2009 Aug 24, 9:52Notes on how bin diff'ing tools work and thoughts on defeating them. "We call the threat "1-day exploits". Just few minutes after the release of patches, binary diffing technique can be used to
identify the vulnerabilities that the security patches are remedying."
exploit security binary diff tool research technical system:filetype:pdf system:media:document 2009 Aug 14, 6:20"This paper presents efficient off-line anonymous e-cash schemes where a user can withdraw a wallet containing coins each of which she can spend unlinkably."
money future reference research economics cryptography technical system:filetype:pdf system:media:document 2009 Jul 27, 5:27"Parallel and Distributed Computation:Numerical Methods", Bertsekas, Dimitri P.; Tsitsiklis, John N., 2003-11-21
programming mit pdf algorithm distributed parallel math todo technical 2009 Mar 6, 5:16
I've found while debugging networking in IE its often useful to quickly tell if a string is encoded in UTF-8. You can check for the Byte Order Mark (EF BB BF in UTF-8) but, I rarely see the BOM on
UTF-8 strings. Instead I apply a quick and dirty UTF-8 test that takes advantage of the well-formed UTF-8 restrictions.
Unlike other multibyte character encoding forms (see Windows supported character sets or IANA's list of character sets), for example Big5, where sticking together any two bytes is more likely than not to give a valid byte sequence, UTF-8 is more restrictive. And unlike
other multibyte character encodings, UTF-8 bytes may be taken out of context and one can still know that its a single byte character, the starting byte of a three byte sequence, etc.
The full rules for well-formed UTF-8 are a little too complicated for me to commit to memory. Instead I've got my own simpler (this is the quick part) set of rules that will be mostly correct (this
is the dirty part). For as many bytes in the string as you care to examine, check the most significant digit of the byte:
-
F:
-
This is byte 1 of a 4 byte encoded codepoint and must be followed by 3 trail bytes.
-
E:
-
This is byte 1 of a 3 byte encoded codepoint and must be followed by 2 trail bytes.
-
C..D:
-
This is byte 1 of a 2 byte encoded codepoint and must be followed by 1 trail byte.
-
8..B:
-
This is a trail byte.
-
0..7:
-
This is a single byte encoded codepoint.
The simpler rules can produce false positives in some cases: that is, they'll say a string is UTF-8 when in fact it might not be. But it won't produce false negatives. The following is table
from the
Unicode spec. that actually describes well-formed UTF-8.
|
Code Points
|
1st Byte
|
2nd Byte
|
3rd Byte
|
4th Byte
|
|
U+0000..U+007F
|
00..7F
|
|
U+0080..U+07FF
|
C2..DF
|
80..BF
|
|
U+0800..U+0FFF
|
E0
|
A0..BF
|
80..BF
|
|
U+1000..U+CFFF
|
E1..EC
|
80..BF
|
80..BF
|
|
U+D000..U+D7FF
|
ED
|
80..9F
|
80..BF
|
|
U+E000..U+FFFF
|
EE..EF
|
80..BF
|
80..BF
|
|
U+10000..U+3FFFF
|
F0
|
90..BF
|
80..BF
|
80..BF
|
|
U+40000..U+FFFFF
|
F1..F3
|
80..BF
|
80..BF
|
80..BF
|
|
U+100000..U+10FFFF
|
F4
|
80..8F
|
80..BF
|
80..BF
|
test technical unicode boring charset utf8 encoding 2009 Feb 28, 11:34"It's completely nuts... It's a book about what if the Rapture actually happened, and that's all I'm gonna tell you." -Junot Diaz, 2008 Pulitzer Prize Winner for Fiction
creativecommons comic literature religion magic download pdf 2009 Jan 15, 4:57Lovely travel visualization: "We've generated what we call the Personal Annual Report for all our users. It's a unique-to-you PDF of data, visualisations and factoids about your travel in 2008, that
we're delivering over the next week via email to every Dopplr user who travelled in 2008. To give you an example, we thought we'd show you the Personal Annual Report of someone who's had a very busy
2008 - President Elect Barack Obama."
via:mattb visualization blog dopplr obama travel statistics map 2008 Nov 13, 10:21"Ever since I read about the incremental updates feature of the PDF file format, I've been patiently waiting for a malicious PDF document with incremental updates to come my way. Thanks to Bojan,
that day has finally arrived."
pdf security javascript exploit malware adobe 2008 May 13, 3:59Displays PDFs using Flash. Is Flash really the lesser of the two evils?
pdf flash browser web 2008 May 12, 2:38Nine Inch Nails latest album 'The Slip' is available for free to download. Got mine as a zip of mp3s including cover art as pdf, although other audio formats are available. OK!
nin music free download 2008 Mar 6, 2:22Using IE's mimetype sniffing for XSS attacks.
mime http sniffing sniff security browser ie ie7 pdf 2008 Mar 3, 10:16The manual for the SD800IS digital camera.
camera manual reference product canon sd800is pdf 2007 Apr 5, 10:26A microformats cheat sheet.
microformats pdf reference cheatsheet 2007 Apr 4, 9:15CutePDF lets you print things out to a PDF file.
pdf print windows free software download
Some rights reserved