I try to think about computers (and security)
Mar. 21st, 2009 | 08:05 pm
location: sf - valencia
mood: peaceful
music: pink floyd
I’ve been reading a lot of security related articles recently, so I guess i’ve caught the security bug. One recurring trait with exploits (both real and theoretical) is that once you’ve exploited application X (say, Firefox) as user Y (say, ‘power’), then you have access to power’s credentials and can ruin all his other applications as well.
more inanities follow
more inanities follow
Link | Leave a comment {2} | Share
new toy
Jan. 22nd, 2009 | 06:30 pm
I bought one of these and it just arrived today.
I have no idea what to do with it, other then making the google maps app on my phone more precise. But it was too cool to not buy it.
It's really quite tiny - matchbook size, and it can acquire a signal in about 30 seconds from being off. These features combined tell me that it's actually a leftover tracking device that the NSA has been selling on the cheap, and that I'm now showing up as a blip on a screen somewhere under a mountain.
What I found interesting was that the manual came with sections for 8 languages, and that all 8 sections appeared to be equally poorly written. Where does one find a translation company that handles that many regions so poorly? I think I would trade in my mediocre English for a poor command of a whole bunch of different tongues.
I have no idea what to do with it, other then making the google maps app on my phone more precise. But it was too cool to not buy it.
It's really quite tiny - matchbook size, and it can acquire a signal in about 30 seconds from being off. These features combined tell me that it's actually a leftover tracking device that the NSA has been selling on the cheap, and that I'm now showing up as a blip on a screen somewhere under a mountain.
What I found interesting was that the manual came with sections for 8 languages, and that all 8 sections appeared to be equally poorly written. Where does one find a translation company that handles that many regions so poorly? I think I would trade in my mediocre English for a poor command of a whole bunch of different tongues.
Link | Leave a comment {2} | Share
crippled + sick = pyjit
Jan. 21st, 2009 | 11:08 pm
location: home
mood: sick
In addition to being on crutches the last 6 weeks, I somehow managed to acquire a cold in the last one. (How I managed to get a cold, given that I haven't actually been doing anything, is I believe, just another example of God spiting me).
In any case, I couldn't think of anything better with my time then to play around with writing a JIT compiler for python.
I actually thought of many far superior ideas, but the pool of attractive women willing to engage in them with me was sadly too small to make them feasible.
I've had a few projects in the past where I've been using Python and actually found the performance to be lacking enough that it was bothersome. I'm generally far to lazy to care if an operation takes 1 or 10 seconds, but at a certain point it becomes an annoyance.
So there's one JIT compiler for Python already, Psyco, but it doesn't work for x86-64, and it's mostly interested in type specialization.
For fun (in lieu of a better term), I started writing one. Rather then emitting machine code, it emits C, and then asks politely to have it compiled and linked in.
Python has a bytecode representation based on a stack architecture already, which makes the translation more straightforward. Instead of analyzing the code and trying to generate optimal C code, I just naively implement the stack operations. It turns out that just doing this results in a slight performance blip, as the processor is doing the dispatch instead of a table lookup.
At this point, the cold still hadn't gone away, and the girls hadn't materialized, so I decided that some type specialization was in order.
Specifically, the compiler knows the variable types coming into the function, and if we restrict ourselves a little bit, we can follow those types as they propagate along the stack. This lets us generate native (er... C) code to perform certain operations (like arithmetic, or loads and stores) rather then having to invoke library calls and possibly do expensive creation and destruction of objects.
None of this is really new; which is probably why the project turned out a little more boring then I hoped for. The surprising bit is that it actually works; for the simple test functions that I can run, the compiled code is over 10 times faster then the original python.
I can almost walk again, and my cold is almost gone, so I'm not sure how much more work I'm going to do on this. But I figured sharing my boredom with others is the best way to make it go away :).
The code is here, if you're interested in trying it out. It works on the mac and linux boxes that I have access to. It requires the python-dev package or the equivalent.
Some caveats:
* a large chunk of the bytecodes aren't implemented
* it hooks in via the system profiler, so you see the C version run first, then the python. I haven't figured out yet how to replace the original properly
* the type propagation doesn't handle branching types - e.g:
a = foo()
if a: b = ''
else: b = 2
return b * 5
might cause the internet to explode
Let me know what you think, if the internet hasn't exploded by then.
In any case, I couldn't think of anything better with my time then to play around with writing a JIT compiler for python.
I actually thought of many far superior ideas, but the pool of attractive women willing to engage in them with me was sadly too small to make them feasible.
I've had a few projects in the past where I've been using Python and actually found the performance to be lacking enough that it was bothersome. I'm generally far to lazy to care if an operation takes 1 or 10 seconds, but at a certain point it becomes an annoyance.
So there's one JIT compiler for Python already, Psyco, but it doesn't work for x86-64, and it's mostly interested in type specialization.
For fun (in lieu of a better term), I started writing one. Rather then emitting machine code, it emits C, and then asks politely to have it compiled and linked in.
Python has a bytecode representation based on a stack architecture already, which makes the translation more straightforward. Instead of analyzing the code and trying to generate optimal C code, I just naively implement the stack operations. It turns out that just doing this results in a slight performance blip, as the processor is doing the dispatch instead of a table lookup.
At this point, the cold still hadn't gone away, and the girls hadn't materialized, so I decided that some type specialization was in order.
Specifically, the compiler knows the variable types coming into the function, and if we restrict ourselves a little bit, we can follow those types as they propagate along the stack. This lets us generate native (er... C) code to perform certain operations (like arithmetic, or loads and stores) rather then having to invoke library calls and possibly do expensive creation and destruction of objects.
None of this is really new; which is probably why the project turned out a little more boring then I hoped for. The surprising bit is that it actually works; for the simple test functions that I can run, the compiled code is over 10 times faster then the original python.
I can almost walk again, and my cold is almost gone, so I'm not sure how much more work I'm going to do on this. But I figured sharing my boredom with others is the best way to make it go away :).
The code is here, if you're interested in trying it out. It works on the mac and linux boxes that I have access to. It requires the python-dev package or the equivalent.
Some caveats:
* a large chunk of the bytecodes aren't implemented
* it hooks in via the system profiler, so you see the C version run first, then the python. I haven't figured out yet how to replace the original properly
* the type propagation doesn't handle branching types - e.g:
a = foo()
if a: b = ''
else: b = 2
return b * 5
might cause the internet to explode
Let me know what you think, if the internet hasn't exploded by then.
Link | Leave a comment | Share
in seattle for the week
Nov. 24th, 2008 | 02:11 pm
mood: tired
This is still the only city I've been to where ordering a quad-espresso drink is entirely normal.
I'm planning a trip to Eastern Europe, but I need to figure out what I'm going to do for Christmas. I have friends going over after the 25th, but I'd like to head out around the 7th, and I'm trying to avoid being stuck in a place where everything shuts down for the holidays...
I'm planning a trip to Eastern Europe, but I need to figure out what I'm going to do for Christmas. I have friends going over after the 25th, but I'd like to head out around the 7th, and I'm trying to avoid being stuck in a place where everything shuts down for the holidays...
Link | Leave a comment {5} | Share
day off
Jul. 7th, 2008 | 04:59 pm
mood: relaxed
music: Car Talk July 5, 2008 Show #0827-NPR-NPR: Car Talk Podcast
Visited the MLK library in San Jose, which I was actually quite impressed by. It seems to be a merged San Jose / SJSU endeavour. In any case, nice and chilly on a hot day, and some interesting rotating art exhibits. I recommend going down to San Jose as an easy day trip.
Currently drinking wine at a cafe and contemplating how to spend the rest of the day in a non-work related manner. Drinking more wine at the cafe seems like a nice first step.
Currently drinking wine at a cafe and contemplating how to spend the rest of the day in a non-work related manner. Drinking more wine at the cafe seems like a nice first step.
Link | Leave a comment | Share
an excess of stamps
May. 11th, 2008 | 01:09 pm
Means more fun for you!
I like to receive letters in the mail. I suppose I enjoy receiving anything other then bills and junk mail in the mail, but still, letters are nice. Some say that giving is better then giving, and since I recently purchased a sheet of stamps to send money to the state government, *you* can now benefit from my surplus. This also will give me something to do with my time other the netflix and bemoaning the devastating lack of a Palo Alto nightlife.
The first 14 people who send me a mailing address will receive a letter from me, containing personalized witticisms, prose storytelling, or various trinkets, up to 1oz in weight.
Previous letter attempts have included such amazing prizes as:
several suffering stems from my jasmine tree
a picture of my cat
poetry cribbed from other people
prose that would have better if it had been cribbed from other people
descriptions of my current location, generally revolving around "wow, she's really hot"
entirely subjective treatises on the nature of human society
... and much more more!
Don't delay, supplies are limited. I promise to write one letter per day once I start. I'll be away on vacation for a few weeks, so the responses may be delivered en masse when I return.
I like to receive letters in the mail. I suppose I enjoy receiving anything other then bills and junk mail in the mail, but still, letters are nice. Some say that giving is better then giving, and since I recently purchased a sheet of stamps to send money to the state government, *you* can now benefit from my surplus. This also will give me something to do with my time other the netflix and bemoaning the devastating lack of a Palo Alto nightlife.
The first 14 people who send me a mailing address will receive a letter from me, containing personalized witticisms, prose storytelling, or various trinkets, up to 1oz in weight.
Previous letter attempts have included such amazing prizes as:
several suffering stems from my jasmine tree
a picture of my cat
poetry cribbed from other people
prose that would have better if it had been cribbed from other people
descriptions of my current location, generally revolving around "wow, she's really hot"
entirely subjective treatises on the nature of human society
... and much more more!
Don't delay, supplies are limited. I promise to write one letter per day once I start. I'll be away on vacation for a few weeks, so the responses may be delivered en masse when I return.
Link | Leave a comment {1} | Share
rants/requests
May. 3rd, 2008 | 01:56 pm
mood: tired
firefox:
a.) don't throw away my rant after 5 minutes of dedicated work just because you felt the need to sneeze/refresh/whatever.
b.) why do you disable pipelineing by default? do you get some kind of peverse glee in defeating the entire tcp stack and force me to wait 20 seconds as my 1s/rtt connection tries to load some random images somewhere?
c.) why do you insist on waiting 30 seconds and then timing out on random ad server javascript while i'm waiting for the page to be displayed? is it really more important for them to inject stuff into body.onLoad then for me to see the page?
california tax board:
a.) please go screw yourself with a splintering mop handle
b.) while performing a.), since you avail yourself of 8% interest on what you say I owe, can I claim the same interest next year if I overpay?
c.) repeat a.)
d.) while perfoming c.), could you inform me why you aim for even hire levels of douchebaggery then the irs by omitting a return envelope with your request for my firstborn child?
e.) repeat c.), ad infinitum
my bike:
a.) why do you make knocking noises in the crank axle bracket? am i too fat? is the aluminosity of your frame too rigid to mesh with my laid back ways?
people at work:
a.) stop thinking you're smarter then everyone else. all of you. i'm smarter then everyone else, which precludes you assuming the same position. therefore, shut up, and leave me alone to my daydreaming.
[ descent into inaudible teeth-grinding omitted ]
samtrans:
if you're training bus drivers, can you please tell them to take extra care to stop for people when they're driving the 1:30am bus? it would save certain noble creatures such as myself an hour of swearing loudly in a futile rage.
a.) don't throw away my rant after 5 minutes of dedicated work just because you felt the need to sneeze/refresh/whatever.
b.) why do you disable pipelineing by default? do you get some kind of peverse glee in defeating the entire tcp stack and force me to wait 20 seconds as my 1s/rtt connection tries to load some random images somewhere?
c.) why do you insist on waiting 30 seconds and then timing out on random ad server javascript while i'm waiting for the page to be displayed? is it really more important for them to inject stuff into body.onLoad then for me to see the page?
california tax board:
a.) please go screw yourself with a splintering mop handle
b.) while performing a.), since you avail yourself of 8% interest on what you say I owe, can I claim the same interest next year if I overpay?
c.) repeat a.)
d.) while perfoming c.), could you inform me why you aim for even hire levels of douchebaggery then the irs by omitting a return envelope with your request for my firstborn child?
e.) repeat c.), ad infinitum
my bike:
a.) why do you make knocking noises in the crank axle bracket? am i too fat? is the aluminosity of your frame too rigid to mesh with my laid back ways?
people at work:
a.) stop thinking you're smarter then everyone else. all of you. i'm smarter then everyone else, which precludes you assuming the same position. therefore, shut up, and leave me alone to my daydreaming.
[ descent into inaudible teeth-grinding omitted ]
samtrans:
if you're training bus drivers, can you please tell them to take extra care to stop for people when they're driving the 1:30am bus? it would save certain noble creatures such as myself an hour of swearing loudly in a futile rage.
Link | Leave a comment {4} | Share
Trying out j2me Lj
Apr. 22nd, 2008 | 06:18 pm
Waiting for a comedy show, well actually Karina is waiting and I'm drinking beer.
The bartender drew a clover in my beer foam, which I have to say greatly increases my opinion of the place.
The bartender drew a clover in my beer foam, which I have to say greatly increases my opinion of the place.
Link | Leave a comment | Share
feeling like a 80's rockstar
Jan. 30th, 2008 | 08:30 pm
I bought a headband (renamed to an earwarmer by someone), for riding my bike during these frigidly cold, 50 degree Palo Alto winters.
I can't stop the desire to grow my hair long, pick up and electric guitar and put the overdrive to "11".
Sadly, I think I'm going to read some papers off Citeseer instead.
I can't stop the desire to grow my hair long, pick up and electric guitar and put the overdrive to "11".
Sadly, I think I'm going to read some papers off Citeseer instead.
Link | Leave a comment | Share
a silly wish
Jan. 30th, 2008 | 04:25 pm
For such a long time I've wished that there would be a standard authentication system so I would just be automatically logged in when I accessed a site that I had credentials for.
No more accidental anonymous replies to comments.
No more obnoxious autocomplete=off webpages for banks.
Webpeople, please switch back to HTTP authentication over SSL and let me just be automagically transported to a happy realm of reduced typing, protected by my own session key. I think it's a sign of being old that I remember that old, dusty authentication box.
Of course, this would require that people like the IT bunch at Vanguard stop requiring silly things like showing me animal pictures when I type in my username. "Those evil hackers could easily forge our 1024bit SSL credentials, but there's no way they'll know that Russell expects to see a monkey when he logs in."
Sigh.
No more accidental anonymous replies to comments.
No more obnoxious autocomplete=off webpages for banks.
Webpeople, please switch back to HTTP authentication over SSL and let me just be automagically transported to a happy realm of reduced typing, protected by my own session key. I think it's a sign of being old that I remember that old, dusty authentication box.
Of course, this would require that people like the IT bunch at Vanguard stop requiring silly things like showing me animal pictures when I type in my username. "Those evil hackers could easily forge our 1024bit SSL credentials, but there's no way they'll know that Russell expects to see a monkey when he logs in."
Sigh.
