I was looking for something to extract comments from C/C++ source code. This script does the job beautifully. (Just tested it on a C source file with japanese comments that need to be translated).
In fear of getting the utility lost, I am copying it here...
Upgrading Your Current System To Kernel 2.6
do what I did - edit /etc/XF86Config so that /dev/psaux becomes /dev/input/mice. Works fine for me.
Currently reading:
In an Uncertain World by Robert E. Rubin and Jacob Weisberg.
Autobiographical book by Robert Rubin which sketeches his early years, a long career with Goldman Sachs, White House, The Treasury.
(to be resumed after my India trip)
Getting Things Done by David Allen
A self-help book about high productivity.
Learning Python, 2nd Ed. by Mark Lutz
A great book about python, a language which I am increasingly becoming fond of.
I have decided to blog about mobile security and security in general here.
San Diego Telecom Council had arranged a talk by Greg Rose of Qualcomm today with the topic "Hackers and Mobile Phones: who will win ?". Greg Rose is an Australlian cryptographer who had "accidentally" cracked the weaknesses in CDMA on air ciphering. I had attended one of his earlier talks while I was at Qualcomm. So I had to attend this...
It was a very short talk (only about 45 mins). Greg explained the basics of security:
Protocols - Usually assume agreed upon behaviour.
Attack breaks it by unagreed upon behaviour.
Risk = Threats * Loss
Security is a process of managing the cost of the risk due to attacks.
Why bother about security ? (depends on what is to be protected) It needs to be designed in and not added on later.
Threat analysis - develop an approach that works! Think about assets (something that you are protecting), Brainstorm attacks (play the devil), compute risk, determine countermeasures.
Current practices in 2G/3G - Use of keys (only symmetric due to hardware costs for asymmetric?). Smaller length (64 bits?) Message Authentication Codes (digest), ciphering. Attacks - evesdropping, impersonation. He emphasized end-to-end security as the ultimate end. So it is not enough to protect the radio protocols and ignore the security of the backhauls. With the introduction of downloadable code (Brew/Java/Bluetooth) and COTS operating systems on the phones like WinCE, Symbian, it will be easier for hackers to be able to inject unauthorized code & viruses on the phones. Service providers need to demand more security from the chipset designers, e.g. memory protection. Many times, security is just not properly implemented by the service providers. e.g. TMSI. Canada e.g. does not turn on encryption.
There is a need for the phones to authenticate base stations as well. Usually only the base stations authenticate the phones on their network. (Fake network attack - addressed in 3G) Discussion of an attack where authentication based on SIM card fails if it only uses the authentication in the beginning. (Need for base station to optionally verify that the phone still has the SIM card)
Some quotes:
If we trust everyone, we don't need security.
Early day security based on some wrong assumptions/optimizations. (e.g. Base station costs 0.5 million dollars, nobody will go to that extent to steal some secrets. Test equipment costs much less and even 0.5 million is not much for governments/mafia)
Kirkoff's maxim: Only thing secret should be the key (not the algorithm or implementation)
Security Protocols should be open to analysis.
Q&A:
If I am in a crowd of 100 phones, how many are infected with worms/spyware ? Answer - 1-2 (writing spyware for cellphones not very common). But if the question is how many can be compromised, then the answer is 99! (I just thought to myself, the remaining must be switched off due to dead battery)
How important is hardware security for overall security - Ans: Very important 🙂
What is current status of security of 3G wireless as opposed to Wireless Lan security ? - Both are equally bad!
P.S. Greg was kind to send the presentation slides. I will link to it whenever sdtelecom.org updates the website.
Tried and Tasted.
Hmmm Delicious...
(Original Source: http://www.geocities.com/Heartland/Woods/9843/egg1.html)
Heat the oil in a pan and fry the ginger, garlic, onions &
tomatoes for 10 minutes. Add red chili powder, turmeric powder and salt
and fry for another 5 minutes. Add the beaten yoghurt and bring it to a
boil. Reduce the heat. Now add the eggs and garam masala and cook until
the gravy becomes thick. Garnish with chopped coriander leaves and
serve hot.
This entry has some unicode characters (devanagari), let's see if they are visible correctly...
मराठीमद्ध्ये लिहिणे आता बरेच सोपे झाले आहे. यासाठी युनीकोडला धन्यवाद दिले पाहिजेत
Came across an article in Fast Company about Dr. Ram Charan and got hold of two books by Dr. Ram:
What the CEO wants you to know and Execution: The Discipline of Getting Things Done
I just finished "What CEO..." and it's filled with countless little gems in very easy to understand terms. Dr. Ram Charan grew up watching the footwear shop of his parents and teaches us the core nucleus of all successful businesses: Cash generation, margin, velocity, return on assets, growth, and customers. The concepts are illustrated by examples from the perspective of street vendor.
Very highly recommended. Now onto "Execution..."
How will you write a program to find jumbled words ?
The shotgun approach is the first one anyone is bound to follow at first. i.e. For all permutations of the letters, find if there is a match in the dictionary of words. You might do some optimizations to ignore repetitions etc. But this is O(n^2) complexity solution.
I read an elegant way to solve this here. The trick is to notice that the real answer and the jumbled word look the same when they the letters are sorted.
(Let's ignore the time to sort the words for now, which is O(n*log(n)) I believe for decent algorithms.)
Here is a python snippet to solve the jumble:
#!/bin/env python3
def find_jumble(jumble, word_file='/usr/dict/words'):
sorted_jumble = sort_chars(jumble)
for dictword in open(word_file, 'r').readlines():
if sorted_jumble == sort_chars(dictword):
yield dictword
def sort_chars(word):
w = list(word.strip().lower())
w.sort()
return w
while(1):
inp = input("Enter word: ")
if not inp: break
for ans in find_jumble(inp):
print("Answer = ", ans)
I use Del.icio.us as my online bookmark manager. It's so simple to use, yet so powerful. I especially like the capability to post the bookmark to my account using simple javascript bookmarks.
Here are my bookmarks.
These are the good things about this goody:
One does wonder about how long a good thing can last for free. Hopefully this will last.
I use the following shell script to regularly backup my bookmarks to an xml file:
#!/bin/sh
umask 077
read -p "Enter your password : " -s pw
curl -u amit:${pw} 'http://del.icio.us/api/posts/all' > del.icio.us-backup-`date +%G%j%k%M%S`.xml
Bittorrent is a peer-peer protocol used for file distribution. What is good about it is that every downloader also acts as an uploader. The file is divided into smaller sized chunks, each with SHA1 hash. This is great for countering "slashdot effects", downloading the iso images immediately after they are released. I doubt, though, if it is very useful for longer term links...
There are many websites which host the torrent files for movies, music, TV shows, software apps.
It will be a cool project to keep searching for keywords appearing on such websites and automatically download the torrents to browse. May be have RSS feeds based on keywords... Hmmmm...
Via: http://www.cs.ucf.edu/~cmillward/delish.php
bookmarklets that I've found to extend del.icio.us functionality
In the scripts that post to your account, you will need to change USERNAME to your own username. I tried to name the
bookmarklets as usefully as possible, so hopefully the link title is appropriate.
account and include in the extended field whatever text you have
selected on the page. If no text is selected, it will prompt you to
enter some.
modified by Seb. orginally posted by Bowen Dwelle.
A great piece about why typical South Indian men do not get any good girls in town ...
http://sidin.blogspot.com/2004/05/travails-of-single-south-indian-men-of.html
Full text follows below in extended entry...
Continue reading “The Travails of Single South Indian men of conservative upbringing” or “Why we don’t get any…”
After spending a couple of days figuring out the drupal module engine, I think I do have a workable version of markdown plugin now ready. It works for me and a few others for now.
Some people have a concern for lock-in into a particular text format. This is because, in drupal, the data is stored in the text format (drupal/textile) and it is processed every time node is viewed. There are good and bad things about this: The good thing being, you are working at a higher level (really?) compared to raw HTML. So all of your modifications will be at that level. The bad thing is the lock-in: i.e. you are commited to markdown or textile format!
There are a couple of ways to counter this. One beauty of markdown is that there exists html2text which converts HTML to text... valid markdown text! But unfortunately
html2txt(markdown(txt)) != txt (it's close but not exact, it can never be)
So maybe we should store the markdown output to the database (instead of text format as now) and run html2txt everytime we want to edit/modify ?
Update: 2005/05/05 Recent versions of drupal already include markdown and textile plugin
Use this instructional guide from the 1940's to learn proper etiquette when operating a telephone.
Came across this nice snippet on WSJ:
(via: Rajesh Jain of emergic.org)
I came across this article by Jeremy Wagstaff which is still as relevant today:
Base the password on mnemonics or acronyms, not words or names. Use your favorite song titles, movies, football teams as starters. It's got to be something that you know a lot about, but not something that other people can find out about you -- such as your birthday, your place of birth, or your kids' names. The first letters of the movie The Year of Living Dangerously, for example, could be used in conjunction with its two main stars, Mel Gibson and Sigourney Weaver, to read "tyoldmgsw."
That's just the start. Now you have something you can remember, but it's still just basic letters. You need to turn some of them into numbers, punctuation symbols and capitals. Try turning the "o" into a similar-looking zero, the "l" into a one and the "s" into a five. That would give you "ty01dmg5w" which is a lot better, and still easy to remember, since the numbers are similar to the letters they've replaced.
This, sadly, is still not good enough. The people who write hacking programs are on to this kind of trick, so your password is still vulnerable. It needs an extra trick or two. Try capitalizing the family-name letters, alter the 0 to similar-looking bracket marks (), and move the numeric characters one key to the left on your keyboard.
If your passwords are as good as that, then you should be safe. But there's still a weakness, and it's still human. Never give your passwords to anyone, don't reuse them for different accounts, and change them every few months. Store them on your personal digital assistant if you like, but remember that, even if it's in a well-encrypted file, all your valuable information is just one password away from being accessed by someone. If they steal your device, chances are they're eager enough to try to crack the password protecting all your passwords. Passwords are better kept in your head, triggered by things you'll never forget.