends in the street. This lead to an arrest for theft. "The Box" uses powerful animation, scrawled in black and white like a sketching on a concrete wall. The images are reinforced by a voice over from Izzy, who describes confrontations with older prisoners who try to steal his shoes, how the ink on letters he received would run and smudge from sweat cause

How To Enable CLR on a Microsoft SQL 2005 Server

A while back I worked for a small hosting firm that focused on Microsoft products. As part of my responsibilities I wrote a great deal of documentation for them for a variety of tasks - some basic, some more advanced and problematic. Anyway I was pleased to see today that these tutorials are still published on their site. Follow this link, for instance, to read an instructional guide on how to enable CLR with MSSQL 2005 .

C Programming Tutorial Part 1 - Compiling C using clang

Part 1 of our C Programming Tutorial covers the basics of compiling. What is a compiler? How does it work? How do I use a compiler to write programs in C? Every application that you write in C will have to be compiled. Furthermore, compilation errors and failures will be your first indication that you have made a mistake in your program somewhere. Understanding your compiler in and out will help you to write code much more efficiently.  For the purposes of our tutorial today, we will be discussing the clang compiler . clang is widely used - iOS developers should recognize it as the compiler used for developing iPhone apps as part of xCode and Apple's LLVM . I will also use a number of demonstrations; these demonstrations will include source code written in C, assembler and some garbage ASCII that is representative of machine code viewed through a text editor. For my part, I am using a Fedora Linux virtual machine for these demonstrations. That said, as I discussed initial