Ramblings of Comet--Berkeley Blog Feed
The internet was originally designed by military scientists to be invulnerable to physical attacks on centralized switching/routing facilities.
So the internet does not rely on a centralized routing system but instead relies on a distributed routing system.
Where were the issues of identification, authorization, etc that are so vital to business accounting covered?
These business/security issues were never in the original design...
DNS, domain name resolution, is a critical piece of the internet. It is the process by which a domain name such as "google.com" is turned into a number such as 22.214.171.124
It is something that everyone's web browser does silently every time a web link is accessed and most people don't pay much attention to it.
Every time you ask your web browser for a page it goes out to the internet, typically to a server called "BIND" that is provided by your ISP, internet service provider. BIND takes the domain name that the web browser provides and returns back an ip address. It takes google.com and returns 126.96.36.199
D. J. Bernstein hated the internet standard BIND program for DNS resolution so much that the decided to write his own DNS resolver, djbdns:
I was curious about why he re-wrote BIND and had no particular opinion about it until I saw the recent debacle with DNS BIND caching this July:
And the fix announced at the August Defcon and then the unfix reported by a Russian hacker in the New York Times:
Bind has lots of problems and they are not just programming problems but basic design problems.
To quote the NY Times article, "The root of the problem lies in the fact that the address system, which was invented in 1983, was not meant for services like electronic banking that require strict verification of identity."
djbdns is a step in the right direction but it is not enough as the current DNS system is flawed from the beginning and will always be vulnerable to forgery.
As D. J. Bernstein says in his article on DNS Forgery, "An attacker with access to your network can easily forge responses to your computer's DNS requests."
He suggests using public key cryptography and maybe that is the best solution for now.
Of course the ideal solution is to not do banking/accounting/etc at all on a public networks, but
only on private networks.
I installed the build system for OpenWRT and wanted to create the html from the LaTeX documents, but my standard Slackware release 12.0 did not have the "htlatex" command.
Doing a Google, I found "htlatex" as part of TeX4ht at:
There is an old Slackware 10 version of TeX4ht at LinuxPackages but I could not get it to work.
So I downloaded the source from the Ohio State site and created my own Slackware 12.0 package for download:
The package might work on Zenwalk
too because it is based on Slackware.
$./primesum Find the smallest difference between two primes whose sum is 1000000000 min prime=499999931 max prime=500000069 difference=138 $
$rexx test3.rex 1000000000001 = 73 137 99990001 1000000000011 = 3 269 5107 242639 1000000000021 = 11 17 12119 441257 1000000000031 = 19 617 85302397 1000000000041 = 3 7 179 266028199 1000000000051 = 13 107 718907261 1000000000061 = 1000000000061 1000000000071 = 3^2 79 1406469761 1000000000081 = 3929 254517689 1000000000091 = 1000000000091 1000000000101 = 3 333333333367 1000000000111 = 7 601 1019 233267 1000000000121 = 1000000000121 1000000000131 = 3 11^3 587 426641 1000000000141 = 239 4184100419 1000000000151 = 31 43 167 911 4931 1000000000161 = 3^3 317 827 141277 1000000000171 = 23 199 271 806213 1000000000181 = 7^2 13 1569858713 1000000000191 = 3 17 19607843141 1000000000201 = 101 197 2239 22447 1000000000211 = 1000000000211 1000000000221 = 3 19 37 157 3020117 1000000000231 = 1181 846740051 Eureka! $
def mystery_func1(x): c = 0 while x != 1: p = 0 q = 0 while q < x: p += 1 q += 2 if q == x: x = p else: p = 0 q = 0 while p != x: p += 1 q += 3 x = q + 1 c += 1 return cHere is my answer:
def mystery_func1(x): c = 0 while x != 1: p = (x + 1) // 2 if x == 2 * p: x = p else: x = 3 * x + 1 c += 1 return c
def mystery_func3(inlist): for i in inlist: assert i in xrange(2 ** 30) mylist = * len(inlist) while not mystery_func3_helper(inlist, mylist): pos = len(mylist) - 1 while mylist[pos] == 2 ** 30 - 1: mylist[pos] = 0 pos -= 1 mylist[pos] += 1 return mylist def mystery_func3_helper(list1, list2): for i in xrange(2 ** 30): c1 = 0 for j in list1: if j == i: c1 += 1 c2 = 0 for j in list2: if j == i: c2 += 1 if c1 != c2: return False return TrueTo answer, here is my replacement for mystery_func3:
def mystery_func3(inlist): for i in inlist: assert i in xrange(2 ** 30) mylist = inlist[:] mylist.sort() return mylist
Iframe attacks are becoming very common as many websites are vulnerable.
The hackers in this case are not simply attacking the PC users but attacking the web servers themselves aka the "Green Zone".
See this article by Roger Grimes on March 21.
Typically all pages at the hacked website will include code at the bottom of each page similar to this:
which translates into something like this on the users computer:
When an unsuspecting user clicks on a trusted website he downloads spyware, viruses, etc as described in this article at CastleCops
|I recently tested a Pentium 4 system with an Intel motherboard by running memtest86+ to check out the ram memory chips.
I kept getting the following error no matter how I swapped around the memory chips on the motherboard:
Test #3 Address: 00000100020 1.0MB Good: 80808080 Bad: 80808000