Transcript of the Chua-Wiegley Chat Video

Posted on 2012-07-04 by jcs

For those of you who prefer reading to listening, Sacha Chua has posted a transcript of her recent video chat with John Wiegley. As I previously described, the chat was about how Wiegley leverages the power of Emacs to optimize his daily work flow. Chua has a link to the video on the page with the transcript so if you haven’t seen it, you have your choice of reading the transcript or watching the video. Or, if you’re an overachiever, both.

Posted in General | Tagged | 0 Comments

Oh Oh: RSA SecurID 800 Token broken

Posted on 2012-07-03 by jcs

The RSA SecurID 800 token is a small USB device that authenticates users when they sign on to secure computers. It offers two factor authentication and contains encrypted keys and credentials that are, in theory, inaccessible to users or attackers. Now Ars Technica is reporting that researchers have a developed a new attack that recovers the keys in about 13 minutes.

Needless to say, this is really bad news for RSA. It’s also bad news for many other manufacturers of similar devices since their tokens are also susceptible to the attack. The exploit is a modified Bleichenbacher attack (from the 1990s) that reduces the work enough to make the inefficient Bleichenbacher attack practical.

The Ars Technica article has a link to a paper describing the attack but for the curious non-expert, I recommend this post by Matthew Green. It does a good job of describing the problem and gives an outline of how the attack works.

Posted in General | Tagged | 0 Comments

The Google Billboard Puzzle

Posted on 2012-07-02 by jcs

A recent Programming Praxis problem resurrected the famous Google billboard puzzle. Back in July of 2004, Google put up billboards all over the country reading

{FIRST 10-DIGIT PRIME IN CONSECUTIVE DIGITS OF E}.COM

Those who solved the problem and followed the link found another puzzle whose answer was the password to a second site. The second site was an invitation to submit a CV to Google. All-in-all a pretty effective way of advertising for the type of engineers that Google was looking for.

The first puzzle (finding the 10-digit prime) isn’t hard in principle: generate the digits of e and check each consecutive group of 10 for primality. But consider for a moment how you would have gone about solving the problem. The first step is generating the digits of e. A recent Programming Praxis problem deals with this but the algorithm is complicated and given in terms of the code used to implement it. That’s neither interesting nor enlightening and in any event we only want the digits once so there’s no point in spending a lot of time writing code to generate them. Instead, we can go to this NASA site and get the first million digits of e already calculated for us. Of course, it may be that the first 10-digit prime is not in the first million digits but, in context, that seems unlikely and it is, in any event, easy enough to check that it’s worth using as a first attempt.

The second problem is checking for primality. A 10-digit number is small enough that we can simply try factoring them using, for example, the Unix factor command. But it just so happens that I have an implementation of the Miller-Rabin primality test lying around so let’s just use that.

;; In case you want to finish in this lifetime.
;; Using ash makes no appreciable difference.
;; (pushnew :use-ash *features*)
(defun modexp (b e n)
  "Modular exponentiation"
  (flet ((sqmod (x n) (mod (* x x) n)))
    (cond ((zerop e) 1)
#-use-ash ((evenp e) (modexp (sqmod b n) (/ e 2) n))
#-use-ash (t (mod (* b (modexp (sqmod b n) (/ (1- e) 2) n)) n))
#+use-ash ((evenp e) (modexp (sqmod b n) (ash e -1) n))
#+use-ash (t (mod (* b (modexp (sqmod b n) (ash e -1) n)) n)))))

(defun canonicalize (n)
  "Express n as (2^r)s + 1, where s is odd."
  (do ((r 0 (1+ r)) (s (1- n) (ash s -1)))
      ((oddp s) (values r s))))

(defun check (r s n)
  "Miller-Rabin primality check"
  (let* ((n-1 (1- n)) (a (1+ (random n-1))))
    (or (= (modexp a s n) 1)
        (dotimes (j (1+ r) nil)
          (if (= (modexp a (* (ash 1 j) s) n) n-1)
              (return t))))))

(defun primep (n)
  "Make 50 checks for primality of n. Probability of a false positive is
less than 8e-31."
  (if (or (and (/= n 2) (evenp n)) (< n 0))
      nil
      (multiple-value-bind (r s) (canonicalize n)
        (dotimes (k 50 t)
          (if (not (check r s n))
              (return nil))))))

The Miller-Rabin test is probabilistic so each number has 50 checks applied to it before it’s accepted as prime.

With those two parts of the solution in place, it’s easy to find the prime

(defparameter eo10  ;;digits truncated for display
  "271828182845904523536028747135266249775724709
369995957496696762772407663035354759457138217852
516642742746639193200305992181741359662904357290
033429526059563073813232862794349076323382988075
319525101901157383418793070215408914993488416750
92447614606680822648001684774...")

(defun search-for-prime ()
  (let ((end (- (length eo10) 10)))
    (do ((i 0 (1+ i)))
        ((> i end) nil)
      (with-input-from-string (s eo10 :start i :end (+ i 10))
        (if (miller-rabin:primep (read s))
            (return (subseq eo10 i (+ i 10))))))))

When we run this, we get the solution almost immediately

CL-USER> (search-for-prime)
"7427466391"

We can, if we like, check this using factor but a 50 iteration Miller-Rabin test is pretty definitive. In terms of this problem, we’ll know right away if we’re wrong because 7427466391.com won’t resolve.

Posted in Programming | Tagged | 0 Comments

Programming Metric: -2000 LOC

Posted on 2012-07-01 by jcs

Over at Folklore, Andy Hertzfeld has a wonderful story about management’s obsession with non-sensible programming metrics. Who among us has not, at one time or another in our career, been subjected to a manager who thought that lines of code written was an excellent way of measuring programmer productivity? If your answer is, “Not me” then you are either extraordinarily lucky or just starting out.

Hertzfeld relates how in 1982 when Apple was making a big push to get the Lisa software out the door, some manager decreed that every programmer would submit a weekly report detailing how many lines of code they had written that week. Bill Atkinson, author of Quickdraw, the main interface designer, and, as described by Hertzfeld, the most important Lisa developer, thought the whole thing was silly and that his job was to write the smallest most efficient code he could.

One week, while working on the Quickdraw region calculation engine, Atkinson rewrote the code, replacing the algorithm with a more efficient one that made the calculations 6 times faster and reduced the size by 2000 lines of code. In that week’s report, Atkinson recorded his productivity as -2000 lines of code. Heltzfeld reports that after a couple of weeks management no longer asked Atkinson to fill out the report.

It’s one of those stories that makes you think, “Gee, I wish I’d done that.” These days, you probably find this obsession with lines of code only in large corporate coding farms but to those who’ve been there, the story is hilarious.

Posted in Programming | Tagged | 0 Comments

A New Emacs Trick

Posted on 2012-06-30 by jcs

Well, new to me anyway. Xah Lee and the folks over at the ErgoEmacs Google+ Group discovered a nifty Emacs command (apparently from a Sacha Chua tweet) that does something I’ve often wanted to do. Suppose you want to kill some text, move to another part of the buffer and kill some more text and then be able to yank both kills at once. It turns out that there’s a nice way of doing that:

  • Kill the first batch of text
  • Move to the next text to kill
  • Type 【Ctrl+Meta+w
  • Kill the second batch of text

Now when you yank with 【Ctrl+y】 you get both kills together.

The 【Ctrl+Meta+w】 runs the append-next-kill command that causes the kills to be appended. As I say, this is something I often want to do, particularly when I’m moving code around. Thanks to Sacha, Xah, and the ErgoEmacs folks for letting us know about this.

Posted in General | Tagged | 0 Comments

Google: Hardware Manufacturer

Posted on 2012-06-29 by jcs

Robert McMillan over at Wired Enterprise has an interesting article in which he reports that Google claims to be one of the world’s largest hardware makers. We’ve all heard stories about how Google custom builds much of its equipment but I always imagined a medium sized shop with four or five guys assembling servers. Apparently, it’s much bigger than that.

Google, it seems, designs its own servers, network gear, and possibly other computing equipment and farms out the actual manufacturing to the same Taiwanese and Chinese companies that make machines for Dell and HP. Google is pretty secretive about their hardware work so few details are actually known. Much of the material for McMillan’s report came from Google’s CFO Patrick Pichette during the annual stockholders’ meeting. These details were apparently given to help convince the stockholders that Google has the requisite hardware expertise to handle the Motorola mobile phone acquisition.

McMillan has some interesting speculation as to what this could mean for hardware manufacturers such as Dell, HP, Cisco, and Juniper as more and more companies move to the cloud and consider building out their own data centers. Follow the link to get the full story; it’s pretty interesting.

Posted in General | 0 Comments

Video Chat on Emacs

Posted on 2012-06-28 by jcs

The ever energetic Sacha Chua has a nice video chat up with John Wiegley about Emacs. Wiegley, the author of eshell, is one of those users who pretty much lives in Emacs and he has spent a lot of time optimizing his work flow to leverage Emacs. In this chat, he and Chua talk about that work flow and how he uses Emacs. Wiegley also talks about some of the Emacs hacks he’s implemented to help with his day to day work. It’s an interesting video and worth 40 minutes of your time.

In addition to the video, Chua has a link to Wiegley’s Github page where you can find his init.el and the associated files he uses. Those are also worth studying because he has a lot of good ideas in them.

Posted in General | Tagged | 3 Comments

Newspapers

Posted on 2012-06-27 by jcs

As longtime readers of Irreal know, I have a fascination for the various media and how they are coping in the digital age. One of the media sectors about which I haven’t had much to say is newspapers. Mostly that’s because I don’t read newspapers and haven’t for many years. I use to be voracious reader of them, often devouring two a day but I came to see them as broken products. The reporting that wasn’t outright tendentious was flabby and often significantly wrong. Michael Creighton famously described the situation with the Gell-Mann Amnesia Effect. As techies, we’re all familiar with the effect. When was the last time you read a story about a technical subject in a newspaper that didn’t have significant errors and a complete lack of understanding?

The other day I saw an excellent article over at Gigacom by Mathew Ingram on newspapers and their failure to thrive in the digital age. Ingram has a key insight that, while obvious, hadn’t occurred to me. Newspapers’ customers are not their readers but their advertisers. Ingram points out that most often even the newspapers themselves fail to remember this and act as if their readers really were the customers. That explains pay walls and talk about how the readers should be willing to pay for the content they consume. That would make sense if, in fact, the readers were the customers but they’re not. The advertisers are.

That fact, Ingram says, also explains why newspapers in their current form are doomed. Before the Internet, the papers were able to establish monopolies on information delivery but those monopolies were really monopolies on the delivery of printed advertising into targeted areas such as cities or metropolitan areas. Those days are gone. These days, advertisers have a choice of several advertising channels many of which offer more finely targeted advertising than newspapers were ever able to offer. And if an advertiser wants the broad based advertising that newspapers specialized in, Ingram says, they have billions of websites on which they can drop a cheap display banner.

Follow the link to find out what Ingram thinks the future holds for newspapers. Most people can’t imagine a world without newspapers but I can tell you that my little corner of the world has been newspaper free for some time and it’s quite pleasant. As I wrote in Living Without Flash, I was sure I’d miss all the content that Flash brought me but after it was gone, I didn’t miss it at all and hardly noticed its absence.

Posted in General | 0 Comments

Dribble

Posted on 2012-06-26 by jcs

Nicholas May, on his blog Because two cents wasn’t enough, reminds me of something I’d long forgotten: The dribble command in Common Lisp. What dribble does is record a Lisp session much like the Unix script command or the Scheme transcript-on/transcript-off commands. To start the recording, execute the command

(dribble file-name)

and dribble will start recording your REPL session into the file-name file. You can stop the recording by executing

(dribble)

This functionality is more useful than you might think. The canonical use, I suppose, is for students to record homework sessions. It’s also useful for recording bits of a REPL session that you want to include in a book, report, or blog post. It has the advantage of showing exactly what happened during the session. It’s not something you’ll use everyday, but when you want to capture a session, it’s just what you need.

Posted in Programming | Tagged | 0 Comments

More On Lexical Scoping

Posted on 2012-06-25 by jcs

Yesterday I posted a reminder about Yoo Box’s excellent article on lexical binding in Emacs 24. I recently came across a post by Sergey M over at On elisp and programming in general that also considers lexical scoping in Emacs 24. This post has additional information from that given by Box so it is also worth a look if you’re trying to figure out how lexical binding works and what it can do for you.

Posted in Programming | Tagged , | 0 Comments