Interesting Snippets from 2012-07-31

• Gradle - Overview

  At the heart of Gradle lies a rich extensible Domain Specific Language (DSL) based on Groovy. Gradle pushes declarative builds to the next level by providing declarative language elements that you can assemble as you like. Those elements also provide build-by-convention support for Java, Groovy, OSGi, Web and Scala projects. Even more, this declarative language is extensible. Add your own new language elements or enhance the existing ones. Thus providing concise, maintainable and comprehensible builds.

• BBC News - Viewpoint: How PowerPoint changed Microsoft and my life

  Microsoft recently reported the first quarterly financial loss in its history. The reason was a big acquisition gone sour. Microsoft had to write off more than $6bn (£3.8bn) that it had spent to acquire Aquantive, an online advertising business.

  By contrast, Microsoft's earliest acquisition, PowerPoint, has been a financial success. Microsoft bought PowerPoint 25 years ago, on 31 July 1987.

  The result may have been more valuable to Microsoft than any of the more than 100 acquisitions it has made since.

• Chaos Monkey Released Into the Wild - Slashdot

  "Netflix revealed today that they've released Chaos Monkey, an open source Amazon Web Service testing tool that will randomly turn off instances in Auto Scaling Groups. 'We have found that the best defense against major unexpected failures is to fail often. By frequently causing failures, we force our services to be built in a way that is more resilient. We are excited to make a long-awaited announcement today that will help others who embrace this approach. ...source code for the founding member of the Simian Army, Chaos Monkey, is available to the community.'"

• pathod

  pathod is a pathological HTTP/S daemon, useful for testing and torturing HTTP clients. At pathod's heart is a tiny, terse language for crafting HTTP responses. The simplest way to use pathod is to fire up the daemon, and specify the response behaviour you want using this language in the request URL.

[/snippets] permanent link

Interesting Snippets from 2012-07-30

• Talk to Me, One Machine Said to the Other - NYTimes.com

  Machine-to-machine communications has been around for more than two decades, initially run on landline connections and used for controlling industrial processes remotely. With advances in mobile broadband speeds and smartphone computing, the same robotic conversations are now rapidly shifting to wireless networks.

  When the total amount of data traffic generated by machines overtakes that created by human voice conversations — or possibly before — mobile operators will have to choose who waits in line to make a call or receive an e-mail — the machine or the human.

• Treatise on Font Rasterisation

  Font rasterisation is, in the author’s opinion, one of the most interesting fields of computer science. If music is the subjective application of physics, then font rasterisation is almost certainly the subjective application of computer science. The purpose of this article is threefold: firstly, to provide an introduction into the various methods available to aid in the rasterisation process; secondly, to provide a critical analysis of these methods against the needs of desktop applications; and finally, to relate this analysis to free software.

• A guide to analyzing Python performance « Huy Nguyen

  While it’s not always the case that every Python program you write will require a rigorous performance analysis, it is reassuring to know that there are a wide variety of tools in Python’s ecosystem that one can turn to when the time arises.

[/snippets] permanent link

Interesting Snippets from 2012-07-26

• Hacker Will Expose Potential Security Flaw In Four Million Hotel Room Keycard Locks - Forbes

  Brocious’s exploit works by spoofing a portable programming device that hotel staff use to control a facility’s locks and set which master keys open which doors. The portable programmer, which plugs into the DC port under the locks, can also open any door, even providing power through that port to trigger the mechanism of a door lock in which the battery has run out.

  The system’s vulnerability arises, Brocious says, from the fact that every lock’s memory is entirely exposed to whatever device attempts to read it through that port. Though each lock has a cryptographic key that’s required to trigger its “open” mechanism, that string of data is also stored in the lock’s memory, like a spare key hidden under the welcome mat. So it can be immediately accessed by Brocious’s own spoofed portable device and used to open the door a fraction of a second later.

[/snippets] permanent link

Interesting Snippets from 2012-07-25

• (D)DoS Deflate - deflate.medialayer.com

  (D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections. It is one of the simplest and easiest to install solutions at the software level.

• ImperialViolet - Living with HTTPS

  HTTPS tends to cause people to give talks mocking certificate security and the ecosystem around it. Perhaps that's well deserved, but that's not what this talk is about. If you want to have fun at the expense of CAs, dig up one of Moxie's talks. This talk deals with the fact that your HTTPS site, and the sites that you use, probably don't even reach the level where you get to start worrying about certificates.

  I'm a transport security person so the model for this talk is that we have two computers talking over a malicious network. We assume that the computers themselves are honest and uncompromised. That might be a stretch in these malware-ridden times, but that's the area of host security and I'm not talking about that today. The network can drop, alter or fabricate packets at will. As a lemma, we also assume that the network can cause the browser to load any URL it wishes. The network can do this by inserting HTML into any HTTP request and we assume that every user makes some unencrypted requests while browsing.

[/snippets] permanent link

Interesting Snippets from 2012-07-23

• android-scripting - Scripting Layer for Android brings scripting languages to Android. - Google Project Hosting

  Scripting Layer for Android (SL4A) brings scripting languages to Android by allowing you to edit and execute scripts and interactive interpreters directly on the Android device. These scripts have access to many of the APIs available to full-fledged Android applications, but with a greatly simplified interface that makes it easy to get things done.

[/snippets] permanent link