Forgot your password?
typodupeerror

Comment: Re:Great answer and points made well (Score 1) 333

by LordActon (#38618826) Attached to: Ask Slashdot: Writing Hardened Web Applications?

I think we've arrived at something like agreement on the DBMS point. FYI SQL query optimizers are very different from JIT compilers. The basic reason is the 3-6 orders of magnitude difference between the speed of the CPU and that of the I/O. Index creation is too expensive and slow to be done dynamically to answer queries.

I agree that for all its faults COBOL makes screen handling easy. I don't remember the syntax anymore, but it's stupifyingly easy to read/write the fields by name on a form. I've never seen anything so, um, simple in GUI programming or web programming. And I wish the folks who developed HTTP/HTML had heard of a Communication Area and pseudo-converstational connections.

You actually can't do in COBOL everything you can do in C because it lacks explicit pointers. Without pointers you can't reference arbitrary locations in memory. That's why the only CICS system I ever designed had an assembler module for the non-standard stuff.

As for ditching TCP/IP, while I don't doubt Infiniband has its place, your reasoning has a few problems.

  1. Security-through-obscurity is thoroughly discredited. At least, Whitfield Diffie thinks so. David Wheeler's book is online and not a bad place to start if you want to update yourself on security.
  2. If you think "most IP stacks today are about 99.9995% secure" and you (implicitly) agree with my argument that bug counts decrease as code is used, why do you think your infiniband stack will be better?
  3. Using IP doesn't automatically mean the webserver is connected to "the network". That's a design descision. Nothing prevents segregating the networks.

Widely used, well tested software such as your IP stack is bound to be more secure than whatever you would replace it with, despite the fact that the attacker knows what you're using and may even have the source code to it.

If they hacked the security on the web server through IP, they can very likely find a way to hack the security of the database server using a similar exploit.

That's a big if. I don't know what "99.9995% secure" means (what the denominator?) but I don't believe there's ever been an exploit via the TCP stack. It's one of those highly improbable events that, if it ever did happen, would suddenly subject millions of machines to attack. Your database server would be the least of your worries.

Nearly infinitely more likely, I'm sure you agree, is something much more pedestrian: social engineering, MD5 leaks, etc. Whatever it is, it doesn't follow that the same vehicle will exist on the DBMS host, nor should it.

Finally, since we're both fans of simplicity in programming, I leave you with this:

There are two methods in software design. One is to make the program so simple, there are obviously no errors. The other is to make it so complicated, there are no obvious errors.
— C. A. R. Hoare

Comment: Re:You used banking as an example... good start (Score 1) 333

by LordActon (#38592424) Attached to: Ask Slashdot: Writing Hardened Web Applications?

You didn't hurt my feelings. I haven't written a line of COBOL since the summer of 1988. Rather, I was objecting to arrant nonsense masquerading as authoritative-sounding statements. That kind of thing can harm the reputation of Slashdot, you know.

all ISAMs are relational databases

Any defense you attempt of that proposition will only land you deeper in the tall grass. ISAM can't be "used as" a relational database because it lacks the fundamental facilities.

The most widely accepted informed definition of the relational model is the three-part test Codd described in 1978: structure, operations, and constraints. ISAM includes no algebra and very little in the way of constraint enforcement. It also fails most of Codd's 12 rules.

I think you might mean that ISAM files have keys, and that ISAM files can be arranged in ways that mimic normal forms. The comparison is superficially appealing and logically vacant. Sorry.

However, secure code does not use the SQL front end as such.

Do please tell. I'd especially like to know what "as such" means in that sentence. Googling "isam db2 site:ibm.com" fails to turn up anything relevant. Searching DB2 Documentation for "isam"s turned up nothing.

I'm not against the idea of using stored procedures.... So long as the stored procedures are required to check the format of their parameters

No, that's unnecessary for purposes of security. Again, one of the three legs of the relational model is constraints. The DBMS is perfectly capable — more capable than the stored procedure, more than the application — of preventing inconsistent data from entering the database. It can't ensure correctness; no mere machine can. But only the DBMS can enforce referential integrity and declared constraints versus other contemporaneous processes.

But you're right that if the webserver can only execute stored procedures and has no other rights in the DBMS, then the data are absolutely safe from arbitrary manipulation through SQL injection. (Yes, I understand the procedure could be written to execute its parameters as code. But anyone letting data in any form be executed in a web environment might as well start looking for other work now. Why wait until the fan gets dirty?)

By contrast, no file system offers any such protection. If the webserver can access any part of the file, it can access the whole file. Own the server and you own the data.

SQL is too generic for a secure system

I don't know what that means. I can't even venture a guess. I guess Lisp is too generic too for a secure system. That explains why Paul Graham is sleeping under bridges instead of funding startups.

I'm amazed ... you're defending a COBOL as not being crippled ... you can do absolutely anything, just need the APIs

I'm not defending COBOL. I can think of a dozen problems with it. I'm ridiculing the crippled/generic taxonomy you proposed. C has no I/O capability and no memory management save static storage and the stack. What can anyone do with such a toy? Exactly the same is true for Java. COBOL on the other hand, like Pascal, at least defines I/O in the language. Even with the stdio library, can you do in C what COBOL does in 64 lines?

Your basic assertion seems to be that a simple system is less vulnerable than a complicated one. While that's partly true, I have to remind you of Einstein's dictum to make things as simple as possible but no simpler. When you recommend eschewing tcp/ip as "too complex", I see an invitation to reinvent it badly. It's not easy to improve on the socket model, and the course of the development of TCP/IP is evidence enough that it is easy to go wrong. After all, by the time the attacker has sufficient control to put the Ethernet interface into promiscuous mode and listen to arbitrary traffic, he's already better ways to get at the data than sniffing the wire.

I'm sure you've found that the more any code is used, the more dependable it is. I suggest that's because bugs are found asymptotically, meaning that bugs are halved by doubling the use, meaning that only very old code is anywhere near bug-free. An exploit in the TCP/IP stack is therefore going to be orders of magnitude less likely than one in your MPI-over-Infiniband proposal.

So, while I agree that systems are easier to understand and harder to exploit the simpler they are, I don't agree that that's a good yardstick. The advances in security we've seen over the last 10 years don't rely on crippled languages. The focus has instead been on capability: a process either can or cannot do something. The system is broken into parts such that most parts are incapable of affecting much, and those that require power are severely constrained in what they can do. That was the approach successfully taken by Postfix, for example, which is about as Internet-facing an application as there is.

The DBMS can similarly curtail privilege using stored procedures. If implemented correctly by the DBA — and everything always depends on something being done right — the DBMS is invulnerable to any sloppiness or oversight on the part of the application.

The very fact that SQL injection is both widespread and easily prevented suggests that it's people, not technologies, that are the security hole. I assert that if COBOL and MVS had given rise to the Web instead of C and Unix, we'd be seeing MVS exploits instead. Unless in that alternate universe knowledge and quality were valued over time-to-market and reinvented wheels.

Comment: Re:You used banking as an example... good start (Score 1) 333

by LordActon (#38577792) Attached to: Ask Slashdot: Writing Hardened Web Applications?

COBOL is a crippled language. [...] COBOL is an insanely retarded language. COBOL is generally only used for processing things. [...] COBOL itself doesn't even store the data. Even though COBOL often has a crippled internal ISAM or possibly can use SQL. More often than not, COBOL is linked to a DB/2 database... which is more of a large scale ISAM as opposed to a SQL server.

Why is this noise modded up? The only true parts of that statement are equally true for C, depending on what "crippled" and "retarded" mean. The rest is best ignored. For example, I'm sure I've heard of C being used for processing things.

DB/2 sprang from System R, IBM's prototype RDBMS. It competed (indeed, competes) with the mother of all "large scale ISAM" systems, IMS. Last I checked, it represented about 20% of the SQL DBMS market in annual sales.

It's too bad more web programmers (and framework designers) don't know more about database security. I have yet to read about a SQL injection exploit that couldn't have been prevented through fairly basic security measures within the DBMS.

Comment: Re:A journalist makes money; a blogger doesn't (Score 1) 353

by LordActon (#38306456) Attached to: Bloggers Not Journalists, Federal Judge Rules

Hello? People who earn their pay from ad revenue make up the vast majority of journalists. Where else do you suppose the money to pay salaries at CBS and Time comes from?

I don't see how having an editorial staff standing between the writer and the ad buyer affects whether or not the writer is a journalist.

Comment: His debt, not yours (Score 1) 402

by LordActon (#37909892) Attached to: Ask Slashdot: How To Securely Share Passwords?
In the midst of your situation, it may help to remember you aren't responsible for your father's debts, including any issues with the auctions, sales, returns, etc. Don't fill the orders or accept the returns. Don't deal with it; it's not your problem. You have enough to deal with. If anyone asks you what you're going to do about it, tell them: nothing. Remind them the man they have a contract with is no longer here to honor it.

Comment: Re:You have one option... (Score 1) 495

by LordActon (#32567576) Attached to: Getting Paid Fairly When Job Responsibilities Spiral?

Do NOT threaten to leave. Don't hint at it. Your options are your options, unless you back yourself into a corner.

It's extremely aggressive. Put the shoe on the other foot: when was the last time your boss told you "Do it or you're fired"? How would you react? How would you react if it would't affect your income?

Remember, your job is much more important to you than to your boss. Treat it with respect, not like a poker chip.

Comment: Re:I do not think it means what you think it means (Score 1) 333

by LordActon (#32567026) Attached to: Apple Censors <em>Ulysses</em> App In Time For Bloomsday

In other words, whether hard or electronic copy, when you "buy" a book, you're really just licensing it, to put it in the words you used. There is no "bought."

Not true, else there would be no used book market. That battle was fought with publishers at the turn of the century. (The tune never changes, only the technology.) Publishers were including license agreements in books, setting terms of use that excluded, among other things, resale. The supreme court said if if looks like a sale, it is a sale, "license" notwithstanding.

(The OP asks What Happens When Corporations Become Publishers. I would think we already know, because most books are published and sold by corporations, and have been for a long time.)

Image

The White House Listed On Real Estate Website 123

Posted by samzenpus
from the been-for-sale-for-years dept.
Forget visiting the White House, if you have $10 million you can own it. At least that is the price for the president's home on the real estate website Redfin. From the article: "Obviously this is an error. It looks like Redfin software pulled an example listing from the website Owners.com by mistake. That example listing was the White House. We have e-mailed Redfin for comment." I know it's historic but it still looks a bit on the high side according to the comparables in the area.
Education

Recommendations For C++/OpenGL Linux Tutorials? 117

Posted by timothy
from the no-you-guide-me dept.
QuaveringGrape writes "After a few years of Python I've recently been trying to expand my programming knowledge into the realm of compiled languages. I started with C, then switched over to C++. A friend and longtime OpenGL programmer told me about NeHe's tutorials as a good step after the command-line programs started to get old, but there's a problem: all the tutorials are very Windows-based, and I've been using Linux as my single platform for a while now. I'm looking for suggestions for tutorials that are easy to learn, without being dumbed down or geared towards non-programmers."
Input Devices

Microsoft Docs Indicate Future Xbox 360 Support For USB Storage 130

Posted by Soulskill
from the good-thing-you-didn't-shell-for-the-big-hdd dept.
Internal Microsoft documents obtained by Joystiq indicate that its Xbox 360 console will gain support for USB storage devices some time this Spring. "According to the document, the USB mass storage device must be at least 1GB and the system will do a compatibility check. 'The system partition occupies 512 MB of space, and by default the consumer partition occupies the remainder of the device capacity, or 16 GB, whichever is smaller.' Upon inserting a blank USB storage device, 'consumers are offered two choices: "Configure now" or "Customize."' The 'Configure now' option will use 'the entire device capacity, up to the maximum of 512 MB plus 16 GB,' meaning, regardless of the overall size of the device you're using, the Xbox will only enable 16 GB of usable, non-system storage. The 'Customize' option will allow you to 'preserve some pre-existing, non-console data on the device' such as music." There have also been rumors of a new, smaller form factor for the 360, and hacker Ben Heck has given his thoughts on some leaked motherboard pictures.
Earth

Piezo Crystals Harness Sound To Generate Hydrogen 187

Posted by timothy
from the what's-shakin'? dept.
MikeChino writes "Scientists at the University of Wisconsin-Madison have discovered that a mix of zinc oxide crystals, water, and noise pollution can efficiently produce hydrogen without the need for a dirty catalyst like oil. To generate the clean hydrogen, researchers produced a new type of zinc oxide crystals that absorb vibrations when placed in water. The vibrations cause the crystals to develop areas with strong positive and negative charges — a reaction that rips the surrounding water molecules and releases hydrogen and oxygen. The mechanism, dubbed the piezoelectrochemical effect, converts 18% of energy from vibrations into hydrogen gas (compared to 10% from conventional piezoelectric materials), and since any vibration can produce the effect, the system could one day be used to generate power from anything that produces noise — cars whizzing by on the highway, crashing waves in the ocean, or planes landing at an airport."
Programming

Simpler "Hello World" Demonstrated In C 582

Posted by kdawson
from the non-obfuscated dept.
An anonymous reader writes "Wondering where all that bloat comes from, causing even the classic 'Hello world' to weigh in at 11 KB? An MIT programmer decided to make a Linux C program so simple, she could explain every byte of the assembly. She found that gcc was including libc even when you don't ask for it. The blog shows how to compile a much simpler 'Hello world,' using no libraries at all. This takes me back to the days of programming bare-metal on DOS!"
Microsoft

Visual Studio 2010 Forces Tab Indenting 390

Posted by kdawson
from the one-man's-readable dept.
An anonymous reader writes "For years, Microsoft has allowed Visual Studio users to define arbitrary tab widths, often to the dismay of those viewing the resultant code in other editors. With VS 2010, it appears that they have taken the next step of forcing tab width to be the same as the indent size in code. Two-space tabs anyone?"

Comment: Re:Donate (Score 1) 970

by LordActon (#30323622) Attached to: What Do You Do When Printers Cost Less Than Ink?
Facts, facts. http://reconnectpartnership.com/ In a lot of places, you can drop off any computer equipment at your local Goodwill Industries depot. I dropped of 12 machines one day. (I called ahead.) Your computer gets recycled and the computer industry pays. (Dell for one contributes some funding.) As it should be.

Comment: Re:Forget FAT/VFAT, make your own. (Score 1) 569

by LordActon (#29389695) Attached to: Which Filesystem Do You Use On Portable Media For Linux Systems?

First of all, FAT is patent encumbered and Microsoft's willing to go to court to protect it; so that's out.

If you honor the patent, you reinforce it. If you ignore it, you weaken it. Millions of Lilliputian cuts make it irrelevant. Why not join in?

Someone needs to make a good file system that matches FAT, but is more extensible.

Well, the thing about FAT is it's recognized by just about every computer on the planet and a lot of non-computers. How are you going to make your post-FAT filesystem accessible to hundreds of millions of Windows computers? If you don't do that, what data exchange problem have you solved?

If you don't care about nonfree OSes, a simple convention would suffice. If the kernel understood that, say, uid==0 && gid=-1 meant the same thing as chmod 777 and that all files created in such a directory got the directory's uid and gid, you'd have everything you want without even touching the fs code.

16.5 feet in the Twilight Zone = 1 Rod Serling

Working...