31: addm/reviewing the costs of soa:
. when looking at SOA architecture,
how does that affect the
cross-module communications costs ?
there could be a devil in the details;
but, the bird's eye view is that
it could actually be quite minimal .
2013-07-31
2013-05-29
list of online directories
4.18: news.adds/lib/directories:
. web directories for subject-specific searches:
http://en.wikipedia.org/wiki/
classic dmoz (but no longer mozilla
http://www.dmoz.org/
-- owned by AOL Time Warner)
(become an editor)
http://www.dmoz.org/docs/en/
classic yahoo
http://dir.yahoo.com/
joeant (subject then rank sorted)
http://www.joeant.com/
(apply to be accepted as an editor)
the best of blogs
http://blogs.botw.org/
the best of web (dinky)
http://botw.org/
. web directories for subject-specific searches:
http://en.wikipedia.org/wiki/
classic dmoz (but no longer mozilla
http://www.dmoz.org/
-- owned by AOL Time Warner)
(become an editor)
http://www.dmoz.org/docs/en/
classic yahoo
http://dir.yahoo.com/
joeant (subject then rank sorted)
http://www.joeant.com/
(apply to be accepted as an editor)
the best of blogs
http://blogs.botw.org/
the best of web (dinky)
http://botw.org/
skipping versioning for small edits
4.26: adde/versioning/skipping versioning for small edits:
. while inputting a string,
when the normal rules of versioning are in play,
stopping to do a correction should
cause the string input to be terminated,
then the new command is a string replace .
. one way around that is [word modify mode]
that can suspend the versioning system
until you are finished editing a particular word;
and, it reduces the damage of the modification
to just a particular word,
so that the versioning system is less needed . 5.13:
. it doesn't consider the word saved by versioning
until you are actually getting into the next word .
. while inputting a string,
when the normal rules of versioning are in play,
stopping to do a correction should
cause the string input to be terminated,
then the new command is a string replace .
. one way around that is [word modify mode]
that can suspend the versioning system
until you are finished editing a particular word;
and, it reduces the damage of the modification
to just a particular word,
so that the versioning system is less needed . 5.13:
. it doesn't consider the word saved by versioning
until you are actually getting into the next word .
versiwiki
4.12: adds/versiwiki:
. in wikipedia we often see "citation needed";
this reminded me of a need for versioning;
the default version is completely referenced:
it hides everything that needs a citation,
or that has a citation that doesn't apply .
. if you want to see flagged content
(original work, contested material)
then you click the view-all button .
. we can also extend that idea
to have buttons for many versions:
show original content, or show controversial .
. when the controversial view is shown
it also shows the tags people have added:
pornographic, hate speech, ethnocentric, etc .
. in wikipedia we often see "citation needed";
this reminded me of a need for versioning;
the default version is completely referenced:
it hides everything that needs a citation,
or that has a citation that doesn't apply .
. if you want to see flagged content
(original work, contested material)
then you click the view-all button .
. we can also extend that idea
to have buttons for many versions:
show original content, or show controversial .
. when the controversial view is shown
it also shows the tags people have added:
pornographic, hate speech, ethnocentric, etc .
free online books
4.20: adds/lib/free books list
5.29: summary:
. I found a list of free academic books online,
and this is my reading list todo . :)
2013-04-29
security through instruction restrictions:
3.19: adda/exceptions/security through instruction restrictions:
. my style of exceptions has been
having the raiser call the caller's handler;
but, if the caller's code can be corrupted,
then the exception raiser could be exploited .
. it's fun to think about a perfect language,
one that's not corruptable;
but it's safer to have layers of security,
and not depend on a perfect language system .
. say the exception raiser is in ROM
(as it is a library routine)
but the exception handler has a jump instruction
that bypasses a safety guard;
what could save us is a VM that knows when it is
inside an exception handler,
and never executes a jump in such situations .
. my style of exceptions has been
having the raiser call the caller's handler;
but, if the caller's code can be corrupted,
then the exception raiser could be exploited .
. it's fun to think about a perfect language,
one that's not corruptable;
but it's safer to have layers of security,
and not depend on a perfect language system .
. say the exception raiser is in ROM
(as it is a library routine)
but the exception handler has a jump instruction
that bypasses a safety guard;
what could save us is a VM that knows when it is
inside an exception handler,
and never executes a jump in such situations .
extending the const-var architecture
3.31: addm/extending the const-var architecture:
. what I'm calling the constant-var architecture
makes use of hardware isolation mechanisms
by safely dividing the system into
constant code, and variable data .
. there is another segment to consider:
# write-once-read-many:
. what's variable across process instances
can be constant during execution .
# special permissions:
. the implied permission is that the
data in the process belongs to that process .
. the activation record's resource display
is an example of special permissions:
the process has permission only to
read the resource display, not write to it;
but the supervisor can modify it .
. what I'm calling the constant-var architecture
makes use of hardware isolation mechanisms
by safely dividing the system into
constant code, and variable data .
. there is another segment to consider:
# write-once-read-many:
. what's variable across process instances
can be constant during execution .
# special permissions:
. the implied permission is that the
data in the process belongs to that process .
. the activation record's resource display
is an example of special permissions:
the process has permission only to
read the resource display, not write to it;
but the supervisor can modify it .
privacy assurance while reporting errors
3.19: addx/privacy rights/reporting errors:
. if an error should be reported to the coder
the report should be generated in such a way that
the user can see it contains no personal data;
or, it should say it does contain data
and ask if it is too sensitive .
. if an error should be reported to the coder
the report should be generated in such a way that
the user can see it contains no personal data;
or, it should say it does contain data
and ask if it is too sensitive .
2013-03-31
parser algorithm for postfix operators
2.1: adda/syntax/parser algorithm for postfix operators:
. when checking for existence,
the word (is) could be used in 2 ways:
(is x) checks for existence,
(x is t) checks for x's type = t .
. another idea is having support for
english-style postfix operators:
then you could write (x exists)
and you'd parse this like an infix
except you're not looking for a 2nd arg .
. its syntax for being declared
could be similar to that of other functions:
myPrefix(arg.argType).ReturnType,
(arg.t)myPostfix.ReturnType,
myInfix(arg1,arg2:t).ReturnType .
-- anything with 2 args is an infix operator .
. when checking for existence,
the word (is) could be used in 2 ways:
(is x) checks for existence,
(x is t) checks for x's type = t .
. another idea is having support for
english-style postfix operators:
then you could write (x exists)
and you'd parse this like an infix
except you're not looking for a 2nd arg .
. its syntax for being declared
could be similar to that of other functions:
myPrefix(arg.argType).ReturnType,
(arg.t)myPostfix.ReturnType,
myInfix(arg1,arg2:t).ReturnType .
-- anything with 2 args is an infix operator .
combined hardware-virtual isolation
addm/security/combined hardware-virtual isolation:
2.9: 3.31: intro:
. certain attributes of data are essential to security;
eg, by retagging arbitrary data so that it is
usable as a pointer to code,
we can treat malware data as instructions to follow .
. generally all data can be tagged
just as it is done by xml .
. there are 2 possible ways to enforce
process isolation and ROM attributes:
# HW (hardware) mem'mgt,
# VM (virtual machine) mem'mgt .
. hardware mem'mgt can enforce VM mem'mgt:
the VM's run-time exec never needs to change;
so, HW mem'mgt can see that code as const;
also, any file that the VM is trying to interpret
can be treated by the HW mem'mgt as
something that only the VM process can modify .
. finally, the VM has its own process space
and this should keep other processes
from corrupting its work space .
2.9: 3.31: intro:
. certain attributes of data are essential to security;
eg, by retagging arbitrary data so that it is
usable as a pointer to code,
we can treat malware data as instructions to follow .
. generally all data can be tagged
just as it is done by xml .
. there are 2 possible ways to enforce
process isolation and ROM attributes:
# HW (hardware) mem'mgt,
# VM (virtual machine) mem'mgt .
. hardware mem'mgt can enforce VM mem'mgt:
the VM's run-time exec never needs to change;
so, HW mem'mgt can see that code as const;
also, any file that the VM is trying to interpret
can be treated by the HW mem'mgt as
something that only the VM process can modify .
. finally, the VM has its own process space
and this should keep other processes
from corrupting its work space .
vmm (virtual machine monitoring)
2.5: addx/vmm/virtual dom0:
. just as addm is a VM (virtual machine),
addx is a VM monitor (vmm);
so it should do things like Vmware does,
only with some enhancements and extensions; eg,
. just as addm is a VM (virtual machine),
addx is a VM monitor (vmm);
so it should do things like Vmware does,
only with some enhancements and extensions; eg,
pythonic software construction
2.2: news.addx/pythonic software construction:
Fred Brooks` Mythical Man Month:
. Brooks suggested we plan to throw one away
because we will throw the first attempt anyway;
10years later he noted that incremental development
can reduce much of that loss;
nevertheless,
what he said still applies on a smaller scale:
Fred Brooks` Mythical Man Month:
. Brooks suggested we plan to throw one away
because we will throw the first attempt anyway;
10years later he noted that incremental development
can reduce much of that loss;
nevertheless,
what he said still applies on a smaller scale:
2013-03-09
platforms and requirements to target
1.23: addx/targets are {python, c, obj'c, parasail}:
. if parasail is not on all the needed platforms
the base lang should be obj'c not c;
because, obj'c has better programming-in-the-large features;
well, does it support concurrency?
. if parasail is not on all the needed platforms
the base lang should be obj'c not c;
because, obj'c has better programming-in-the-large features;
well, does it support concurrency?
concurrency4all Parallella
1.4: news.adds/Parallella/
concurrency4all got funding:
Parallella project will make parallel computing
accessible to everyone.
first seen here:
www.geekosystem.com/99-dollar-computer-
3.9: sign up here: parallella.org .
concurrency4all got funding:
Parallella project will make parallel computing
accessible to everyone.
first seen here:
www.geekosystem.com/99-dollar-computer-
3.9: sign up here: parallella.org .
ratical.org and other libraries
1.6: news.adds/lib/ratical.org:
ratical.org/startHere.html
Today the internet is primarily described as
electronic commerce.
Before 1995 it was lauded as
a so-called information superhighway.
rat haus reality is guided by
the paradigm of web-as-library.
It seeks to implement a collection of
library reference materials
to assist students
in the classroom of life and our world.
10: web.adds/lib/e-books for free:
ratical.org/startHere.html
Today the internet is primarily described as
electronic commerce.
Before 1995 it was lauded as
a so-called information superhighway.
rat haus reality is guided by
the paradigm of web-as-library.
It seeks to implement a collection of
library reference materials
to assist students
in the classroom of life and our world.
10: web.adds/lib/e-books for free:
adda`lib folder system
1.15: mis.adda/cstr/pkg/how do packages work?/
adda`lib folder system:
. I seemed to have missed the point of
de-anonymizing a type:
adda`lib folder system:
. I seemed to have missed the point of
de-anonymizing a type:
converting messy data formats
adde/universal conversion via screen scraping
adde/convert clonespy links
adde/browser/filename cleaner
adde/convert clonespy links
adde/browser/filename cleaner
user interface ideas
1.19: adde/gui/window resize needs a quick mode
adde/gui/backed by vcs (version control system)
23: adde/gui/message window/priority treed
adde/gui/backed by vcs (version control system)
23: adde/gui/message window/priority treed
managing self-modifying code
1.31: adda/managing self-modifying code:
(inspired by python unpickle vulnerability)
. the safe pickle is built by the system .
. it can be compared to the decompile,
how is it extensible? that is to ask
how are objects built in the first place?
(inspired by python unpickle vulnerability)
. the safe pickle is built by the system .
. it can be compared to the decompile,
how is it extensible? that is to ask
how are objects built in the first place?
exceptions ok unless requirements preclude
1.30: adda/cstr/exceptions/ok unless requirements preclude them:
. I thought Parasail's author explained somewhere
how exceptions really messed up multi-threads;
review my blog of that ...
(parasail-is-big-win-for-reliable).
. I decided a thread hang was no big deal;
in critical applications
exceptions are absolutely useless;
but if our point is to encourage programming
we should cater to all styles of thinking .
. we just need to protect the coder's user too:
. I thought Parasail's author explained somewhere
how exceptions really messed up multi-threads;
review my blog of that ...
(parasail-is-big-win-for-reliable).
. I decided a thread hang was no big deal;
in critical applications
exceptions are absolutely useless;
but if our point is to encourage programming
we should cater to all styles of thinking .
. we just need to protect the coder's user too:
2013-02-28
avoiding the dangling pointer
1.16: adde/fs/bookmarks/avoiding the dangling pointer:
. mac spends a megabyte per bookmark,
but it can't find the moved file
even when it's inside the same volume as the link ?
. all it needs is a checksum of the file,
and then if it's not at the path indicated,
it reports that this could take a while,
unless you know where it is;
and, it offers to cancel this backgrounded search job .
. it looks for a file of the same name,
then checks it has the same checksum .
. here's how to find the file in the case where
it was edited and no longer has the same checksum:
a bookmark can include a list of keywords,
and like google we can produce a list of files
that gives a decending-order best fit
of all files that contain more of those keywords .
. a more thorough way is more expensive,
and requires all file moves happen via the file mgt
who then has to provide a system for
knowing when a file has been linked in the past,
and has subsequently been both moved and edited .
todo:
. I think that design has been discussed earlier;
need to merge that with this idea .
. mac spends a megabyte per bookmark,
but it can't find the moved file
even when it's inside the same volume as the link ?
. all it needs is a checksum of the file,
and then if it's not at the path indicated,
it reports that this could take a while,
unless you know where it is;
and, it offers to cancel this backgrounded search job .
. it looks for a file of the same name,
then checks it has the same checksum .
. here's how to find the file in the case where
it was edited and no longer has the same checksum:
a bookmark can include a list of keywords,
and like google we can produce a list of files
that gives a decending-order best fit
of all files that contain more of those keywords .
. a more thorough way is more expensive,
and requires all file moves happen via the file mgt
who then has to provide a system for
knowing when a file has been linked in the past,
and has subsequently been both moved and edited .
todo:
. I think that design has been discussed earlier;
need to merge that with this idea .
2013-01-31
globalizing #SOA with web services
1.30: web: cs/soa/globalizing SOA with web services
Filtering to Inspect XML: an Operational Framework for
Service Oriented Architecture Network Security
www.tacoma.uw.edu ... rbunge.pdf
Robert Bunge1, Sam Chung1, Barbara Endicott-Popovsky2, Don McLane1
1 Computing & Software Systems; Institute of Technology
University of Washington, Tacoma
{rbunge, chungsa, dmclane}@u.washington.edu
2 Center for Information Assurance and Cybersecurity
University of Washington, Seattle
endicott@u.washington.edu
1.30: summary of this paper:
Filtering to Inspect XML: an Operational Framework for
Service Oriented Architecture Network Security
www.tacoma.uw.edu ... rbunge.pdf
Robert Bunge1, Sam Chung1, Barbara Endicott-Popovsky2, Don McLane1
1 Computing & Software Systems; Institute of Technology
University of Washington, Tacoma
{rbunge, chungsa, dmclane}@u.washington.edu
2 Center for Information Assurance and Cybersecurity
University of Washington, Seattle
endicott@u.washington.edu
1.30: summary of this paper:
#SOA -- where is #security today?
1.29: web.cs/soa/where is security today?:
. I was looking for updates on
how SOA is preventing malware;
instead, I find this claim about SOA's vulnerabilities:
it should have been subtitled
"exploits you can avoid by using SOA" .
. I was looking for updates on
how SOA is preventing malware;
instead, I find this claim about SOA's vulnerabilities:
"( Modern buffer overflows are more difficult to exploit. that had nothing to do with SOA;
than Aleph One's
smashing the stack for fun and profit.
You should look into modern bypasses to ASLR
such as heap spraying or heap feng shui.
Attacks like jmp2reg (jmp2esp jump2ebx ect...)
are also interesting for bypasses for ASLR.
Attacking ActiveX components is fun.
I used H.D. Moore's AxMan with great success.
Here is the remote code execution exploit I found
using AxMan .
. Here are more exploits that I have written .
. The best fuzzer is by far PeachFuzz,
and writing some pit files for it
can be very fruitful research.
Buffer overflows and sql injection
are the most talked about,
but there are a couple hundred categories for vulnerabilities
and they are identified by CWE numbers.
Its worth exploring, I think it will surprise you
what NIST thinks a vulnerability is.
it should have been subtitled
"exploits you can avoid by using SOA" .
Subscribe to:
Posts (Atom)
