Forgot your password?
Close
typodupeerror

Comment Formal Language Theory (Score 1) 231

by massivedata (#46924883) Attached to: How To Prevent the Next Heartbleed
I agree with ThosLives, it was a design issue. Heartbleed could have been avoided if the input language was designed to be context-free. The error was caused by the use of a length field, which makes the input to the system context-sensitive. This was not necessary. Start and end delimiters could have been used instead, which would have made the vulnerability impossible. The input language to a software component should be recognised by a machine with the lowest computational power possible. In the case of a TLS hearbeat message a regular language would do the job. Comments which were mentioning it should not have been implemented in C were close to the mark, the input parser should have used only regular expressions. I have written a review of a paper on this topic which has changed the way I think about designing software inputs: http://edenduthie.com/2014/05/...
Classic Games (Games)

Chess Ratings — Move Over Elo 133

Posted by timothy from the checkmate-and-perhaps-match dept.
databuff writes "Less than 24 hours ago, Jeff Sonas, the creator of the Chessmetrics rating system, launched a competition to find a chess rating algorithm that performs better than the official Elo rating system. The competition requires entrants to build their rating systems based on the results of more than 65,000 historical chess games. Entrants then test their algorithms by predicting the results of another 7,809 games. Already three teams have managed create systems that make more accurate predictions than the official Elo approach. It's not a surprise that Elo has been outdone — after all, the system was invented half a century ago before we could easily crunch large amounts of historical data. However, it is a big surprise that Elo has been bettered so quickly!"

Slashdot Top Deals

Forty two.

Close