2011 May 30, 3:13"We covered the Newstweek, a wall-wart sized box that injects fake news stories over public WiFi connections last February, but now there’s a great walk through and it seems our doubts about this
project were disproved."
security journalism wifi hack technical 2011 May 28, 11:00
I wanted to ensure that my switch statement in my implementation of IInternetSecurityManager::ProcessURLAction had a case for every possible documented URLACTION. I wrote the following short
command line sequence to see the list of all URLACTIONs in the SDK header file not found in my source file:
grep URLACTION urlmon.idl | sed 's/.*\(URLACTION[a-zA-Z0-9_]*\).*/\1/g;' | sort | uniq > allURLACTIONs.txt
grep URLACTION MySecurityManager.cpp | sed 's/.*\(URLACTION[a-zA-Z0-9_]*\).*/\1/g;' | sort | uniq > myURLACTIONs.txt
comm -23 allURLACTIONs.txt myURLACTIONs.txt
I'm
not a sed expert so I had to read the
sed documentation, and I heard about
comm from Kris Kowal's blog which happilly was in the
Win32 GNU tools pack I
already run.
But in my effort to learn and use PowerShell I found the following similar command line:
diff
(more urlmon.idl | %{ if ($_ -cmatch "URLACTION[a-zA-Z0-9_]*") { $matches[0] } } | sort -uniq)
(more MySecurityManager.cpp | %{ if ($_ -cmatch "URLACTION[a-zA-Z0-9_]*") { $matches[0] } } | sort -uniq)
In
the PowerShell version I can skip the temporary files which is nice. 'diff' is mapped to 'compare-object' which seems similar to comm but with no parameters to filter out the different streams
(although this could be done more verbosely with the ?{ } filter syntax). In PowerShell uniq functionality is built into sort. The builtin -cmatch operator (c is for case sensitive) to do regexp is
nice plus the side effect of generating the $matches variable with the regexp results.
powershell tool cli technical command line 2011 May 26, 1:28This was on my todo list. I'll scratch it off knowing far more funded folks are doing this: "A startup called BlueStacks has developed an Android runtime environment for the Windows operating system.
It will enable users to run Android applications alongside conventional Windows software on Microsoft's operating system." "One example would be a convertible netbook tablet that normally runs
Windows but switches to an Android interface for greater touch-friendliness when the screen is flipped.
Such a product would offer the full power and multitasking capabilities of Windows but also benefit from having access to Android's broad touch-enabled software ecosystem."
windows programming android java technical 2011 May 26, 11:00
When you run clip.exe, whatever comes into its standard input is put onto the clipboard. So when you need to move the result of something in your command window somewhere else you can pipe the
result into clip.exe. Then you won't have to worry about the irritating way cmd.exe does block copy/pasting and you avoid having to manually fixup line breaks in wrapped lines. For instance, you
can put the contents of a script into the clipboard with:
more cdo.cmd | clip
I've got a lot of stuff dumped in my bin folder that I sync across all my PCs so I didn't realize that clip.exe is a part of standard Windows installs.
Nice for avoiding the block copy in cmd.exe but I'd prefer to have the contents sort of tee'd into the clipboard and standard output. So TeeClip.ps1:
$input | tee -var teeclipout | clip;
$teeclipout;
powershell clip tool clipboard cli technical windows tee 2011 May 24, 11:00
I always have trouble remembering where the opt goes in SAL in the __deref_out case. The mnemonic is pretty simple: the
_opt at the start of the SAL is for the pointer value at the start of the function. And the _opt at the end of the SAL is for the dereferenced pointer value at the end of the function.
SAL
|
foo == nullptr allowed at function start?
|
*foo == nullptr allowed at function end?
|
__deref_out void **foo
|
No
|
No
|
__deref_opt_out void **foo
|
Yes
|
No
|
__deref_out_opt void **foo
|
No
|
Yes
|
__deref_opt_out_opt void **foo
|
Yes
|
Yes
|
.
sal technical programming 2011 May 23, 4:26Applying CORS to the media elements: "I've added a content attribute to <img>, <video>, and <audio> that makes the image or media resource be fetched with CORS And have the origin
of the page if CORS succeeded. The attribute is "cross-origin" and it has two allowed values, "use-credentials" and "anonymous". The latter is the default, so you can just say <img cross-origin
src="data.png">."
cors crossdomain web browser webbrowser html technical 2011 May 22, 10:44Links to the IETF draft document of and describes the perf benefits of SSL False Start.
security google browser web webbrowser https performance ssl tls technical 2011 May 22, 10:36Notes and suggestions for private use fields in protocols and formats.
ietf rfc protocol technical private-use 2011 May 22, 7:20
I'm trying to learn and use PowerShell more, but plenty of other folks I know don't use PowerShell. To allow them to use my scripts I use the following cmd.exe batch file to make it easy to call
PowerShell scripts. To use, just name the batch file name the same as the corresponding PowerShell script filename and put it in the same directory.
@echo off
if "%1"=="/?" goto help
if "%1"=="/h" goto help
if "%1"=="-?" goto help
if "%1"=="-h" goto help
%systemroot%\system32\windowspowershell\v1.0\powershell.exe -ExecutionPolicy RemoteSigned -Command . %~dpn0.ps1 %*
goto end
:help
%systemroot%\system32\windowspowershell\v1.0\powershell.exe -ExecutionPolicy RemoteSigned -Command help %~dpn0.ps1 -full
goto end
:end
Additionally for PowerShell scripts that modify the current working directory I use the following batch file:
@echo off
if "%1"=="/?" goto help
if "%1"=="/h" goto help
if "%1"=="-?" goto help
if "%1"=="-h" goto help
%systemroot%\system32\windowspowershell\v1.0\powershell.exe -ExecutionPolicy RemoteSigned -Command . %~dpn0.ps1 %*;(pwd).Path 1> %temp%\%~n0.tmp 2> nul
set /p newdir=
powershell technical programming batch file console 2011 May 10, 10:49Interesting standards disagreements showing up in specs: "Some implementers feel a same-origin restriction should be the default for all new resource types while others feel strongly that an opt-in
strategy usuable for all resource types would be a better mechanism and that the default should always be to allow cross-origin linking for consistency with existing resource types (e.g. script,
images). As such, this section should be considered at risk for removal if the consensus is to use an alternative mechanism."
reference web development font specification w3c css3 2011 May 2, 7:33I recalled that the order of function/method parameter evaluation was not specified by C++ standard, but I didn't know the more general rule and the associated implications for the double check
locking construct. Interesting.
technical c++ programming 2011 May 1, 7:51"The hilarious speeches by Seth Meyers and Barack Obama at the 2011 White House Correspondents’ Dinner. Seth and Obama really let Trump have it in their speechs. Trump’s reaction in the audience is
priceless."
humor politics barack-obama seth-meyers video white-house-correspondents-dinner 2011 Apr 30, 4:33"The HTTP-based Memento framework bridges the present and past Web by interlinking current resources with resources that encapsulate their past. It facilitates obtaining representations of prior
states of a resource, available from archival resources in Web archives or version resources in content management systems, by leveraging the resource's URI and a preferred datetime. To this end, the
framework introduces datetime negotiation (a variation on content negotiation), and new Relation Types for the HTTP Link header aimed at interlinking resources with their archival/version resources.
It also introduces various discovery mechanisms that further support briding the present and past Web."
technical rfc reference http header time memento archive 2011 Apr 30, 4:05"This document discusses our experiences from moving a small number of users to an IPv6-only network, with access to the IPv4-only parts of the Internet via a NAT64 device. The document covers
practical experiences as well as road blocks and opportunities for this type of a network setup. The document also makes some recommendations about where such networks are applicable and what should
be taken into account in the network design. The document also discusses further work that is needed to make IPv6-only networking applicable in all environments."
internet ip ipv6 ipv4 nat technical reference 2011 Apr 29, 3:54That’s What She Said: Double Entendre Identification
Chlo´e Kiddon and Yuriy Brun
Computer Science & Engineering
University of Washington
Seattle WA 98195-2350
fchloe,brung@cs.washington.edu
technology humor twss science paper csc technical system:filetype:pdf system:media:document 2011 Apr 27, 3:12Prescriptive spec on URI parsing. "This document contains a precise specification of how browsers process URLs. The behavior specified in this document might or might not match any particular
browser, but browsers might be well-served by adopting the behavior defined herein."
technical rfc reference uri 2011 Apr 27, 2:23"The gradual disappearance of open wireless networks is a tragedy of the commons, with a confusing twist of privacy and security debate. This essay explains why the progressive locking of wireless
networks is harmful — for convenience, for privacy and for efficient use of the electromagnetic spectrum."
law eff wireless internet technical privacy security 2011 Apr 27, 2:22"Larry Lessig gave a new talk at CERN last week about copyright and how it has affected open access to academic or scientific information"
The Architecture of Access to Scientific Knowledge from lessig on Vimeo.
copyright science lawrence-lessig video talk 2011 Apr 27, 2:21Competing price setting algorithms create a very high priced book. "But Peter Lawrence can now comfortably boast that one of the biggest and most respected companies on Earth valued his great book at
$23,698,655.93 (plus $3.99 shipping)."
humor internet blog science book commerce ad