Micropost on Karpoke - Just Another Blog

EML: una función para generarlas a todas

Mon, 27 Apr 2026 17:27:44 +0100

El operador Exp–Minus–Log (EML) muestra que, usando una sola función (y la constante 1), se pueden generar números, operaciones y funciones elementales —desde e hasta la unidad imaginaria— mediante expresiones anidadas. Este artículo explica la construcción, ofrece ejemplos y plantea dudas sobre posibles argumentos circulares.

» ^DiAmOnD^ | gaussianos.com

Cyphering Prompts & Answers para evadir Guardarraíles

Wed, 01 Apr 2026 17:00:09 +0100

La técnica de utilizar las capacidades de cifrado para saltar los controles de los guardarraíles fue publicada en el año 2023, y se basa en establecer con el modelo unas reglas de cifrado y descifrado del contenido, para luego enviarle el contenido de otro Prompt cifrado, y que él mismo lo ejecute.

» elladodelmal.com | elladodelmal.com

ASCII characters are not pixels: a deep dive into ASCII rendering

Wed, 01 Apr 2026 14:33:54 +0100

A look at how I used shape vectors to achieve sharp, high-quality ASCII rendering.

» alexharri.com | alexharri.com

Cómo ver documentales del ciclo reproductivo de la langosta por Internet/IPTV [Tutorial]

Sat, 07 Mar 2026 14:41:38 +0100

Tutorial humorístico que explica, usando la metáfora de “documentales sobre el ciclo reproductivo de la langosta”, cómo ver contenido de IPTV por Internet mediante Acestream, VPNs (Mullvad, CyberGhost) y proxies para sortear los bloqueos de los ISPs españoles impuestos por orden judicial.

» carademalo | meneame.net

Scaling PostgreSQL

Sat, 28 Feb 2026 22:11:48 +0100

How OpenAI scaled PostgreSQL to handle millions of queries per second for 800 million users. Through rigorous optimizations, connection pooling, caching strategies, and careful workload isolation, PostgreSQL powers ChatGPT with a single primary and nearly 50 read replicas across regions.

» Bohan Zhang | openai.com

The Internet Was Weeks Away From Disaster and No One Knew

Sat, 28 Feb 2026 21:51:07 +0100

How a single hack infected the world’s most important operating system.

» Veritasium | youtube.com

Build a Hash Table in Python With TDD – Real Python

Sat, 28 Feb 2026 15:58:32 +0100

In this step-by-step tutorial, you’ll implement the classic hash table data structure using Python. Along the way, you’ll learn how to cope with various challenges such as hash code collisions while practicing test-driven development (TDD).

» Real Python | realpython.com

Blue Light Filters Don't Work

Wed, 25 Feb 2026 00:00:00 +0100

A deep dive into the science behind blue light filters and why they may not actually be as effective as commonly claimed. Explores the research on how blue light affects sleep, eye strain, and cognitive performance.

» Patrick Mineault | neuroai.science

Por qué Linux AHORA es tan bueno en GAMING?

Tue, 24 Feb 2026 06:10:21 +0100

Por qué Linux AHORA es tan bueno en GAMING?

» Nate Gentile | youtube.com

Fundamentos de Inteligencia Artificial - Segunda parte: Orígenes

Fri, 20 Feb 2026 15:30:07 +0100

La Inteligencia Artificial tiene mucha relación con el Linuxverso, por ello, hoy te ofrecemos esta segunda parte para aprender más sobre ella.

» Jose Albert | blog.desdelinux.net

Resolve DNS name in ubuntu

Tue, 17 Feb 2026 17:09:24 +0100

Enabling Active Directory DNS Resolution on Ubuntu Problem Statement: An Ubuntu VM needs to communicate with several Windows VMs that are m…

» tuxthink.blogspot.com | tuxthink.blogspot.com

Adiós a las excusas. Cómo monté mi VS Code en un servidor

Tue, 17 Feb 2026 17:09:18 +0100

Aprende a montar tu entorno de desarrollo remoto con Code Server y Docker para programar profesionalmente desde cualquier tablet Android o navegador.

» atareao con Linux | atareao.es

Why is Debian Called the Universal Operating System, Again?

Tue, 17 Feb 2026 17:08:10 +0100

Debian’s official tagline is “Universal Operating System”. It’s more than just a tagline: it’s a deeper concept that underpins the very nature of Debian as a project.

» It’s FOSS | itsfoss.com

Linus Torvalds, creador de Linux: "La programación es como cualquier deporte, tienes que trabajar duro. Si solo juegas al golf un día a la semana, no mejoras mucho"

Mon, 16 Feb 2026 10:43:04 +0100

Linus Torvalds, creador de Linux, compara la programación con el deporte: para mejorar hay que practicar constantemente. Reflexiones sobre dedicación, disciplina y el futuro del desarrollo de software.

» elhacker.NET | blog.elhacker.net

1995: El punto de inflexión de la ofimática y la informática personal

Fri, 13 Feb 2026 13:59:28 +0100

1995: El punto de inflexión de la ofimática y la informática personal

» Manuel Llaca | parceladigital.com

How to Save Multiple Drafts in Git: A Guide to Using Stash

Mon, 09 Feb 2026 17:54:04 +0100

Writing code can be similar to writing tutorials. In both cases, you’ll typically need to create and work on multiple drafts before reaching the final version. In an ideal setting, you would write cod

» freeCodeCamp.org | freecodecamp.org

5 veces que la termodinámica casi rompe la realidad (y por qué no lo hizo)

Mon, 09 Feb 2026 11:07:40 +0100

La termodinámica tiene mala fama: se enseña como la ciencia de las máquinas de vapor y los pistones. Pero si la estudias en profundidad y te acercas a sus límites, deja de ser ingeniería aburrida para convertirse en pura filosofía. Desde demonios que abren puertas moleculares hasta agujeros negros que se evaporan: un viaje matemático por los límites donde las reglas del universo parecen quebrarse.

» Jose Luis Bernal | aulaquest.com

Emuladores legales para tener una consola con miles de juegos retro

Sun, 08 Feb 2026 16:59:36 +0100

Recopilación de emuladores legales que permiten jugar a miles de juegos retro de consolas clásicas, con opciones para diferentes plataformas y sistemas operativos.

» elhacker.NET | blog.elhacker.net

paste: combina lineas de varios ficheros de forma horizontal

Wed, 04 Feb 2026 18:00:12 +0100

Herramienta para combinar líneas de uno o varios archivos en columnas, ideal para unir datos y generar tablas simples desde la terminal.

» voidNull | voidnull.es

Top 2026 de proyectos de ciberseguridad en GitHub

Tue, 03 Feb 2026 13:00:46 +0100

Recopilación de los mejores proyectos de ciberseguridad disponibles en GitHub para el año 2026, incluyendo herramientas de pentesting, análisis de vulnerabilidades y recursos de formación.

» HackHispano | foro.hackhispano.com

El Superprogramador: cómo la IA está cambiando el futuro de los programadores

Tue, 03 Feb 2026 12:59:27 +0100

La IA está afectando a todas las áreas productivas. Hoy por hoy, parece que los más afectados somos los programadores, ya que es por donde ha empezado a func

» Cecilio Álvarez Caules | arquitecturajava.com

¿Cuántos parámetros son demasiados parámetros?

Tue, 03 Feb 2026 12:57:49 +0100

¿Cuántos parámetros son demasiados parámetros?

» José María Aguilar (jmaguilar) | variablenotfound.com

The "Vibe Coding" Disaster: How a Simple Bug Exposed 4.75 Million Records on the AI Social Network Moltbook

Tue, 03 Feb 2026 12:56:02 +0100

Wiz Research exposes a critical flaw in Moltbook, the AI-only social network. 1.5M API tokens and plaintext OpenAI keys leaked due to AI-coded security gaps.

» Ddos | securityonline.info

cpx: una alternativa moderna y más rápida al comando cp en Linux | SoloLinux

Fri, 30 Jan 2026 21:47:41 +0100

Lejos de pretender sustituir directamente a cp, cpx se presenta como una alternativa moderna pensada para escenarios más exigentes…

» RubenMaverick | sololinux.es

Le preguntaron a Richard Stallman: ¿Es mala la piratería de software?

Fri, 30 Jan 2026 16:55:27 +0100

El pasado viernes, Richard Stallman, de 72 años, ofreció una presentación de dos horas y 20 minutos en el Instituto Tecnológico de Georgia, donde habló sobre temas como la IA, los coches conectados , los smartphones, las leyes de verificación de edad y su distribución de Linux…

» Javier Orovengua | linuxparty.es

El maravilloso ojo humano ¿seguro?

Fri, 30 Jan 2026 12:43:45 +0100

Uno de los principales “argumentos” que han expuesto desde siempre los creyentes de las alucinaciones judeocristianas para defender la existencia de un dios “creador” y negar el evolucionismo ha si…

» La Ciencia y sus Demonios | cnho.wordpress.com

File Format Gallery for Kaitai Struct

Thu, 29 Jan 2026 09:56:38 +0100

Kaitai Struct is a formal language for binary format specification that can be compiled into parser code

» formats.kaitai.io | formats.kaitai.io

Richard Stallman, el inventor del código abierto: "Llaman inteligencia artificial a lo que no es, yo lo llamo inteligencia fingida"

Mon, 26 Jan 2026 16:41:57 +0100

Richard Stallman, fundador del movimiento del software libre, critica el término “inteligencia artificial” y propone llamarla “inteligencia fingida”, argumentando que estos sistemas no poseen verdadera inteligencia.

» elhacker.NET | blog.elhacker.net

Learn Dynamic Programming Through Dynamic Visuals

Wed, 21 Jan 2026 20:20:31 +0100

Dynamic programming (DP) is often considered one of the most intimidating topics in coding interviews. It has a reputation for being abstract and counterintuitive, but it doesn’t have to be. We just published a comprehensive Dynamic Programming cours…

» freeCodeCamp.org | freecodecamp.org

Libros de "Ciberseguridad paso a paso" disponibles para descarga gratuita

Mon, 12 Jan 2026 11:07:23 +0100

Libros de “Ciberseguridad paso a paso” disponibles para descarga gratuita. Recursos de formación en ciberseguridad publicados por Chema Alonso en su blog El lado del mal.

» Chema Alonso | elladodelmal.com

Unit testing your code’s performance, part 1: Big-O scaling

Sun, 11 Jan 2026 14:21:47 +0100

Your software’s speed needs some form of testing; big-O scaling is a good starting point.

» Itamar Turner-Trauring | pythonspeed.com

8 WhatsApp Features to Boost Your Security and Privacy

Tue, 06 Jan 2026 09:18:28 +0100

Meta’s end-to-end encrypted messaging app is used by billions of people. Here’s how to make sure you’re one of the most locked-down ones out there.

» Kate O’Flaherty | wired.com

6.4: Viroides, Virusoides y Priones

Mon, 05 Jan 2026 11:27:44 +0100

Otros agentes acelulares como viroides, virusoides y priones también causan enfermedades. Los viroides consisten en ARNmc pequeños y desnudos que causan enfermedades en las plantas. Los …

» LibreTexts Español | espanol.libretexts.org

Efecto: Building Real-Time ASCII and Dithering Effects with WebGL Shaders | Codrops

Mon, 05 Jan 2026 11:26:20 +0100

An exploration of how classic image algorithms and CRT-era visuals come alive through real-time shaders on the web.

» Codrops | tympanus.net

¿Recordáis el paper sobre agujeros negros que llegó a portada? He programado una simulación

Sat, 03 Jan 2026 16:23:27 +0100

Hace unos días, el comentario más votado en la noticia sobre la simulación de agujeros negros decía justamente eso:

» Menéame | meneame.net

Implicit string concatenation

Fri, 02 Jan 2026 01:02:07 +0100

Python automatically concatenates adjacent string literals thanks to implicit string concatenation. This feature can sometimes lead to bugs.

» Trey Hunner | pythonmorsels.com

Debugging Microservices: A Journey into Distributed Debugging | HackerNoon

Thu, 01 Jan 2026 12:45:08 +0100

A framework for debugging microservices using gRPC interceptors to automatically collect and propagate debug information across service calls.

» HackerNoon | hackernoon.com

Una sola pregunta para mejorar tu carrera profesional en 2020

Thu, 26 Dec 2019 16:49:00 +0100

El consultor José Miguel Bolívar (@jmbolivar) clasifica los comportamientos productivos en cuatro niveles:

Eficacia es prestar atención a las cosas correctas.

Eficiencia es prestar la atención correcta a cada cosa.

Efectividad es prestar la atención correcta a las cosas correctas.

Equilibrio es prestar la atención adecuada a todas las cosas. Tal vez no muchos directivos y profesionales puedan asegurar que están siquiera en el nivel 1 de productividad, es decir, que están prestando atención a las “cosas correctas”, porque para poder hacerlo, antes hay que decidir de forma específica cuáles son ahora los objetivos correctos en su empresa y/o en su carrera.

» Alfonso Alcántara | blogthinkbig.com

Color Theory and Contrast Ratios

Thu, 26 Dec 2019 16:31:00 +0100

There are no definites with color. Sure, you have your red, your green, and so on — but even that is relative. Try to describe a specific red color to a friend. Chances are the description will settle on, for example, is the color more of a brick-red or a fire truck-red? Describing a color that looks similar to another color is natural way to discuss or express color. But when getting into specifics — accurately defining what it a certain color is — it’s almost impossible. Color, at its core, is a relative and personal experience.

An OAuth 2.0 introduction for beginners

Mon, 16 Dec 2019 23:48:00 +0100

This article doesn’t want to be the final guide to OAuth 2, but an introduction to the flows that this framework is composed of. You’ll have a look at the four basic flows and some practical scenarios, to understand the involved actors and the detailed behaviors. The goal is to be able to choose a flow that best fits your needs. To make it as easy as possible, the experts will forgive me, we can say that there are four different versions. Or, more correctly, four different flows. OAuth 2 is the totality of these flows. It’s not mandatory to implement them all, but only the ones that you need.

Design Patterns in Python

Mon, 16 Dec 2019 23:44:00 +0100

Traditionally, design patterns have been classified into three main categories: Creational, Structural, and Behavioral. There are other categories, like architectural or concurrency patterns, but they’re beyond the scope of this article. There are also Python-specific design patterns that are created specifically around the problems that the structure of the language itself provides or that deal with problems in special ways that are only allowed because of the structure of the language.

Now You See It: Understanding Display

Mon, 16 Dec 2019 23:29:00 +0100

CSS Layout is all about boxes. We know that some boxes are blocks, and others are inline, and we can change the display type of elements by changing the value of the display property. That property holds the key to much more than this, however. It is the foundation on which all layout is built; the core of the inbuilt CSS layout system. Learning Grid Layout, or Flexbox, without understanding Display, leaves you with a wobbly foundation and more questions than answers. The real question isn’t “Should I use Grid or Flexbox?” but instead, “How do I want these boxes to behave?” Understanding the interaction between layout methods will enable you to easily create fallbacks for older browsers, and knowing how the various formatting contexts behave unlocks margin collapsing and the behavior of items inside grid or flex layout. By the end of the hour, you’ll understand how the display property underpins the layout system we have today, the things coming in the future, and be able to make more informed decisions when deciding how to build any part of your design, big or small.

Más allá de GRUB

Sat, 23 Nov 2019 12:57:00 +0100

GRUB (Grand Unified Bootloader) es un gestor de arranque disponible del proyecto GNU. Un gestor de arranque es muy importante ya que es imposible iniciar un sistema operativo sin él. Es el primer programa que se inicia cuando se enciende el ordenador. El cargador de arranque transfiere el control al núcleo del sistema operativo. GRUB es el gestor de arranque predeterminado para casi todas las distribuciones de GNU/Linux. Esto se debe a que es mejor que muchas de las versiones anteriores de los cargadores de arranque. Pero ¿Hay vida más allá de GRUB?

Linux VS open source UNIX

Sat, 23 Nov 2019 12:15:00 +0100

This is mainstream opinion. Linux is better than anything else and money is poured in constantly, more than in other platforms. And aside this is not true, this is not based in facts but on feelings. Most GNU/Linux distributions are very average on many aspects. The fact they run on many servers on this planet and many developers work on them, doesn’t make them better than ‘X’. They are popular but that’s it.

130+ Essential Vim Commands

Sat, 23 Nov 2019 12:12:00 +0100

Since the 1970’s, Vi and its successor Vim have been included by default on many operating systems, including almost all GNU/Linux distributions. Vim is free and open-source and is one of the most popular code editors. It can be downloaded on Vim official site.

» Jean-Baptiste Jung | catswhocode.com

PC Keyboard: The First Five Years

Sun, 27 Oct 2019 16:20:00 +0100

The vast majority of PC users today have no memory of what PC keyboards looked like before the standard 101/102-key layout arrived, even though various OEMs do their best to mangle the standard layout in order to minimize usability, especially on laptops. OEM-specific modifications aside, the basic layout of the main block of alphanumeric keys has not changed in over 30 years, since 1986.

However, up until that point the PC keyboard layout and the keyboard hardware changed quite a bit, and looking at the 1981-1986 IBM Technical References is key to understanding a) why the standard keyboard scan codes are so complex, and b) why there are so many seemingly odd vendor-specific modifications of the standard layout.

10 Data Structure & Algorithms Books Every Programmer Should Read

Fri, 21 Jun 2019 15:11:00 +0100

A collection of awesome Algorithms books which should find a place in every programmer’s book self. Includes language specific books in Java, Python, and JavaScript for easy learning. Algorithms are language agnostic and any programmer worth their salt should be able to convert them to code in their programming language of choice.

» Hacker Noon | hackernoon.com

10 Popular Websites Built With Django

Tue, 28 May 2019 19:14:00 +0100

What is the framework Regardless of the sphere you work in, one of your most important tasks is to create a fast, good-looking website. Today, almost every business needs a website, which acts as a sort of business card for a company or online service. It helps you engage with customers, promote your business, increase sales and so on.

» Hacker Noon | hackernoon.com

10 OOP Design Principles Every Programmer Should Know

Mon, 06 May 2019 09:56:00 +0100

The Object-Oriented Design Principles are the core of OOP programming, but I have seen most of the Java programmers chasing design patterns like Singleton pattern, Decorator pattern, or Observer pattern, and not putting enough attention on learning Object-oriented analysis and design. It’s important to learn the basics of Object-oriented programming like Abstraction, Encapsulation, Polymorphism and Inheritance. But, at the same time, it’s equally important to know object-oriented design principles.

» Hacker Noon | hackernoon.com

10 moments that shaped Linux history

Tue, 30 Apr 2019 09:01:00 +0100

In August 2018, Opensource.com posted a poll with seven options asking readers: What was the most important moment in the history of Linux? I thought I would expand on the list and present 10 moments that I think have played an important part in shaping the history of Linux.

» Opensource.com | opensource.com

Un paseo matemático por la Alhambra: cuando el arte se basa en los números

Mon, 01 Apr 2019 14:33:00 +0100

A ojos de alguien no-experto en matemáticas, el arco que encabeza estas líneas puede transmitir una gran armonía, pero resultaría difícil explicar el por qué. La causa de esa armonía está en las matemáticas empleadas para su diseño, para una composición extraordinariamente calculada. Este arco en concreto es el arco del mihrab islámico cordobés del granadino palacio de la Madraza, un lugar que indica hacia qué dirección se debe rezar según la religión musulmana. Si nos fijamos, los arcos interior y exterior no son concéntricos, es decir, no comparten el mismo eje. El arco interior está elevado R/2 por encima del eje de impostas, y el arco exterior elevado un R/5.

10 Awesome Security Tips for Python Enthusiasts

Sun, 03 Mar 2019 22:28:00 +0100

Software development is an amazing job that can sometimes feel like juggling chainsaws. Between maintaining your current code base and releasing new features and projects, it is fairly easy to think of security as Someone Else’s Problem –you have enough to deal with. But there is a major benefit to incorporating security consciousness into your workflow.

» DEV Community | dev.to

10 Cool Command Line Tools For Your Linux Terminal

Sun, 03 Feb 2019 21:14:00 +0100

In this article, we will share a number of cool command-line programs that you can use in a Linux terminal. By the end of this article, you will learn about some free, open source, and exciting, text-based tools to help you do more with boredom on the Command line.

» Tecmint: Linux Howtos, Tutorials & Guides | tecmint.com

10 Tools To Power Up Your Command Line

Fri, 04 Jan 2019 15:35:00 +0100

This post is the first in series of showcases of some of the best non-standard command line tools I’ve discovered in recent years. If you ever make use of the command line, you’ll probably find that at least one item on this page will make your life easier.

» DEV Community | dev.to

10 Myths About Microservices

Tue, 25 Dec 2018 07:06:00 +0100

10 myths about Microservices, that we often hear to believe it is true. Micro-services has become a very hot topic in the last half-decade. After Agile, DevOps, its Microservices that we hear everywhere I go. The unfortunate thing that I witnessed though, is that, every organization and every person in that organization has their own definition of what a Microservice is.

» Hacker Noon | hackernoon.com

¿Qué son los argumentos universales?

Tue, 18 Dec 2018 21:45:00 +0100

Los argumentos universales son los relatos o situaciones dramáticas que se repiten en todas las culturas, épocas y formatos. Se repiten una y mil veces en el cine, el teatro, la literatura, la televisión, el videojuego… George Polti en su libro clásico “Las 36 situaciones dramáticas” redujo toda posible acción teatral en 36 paradigmas. En “La semilla inmortal. Los argumentos universales en el cine”, los autores Jordi Balló y Xavier Pérez sostienen que en el cine hay 21 argumentos que se repiten continuamente. En dicho libro proponen un recorrido por las grandes películas de la historia del cine relacionando los argumentos con obras maestras de la literatura. Cada uno de los 21 capítulos del libro comienza con la explicación de un argumento original para después explicar cómo el cine toma las constantes de dicho argumento y las desarrolla por múltiples vías pero manteniendo siempre la estructura del relato original.

5 Fatal Docker Gotcha's 😱 - for new users

Tue, 20 Nov 2018 18:11:00 +0100

Developing with docker containers is great! And we at uilicious run our entire backend on top of docker. It would have been impossible to have launch uilicious at our current cost and scale without docker. However as with all technologies, there are hidden, not so obvious, gotcha’s reaching there, especially when running Docker at scale across multiple hosts. Especially for those migrating from physical servers, or virtualized machines workload.

» DEV Community | dev.to

La historia del sistema operativo Unix y los ordenadores de la época narrada por Rob Pike

Sun, 11 Nov 2018 21:47:00 +0100

Sus inicios coincidieron con el Sistema 360 de IBM, máquinas que andaban por las universidades en los 70 curiosamente «un tanto desocupados» porque la gente no sabía muy bien qué hacer con ellos. Pike aprendió allí a programar. Luego tuvo acceso a un PDP-11 en la universidad de Toronto y a otras máquinas. Cuando llegó a los los laboratorios Bell se encontró con el Unix recién nacido y trabajó con Ken Thompson y con Kernighan y Ritchie, creadores del lenguaje C.

10 Data Structure, Algorithms, and Programming Courses to Crack Any Coding Interview

Fri, 26 Oct 2018 04:21:00 +0100

Many junior developers dream of making it at one of the larger tech companies, but, to be honest with you, getting your first job is never easy. It is, in fact, one of the hardest things in your life and you need to put your best effort to find a job in your dream company.

» Hacker Noon | hackernoon.com

4 Ways to Disable Root Account in Linux

Sun, 21 Oct 2018 04:41:00 +0100

The root account is the ultimate account on a Linux and other Unix-like operating systems. This account has access to all commands and files on a system with full read, write and execute permissions. It is used to perform any kind of task on a system; to create/update/access/delete other users’ accounts, install/remove/upgrade software packages, and so much more.

» Tecmint: Linux Howtos, Tutorials & Guides | tecmint.com

10 Basic Tips on Working Fast in UNIX or Linux Terminal

Thu, 18 Oct 2018 04:21:00 +0100

Have you ever amazed to see someone working very fast in UNIX, firing commands and doing things quickly? Yes, I have seen that a couple of times and It has always inspired me inspired to learn from those superstar developers. In this article, or tutorial, or whatever you call it, I have shared some UNIX command practices I follow to work fast, quick, or efficiently in Linux.

» Hacker Noon | hackernoon.com

10 React JS Articles Every Web Developer Should Read

Sat, 06 Oct 2018 09:10:00 +0100

Hello Guys, React or React JS is a JavaScript front-end library from Facebook which lets you create HTML based GUI. It makes the task easier by providing a component-based architecture which was only available to languages like Java and C# before. Because of this awesome feature, React is quickly becoming the standard JavaScript library for developing front-end. That’s the reason many programmers and developers are learning React or React JS.

Should you learn C to “learn how the computer works”?

Thu, 04 Oct 2018 06:24:00 +0100

I’ve often seen people suggest that you should learn C in order to learn how computers work. Is this a good idea? Is this accurate? I’m going to start with my conclusion right upfront, just to be crystal clear about what I’m saying here:

C is not “how the computer works.”

I don’t think most people mean this phrase literally, so that is sort of irrelevant.

Understanding the context means that learning C for this reason may still be a good idea for you, depending on your objectives.

» Steve Klabnik | steveklabnik.com

10 años de Android: así ha evolucionado el mejor sistema móvil

Mon, 24 Sep 2018 20:19:00 +0100

El día 23 de septiembre de 2008 es una fecha marcada para Google en el calendario, ese día se presentó al público la versión 1.0 de Android. Un sistema que, aunque parece llevar con nosotros desde siempre, cumple hoy diez años. Nada más y nada menos. Aunque su desarrollo empezó varios años antes de 2008, en una época en la que los reyes del sector eran Symbian y BlackBerry.

» El Androide Libre | elandroidelibre.elespanol.com

8 Python packages that will simplify your life with Django

Fri, 21 Sep 2018 09:13:00 +0100

Django developers, we’re devoting this month’s Python column to packages that will help you. These are our favorite Django libraries for saving time, cutting down on boilerplate code, and generally simplifying our lives. We’ve got six packages for Django apps and two for Django’s REST Framework, and we’re not kidding when we say these packages show up in almost every project we work on.

» Opensource.com | opensource.com

10 practices for readable code

Wed, 19 Sep 2018 19:59:00 +0100

I’ve been writing code for 20 years. During that time I’ve worked with 17 teams coding different languages to build hundreds of projects. These include everything from a simple blog site, to APIs supporting 3,000 requests/second, to top selling apps. From these experiences, combined with the books I’ve read, it’s become apparent to me what matters most in code: readability.

» Jason McCreary | jason.pureconcepts.net

4 open source monitoring tools

Thu, 30 Aug 2018 09:16:00 +0100

Isn’t monitoring just monitoring? Doesn’t it include logging, visualization, and time-series data? The terminology around monitoring has caused a lot of confusion over the years and has led to some poor tools that tout the ability to do everything in one format. Observability proponents recognize there are many levels for observing a system. Metrics aggregation is primarily time-series data, and that’s what we’ll discuss in this article.

» Opensource.com | opensource.com

10 Alpine Linux apk Command Examples

Mon, 27 Aug 2018 21:36:00 +0100

New to lightweight and systemd free Alpine Linux and package management? Try my simple guide that explains how to install, remove, query and manage packages on an Alpine Linux.

» nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format | cyberciti.biz

5 open source tools for container security

Thu, 23 Aug 2018 09:07:00 +0100

As containers become an almost ubiquitous method of packaging and deploying applications, the instances of malware have increased. Securing containers is now a top priority for DevOps engineers. Fortunately, a number of open source programs are available that scan containers and container images. Let’s look at five such tools. Anchore, Clair, Dagda, OpenSCAP and Sysdig Falco.

» Opensource.com | opensource.com

Automating backups on a Raspberry Pi NAS

Wed, 15 Aug 2018 09:14:00 +0100

In the first part of this three-part series using a Raspberry Pi for network-attached storage (NAS), we covered the fundamentals of the NAS setup, attached two 1TB hard drives (one for data and one for backups), and mounted the data drive on a remote device via the network filesystem (NFS). In part two, we will look at automating backups. Automated backups allow you to continually secure your data and recover from a hardware defect or accidental file removal.

10 Best Android News App Templates

Tue, 14 Aug 2018 19:51:00 +0100

The best news app templates organise news into a few broad categories, allow users to save news stories they want to read later in a favourites list, and have a powerful search feature that helps them find relevant news stories quickly and easily. Whether you’re interested in building a news app from posts on your own website, creating an app for a localised news source, or pulling together all mll major news sources into one handy app, you’re sure to find a template that’s right for you from among these ten best Android news app templates available at CodeCanyon.

10 Best Kodi Repositories For Downloading Popular Addons | 2019 List

Thu, 09 Aug 2018 09:24:00 +0100

With online streaming becoming popular by the day, there has been a rise in the portals and apps that allow you to stream content in a hassle-free manner. Now, to watch the content from different sources, you would need a centralized media player and this is where Kodi comes into the picture.

» Fossbytes | fossbytes.com

10 cosas de Google que aún no conoces

Mon, 06 Aug 2018 07:00:00 +0100

Hablar de Google es mencionar a una multinacional sin precedentes en el mundo de la tecnología. Los avances de esta compañía estadounidense a lo largo de los años han sido increíbles, pero no todo lo que esta empresa hace sale a la luz pública de forma sencilla. Por esta razón, hoy hemos querido recopilar 10 curiosidades de Google que seguro no conoces o nunca escuchaste.

» Wwwhat’s new? | wwwhatsnew.com

10 libros de seguridad informática para leer este verano

Mon, 23 Jul 2018 10:15:00 +0100

Tal y como hiciéramos en las navidades pasadas, vamos a recomendar unos cuantos libros para que el estío se nos haga más soportable. Abundan las calores y nada mejor que un librazo y algo fresco que echarse al coleto para aguantar las terribles temperaturas que nos quedan por soportar. En HISPASEC nos gustan los libros, mucho, y cuando salimos de vacaciones asaltamos la biblioteca de empresa y sacamos varios volúmenes (algunos incunables) prestados, para devolverlos sanos y salvos (aunque con algo de salitre y tufillo a carbón de chiringuito) de vuelta a la estantería cuando comienza el nuevo curso escolar.

10 killer tools for the admin in a hurry

Wed, 04 Jul 2018 09:16:00 +0100

Administering networks and systems can get very stressful when the workload < piles up. Nobody really appreciates how long anything takes, and everyone wants their specific thing done yesterday. So it’s no wonder so many of us are drawn to the open source spirit of figuring out what works and sharing it with everyone.

» Opensource.com | opensource.com

10 common security gotchas in Python and how to avoid them

Tue, 19 Jun 2018 18:39:00 +0100

Writing secure code is hard. When you learn a language, a module or a framework, you learn how it supposed to be used. When thinking about security, you need to think about how it can be misused. Python is no exception, even within thestandard library there are documented bad practices for writing hardened applications. Yet, when I’ve spoken to many Python developers they simply aren’t aware of them.

» Hacker Noon | hackernoon.com

10 7zip (File Archive) Command Examples in Linux

Thu, 31 May 2018 12:47:00 +0100

7-Zip is a free open source, cross-platform, powerful, and fully-featured file archiver with a high compression ratio, for Windows. It has a powerful command line version that has been ported to Linux/POSIX systems.

» Tecmint: Linux Howtos, Tutorials & Guides | tecmint.com

3 Python command-line tools

Thu, 31 May 2018 09:21:00 +0100

Sometimes the right tool for the job is a command-line application. A command-line application is a program that you interact with and run from something like your shell or Terminal. Git and Curl are examples of command-line applications that you might already be familiar with.

» Opensource.com | opensource.com

You-Get, descarga contenido multimedia utilizando la terminal

Sun, 20 May 2018 12:23:00 +0100

En el siguiente artículo vamos a echar un vistazo a You-Get. Se trata de un programa de CLI escrito en Python. Nos va a permitir permite descargar imágenes, audio y vídeos de algunos sitios web populares como son Youtube, Facebook, Twitter, Vimeo y mucho más. Actualmente tiene unos 80 sitios web compatibles.

» Ubunlog | ubunlog.com

12 hackers que preceden la invención del ordenador personal

Thu, 17 May 2018 18:02:00 +0100

En las últimas décadas la palabra hacker ha sido automáticamente asociada con los ordenadores personales, sin embargo, la historia nos dice que el hacking como práctica precede por mucho al inolvidable IBM PC. Tarjetas perforadas, teléfonos y telégrafos fueron los blancos favoritos de expertos y entusiastas por igual, enfocados en demostrar las debilidades de esos sistemas, obtener un par de dólares extra, y en casos más críticos, salvar vidas. Hoy vamos a nombrar a algunos de ellos.

10 comandos de terminal que quizás no conocías

Mon, 14 May 2018 02:39:00 +0100

En el día a día del administrador de sistemas o del cada vez más popular DevOps, utilizar la terminal es algo que consume gran parte de nuestro tiempo, ya sea realizando tareas normales, tareas de automatización o durante procesos de configuración de sistemas. Pasamos gran parte de nuestro tiempo delante de una terminal y debemos aprender los comandos más interesantes que nos ayuden a realizar las tareas más rápida y cómodamente.

12 “Manager READMEs” from Silicon Valley’s Top Tech Companies

Thu, 03 May 2018 17:48:00 +0100

What does tech management at Slack, HubSpot, Netflix, Etsy, Shopify, InVision, and more have in common? A lot, apparently! When we launched our first SoapBox hero I was surprised to discover a document used to introduce her working style to her team. I had never seen that before and it was awesome! Did others have these? I needed to know. Eventually, I found a treasure trove of examples by Engineering Leaders from companies with some of the best culture in tech.

10 Biggest Features Of New Gmail For Web You Need To Use

Mon, 30 Apr 2018 08:28:00 +0100

The much-awaited makeover of Gmail web interface is here after five long years. Google has not only redesigned the look but also added several new functionalities. However, you will get to the see the new features only if you opt-in for the new Gmail layout. While there are a bunch of features that are neat but many of them are minor ones. So let’s take a look at the ones that are actually useful.

10 computadoras clásicas que hicieron historia

Fri, 20 Apr 2018 15:10:00 +0100

Mucho más tarde se inventó el algoritmo, el cálculo numérico, la regla de cálculo, la máquina de calcular, la tarjeta perforada o la primera calculadora automática que se fabricó y empleó a escala industrial. En 1936 llegó la revolución cuando el matemático Alan Turing -considerado con justicia el “padre de la ciencia de la computación”- formalizó los conceptos de algoritmo y de máquina de Turing.

» Foro de elhacker.net - Noticias | foro.elhacker.net

10 DevOps Interview Answers

Thu, 05 Apr 2018 11:10:00 +0100

In a previous post, I put together a list of 10 questions for DevOps team managers to use as a point of reference when interviewing potential DevOps engineers. Each question included an in-depth explanation and follow-up questions, so in case you were, or are now, a candidate, that list could help you prepare for interviews.

» Logz.io | logz.io

1.1.1.1: servicio DNS que acelera tu internet y valora tu privacidad

Mon, 02 Apr 2018 20:54:00 +0100

Cloudflare** ha anunciado un nuevo servicio de **DNS gratuito bajo los IPs 1.1.1.1 y 1.0.0.1 con dos objetivos: acelerar la conexión de internet y proteger la privacidad de cualquier persona que lo use.

» ALT1040 | hipertextual.com

Quién era Kurt Gödel, el hombre que caminaba con Albert Einstein (y al que comparan con Aristóteles)

Mon, 02 Apr 2018 18:59:00 +0100

Pero ahora lo acompañaba un hombre más joven, con una vestimenta más tradicional, gruesas gafas y una expresión austera. Aunque no tan famoso, era muy conocido, particularmente en los círculos académicos por haber “sacudido los fundamentos de nuestra entendimiento (…) de la mente humana”, según declaró la Universidad de Princeton al otorgarle un doctorado honorario. El acompañante de Einstein era el matemático austríaco Kurt Gödel, a menudo descrito como el más grande filósofo lógico desde Aristóteles.

10 Pure CSS Responsive Navigation Code Snippets

Wed, 28 Mar 2018 12:26:00 +0100

Designing a responsive layout doesn’t need to be difficult. Especially if you initially wireframe to plan ahead and figure out exactly what you’re creating. One of the hardest parts of a good responsive site is the navigation. This can take a while to figure out and there are plenty of tutorials to help with that. But I’m also a fan of using code snippets like the ones I’ve collected for this article.

5 Ways to Hack MySQL Login Password

Thu, 08 Mar 2018 17:05:00 +0100

In this article, we will learn how to gain control over our victim’s PC through mysql service via port 3306. There are various ways to do it and let take time and learn all those because different circumstances call for different measure. Medusa Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. It supports many protocols: AFP, CVS, FTP, HTTP, IMAP, rlogin, SSH, S

» Hacking Articles | hackingarticles.in

10 Best Practices to Follow for Android Application Security

Fri, 23 Feb 2018 09:56:00 +0100

Mobile phones enable us to do almost everything online—from any place and at any time. As mobile activities are soaring, and digital activities are thriving, hackers aren’t long ways behind. In case you’re making an app or already have an app in the market, it’s essential to secure your application, your information, and your user’s information. Here’s why?

» Open Source For You | opensourceforu.com

10 alternativas al software Nmap disponibles para Linux y otros sistemas operativos

Thu, 25 Jan 2018 17:14:00 +0100

Se trata de uno de los softwares más utilizados por usuarios y profesionales para conocer, sobre todo, las conexiones activas existentes en un equipo. Posee licencia GNU y se puede adquirir de forma totalmente gratuita. Está desarrollado utilizando varios lenguajes, como C, Java o incluso Python.

» RedesZone | redeszone.net

10 Lessons from 10 Years of AWS (part 2)

Tue, 16 Jan 2018 20:32:00 +0100

As explained in part one, I recently presented a talk at the AWS Community Day in Bangalore. The tweet following the talk became my most popular tweet ever and I received quite a few requests for more details. This is part two of the blog post. Hope you enjoy as-well! Please do not hesitate to give feedback, share your own stories or simply like :)

» Hacker Noon | hackernoon.com

10 Tools To Add Some Spice To Your UNIX/Linux Shell Scripts

Sun, 14 Jan 2018 21:36:00 +0100

With the following tools, you can build powerful, interactive, user-friendly UNIX/Linux bash shell scripts.

» nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format | cyberciti.biz

10 Best VPN Services Of 2019: Top VPN Provider Reviews & Buying Guide

Thu, 11 Jan 2018 12:26:00 +0100

Using a top-rated VPN is one of the best ways to protect your online privacy in today’s times. They also serve other purposes like website unblocking, remote access to company resources, bypassing censorship, etc. In this article, we’ve reviewed the top VPN services and listed their best features to help you make an informed decision while spending your hard-earned money.

» Fossbytes | fossbytes.com

3 paradojas que le quitan el sueño a los matemáticos y filósofos

Thu, 11 Jan 2018 08:35:00 +0100

El barco en el que Teseo y la juventud de Atenas regresaron de Creta tenía treinta remos, y fue conservado por los atenienses incluso hasta la época de Demetrio de Falero, ya que retiraron los viejos tablones a medida que se descomponían e introdujeron madera nueva y más resistente en su lugar, tanto que este barco se convirtió en un ejemplo permanente entre los filósofos, para la pregunta lógica de las cosas que crecen, un lado sostiene que el barco sigue siendo el mismo, y el otro afirma que no.

10 Lessons from 10 Years of AWS (part 1)

Wed, 10 Jan 2018 20:32:00 +0100

I recently presented a talk at the AWS Community Day in Bangalore. The tweet following the talk became my most popular tweet ever and I received quite a few requests for more details. For the last 10 years, I have had the chance to work in companies that embraced the cloud, and in particular AWS. This two-part blog post is an attempt to share that experience with you. Hope you enjoy!

10 películas para adentrarse en el mundo del anime

Fri, 05 Jan 2018 18:05:00 +0100

Es hablar de anime y a mucha gente le salen sarpullidos. Son muchos los que reniegan de todo un universo sin haberse adentrado nunca él. Un universo lleno de mil mundos distintos en el que puedes encontrar amor, aventura, ciencia ficción, acción, drama, terror, comedia, fantasía… Un universo reinado por Studio Ghibli y su primer espada Hayao Miyazaki. Un universo sin límites que cada año nos sorprende con auténticas joyas.

10 libros de seguridad informática para regalar estas navidades

Fri, 22 Dec 2017 11:10:00 +0100

Llegan las navidades, aunque comercialmente ya empezaron hace casi un mes, y que mejor que dar ideas para regalar o ser regalado. ¿No sabes que encargarle a los reyes magos? No te preocupes, vamos a comentar los 10 libros de seguridad informática que más leemos en Hispasec. Esos que yacen desgastados en los escritorios de auditoría, malware o el equipo 24x7 de Antifraude, nuestros incansables vigilantes. Leer y hacer son dos palabras claves en la construcción de un buen profesional, sea de la rama que sea. La formación es importante y una de las cosas que siempre ha estado presente en Hispasec es que el personal no le falte lectura, alimento para el cerebro.

10 Best Hacking Movies You Need To Watch In 2018

Sun, 10 Dec 2017 10:50:00 +0100

In this age of smartphones and computers, the electronic devices have become our true companions. For technology enthusiasts and geeks, this is even truer. However, there are only a handful of movies that showcase the geek and hacker culture in a true sense. In this article, I’ve tried to compile my favorite and best hacking movies that you shouldn’t miss.

» Fossbytes | fossbytes.com

10 curiosidades del idioma español

Fri, 08 Dec 2017 16:07:00 +0100

El español es el idioma oficial en más de 20 países del mundo y se calcula que hay alrededor de 490 millones de hispanohablantes en todo el planeta. Una lengua tan extendida por fuerza ha de tener muchas peculiaridades. Te explicamos 10 curiosidades del idioma español que quizá no conocías. 10 curiosidades del idioma español 1. ¿Español o castellano?

» Supercurioso | supercurioso.com

10 experimentos psicológicos que revelan la verdadera naturaleza humana

Wed, 06 Dec 2017 14:29:00 +0100

La mente humana necesita saber sobre sí misma. Y en más de una ocasión, la búsqueda de ese conocimiento provocó que factores como la ética y la moral caigan a un plano inferior. En las últimas décadas se han desarrollado diferentes experimentos que de ser reproducidos en la actualidad encenderían más de una alarma, y hoy queremos repasar varios de ellos. Si bien no todos son considerados «malos»

» NeoTeo | neoteo.com

10 File Globbing examples in Linux/Unix

Sat, 02 Dec 2017 05:23:00 +0100

What is file globbing in Linux? File globbing is a feature provided by the UNIX/Linux shell to represent multiple filenames by using special characters called wildcards with a single file name.

» http://feeds.feedburner.com/TheLinuxJuggernaut | linuxnix.com

4 Ways to Speed Up SSH Connections in Linux

Wed, 29 Nov 2017 09:57:00 +0100

SSH is the most popular and secure method for managing Linux servers remotely. One of the challenges with remote server management is connection speeds, especially when it comes to session creation between the remote and local machines.

» Tecmint: Linux Howtos, Tutorials & Guides | tecmint.com

10 Free CSS Tooltip Snippets To Save Time On Your Web Projects

Tue, 21 Nov 2017 06:10:00 +0100

Adding a simple tooltip into your page isn’t hard. You can find a bunch of free tooltip plugins and JS scripts that can help with this. But pure CSS is another option, and it’s quickly becoming the preferred choice for many web designers. If you’re looking for CSS tooltips, then this collection should have something for you.

» Speckyboy Design Magazine | speckyboy.com

10 Best LaTeX Editors For Linux

Mon, 20 Nov 2017 21:10:00 +0100

Once you get over the learning curve, there is nothing like LaTex. Here are the best LaTex editors for Linux and other systems. What is LaTeX? LaTeX is a document preparation system. Unlike plain text editor, you can’t just write a plain text using LaTeX editors. Here, you will have to utilize LaTeX commands in order to manage the content of the document.

» It’s FOSS | itsfoss.com

El viaje del héroe y los arquetipos de la migración

Wed, 15 Nov 2017 21:23:00 +0100

El creador de la psicología analítica, el psiquiatra suizo Carl Jung propuso que las narraciones míticas de viajes iniciáticos, como los de Marco Polo, Ulises o Hércules, pueden ser entendidas como expresiones simbólicas de un proceso de transformación psíquica que todas las personas se ven abocadas a desplegar a lo largo de la vida. Jung denominó este proceso como viaje del héroe o proceso de individuación.

» La Mente es Maravillosa | lamenteesmaravillosa.com

Locking Down Your Website Scripts with CSP, Hashes, Nonces and Report URI

Wed, 15 Nov 2017 09:50:00 +0100

I run a workshop titled Hack Yourself First in which people usually responsible for building web apps get to try their hand at breaking them. As it turns out, breaking websites is a heap of fun (with the obvious caveats) and people really get into the exercises. The first one that starts to push people into territory that’s usually unfamiliar to builders is the module on XSS.

» Troy Hunt’s Blog | troyhunt.com

Coding with clarity

Sat, 28 Oct 2017 16:42:00 +0100

Working code isn’t necessarily good code. Your code also needs to be easy to read, understand, and modify. It needs clarity, and to achieve that, it has to be organized well, with careful planning and proper separation of ideas taking place before you even open your code editor. Coding for clarity is something that separates the great developers from the merely good, and there are a few basic principles that can set you on that path.

Así funcionaba el primer gran sistema que evitaba que hicieras copias de VHS

Sun, 22 Oct 2017 22:51:00 +0100

ya en la década de los 80 había tecnologías anticopia en las películas. Una de las más populares fue Macrovision, que protegía los VHS haciendo que cuando se creasen copias estas fueran defectuosas. El sistema estuvo vigente durante varios años, e incluso acabó dando el salto al DVD.

» Yúbal FM | xataka.com

Moving persistent data out of Redis

Sat, 14 Jan 2017 14:36:00 +0100

Transitioning all that information transparently involved planning and coordination. For each problem domain using persistent Redis, we considered the volume of operations, the structure of the data, and the different access patterns to predict the impact on our current MySQL capacity, and the need for provisioning new hardware.

For the majority of callsites, we replaced persistent Redis with GitHub::KV, a MySQL key/value store of our own built atop InnoDB, with features like key expiration. We were able to use GitHub::KV almost identically as we used Redis: from trending repositories and users for the explore page, to rate limiting to spammy user detection.

Never write for-loops again

Mon, 12 Dec 2016 00:22:00 +0100

It’s been a while since I started exploring the amazing language features in Python. At the beginning, it’s just a challenge I gave myself to practice using more language features instead of those I learned from other programming language. And things are just getting more fun! Not only the code become shorter and cleaner, but also code looks more structured and disciplined. I’ll get into those benefits more in this article.

Tor at the heart: bridges and pluggable transports

Sun, 11 Dec 2016 22:43:00 +0100

Censors block Tor in two ways: they can block connections to the IP addresses of known Tor relays, and they can analyze network traffic to find use of the Tor protocol. Bridges are secret Tor relays—they don’t appear in any public list, so the censor doesn’t know which addresses to block. Pluggable transports disguise the Tor protocol by making it look like something else—for example like HTTP or completely random.

Qué son los cypherpunks y por qué son tan importanes en la lucha por la privacidad

Sun, 11 Dec 2016 03:49:00 +0100

Los punkis trajeron cambios a nivel estético: crestas de colores, tatuajes, botas militares, cazadoras de cuero, escarceos con las drogas y música que el grupo vasco Eskorbuto definiría en su momento como “antitodo”. En resumidas cuentas, a partir de 1977 el punk se convirtió en anarquía de la estética. Y cuando se añadieron ordenadores y redes a la mezcla para los años 90 del siglo pasado, entonces aparecieron los cyberpunks.

Cómo montar una mini consola con Raspberry Pi

Wed, 07 Dec 2016 21:03:00 +0100

En el siguiente artículo vamos a ver, paso a paso, como montar una mini consola similar a la Mini NES Classic, pero a nuestro gusto, con la posibilidad de emular una larga lista de consolas, utilizando una Raspberry Pi, un ordenador de bajo consumo y bajo coste, y gran cantidad de software libre, por un precio de unos 70 euros como mínimo.

Las características más interesantes de nuestra Raspberry Pi (aunque no las únicas) serán las siguientes:

Undebt: how we refactored 3 million lines of code

Wed, 07 Dec 2016 20:57:00 +0100

Peter Seibel wrote that to maximize engineering effectiveness, “Let a thousand flowers bloom. Then rip 999 of them out by the roots.” Flowers, in how the metaphor applies to us, are code patterns — the myriad different functions, classes, styles, and idioms that developers use when writing code. At first, new flowers are welcome — maybe the new pattern seems easier to use, more scalable, more efficient, or more suited to some particular task than the old.

Se vende censor de desnudos: de compras por un mercadillo de algoritmos

Wed, 07 Dec 2016 20:36:00 +0100

Hay un bazar en internet que se dedica a la compraventa de inteligencia artificial, esa que algunos temen por si se nos va de las manos. En los puestos de Algorithmia, este supermercado del siglo XXI, los desarrolladores web pueden añadir a su carrito virtual un fragmento de código capaz de reconocer formas y colores o analizar sentimientos pese a no comprenderlos.

algorithmia.com

» Cristina Sánchez | yorokobu.com

How to teach endian

Wed, 07 Dec 2016 20:26:00 +0100

One of the major disciplines in computer science is parsing/formatting. This is the process of converting the external format of data (file formats, network protocols, hardware registers) into the internal format (the data structures that software operates on).

It should be a formal computer-science discipline, because it’s actually a lot more difficult than you’d expect. That’s because the majority of vulnerabilities in software that hackers exploit are due to parsing bugs. Since programmers don’t learn about parsing formally, they figure it out for themselves, creating ad hoc solutions that are prone to bugs. For example, programmers assume external buffers cannot be larger than internal ones, leading to buffer overflows.

Writing efficient JavaScript

Wed, 30 Nov 2016 08:34:00 +0100

This entry describes simple techniques to fulfill the JavaScript compiler optimization process which results in faster running code. Especially in games you immediately notice frame drops and when the garbage collector has to hit in with a big stack of work to do.

» Felix Maier | medium.com

Hype Driven Development

Fri, 25 Nov 2016 20:29:00 +0100

Software development teams often make decisions about software architecture or technological stack based on inaccurate opinions, social media, and in general on what is considered to be “hot”, rather than solid research and any serious consideration of expected impact on their projects. I call this trend Hype Driven Development, perceive it harmful and advocate for a more professional approach I call “Solid Software Engineering”. Learn more about how it works and find out what you can do instead.

Hasta el infinito y más allá. Bienvenido IPv6 (I)

Fri, 25 Nov 2016 18:33:00 +0100

El principal motivo de la creación de IPv6 fue la falta de direcciones IPv4 por la expansión de países altamente poblados como China e India. La principal y más conocida ventaja es el tamaño de su rango de direcciones. Como todo el mundo sabe, una dirección IPv4 consta de 32 bits, lo cual posibilita un direccionamiento de 2^32 máquinas (4.294.967.296). En cambio, una dirección IPv6 está formada por 128 bits, dando lugar a 2^128 direcciones posibles, este número es muy difícil de imaginar, o de manejar, ya que el ser humano no esta acostumbrado a números de tal magnitud.

Bullet proofing Django models

Mon, 07 Nov 2016 01:17:00 +0100

We recently added a bank account like functionality into one of our products. During the development we encountered some textbook problems and I thought it can be a good opportunity to go over some of the patterns we use in our Django models. This article was written in the order in which we usually address new problems:

Define the business requirements.

Write down a naive implementation and model definition.

Challenge the solution.

Refine and repeat.

» Haki Benita | medium.com

The open guide to Amazon Web Services

Mon, 07 Nov 2016 00:20:00 +0100

A lot of information on AWS is already written. Most people learn AWS by reading a blog or a “getting started guide” and referring to the standard AWS references. Nonetheless, trustworthy and practical information and recommendations aren’t easy to come by. AWS’s own documentation is a great but sprawling resource few have time to read fully, and it doesn’t include anything but official facts, so omits experiences of engineers. The information in blogs or Stack Overflow is also not consistently up to date.

Streisand: Una herramienta que permite evadir la censura de Gobiernos y ISP de forma fácil

Sun, 06 Nov 2016 13:48:00 +0100

Cuando los Gobiernos y proveedores de Internet bloquean un portal, nos tenemos que buscar la vida cambiando los DNS, conectándonos a servidores Proxy y VPN e incluso a la red Tor. Streisand es una herramienta gratuita que nos permite automatizar el proceso de configuración de nuevos servidores VPN, Proxy y Tor para proporcionar a los usuarios una solución rápida y fácil, ideal para activistas en Internet.

Ver el proyecto en github.com.

Linux containers in 500 lines of code

Tue, 01 Nov 2016 15:09:00 +0100

Relatd:

I’ve used Linux containers directly and indirectly for years, but I wanted to become more familiar with them. So I wrote some code. This used to be 500 lines of code, I swear, but I’ve revised it some since publishing; I’ve ended up with about 70 lines more.

I wanted specifically to find a minimal set of restrictions to run untrusted code. This isn’t how you should approach containers on anything with any exposure: you should restrict everything you can. But I think it’s important to know which permissions are categorically unsafe!

8 simple rules for a robust, scalable CSS architecture

Tue, 01 Nov 2016 14:43:00 +0100

This is the manifest of things I’ve learned about managing CSS in large, complex web projects during my many years of professional web development. I’ve been asked about these things enough times that having a document to point to sounded like a good idea.

I’ve tried to keep the explanations short, but this is essentially the tl;dr:

Always prefer classes

Co-locate component code

Use consistent class namespacing

Maintain a strict mapping between namespaces and filenames

Prevent leaking styles outside the component

Prevent leaking styles inside the component

Respect component boundaries

Integrate external styles loosely

» Jarno Rantanen | github.com | via css-tricks.com

The design of CockroachDB

Sun, 02 Oct 2016 14:42:00 +0100

CockroachDB is a distributed SQL database. The primary design goals are scalability, strong consistency and survivability (hence the name). CockroachDB aims to tolerate disk, machine, rack, and even datacenter failures with minimal latency disruption and no manual intervention. CockroachDB nodes are symmetric; a design goal is homogeneous deployment (one binary) with minimal configuration and no required external dependencies.

» Spencer Kimball | github.com

Improve your photographic composition by following these guidelines

Thu, 29 Sep 2016 00:16:00 +0100

First of all we have to define what is meant by ‘composition’. Composition refers to the way the various elements in a scene are arranged within the frame. As I’ve already mentioned, these are not hard and fast rules but guidelines. That said, many of them have been used in art for thousands of years and they really do help achieve more attractive compositions. I find that I usually have one or more of these guidelines in the back of my mind as I’m setting up a shot.

The basics of web application security

Sun, 25 Sep 2016 13:04:00 +0100

Somewhere, way down at the bottom of the list of requirements, behind, fast, cheap, and flexible is “secure”. That is, until something goes wrong, until the system you build is compromised, then suddenly security is, and always was, the most important thing.

Security is a cross-functional concern a bit like Performance. And a bit unlike Performance. Like Performance, our business owners often know they need Security, but aren’t always sure how to quantify it. Unlike Performance, they often don’t know “secure enough” when they see it.

Por qué no utilizo métricas

Sun, 25 Sep 2016 12:48:00 +0100

Al principio me molestaba en calcular métricas sobre el código fuente (utilizaba cosas como Source Monitor para ello), que me indicaran número de líneas de código, complejidad ciclomática, nivel máximo de anidamiento, profundidad de jerarquías…., en fin todo tipo de datos para disfrutar con un poco de porno de estadísticas. Además, analizaba la cobertura de código que alcanzaban mis tests (con NCover, si no recuerdo mal), y tenía configurados mis avisos si no llegaban a determinados niveles.

A nerd’s guide to color on the web

Sun, 25 Sep 2016 12:42:00 +0100

There are a lot of ways to work with color on the web. I think it’s helpful to understand the mechanics behind what you’re using, and color is no exception. Let’s delve into some of the technical details of color on the web.

» Sarah Drasner | css-tricks.com

Music theory for nerds

Sun, 25 Sep 2016 12:26:00 +0100

I don’t know anything about music. I know there are letters but sometimes the letters have squiggles; I know an octave doubles in pitch; I know you can write a pop song with only four chords. That’s about it.

The rest has always seemed completely, utterly arbitrary. Why do we have twelve notes, but represent them with only seven letters? Where did the key signatures come from? Why is every Wikipedia article on this impossible to read without first having read all the others?

Fixing E.T. The Extra-Terrestrial for the Atari 2600

Sat, 24 Sep 2016 17:03:00 +0100

If you’re reading this page, chances are that you’re already well aware that E.T. for the Atari 2600 is one of the most reviled games ever made. I never understood why. As a child, it was one of my favorite games. I still think it’s a good game. Apparently, I’m not alone.

On this page I’m going to briefly explore why people hate E.T., and how the game can be fixed.

How Dropbox securely stores your passwords

Sat, 24 Sep 2016 13:32:00 +0100

It’s universally acknowledged that it’s a bad idea to store plain-text passwords. If a database containing plain-text passwords is compromised, user accounts are in immediate danger. For this reason, as early as 1976, the industry standardized on storing passwords using secure, one-way hashing mechanisms (starting with Unix Crypt). Unfortunately, while this prevents the direct reading of passwords in case of a compromise, all hashing mechanisms necessarily allow attackers to brute force the hash offline, by going through lists of possible passwords, hashing them, and comparing the result. In this context, secure hashing functions like SHA have a critical flaw for password hashing: they are designed to be fast. A modern commodity CPU can generate millions of SHA256 hashes per second. Specialized GPU clusters allow for calculating hashes at a rate of billions per second.

The curious case of the switch statement

Thu, 22 Sep 2016 08:31:00 +0100

The earliest incarnation I can find is in ALGOL 58. The original description of ALGOL 58 is a fascinating read — it’s written like a math paper, with literal text in italics and heavy use of subscripts. Character classes are even named by Greek letters, with λ representing letters and so on. The example program at the end is completely incomprehensible, with almost every variable being a single letter and labels forming their own entire column on the left side. I guess that last bit came from FORTRAN.

Programming Pearls and Python fails

Thu, 22 Sep 2016 08:30:00 +0100

Computer science books contains timeless wisdom, but performance advice doesn’t always age well. When reading Programming Pearls, by Jon Bentley, I’ve found more modern hardware advances that puts conventional wisdom on its head.

» Franklin He | medium.com

Los tres años que cambiaron para siempre la industria del videojuego

Sun, 18 Sep 2016 15:47:00 +0100

Es un periodo en la historia del software bien diferenciado. Uno en el que muchos jugadores se sumaron a la industria, sin saber apenas qué había antes. Probablemente también fueron los años en los que nacieron un mayor número de propiedades intelectuales. Y también es el inicio de la generación PlayStation, asentándose un modelo de negocio (consumo rápido, gran oferta de videojuegos) que permanece hasta nuestros días. Hablamos de una época que empieza en 1993 y acaba en 1996. Tres años en los que los videojuegos en dos dimensiones pasaron de dominar la industria (y ser casi el único camino viable en ella) a prácticamente desaparecer por completo.

Volcado de memoria #RAM en #Linux - #LiME

Sat, 17 Sep 2016 14:54:00 +0100

En primer lugar, igual que hice en la entrada anterior “Volcado de memoria RAM en Windows – OSForensics”, voy a recordar la importancia de las buenas prácticas, recordando la necesidad de conocer y seguir la RFC 3227, que lleva por título “Guidelines for Evidence Collection and Archiving”, (Directrices para la recolección y archivo de la Evidencia). Vuelvo a decir: recomiendo encarecidamente su lectura.

En esta ocasión, vamos a realizar un volcado de memoria de un sistema Linux.

A guide to fix hacked WordPress sites

Sat, 17 Sep 2016 14:43:00 +0100

Our content, web design, and development teams spent months putting together a brand new guide to walk users through the process of identifying and clearing a WordPress hack, as well as ensuring post-hack actions are taken using the free Sucuri plugin.

» Alycia Mitchell | sucuri.net

Transistors - The invention that changed the world

Sat, 17 Sep 2016 00:03:00 +0100

» Real Engineering | youtube.com

La estética del código fuente: a la búsqueda del Arte en la Programación

Fri, 16 Sep 2016 21:45:00 +0100

Un lenguaje informático no es más que un conjunto de instrucciones que introducimos en una máquina para que esta opere permitiéndonos así desarrollar programas. De este modo, las distintas formas en que combinamos dichas instrucciones dan lugar a los diferentes estilos y escuelas responsables de lo que podemos denominar ‘la estética de la programación‘.

Esa estética, según las reglas a las que responda, se puede clasificar a su vez en cuatro grandes grupos que tradicionalmente, como muchas corrientes artísticas, han coexistido de forma simultánea…

Mr. Robot S02E06: easter eggs más elaborados y un curso acelerado de hacking

Sun, 11 Sep 2016 18:52:00 +0100

Volvemos a la crónica tecnológica de Mr. Robot con el análisis del sexto capítulo de la segunda temporada. El inicio nos dejó bastante descolocados a casi todos los seguidores de la serie, especialmente por el cambio de registro. No vamos a entrar en detalles puesto que es una sorpresa que merece que cada uno vea libre de spoilers pero, personalmente, creo que es de lo mejor que se ha hecho en televisión en los últimos años.

The simple solution to eliminate traffic

Sun, 11 Sep 2016 17:09:00 +0100

Here’s a simple way to make traffic disappear.

» CPG Grey | via geeksaresexy.net

Reverse debugging for Python

Sun, 11 Sep 2016 14:06:00 +0100

A ”reverse debugger” is a debugger where you can go forward and backward in time. It is an uncommon feature, at least in the open source world, but I have no idea why. I have used undodb-gdb and rr, which are reverse debuggers for C code, and I can only say that they saved me many, many days of poking around blindly in gdb.

The PyPy team is pleased to give you ”RevPDB”, a reverse-debugger similar to rr but for Python.

datetime vs Arrow vs Pendulum vs Delorean vs udatetime

Sun, 11 Sep 2016 13:55:00 +0100

So I setup a benchmark, which can be found here to compare Python datetime, Arrow, Pendulum, Delorean and udatetime on a performance level. I picked 4 typical performance critical operations to measure the speed of those libraries.

Decode a date-time string

Encode (serialize) a date-time string

Instantiate object with current time in UTC

Instantiate object with current time in local timezone

Instantiate object from timestamp in UTC

Instantiate object from timestamp in local timezone

» Simon Pirschel | aboutsimon.com

Editor wars: the revenge of vim

Sun, 11 Sep 2016 13:42:00 +0100

Al, like a lot of you out there, thinks that he “knows how to use vi”. I’m here to tell you that he doesn’t. And unless you’ve spent the last few years alone in a cave high in the Himalayas, with only food, drink, a laptop, and Vim Golf, you probably don’t either. Heck, I don’t consider myself a Vim master, but I’m going to write this overwrought essay praising it (using Vim, naturally).

Demystifying the regular expression that checks if a number is prime

Sat, 10 Sep 2016 18:02:00 +0100

A while back I was researching the most efficient way to check if a number is prime. This lead me to find the following piece of code:
public static boolean isPrime(int n) {
return !new String(new char[n]).matches(”.?|(..+?)\\1+”);
}
I was intrigued. While this might not be the most efficient way, it’s certainly one of the less obvious ones, so my curiosity kicked in. How on Earth could a match for the .?|(..+?)\1+ regular expression tell that a number is not prime (once it’s converted to its unary representation)?

DEF CON 24 - Panel - MR ROBOT Panel

Fri, 26 Aug 2016 18:47:10 +0100

DEF CON 24 - Panel - MR ROBOT Panel

» DEFCONConference | youtube.com

What the heck is the event loop anyway? | Philip Roberts | JSConf EU

Thu, 25 Aug 2016 11:07:01 +0100

What the heck is the event loop anyway? | Philip Roberts | JSConf EU

» JSConf | youtube.com

Motivos por los que recomiendo usar la distribución Debian en Linux

Sun, 14 Aug 2016 13:29:00 +0100

Llevo más de 5 años usando Debian y la verdad es que estoy más que satisfecho. De momento no me planteo cambiar de distribución básicamente por los siguientes motivos:

Sus repositorios son excelentes

La metodologia de desarrollo seguida por debian

Estabilidad y seguridad

Soporte existente para la distribución

Ofrece múltiples posibilidades de instalación y uso

Filosofia de la distribución

La instalo una vez y me olvido para siempre

» Joan | geekland.eu

Meterpretear una apk

Sun, 14 Aug 2016 12:49:00 +0100

Primero digamos que en este post vamos a tocar los temas de las APKs de Android, que es el formato utilizado para empaquetar las aplicaciones. También vamos a tocar Metasploit, una gran herramienta para los pentesters, esta herramienta se basa en módulos los cuales permiten hacer (sobre todo intentos) de explotación de sistemas, con los módulos de exploit que cuenta la herramienta, o módulos auxiliares. Usaremos dos de las herramientas con las que cuenta metasploit: msfvenom (para generar payloads, dando la posibilidad de pasarlos por un encoder) y msfconsole (consola de comandos para hacer uso de exploits, modulos auxiliares…). Vamos a realizar un sencillo proceso de Ingeniería inversa en android, pero bastante sencillo.

Lepton image compression: saving 22% losslessly from images at 15MB/s

Sun, 17 Jul 2016 23:48:00 +0100

Lepton achieves a 22% savings reduction for existing JPEG images, by predicting coefficients in JPEG blocks and feeding those predictions as context into an arithmetic coder. Lepton preserves the original file bit-for-bit perfectly. It compresses JPEG files at a rate of 5 megabytes per second and decodes them back to the original bits at 15 megabytes per second, securely, deterministically, and in under 24 megabytes of memory.

» Daniel Reiter Horn | dropbox.com

Programming the Pi over USB

Sun, 10 Jul 2016 00:58:00 +0100

A comprehensive video covering how to set up your Raspberry Pi Zero so that you can access it via the USB port. Yes, plug it in to a USB port and you can use the command line or with a few tweaks a full graphical desktop. Great for on the go or when another monitor or screen is not suitable. (It even supports Minecraft which can be played)

» Te Co Ed | youtube.com | via raspberrypi.org

How We Teach Computers to Understand Pictures

Wed, 29 Jun 2016 01:33:00 +0100

When a very young child looks at a picture, she can identify simple elements: ”cat,” ”book,” ”chair.” Now, computers are getting smart enough to do that too. What’s next? In a thrilling talk, computer vision expert Fei-Fei Li describes the state of the art — including the database of 15 million photos her team built to ”teach” a computer to understand pictures — and the key insights yet to come.

Sentirás nostalgia al ver los puertos que has utilizado en tu PC

Tue, 28 Jun 2016 07:42:00 +0100

Los que llevamos unos cuantos años utilizando ordenadores hemos visto pasar por nuestras manos todo tipo de puertos. Hasta la introducción y estandarización del USB, muchos de los dispositivos que utilizábamos tenían conectores diferentes, y algunos hasta propietarios. Vamos a recordar algunos de ellos.

» Alberto García | adslzone.net

Así es como la ingeniería inversa cambió la historia de la informática para siempre

Mon, 13 Jun 2016 13:58:00 +0100

IBM era el dueño y señor de los bits y los bytes a principios de los 80. En aquella época Apple, Microsoft y los fabricantes de aquellos legendarios ordenadores de 8 bits también despuntaban, pero todo daba igual: el gigante azul dominaba con mano firme la informática empresarial, y para muestra un botón: el PC no se llamaba PC. Se llamaba IBM PC.

» Javier Pastor | xataka.com

Solving Unicode Problems in Python 2.7

Wed, 08 Jun 2016 22:24:00 +0100

One of the toughest things to get right in a Python program is Unicode handling. If you’re reading this, you’re probably in the middle of discovering this the hard way.

The main reasons Unicode handling is difficult in Python is because the existing terminology is confusing, and because many cases which could be problematic are handled transparently. This prevents many people from ever having to learn what’s really going on, until suddenly they run into a brick wall when they want to handle data that contains characters outside the ASCII character set.

La polémica SystemD

Sun, 05 Jun 2016 20:08:00 +0100

Es un programa que genera una inmensa polémica, del que se está oyendo hablar cada vez más y que es utilizado por la mayoría de distribuciones. Sus detractores son muchos, sin embargo es utilizado cada vez por más distribuciones Linux. Así que surgen las preguntas. ¿Porqué SystemD es tan malo? Y si es tan malo, ¿porqué cada vez más distribuciones lo están utilizando?

» Amancio | lignux.com

El origen del tono que escuchamos al hacer una llamada

Thu, 02 Jun 2016 00:44:00 +0100

Hay aspectos tan mínimos en lo que usamos a diario que a menudo no reparamos en ellos hasta que, de repente, nos los cambian. Un ejemplo es esto que comentaremos ahora: ¿suenan igual todos los tonos de espera tras el marcado? Si sólo llamáis a contactos de vuestro país no habréis notado la diferencia, pero la cosa cambia para las llamadas internacionales.

» Ivan Linares | elandroidelibre.com

The Joel Test: 12 Steps to Better Code

Tue, 31 May 2016 07:49:00 +0100

Have you ever heard of SEMA? It’s a fairly esoteric system for measuring how good a software team is. No, wait! Don’t follow that link! It will take you about six years just to understand that stuff. So I’ve come up with my own, highly irresponsible, sloppy test to rate the quality of a software team. The great part about it is that it takes about 3 minutes. With all the time you save, you can go to medical school.

España y el software que fue

Mon, 29 Feb 2016 09:54:00 +0100

La abadía del crimen fue publicado en 1987, en el cénit de los viejos microordenadores de 8-bits. Sus diseñadores, Paco Menéndez y Juan Delcán, lo diseñaron en un Amstrad CPC6128, el último gran ordenador de ese periodo —tecnología punta de 1985, con 128 KB de RAM y una inusual disquetera de tres pulgadas.

» Roger Senserrich | jotdown.es

The history behind the decision to move Python to GitHub

Sun, 07 Feb 2016 15:16:00 +0100

I asked on Twitter if people would be interested in having me write down the history behind my decision to choose GitHub for Python’s future development process and people said ”yes”(some literally), hence this blog post.

» Brett Cannon | snarky.ca

How to C in 2016

Sun, 07 Feb 2016 15:01:00 +0100

The first rule of C is don’t write C if you can avoid it. If you must write in C, you should follow modern rules. C has been around since the early 1970s. People have ”learned C” at various points during its evolution, but knowledge usually get stuck after learning, so everybody has a different set of things they believe about C based on the year(s) they first started learning.

¿Cuál es el origen de “Hello world”?

Sun, 07 Feb 2016 14:55:00 +0100

Brian Kernighan, autor de uno de los libros de programación más famosos de la historia: C Progamming Language (1978). Previamente, también habría escrito en 1973 un libro llamado A Tutorial Introduction to the Programming Language B, en el cual introdujo por primera vez el ejemplo del famoso “Hello World”

» Nicolás Rivera | hipertextual.com

Los geniales Huevos de Pascua de LucasArts

Sun, 07 Feb 2016 12:53:00 +0100

La facilidad de manejo gracias al motor SCUMM y la mezcla única de una buena historia y muchos toques de humor que LucasArts aplicaba en sus aventuras gráficas, se convirtieron a la vez en garantía de calidad y su sello personal. Además del humor que podemos encontrar durante la trama, LucasArts escondió también en sus aventuras gráficas numerosos huevos de pascua y guiños a sus películas o a otros videojuegos.

Why ‘print’ became a function in Python 3

Sun, 31 Jan 2016 16:22:00 +0100

But the real key to the print function is somewhat subtle and it all has to do with flexibility, both for the users and the Python development team. For users, making print a function lets you use print as an expression, unlike the print statement which can only be used as a statement.

» Brett Cannon | snarky.ca

Ryan Seddon: So How Does the Browser Actually Render a Website? | JSConf EU 2015

Fri, 04 Dec 2015 13:14:09 +0100

Ryan Seddon: So how does the browser actually render a website | JSConf EU 2015

» JSConf | youtube.com

Relatividad general, ondulaciones en el espaciotiempo

Sat, 07 Nov 2015 14:57:00 +0100

La teoría del electromagnetismo viene codificada en cuatro ecuaciones, solo cuatro, las ecuaciones de Maxwell. Estas ecuaciones controlan todos los procesos electromagnéticos conocidos, todos, al menos a nivel clásico. Eso no está mal del todo porque el electromagnetismo es la piedra angular de nuestra tecnología y, de paso, de nuestra química.

» cuentos-cuanticos.com

Lo que sucede cuando un software se convierte en un agujero negro

Sat, 07 Nov 2015 13:35:00 +0100

Fue a Bjarne Stroustrup a quién le leí que “un sistema grande y complejo que no ha evolucionado a partir de otro más simple que funcionaba bien, no funciona y, además, es imposible arreglarlo para que funcione” (creo que esto es del libro The Design and Evolution of C++ publicado en 1994). Tal hipótesis se comprobó empíricamente muchas veces en el siglo XX y es por eso que se cambió el foco a proyectos ágiles.

10 ways to ruin your start-up’s culture, in cartoons

Sat, 07 Nov 2015 13:28:00 +0100

» Liz Fosslien and Mollie West | qz.com

Probability, Paradox, and the Reasonable Person Principle

Sat, 17 Oct 2015 12:05:00 +0100

In this notebook, we cover the basics of probability theory, and show how to implement the theory in Python.

» Peter Norvig | nbviewer.ipython.org

RebornDB: The next generation distributed key-value store

Wed, 08 Jul 2015 21:34:00 +0100

Redis is advanced key-value cache and store, under BSD license. It is very fast, has many data types(String, Hash, List, Set, Sorted Set …), uses RDB or AOF persistence and replication to guarantee data security, and supplies many language client libraries. Most of all, market chooses Redis. There are many companies using Redis and it has proved its worth. Although redis is greate, it still has some disadvantages, and the biggest one is memory limitation. Redis keeps all data in memory, which limits the whole dataset size and lets us save more data impossibly.

Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation

Thu, 25 Jun 2015 22:16:00 +0100

We demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation. We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.

A flaw in the design (Part I)

Sat, 13 Jun 2015 11:30:00 +0100

David D. Clark, an MIT scientist whose air of genial wisdom earned him the nickname “Albus Dumbledore,” can remember exactly when he grasped the Internet’s dark side. He was presiding over a meeting of network engineers when news broke that a dangerous computer worm — the first to spread widely — was slithering across the wires. One of the engineers, working for a leading computer company, piped up with a claim of responsibility for the security flaw that the worm was exploiting. “Damn,” he said. “I thought I had fixed that bug.” But as the attack raged in November 1988, crashing thousands of machines and causing millions of dollars in damage, it became clear that the failure went beyond a single man. The worm was using the Internet’s essential nature — fast, open and frictionless — to deliver malicious code along computer lines designed to carry harmless files or e-mails.

A repository with 44 years of Unix evolution

Sat, 06 Jun 2015 09:31:00 +0100

The evolution of the Unix operating system is made available as a version-control repository, covering the period from its inception in 1972 as a five thousand line kernel, to 2015 as a widely-used 26 million line system. The repository contains 659 thousand commits and 2306 merges. The repository employs the commonly used Git system for its storage, and is hosted on the popular GitHub archive. It has been created by synthesizing with custom software 24 snapshots of systems developed at Bell Labs, Berkeley University, and the 386BSD team, two legacy repositories, and the modern repository of the open source FreeBSD system. In total, 850 individual contributors are identified, the early ones through primary research. The data set can be used for empirical research in software engineering, information systems, and software archaeology.

A Map Of The Most Common Paths For All 32 Chess Pieces

Thu, 04 Jun 2015 17:34:00 +0100

There are just 32 pieces on a chessboard, but the number of patterns in which those pieces can move in the course of an individual game are astronomical. Still, as these maps show, despite all those different possibilities, each piece has a pretty clear pattern behind it. The maps, which track the most common trajectories of each chess piece, are the works of Steve Tung. Tung explained the process behind the maps to io9, noting that each map represents condensed data from over 2 million individual games of chess.

Alfonso Azpiri y la época dorada del software español

Sat, 30 May 2015 11:32:00 +0100

Por aquel entonces, Azpiri se había ganado merecidamente su fama de buen dibujante en periódicos, revistas y álbumes de historietas, por lo que Dinamic contactó con él para realizar su primera portada de un videojuego, el famoso ‘Rocky‘ de 1985. Poco después, en el mismo año, ilustró la aventura ‘Abu Simbel, Profanation‘, para el que escribe uno de los mejores, más adictivos y complicados videojuegos de la historia del entretenimiento digital.

Cómo la Dama se convirtió en la pieza más poderosa del Ajedrez

Sat, 30 May 2015 08:56:00 +0100

La Dama en el Ajedrez no siempre tuvo los movimientos que tiene hoy, de hecho esta figura femenina ni siquiera existía en el tablero. Esta es la historia de como la Dama del Ajedrez se convirtió en la pieza más poderosa.

» Gabriela González | hipertextual.com

Guide for Technical Development

Sat, 30 May 2015 08:55:00 +0100

Having a solid foundation in Computer Science is important to become a successful Software Engineer. This guide is a suggested path for university students to develop their technical skills academically and non-academically through self paced hands-on learning. You may use this guide to determine courses to take, but please make sure you are taking courses required for your major in order to graduate. The online resources provided in this guide are not meant to replace courses available at your university. However, they may help supplement your learnings or provide an introduction to a topic.

How Chess Has Changed Over The Last 150 Years

Fri, 29 May 2015 18:45:00 +0100

The rules of chess have remained consistent since the early 19th Century, but that doesn’t mean our approach to the game has stayed the same. Here are some intriguing and surprising ways the Game of Kings has changed its shape over the past 150 years. The history of chess dates back 1,500 years, but it wasn’t until the introduction of competitive chess in 1834 that the rules were solidified. Since that time, players of all calibers have diligently worked to find new and better ways of winning.

LogJam — This new encryption glitch puts Internet users at risk

Wed, 20 May 2015 18:54:00 +0100

After HeartBleed, POODLE and FREAK encryption flaws, a new encryption attack has been emerged over the Internet that allows attackers to read and modify the sensitive data passing through encrypted connections, potentially affecting hundreds of thousands of HTTPS-protected sites, mail servers, and other widely used Internet services. A team of security researchers has discovered a new attack, dubbed Logjam, that allows a man-in-the-middle (MitM) to downgrade encrypted connections between a user and a Web or email server to use extremely weaker 512-bit keys which can be easily decrypted.

Initializing and Managing Services in Linux: Past, Present and Future

Wed, 20 May 2015 18:38:00 +0100

One of the most crucial pieces of any UNIX-like operating system is the init dæmon process. In Linux, this process is started by the kernel, and it’s the first userspace process to spawn and the last one to die during shutdown. During the history of UNIX and Linux, many init systems have gained popularity and then faded away. In this article, I focus on the history of the init system as it relates to Linux, and I talk about the role of init in a modern Linux system. I also relate some of the history of the System V Init (SysV) scheme, which was the de facto standard for many Linux distributions for a long time. Then I cover a couple more modern approaches to system initialization, such as Upstart and systemd. Finally, I pay some attention to how things work in systemd, as this seems to be the popular choice at the moment for several of the largest distributions.

The Twelve-Factor App

Mon, 18 May 2015 22:06:00 +0100

In the modern era, software is commonly delivered as a service: called web apps, or software-as-a-service. The twelve-factor app is a methodology for building software-as-a-service apps that: Use declarative formats for setup automation, to minimize time and cost for new developers joining the project; Have a clean contract with the underlying operating system, offering maximum portability between execution environments; Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration; Minimize divergence between development and production, enabling continuous deployment for maximum agility; And can scale up without significant changes to tooling, architecture, or development practices. The twelve-factor methodology can be applied to apps written in any programming language, and which use any combination of backing services (database, queue, memory cache, etc).

Las matemáticas explican por qué no puedes ganar al Tetris hagas lo que hagas

Tue, 05 May 2015 22:13:00 +0100

“La única forma de ganar es no jugar”. Tom Murphy, programador, creó en 2013 un programa que era capaz de aprender a jugar a Super Mario Bros de forma que en sucesivas partidas conseguía salvar los distintos obstáculos que se encontraba el personaje hasta ganar el juego. Cuando enfrentó su software al Tetris, sin embargo, Murphy se encontró con que no había victoria posible.

» R. Pérez | elconfidencial.com

Cómo tu traidor cerebro te hace gastar dinero en los juegos freeplay

Sun, 03 May 2015 15:04:00 +0100

El cerebro es un órgano fascinante y relativamente desconocido para la ciencia (y para muchos que tienen uno y lo usan poco, pero eso es otra historia) y es capaz de cosas realmente increíbles, como por ejemplo ser consciente de si mismo, pero sin embargo también tiene un buen número de defectos que permite engañarlo de una manera relativamente fácil. Las desarrolladoras lo saben y muchas de ellas se aprovechan de ellas, pervirtiendo un modelo como el free-to-play que podría tener enormes virtudes y convirtiéndolo en una máquina sacacuartos del Lado Oscuro.

Mechanical LEGO Display Is Another Level Of Awesomeness

Sun, 03 May 2015 11:30:00 +0100

You don’t often see clever builds like this Technic Dot Matrix Display by AncientJames from New Zealand. As the reel starts rolling, the patterns on the cards inside correspond with the patterns on the display and can show anything that fits into a 5x5 square. The creator’s video is titled, “Everything is awesome”. Well, this build certainly is!

» Gergo Vas | kotaku.com

The Locksmith Who Picked Two “Unbeatable” Locks and Ended the Era of “Perfect Security”

Sun, 03 May 2015 10:25:00 +0100

The pursuit of lock-picking is as old as the lock, which is itself as old as civilization. But in the entire history of the world, there was only one brief moment, lasting about 70 years, where you could put something under lock and key—a chest, a safe, your home—and have complete, unwavering certainty that no intruder could get to it. This is a feeling that security experts call “perfect security.” Since we lost perfect security in the 1850s, it has remained elusive. Despite tremendous leaps forward in security technology, we have never been able to get perfect security back.

50 años de la ley de Moore, quizás la ”ley” más incomprendida de la tecnología

Sun, 19 Apr 2015 14:22:00 +0100

El 19 de abril de 1965, Gordon Earle Moore publicaba una editorial en la revista Electronics que cambió el cómo entendíamos la tecnología. En ella aseguraba que la complejidad de los circuitos integrados se duplicaría cada año (luego se modificó para fijar el periodo de dos años), a la vez que los precios y costes de fabricación se verían reducidos. Cincuenta años después conocemos esta afirmación como la Ley de Moore, un exponente de la tecnología que se ha ido cumpliendo generación tras generación, pero con muchas dudas al respecto.

The Visual 6502

Wed, 08 Apr 2015 21:34:00 +0100

A complete simulation of the 6502 processor (used in the Commodore 64, Apple ][ and the NES).

» visual6502.org

10 Years of Git: An Interview with Git Creator Linus Torvalds

Tue, 07 Apr 2015 22:13:00 +0100

Ten years ago this week, the Linux kernel community faced a daunting challenge: They could no longer use their revision control system BitKeeper and no other Software Configuration Management (SCMs) met their needs for a distributed system. Linus Torvalds, the creator of Linux, took the challenge into his own hands and disappeared over the weekend to emerge the following week with Git. Today Git is used for thousands of projects and has ushered in a new level of social coding among programmers.

Piratería: cuando la mentira repetida mil veces se convierte en verdad

Mon, 06 Apr 2015 15:14:00 +0100

Pero nada, oye, les da igual. Da igual que las webs de descargas, con la ley en la mano, no sean ilegales. Da igual que ningún juez en España (ninguno, ¿eh? que se dice pronto) haya cerrado nunca una web de descargas. Da igual que las pocas que han cerrado lo hayan hecho motu proprio por miedo o por acorralamiento. Da igual que gran parte de las querellas contra webs de descargas ni siquiera hayan llegado a juicio, sino que los jueces hayan sobreseído los casos al ver evidente la ausencia de delito. Todo eso les da igual.

Stealing Data From Computers Using Heat

Mon, 23 Mar 2015 22:28:00 +0100

Security researchers at Ben Gurion University in Israel have found a way to retrieve data from an air-gapped computer using only heat emissions and a computer’s built-in thermal sensors. The method would allow attackers to surreptitiously siphon passwords or security keys from a protected system and transmit the data to an internet-connected system that’s in close proximity and that the attackers control. They could also use the internet-connected system to send malicious commands to the air-gapped system using the same heat and sensor technique. The proof-of-concept attack requires both systems to first be compromised with malware. And currently, the attack allows for just eight bits of data to be reliably transmitted over an hour—a rate that is sufficient for an attacker to transmit brief commands or siphon a password or secret key but not large amounts of data. It also works only if the air-gapped system is within 40 centimeters (about 15 inches) from the other computer the attackers control. But the researchers, at Ben Gurion’s Cyber Security Labs, note that this latter scenario is not uncommon, because air-gapped systems often sit on desktops alongside Internet-connected ones so that workers can easily access both.

11 Ways To Track Your Moves When Using a Web Browser

Sun, 15 Mar 2015 12:21:00 +0100

some tracking methods do attempt to track the user over a long time, and in particular attempt to make it difficult to evade the tracking. This is sometimes done for advertisement purposes, but can also be done to stop certain attacks like brute forcing or to identify attackers that return to a site. In its worst case, from a private perspective, the tracking is done to follow a user across various web sites. Over the years, browsers and plugins have provided a number of ways to restrict this tracking. Here are some of the more common techniques how tracking is done and how the user can prevent (some of) it

Exploiting the DRAM rowhammer bug to gain kernel privileges

Sat, 14 Mar 2015 12:45:00 +0100

“Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. We tested a selection of laptops and found that a subset of them exhibited the problem. We built two working privilege escalation exploits that use this effect. One exploit uses rowhammer-induced bit flips to gain kernel privileges on x86-64 Linux when run as an unprivileged userland process. When run on a machine vulnerable to the rowhammer problem, the process was able to induce bit flips in page table entries (PTEs). It was able to use this to gain write access to its own page table, and hence gain read-write access to all of physical memory.

9 truths that computer programmers know that most people don’t.

Sat, 14 Mar 2015 11:59:00 +0100

Ever wondered why programmers are known as nightbirds? Why we stay up all night? Because it allows us to get into the zone, it allows us to focus on one thing and not have to worry about being interupted by someone - because they are all asleep. It’s a long stretch of the day where no one is up and no one is calling or trying to talk to us. It’s a great time to program, and think.

How Video Game Breasts Are Made (And Why They Can Go Wrong)

Thu, 12 Mar 2015 21:48:00 +0100

If you’ve played games that have breast physics, you’ve probably seen how uncommon it is for games to show breasts that move like what they actually are: bags of fat affected by gravity. Instead, it’s more likely for a game to depict breasts as helium balloons that have minds of their own. Certain games have failed at rendering realistic breasts so widely that some people seem convinced that bad breast physics are the result of sexism, or of an industry that likes to objectify women. I’ve seen unfair conjecture about whether or not developers have ever interacted with real-life breasts. I’ve seen people imply that developers simply don’t know how to properly characterize women in games, and that gaming’s ocean of unrealistic breasts is what happens when we have so few women developing games.

The greatest program ever written

Sun, 08 Mar 2015 13:31:00 +0100

I’m a programmer. I write games. Games programmers get a lot of respect, but none of them, not me, not Carmak, and not Abrash. None of them deserve the honour which I want to bestow on David Horne. This is because David Horne wrote the greatest program ever written: 1k chess on the ZX81. David Horne is not an urban myth. David Horne achieved what many would even now consider impossible. He wrote a chess game, with AI, that ran on a poorly documented, buggy machine that contained only 1k of memory.

The MakeLisp Process

Sun, 08 Mar 2015 13:23:00 +0100

So you want to write a Lisp interpreter? Welcome! The goal of the Make-A-Lisp project is to make it easy to write your own Lisp interpreter without sacrificing those many ”Aha!” moments that come from ascending the McCarthy mountain. When you reach the peak of this particular mountain, you will have an interpreter for the mal Lisp language that is powerful enough to be self-hosting, meaning it will be able to run a mal interpreter written in mal itself.

Attack of the week: FREAK (or ’factoring the NSA for fun and profit’)

Thu, 05 Mar 2015 22:19:00 +0100

A group of cryptographers at INRIA, Microsoft Research and IMDEA have discovered some serious vulnerabilities in OpenSSL (e.g., Android) clients and Apple TLS/SSL clients (e.g., Safari) that allow a ’man in the middle attacker’ to downgrade connections from ’strong’ RSA to ’export-grade’ RSA. These attacks are real and exploitable against a shocking number of websites – including government websites.

» Matthew Green | blog.cryptographyengineering.com

Computadoras imprescindibles

Sun, 01 Mar 2015 11:12:00 +0100

Gracias a la desbordante imaginación de una dama victoriana del siglo XIX pudimos dar el salto del cálculo a la computación. Ada creó el primer programa de ordenador en su mente, simulando una máquina que nunca existió. La informática nació dentro del cerebro de una mujer.

» txipi | blog.txipinet.com

Proving that Android’s, Java’s and Python’s sorting algorithm is broken (and showing how to fix it)

Sat, 28 Feb 2015 14:31:00 +0100

Tim Peters developed the Timsort hybrid sorting algorithm in 2002. It is a clever combination of ideas from merge sort and insertion sort, and designed to perform well on real world data. TimSort was first developed for Python, but later ported to Java (where it appears as java.util.Collections.sort and java.util.Arrays.sort) by Joshua Bloch (the designer of Java Collections who also pointed out that most binary search algorithms were broken). TimSort is today used as the default sorting algorithm for Android SDK, Sun’s JDK and OpenJDK. Given the popularity of these platforms this means that the number of computers, cloud services and mobile phones that use TimSort for sorting is well into the billions. Fast forward to 2015. After we had successfully verified Counting and Radix sort implementations in Java (J. Autom. Reasoning 53(2), 129-139) with a formal verification tool called KeY, we were looking for a new challenge. TimSort seemed to fit the bill, as it is rather complex and widely used. Unfortunately, we weren’t able to prove its correctness. A closer analysis showed that this was, quite simply, because TimSort was broken and our theoretical considerations finally led us to a path towards finding the bug (interestingly, that bug appears already in the Python implementation). This blog post shows how we did it.

Extracting the SuperFish certificate

Mon, 23 Feb 2015 22:56:00 +0100

I extracted the certificate from the SuperFish adware and cracked the password (”komodia”) that encrypted it. I discuss how down below. The consequence is that I can intercept the encrypted communications of SuperFish’s victims (people with Lenovo laptops) while hanging out near them at a cafe wifi hotspot. Note: this is probably trafficking in illegal access devices under the proposed revisions to the CFAA, so get it now before they change the law.

Lenovo caught installing adware on new computers

Mon, 23 Feb 2015 22:54:00 +0100

Other users are reporting that the adware actually installs its own self-signed certificate authority which effectively allows the software to snoop on secure connections, like banking websites as pictured in action below. This is a malicious technique commonly known as a man-in-the middle attack, where the certificate allows the software to decrypt secure requests, yet Lenovo appears to be shipping this software with some of its products out of the box.

NSA has hidden software in hard drives around the world

Mon, 23 Feb 2015 22:04:00 +0100

The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba, and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.

» Joseph Menn | businessinsider.com

The coming war on general-purpose computing

Mon, 23 Feb 2015 22:03:00 +0100

Enter Digital Rights Management in its most primitive forms: let’s call it DRM 0.96. They introduced physical indicia which the software checked for—deliberate damage, dongles, hidden sectors—and challenge-response protocols that required possession of large, unwieldy manuals that were difficult to copy. These failed for two reasons. First, they were commercially unpopular, because they reduced the usefulness of the software to the legitimate purchasers. Honest buyers resented the non-functionality of their backups, they hated the loss of scarce ports to the authentication dongles, and they chafed at the inconvenience of having to lug around large manuals when they wanted to run their software. Second, these didn’t stop pirates, who found it trivial to patch the software and bypass authentication. People who took the software without paying for it were untouched.

Live patching for 3.20

Mon, 23 Feb 2015 21:28:00 +0100

Originally, there was kSplice as a standalone project that implemented stop_machine()-based patching for the linux kernel. This project got later acquired, and the current owner is providing live patching as a proprietary service, without any intentions to have their implementation merged. Then, due to rising user/customer demand, both Red Hat and SUSE started working on their own implementation (not knowing about each other), and announced first versions roughly at the same time.

Historia de los videojuegos: los orígenes

Wed, 18 Feb 2015 21:05:00 +0100

En 1972 se ponía en venta en las tiendas norteamericanas la Magnavox Odyssey, la primera videoconsola de la historia. Un año antes un estudiante de la Universidad de Stanford y su socio habían construido la primera máquina recreativa de la historia. A partir de estos dos acontecimientos clave los videojuegos comenzaron a popularizarse creando a día de hoy una gigantesca industria de ocio y entretenimiento capaz de competir en seguidores y volumen de ventas con el cine o la música.

The scope of index variables in Python’s for loops

Wed, 18 Feb 2015 00:04:00 +0100

The Python reference documentation explicitly documents this behavior in the section on for loops:

The for-loop makes assignments to the variables(s) in the target list. […] Names in the target list are not deleted when the loop is finished, but if the sequence is empty, they will not have been assigned to at all by the loop.

» Eli Bendersky | eli.thegreenplace.net

What every beginner absolutely needs to know about the journey ahead

Sun, 08 Feb 2015 19:37:00 +0100

Quincy Larson was just a ”guy in a suit in an office” and decided he wanted to learn how to code. So he asked around. He started by picking up a bit of Ruby then found himself skimming through other languages like Scala, Clojure and Go. He learned Emacs then Vim and even the Dvorak keyboard layout. He picked up Linux, dabbled in Lisp and coded in Python while living on the command line for more than half a year.

The Exceptional Beauty of Doom 3’s Source Code

Sun, 08 Feb 2015 19:25:00 +0100

What would ”nice looking”—or ”beautiful”, for that matter—actually mean when referring to source code? I asked some programmer friends what they thought that meant. Their answers were obvious, but still worth stating:

Code should be locally coherent and single-functioned: One function should do exactly one thing. It should be clear about what it’s doing.

Local code should explain, or at least hint at the overall system design.

Code should be self-documenting. Comments should be avoided whenever possible. Comments duplicate work when both writing and reading code. If you need to comment something to make it understandable it should probably be rewritten.

» Shawn McGrath | kotaku.com

El increíble caso de Werner Koch y GPG

Sat, 07 Feb 2015 11:02:00 +0100

Así, cabe preguntarse por qué el principal desarrollador de una pieza de software tan sensible y popular “va a la quiebra”. ¿Problemas de juego? ¿Derroche sin más? Porque un programador de ese calibre, en esa posición, debería cobrar lo suyo y más en Alemania, país de Koch. Pero la pregunta adecuada no es por qué va a la quiebra o cuánto cobra, sino de qué vive este hombre. ¿De qué vive -repetimos- el principal desarrollador de una pieza de software tan sensible y popular como GPG? La respuesta, desafortunadamente, es que nadie le pagaba por su trabajo: vivía de la caridad, de las donaciones. ¿Suena duro? Es aún peor.

Highly critical “Ghost” allowing code execution affects most Linux systems

Fri, 06 Feb 2015 16:11:00 +0100

The vulnerability in the GNU C Library (glibc) represents a major Internet threat, in some ways comparable to the Heartbleed and Shellshock bugs that came to light last year. The bug, which is being dubbed ”Ghost” by some researchers, has the common vulnerability and exposures designation of CVE-2015-0235. While a patch was issued two years ago, most Linux versions used in production systems remain unprotected at the moment. What’s more, patching systems requires core functions or the entire affected server to be rebooted, a requirement that may cause some systems to remain vulnerable for some time to come. The buffer overflow flaw resides in __nss_hostname_digits_dots(), a glibc function that’s invoked by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to call either of these functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application.

What happens when you type google.com into your browser’s address box and press enter?

Fri, 30 Jan 2015 20:11:00 +0100

Except instead of the usual story, we’re going to try to answer this question in as much detail as possible. No skipping out on anything. This is a collaborative process, so dig in and try to help out! There’s tons of details missing, just waiting for you to add them! So send us a pull request, please!

» Alex Gaynor | github.com

Coder creates smallest chess game for computers

Fri, 30 Jan 2015 17:11:00 +0100

A French coder has developed what is thought to be the smallest-sized chess computer program. BootChess is only 487 bytes in size, and the code can be run on Windows, Mac OS X and Linux computers. That makes it smaller than 1K ZX Chess - a Sinclair ZX81 computer game, which contained 672 bytes of code and had held the record for 33 years.

» Leo Kelion | bbc.com

Every Time Travel Movie Ever, Ranked

Thu, 29 Jan 2015 23:32:00 +0100

With the release of yet another time travel movie this week (Project Almanac), it’s time for us to look back at the great time travel movies of our past. Here are all the major time travel movies ever, ranked. Here are the rules: No animation. No short films. And no movies that where someone is frozen (or something) and then they wake up in the future (so Mel Gibson’s Forever Young, Encino Man are OUT).

Against DNSSEC

Thu, 29 Jan 2015 19:52:00 +0100

All secure crypto on the Internet assumes that the DNS lookup from names to IP addresses are insecure. Securing those DNS lookups therefore enables no meaningful security. DNSSEC does make some attacks against insecure sites harder. But it doesn’t make those attacks infeasible, so sites still need to adopt secure transports like TLS. With TLS properly configured, DNSSEC adds nothing.

» Thomas & Erin Ptacek | sockpuppet.org

More shell, less egg

Wed, 21 Jan 2015 21:23:00 +0100

The program Bentley asked Knuth to write is one that’s become familiar to people who use languages with serious text-handling capabilities: Read a file of text, determine the n most frequently used words, and print out a sorted list of those words along with their frequencies.

» Dr. Drang | leancrew.com

RoboCop (1987) Is an Almost Perfectly Symmetrical Film

Wed, 21 Jan 2015 21:13:00 +0100

The Old Testament is full of examples of chiasmus, which is a figure of speech used in ancient times to emphasize balance. It lists a bunch of ideas or things and then repeats each of them in reverse order. It’s often not an identical repetition. It frequently uses the opposite of what came before or something similar to it.

» Robert Lockard | dejareviewer.com

Functional word processor built in Minecraft

Sun, 18 Jan 2015 22:44:00 +0100

There was a time not so long ago when Minecraft was actually a game. Now, it’s an insane sandbox where people build all kinds of incredibly complex things… like a word processor… out of blocks. This crazy contraption is the work of a a third-year robotics student who goes by the name of Koala_Steamed on YouTube. It’s the result of nearly two years of painstaking work inside the Minecraft world. That’s not continuous, mind you. Breaks were obviously taken to do things like attend classes, use the washroom, and interact with people and things that had curves.

The Rule of The Big Three (and a half) – Resource Management in C++

Sun, 18 Jan 2015 10:59:00 +0100

The dynamic creation and destruction of objects was always one of the bugbears of C. It required the programmer to (manually) control the allocation of memory for the object, handle the object’s initialisation then ensure that the object was safely cleaned-up after use and its memory returned to the heap. Because many C programmers weren’t educated in the potential problems (or were just plain lazy or delinquent in their programming) C got a reputation in some quarters for being an unsafe, memory-leaking language.

HSTS Super Cookies

Sun, 11 Jan 2015 18:53:00 +0100

Using HSTS to track your browsing habits evades the features of web browsers designed to control more normal ”cookie” based tracking mechanisms. Using ”incognito” or ”private” modes means that existing cookies won’t be shared with sites you visit. Browsers also let you entirely delete cookies that could be used to track you. Because HSTS is a security feature and isn’t intended to be used for tracking, web browsers treat it differently from cookies. It is only by intentional misapplication that HSTS can be exploited to track users.

How we made editing Wikipedia twice as fast

Sun, 11 Jan 2015 18:07:00 +0100

HipHop Virtual Machine, or HHVM, reduces the median page-saving time for editors from about 7.5 seconds to 2.5 seconds, and the mean page-saving time from about 6 to 3 seconds. Below, I’ll explain the technical background for HHVM on MediaWiki and some of the far-reaching benefits of this change that will go beyond the recent performance gains.

» Ori Livneh | blog.wikimedia.org

An unbeatable computer program has finally solved two-player limit Texas hold’em poker

Sat, 10 Jan 2015 22:27:00 +0100

Two-player limit Texas hold’em poker has finally been solved, according to a study published in Science today. Scientists have designed a computer program, named Cepheus, with a strategy for the game that is so close to perfect that statistical analysis shows it can’t be defeated by a human poker player, even if that player competed against the computer for an entire lifetime. This means that no matter how the game starts out, the computer will win or break even in the long run — making it essentially unbeatable. » Cepheus

Code rot & OpenBSD

Tue, 06 Jan 2015 19:14:00 +0100

The background is set, you know why I took interest now it’s time to tell what solidified the decision. Each change made to the OpenBSD codebase undergoes a code review before it’s committed to the tree. If you managed to get that far in this article you perfectly know why I deem that of upmost importance. No matter how many features your software has, if your documentation is sub-par then your software is most likely useless. The quality of OpenBSD documentation is on a level I didn’t expect even after reading about it in so many places. Not only will you get information on how something works, what’s possible and how to use it. It will also tell you the best practices for using the tool and warn you about the common pitfalls.

Secure Secure Shell

Tue, 06 Jan 2015 19:09:00 +0100

Reading the documents, I have the feeling that the NSA can 1) decrypt weak crypto and 2) steal keys. Let’s focus on the crypto first. SSH supports different key exchange algorithms, ciphers and message authentication codes. The server and the client choose a set of algorithms supported by both, then proceed with the key exchange. Some of the supported algorithms are not so great and should be disabled completely. If you leave them enabled but prefer secure algorithms, then a man in the middle might downgrade you to bad ones. This hurts interoperability but everyone uses OpenSSH anyway.

Software Library: MS-DOS Games

Mon, 05 Jan 2015 17:53:00 +0100

Software for MS-DOS machines that represent entertainment and games. The collection includes action, strategy, adventure and other unique genres of game and entertainment software. Through the use of the EM-DOSBOX in-browser emulator, these programs are bootable and playable. Please be aware this browser-based emulation is still in beta - contact Jason Scott, Software Curator, if there are issues or questions.

» archive.org

Homenaje a un clásico: las 10 mejores curiosidades de Monkey Island

Thu, 01 Jan 2015 23:19:00 +0100

Monkey Island es uno de los videojuegos más míticos de todos los tiempos. Está lleno de pequeñas curiosidades, anécdotas y huevos de pascua. Estas son 10 de nuestras favoritas.

» Carlos Rebato | gizmodo.com

Quake on an oscilloscope: A technical report

Thu, 01 Jan 2015 11:54:00 +0100

A summary of some problems I faced when tinkering with Quake to get it play nicely on an oscilloscope. After seeing some cool clips like this mushroom thing and of course Youscope, playing Quake on a scope seemed like a great idea. It ticks all the marks that make me happy: low-poly, realtime rendered and open source.

» Pekka Väänänen | lofibucket.com

El ’canon AEDE’: claves del presente y el futuro de la tasa de agregación de contenidos

Thu, 01 Jan 2015 11:49:00 +0100

Este jueves, 1 de enero, entra en vigor gran parte de la ley Lassalle de propiedad intelectual y con ella su artículo 32.2, que obliga a los editores y autores a cobrar —aunque no quieran— cuando los agregadores de Internet enlacen y distribuyan sus contenidos. Estos son los aspectos clave a tener en cuenta sobre el denominado canon AEDE.

» M.M. | 20minutos.es

10 Futurama jokes that will make you smarter

Thu, 01 Jan 2015 11:36:00 +0100

The Futurama writers had a rule that the show’s more obscure jokes couldn’t be central to the plot. So the background is stuffed with nods to mathematics, science, history, and literature. Numbers are often translated into math problems (instead of Studio 54, the crew visits Studio 1²2¹3³). Robot information is conveyed in binary (”The Honking” references the ”Redrum” scene in The Shining, when Bender is perplexed to see ”0101100101” written in blood on a wall, but then realizes that it reads ”1010011010” in the mirror, a series of digits that translates to ”666”). And of course, there’s the Alienese language. But the writers also built entire episodes around the Banach-Tarski paradox and the premise of three-dimensional characters entering two-dimensional space.

Ringing in 2015 with 40 Linux-friendly hacker SBCs

Thu, 01 Jan 2015 11:36:00 +0100

In May of this year, LinuxGizmos and Linux.com collaborated on a joint survey, asking our readers to choose their favorite open-spec hacker SBCs from a list of 32 that run Linux and/or Android. Our SBC survey winners, ranked one to five, included the Raspberry Pi, BeagleBone Black, Odroid-XU, CubieTruck, and Banana Pi single board computers. Thanks to the flood of new open-spec, community-backed boards, as well as the demise of others, we have updated our list for this end-of-year snapshot.

The Origins of the Tag

Tue, 30 Dec 2014 23:11:00 +0100

Sometime in late summer I took a break with some of the other engineers and went to a local bar on Castro street in Mountain View. The bar was the St. James Infirmary and it had a 30 foot wonder woman statue inside among other interesting things. At some point in the evening I mentioned that it was sad that Lynx was not going to be able to display many of the HTML extensions that we were proposing, I also pointed out that the only text style that Lynx could exploit given its environment was blinking text. We had a pretty good laugh at the thought of blinking text, and talked about blinking this and that and how absurd the whole thing would be.

What Absolutely Everyone Needs To Know About Isaac Asimov’s Foundation

Sat, 27 Dec 2014 11:52:00 +0100

It’s an accomplishment all the more remarkable given that the story driving the Foundation Trilogy — an epic tale of the fall and rise of future galactic empires —contains virtually none of the usual tropes that are associated with science fiction. The novels span the entire galaxy, but no extraterrestrials make an appearance. It depicts the future history of human society, but it’s neither explicitly a utopian nor dystopian parable. There’s plenty of futuristic technology—from faster-than-light spacecraft to personal force fields—but all of this serves as the background, not the driver, of the plot. In fact, Foundation appears to contradict Asimov’s own definition of science fiction, as a ”branch of literature which deals with the reaction of human beings to changes in science and technology.” In this case, though, Asimov would later explain that he set out to create a genre he called ”social science fiction.” He used the future as a template to explore a pivotal idea that we’ve been asking for centuries: Are there laws of human history as immutable as the laws of physics?

12 million home and business routers vulnerable to critical hijacking hack

Sun, 21 Dec 2014 12:11:00 +0100

More than 12 million routers in homes and small offices are vulnerable to attacks that allow hackers anywhere in the world to monitor user traffic and take administrative control over the devices, researchers said. The vulnerability resides in ”RomPager” software, embedded into the residential gateway devices, made by a company known as AllegroSoft. Versions of RomPager prior to 4.34 contain a critical bug that allows attackers to send simple HTTP cookie files that corrupt device memory and hand over administrative control. Attackers can use that control to read plaintext traffic traveling over the device and possibly take other actions, including changing sensitive DNS settings and monitoring or controling Web cams, computers, or other connected devices. Researchers from Check Point’s malware and vulnerability group have dubbed the bug Misfortune Cookie, because it allows hackers to determine the ”fortune” of an HTTP request by manipulating cookies. » Misfortune Cookie | mis.fortunecook.ie

Was the Death Star Attack an Inside Job?

Sun, 21 Dec 2014 11:59:00 +0100

We’ve all heard the ”official conspiracy theory” of the Death Star attack. We all know about Luke Skywalker and his ragtag bunch of rebels, how they mounted a foolhardy attack on the most powerful, well-defended battle station ever built. And we’ve all seen the video over, and over, and over, of the one-in-a-million shot that resulted in a massive chain reaction that not just damaged, but completely obliterated that massive technological wonder.

Announcing Ubuntu Core, with snappy transactional updates!

Tue, 09 Dec 2014 23:57:00 +0100

What if your cloud instances could be updated with the same certainty and precision as your mobile phone – with carrier grade assurance that an update applies perfectly or is not applied at all? What if your apps could be isolated from one another completely, so there’s no possibility that installing one app could break another, and stronger assurance that a compromise of one app won’t compromise the data from another? When we set out to build the Ubuntu Phone we took on the challenge of raising the bar for reliability and security in the mobile market. And today that same technology is coming to the cloud, in the form of a new ”snappy” image called Ubuntu Core

Ten years of Ubuntu: how Linux’s beloved newcomer became its criticized king

Sun, 07 Dec 2014 15:01:00 +0100

In October of 2004, a new Linux distro appeared on the scene with a curious name”Ubuntu. Even then there were hundreds, today if not thousands, of different Linux distros available. A new one wasn’t particularly unusual, and for some time after its quiet preview announcement, Ubuntu went largely unnoticed. It was yet another Debian derivative. Today, Canonical, the company behind Ubuntu, estimates that there are 25 million Ubuntu users worldwide. That makes Ubuntu the world’s third most popular PC operating system. By Canonical’s estimates, Ubuntu has roughly 90 percent of the Linux market. And Ubuntu is poised to launch a mobile version that may well send those numbers skyrocketing again.

¿Dónde aprendieron los 'hackers' a ser ’hackers’?

Sun, 07 Dec 2014 10:06:00 +0100

Una de las principales premisas éticas del ’hacker’, desde los primeros grupos que aparecieron en los años 90 del siglo pasado, es la difusión de información sobre cómo funcionan las redes, los ordenadores y, en general, la tecnología. » II » III » IV » V » VI » VII

» Mercé Molist | elmundo.es

¿Por qué le darán el Oscar Honorífico a Hayao Miyazaki?

Sun, 07 Dec 2014 08:10:00 +0100

La razón por la que eligieron a Miyazaki para el Oscar, que será otorgado en una ceremonia privada en la sala Ray Dolby, del Hollywood & Highland Center, es porque este director ha hecho soñar a muchas personas alrededor del mundo con sus historias, con sus dibujos, con sus encantadores personajes, en fin porque es un grande.

» Ivonne Lara | hipertextual.com

Ya puedes jugar a todas las máquinas recreativas de tu infancia gratis

Sat, 06 Dec 2014 16:30:00 +0100

¿Conocéis Archive.org? Es una organización sin ánimo de lucro que desde 1996 y con sede en San Francisco, se dedica a recopilar y archivar ”textos, audio, imágenes en movimiento, y software, así como páginas web” para ponerlos a disposición de todos nosotros de forma gratuita. Desde la organización tuvieron la genial idea de recopilar 900 videojuegos Arcade creados desde 1970 a 1990 y ofrecérnoslos gratuitamente, on-line, para deleite y regocijo nuestro. » archive.org » The InternetArcade

Lo posible de lo imposible: la física de un tsunami

Mon, 01 Dec 2014 22:11:00 +0100

Desde el punto de vista de la física, un tsunami es sencillamente una onda sostenida por la gravedad terrestre (y no por el viento, como las olas de la playa. Tampoco es correcta la denominación de ”ondas de marea”, ya que no son las mareas la razón de su origen) en aguas poco profundas.

» Agatha | eltercerprecog.blogspot.com.es

The programmer’s price

Sun, 23 Nov 2014 18:12:00 +0100

Finally, Bradley received an e-mail from 10x, a talent company. 10x was started by two music and entertainment managers, Michael Solomon and Rishon Blumberg, who for the past nineteen years have represented rock stars, including John Mayer and Vanessa Carlton. Recently, in the wake of the digital revolution and the music industry’s implosion, Solomon and Blumberg have begun serving as agents for technologists. 10x claims to represent digital ”rock stars”; the company’s name comes from the idea, well established in the tech world, that the very best programmers are superstars, capable of achieving ten times the productivity of their merely competent colleagues. In HBO’s ”Silicon Valley,” a self-effacing character named Big Head compliments his friend’s coding skills by saying, ”Richard’s a 10xer. I’m, like, barely an xer.”

This is how we ZenPayroll: Our Development Workflow

Sun, 23 Nov 2014 12:33:00 +0100

A lot of engineers looking to join ZenPayroll are interested in hearing more about our development workflow. Put more simply, how do ZenPayrollers write software? The answer to that is constantly changing, as we’re always refining our workflows to fit our ever changing needs, but I’ll cover in some detail the way we do things today.

» Edward Kim | engineering.zenpayroll.com

The Man Who Made ’Tetris’

Sun, 23 Nov 2014 12:30:00 +0100

Tetris was formally released in June 1984 by the Academy of Sciences, after initially spreading among academics and the computer literate by way of copied floppy disks. As a tile-fitting puzzler, Tetris captivated these members of intelligentsia. After all, here was a game constructed of pristine shapes taken straight from Platonic idealism.

» Jagger Gravning | motherboard.vice.com

Celebra, Dragon Ball cumple 30 años

Sat, 22 Nov 2014 16:11:00 +0100

Ha pasado mucho tiempo luego de que apareciera por primera vez la historia de Dragon Ball. 30 años en que su creador, Akira Toriyama, publicara la historia de un pequeño niño que juntos a sus amigos buscaban unas esferas mágicas que al reunirlas podrían pedir un deseo.

» Ivonne Lara | hipertextual.com

Daft Punk, el dúo francés que revolucionó la música electrónica

Sat, 22 Nov 2014 16:10:00 +0100

Han pasado 20 años desde el nacimiento de Daft Punk, y apenas llevan llevan cuatro álbumes de estudio (además de una banda sonora para película que, para algunos, cuenta como un quinto álbum), pero es tanto lo que han cambiado y es tanto lo que nos han sorprendido, que su meta fue cumplida, revolucionaron la música electrónica.

» Eduardo Marin | hipertextual.com

Everything you need to know about the Shellshock Bash bug

Fri, 14 Nov 2014 16:03:00 +0100

Remember Heartbleed? If you believe the hype today, Shellshock is in that league and with an equally awesome name albeit bereft of a cool logo (someone in the marketing department of these vulns needs to get on that). But in all seriousness, it does have the potential to be a biggie and as I did with Heartbleed, I wanted to put together something definitive both for me to get to grips with the situation and for others to dissect the hype from the true underlying risk.

Everything you need to know about the Heartbleed SSL bug

Fri, 14 Nov 2014 16:02:00 +0100

Every now and then in the world of security, something rather serious and broad-reaching happens and we all run around like headless chicken wondering what on earth it means. Did the NSA finally ”get us”? Is SSL dead? Is the sky falling? Well it’s bad, but not for everyone and quite possibly not as bad as many are saying it is.

» Troy Hunt | troyhunt.com

POODLE attacks on SSLv3

Fri, 14 Nov 2014 15:24:00 +0100

My colleague, Bodo M¶ller, in collaboration with Thai Duong and Krzysztof Kotowicz (also Googlers), just posted details about a padding oracle attack against CBC-mode ciphers in SSLv3. This attack, called POODLE, is similar to the BEAST attack and also allows a network attacker to extract the plaintext of targeted parts of an SSL connection, usually cookie data. Unlike the BEAST attack, it doesn’t require such extensive control of the format of the plaintext and thus is more practical. Fundamentally, the design flaw in SSL/TLS that allows this is the same as with Lucky13 and Vaudenay’s two attacks: SSL got encryption and authentication the wrong way around – it authenticates before encrypting.

Traducción de la Nota G

Fri, 14 Nov 2014 12:20:00 +0100

La Máquina Analítica no tiene ninguna pretensión de producir nada. Puede hacer cualquier cosa que sepamos cómo ordenarle que haga. Puede seguir un análisis; pero no tiene la capacidad de anticipar ninguna relación o verdad analíticas. Su función es ayudarnos a hacer accesible aquello con lo que ya estamos familiarizados. Está diseñada para hacer esto principalmente, claro está, por medio de sus facultades ejecutivas; pero es probable que ejerza de otra manera una influencia indirecta y recíproca sobre la propia ciencia. Porque, al distribuir y combinar las verdades y las fórmulas del análisis, de manera que las combinaciones mecánicas de la máquina las puedan manejar con mayor rapidez y facilidad, las relaciones y la naturaleza de muchas cuestiones de la ciencia quedarán bañadas en otra luz y podrán investigarse en mayor profundidad. Sin duda, esto es una consecuencia indirecta y, en parte, especulativa, de tal invento. Sin embargo, es evidente que, en general, al concebir una nueva forma de registrar verdades matemáticas y arrojarlas para su uso, es probable que nos inspiren nuevas perspectivas que, de nuevo, deben reaccionar en la fase más teórica del asunto. Todas las ampliaciones del poder humano, o aumentos del conocimiento humano, conllevan siempre varias influencias colaterales, aparte de los objetivos principal y secundario obtenidos.

How To Become A Hacker

Sat, 08 Nov 2014 00:31:00 +0100

There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ’hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you’re a hacker.

Secure messaging scorecard

Fri, 07 Nov 2014 09:07:00 +0100

In the face of widespread Internet surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer ”secure messaging” products”but are these systems actually secure? We decided to find out, in the first phase of a new EFF Campaign for Secure & Usable Crypto.

» eff.org

Cómo ’hackear’ un ordenador con la radio del móvil

Tue, 04 Nov 2014 09:50:00 +0100

El sistema truca las ondas electromagnéticas del monitor. De esta forma se puede transmitir información desde la pantalla a un teléfono que esté a menos de siete metros, con un ancho de banda de hasta 60 bytes por segundo, suficientes para obtener una contraseña en ocho segundos, según aseguran los investigadores.

» Sergio Ferrer | elconfidencial.com

Early Digital Research CP/M Source Code

Mon, 03 Nov 2014 09:57:00 +0100

Computer Scientist Gary Kildall created just such an operating system in 1974 for a small computer called the ”Intellec-8ó that Intel had designed to showcase their new microprocessors. Called ”CP/M”, it was unlike most other operating systems for small computers because it was written in PL/M, a portable higher-level language that he had designed earlier, rather than in the assembly-language of a particular computer. That meant that CP/M could be ported to run on many different personal computers. And if the applications were written in PL/M, they could be ported as well.

What Every App Developer Should Know About Android

Sun, 02 Nov 2014 10:59:00 +0100

The goal for this research was to identify the most common problems and challenges that Android developers face with the devices they build for. The 288 unique Android device models represent a significant volume of Android use: approximately 92 to 97% of global Android volumes, depending on how it gets measured and what regions and markets are included. This research represents remarkable coverage of Android usage globally, and it shows the most obvious problems as well as the status of Android hardware and software from a developer’s point of view.

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data

Wed, 29 Oct 2014 22:18:00 +0100

Researchers at the security startup Shape Security say they’ve found a strain of malware on a client’s network that uses that new, furtive form of ”command and control””the communications channel that connects hackers to their malicious software”allowing them to send the programs updates and instructions and retrieve stolen data. Because the commands are hidden in unassuming Gmail drafts that are never even sent, the hidden communications channel is particularly difficult to detect.

Cómo lancé un proyecto rentable sin escribir ni una línea de código

Sun, 26 Oct 2014 12:32:00 +0100

Pues bien, se trata más bien de un ’side project’, es decir, el típico proyecto en el que te embarcas fuera de tu actividad principal, dedicándole o bien pasta o bien algo de tiempo. En mi caso han sido ambas cosas, pero es totalmente compatible con mis otros menesteres, como pegar los carteles de nvivo.es.

» txantxez | txarly.com

What are the chances of survival of individual chess pieces in average games?

Sun, 26 Oct 2014 09:20:00 +0100

In case anyone’s wondering how I approached this as a programming problem, a quick trick is to not get drawn into writing a whole chessboard representation. Use a tool like pgn-extract to convert SAN moves (e.g. ”Nc3”) to long algebraic moves (e.g. ”Nb1c3”) - since we can safely assume all moves in the PGN are legal, this saves a lot of effort implementing the rules of chess (although you still have to handle castling and en passant carefully). » png-extract » SurvivingPieces

Happy 10th Birthday, Ubuntu

Sat, 25 Oct 2014 18:10:00 +0100

I’m putting a team of Debian developers together to work full time on a derivative distribution of Debian. The idea is to provide a high-quality regular release based on Debian unstable, ensuring that all patches are given back to Debian, and ensuring that the install disk of our distribution consists entirely of Free software. Martin and I spoke at length about the project and he seemed to like the idea very much. I’m sure he’d be happy to let you know his thoughts directly. If you’re interested I’d like to give you a call to discuss it further with you. I’m based in the UK so we’re roughly in the same timezone, just let me know when and what number to reach you on.

Aprovechan un fallo y le sacan 980.000 dólares a varios casinos

Thu, 09 Oct 2014 20:13:00 +0100

Las máquinas de vídeopóquer Game King llegaron a los casinos en 1970 y fueron un éxito inmediato. Con los años, su software se fue actualizando, incluyendo nuevos juegos y opciones. En 2002 lanzó su quinta gran actualización, que presumía de unos gráficos de calidad nunca vista antes en uno de estos aparatos, así como sonido en estéreo mejorado respecto a versiones anteriores. Lo que este programa incluía también, y nadie se dio cuenta, fueron una serie de sutiles errores de código que tardaron siete años en ser descubiertos.

No Nobel for the Father of the LED

Wed, 08 Oct 2014 19:21:00 +0100

Nick Holonyak Jr., the person widely credited with the development of the first visible-light LED, the device that now lights up countless clocks, traffic signals, and other electronic displays, might be one of them. On Tuesday, the Royal Swedish Academy of Sciences awarded this year’s Nobel Prize in Physics to three inventors of the blue light-emitting diode. Holonyak isn’t exactly complaining that he isn’t among them; his objection is that his 1962 invention has never been singled out for recognition by the academy.

Indian Developers Redesigning Linux Kernel With OOP, C++ Support

Sun, 05 Oct 2014 11:36:00 +0100

DOS Lab IIT Madras and CDAC Chennai out of India are aiming to redesign the Linux kernel as MOOL, or the Minimalistic Object Oriented Linux. The project site explains, ”MOOL (Minimalistic Object Oriented Linux) aims at redesigning the Linux kernel to reduce coupling and increase maintainability by means of OO (Object Oriented) abstractions. Excessive common coupling prevails in existing kernel. Studies have shown that common coupling is increasing in successive versions of Linux. This will make maintainability of Linux difficult in coming years. As a starting step we have tried to reduce the number of global variables of the kernel. Some global variables are used only by two or three kernel modules. These are passed as function arguments. The performance of the modified kernel is measured with the standard performance analysis tools. The modified kernel performs almost same as original. MOOL features a device driver framework to write drivers in C++ and insert them as loadable kernel modules.”

Hacking Academia: Data Science and the University

Sun, 21 Sep 2014 14:48:00 +0100

The problem we discussed is laid out in some detail in my Brain Drain post, but a quick summary is this: scientific research in many disciplines is becoming more and more dependent on the careful analysis of large datasets. This analysis requires a skill-set as broad as it is deep: scientists must be experts not only in their own domain, but in statistics, computing, algorithm building, and software design as well. Many researchers are working hard to attain these skills; the problem is that academia’s reward structure is not well-poised to reward the value of this type of work. In short, time spent developing high-quality reusable software tools translates to less time writing and publishing, which under the current system translates to little hope for academic career advancement. » Jake Vanderplas | The Big Data Brain Drain: Why Science is in Trouble

Savvy Imgur user builds working 1KB hard drive inside ’vanilla’ Minecraft

Sun, 21 Sep 2014 11:58:00 +0100

Imgur user smellystring has officially changed my view of Minecraft – and he’ll change yours as well. Below is a fully functional 1KB hard drive, created within Minecraft and it’s incredible. Smellystring walks us through the process which includes binary blocks, pistons, a data collection room, indicator lights and ”bit” emulators. Watch and learn. » reddit.com » | imgur.com

» Steven Norris | gearburn.com

Hacker puts Doom on a printer to highlight security vulnerabilities

Sat, 20 Sep 2014 23:08:00 +0100

Running Doom on a printer is more than a gimmick: it’s a security concern. In 1993, first-person shooter Doom was a groundbreaking game. In 2014, it’s being used by ethical hackers to demonstrate security vulnerabilities in connected devices.

» Tom Fox-Brewster | theguardian.com

Why Archeologists Hate Indiana Jones

Fri, 19 Sep 2014 17:35:00 +0100

It’s not surprising that academics – hell bent on taking the fun out of everything – would hate our beloved and iconic movie version of them. But Canuto is no killjoy. His ironic tone and acerbic wit seem honed by long boring days in the sun. So I bite. I quickly learn that there’s a good reason why most every archeologist on Earth hates Indy. And that they might have a point. Because Jones isn’t an archeologist at all.

Google’s Got an Open Source Android Problem

Sun, 14 Sep 2014 16:41:00 +0100

Never has a tweet been more true, or potentially more disastrous for a vendor. Years ago Google’s Andy Rubin, stung by Steve Jobs’ criticism that Android wasn’t truly open, tweeted that anyone could fork - i.e., modify - Android, making it ”open” in the truest sense of the word. Unfortunately for Google, many OEMs took Rubin at his word. Today, Google’s Android business is booming, but it’s clear that Android fragmentation minimizes just how much Google—or its ecosystem of app developers—can make from the open-source mobile OS. Unfortunately, according to new ABI Research data, it’s only going to get worse.

Notes from the development of xkcd’s ”Pixels”

Sun, 14 Sep 2014 12:29:00 +0100

Over the years, I’ve had the pleasure of hacking on the frontend code for a bunch of xkcd’s interactive comics, including: unixkcd, xk3d, Umwelt, Time, Externalities, and Lorenz. This weekend, I was pinged about making something to coincide with the release of What If?: Serious Scientific Answers to Absurd Hypothetical Questions. The process of building ”Pixels” was even crazier than our usual April Fools rush, and had the extra intrigue of being live during Randall Munroe’s Colbert Report interview. Here’s a few anecdotes from the development of Pixels and a quick explanation of how it works. I hadn’t worked with some of the graphics programming patterns (coordinate systems!) for a while, so I ended up making some classic mistakes – hopefully you can avoid repeating them. :)

Who invented pointers, amortized complexity, and more?

Tue, 09 Sep 2014 22:03:00 +0100

Andrey Kolmogorov, Fred Hennie, Richard Stearns, and Walter Savitch are all famous separately; but they have something in common. Read on, and see. Today I wish to discuss some algorithmic tricks and show that they were initially used by complexity theorists, years before they were used by algorithm designers. To steal a phrase: it`s computational complexity all the way down. Well not exactly. The situation is slightly more complex”a bad pun. The complexity theorists often invented a concept and used it in a narrow way, while later it was rediscovered and made a general notion.

El primer ’bug’

Tue, 09 Sep 2014 19:12:00 +0100

Ese día, la programadora Grace Hopper se encontraba trabajando con un Mark II en la Universidad de Harvard: el ordenador dejó de funcionar, y los ingenieros encontraron una polilla enganchada a uno de los relés del ordenador. El bicho pasó a la historia de la informática, porque pegaron sus restos en el libro de registro del ordenador, junto a una nota que decía ’First actual case of bug being found’.

Quickly navigate your filesystem from the command-line

Sun, 07 Sep 2014 10:44:00 +0100

Like many others, I spend most of my day behind a computer. In order make the most of it (and to keep my body from complaining too much), I try to maintain an optimized setup. For example, I code in Vim, browse with Vimperator, and move windows around in i3. Another common task is filesystem navigation. I prefer to use the command-line for this, but typing cd ~/some/very/deep/often-used/directory over and over again does become cumbersome.

Game of thrones: A Compendium of Theories

Sat, 06 Sep 2014 13:33:00 +0100

For those less familiar with the story and the theories, I thought it might be interesting and useful to have a single thread that lists all of the theories that have arisen given the various questions and unknowns surrounding the Song. There are a lot of brilliant people on these boards and some of them have come up with truly excellent theories, right or wrong, to answer those thoughts we have.

Sistema binario: unos y ceros a través de la historia

Sat, 06 Sep 2014 13:29:00 +0100

Los unos y los ceros llevan milenios entre nosotros, desde algunas culturas primitivas, pero las bombillas se han ido encendiendo poco a poco hasta llegar a su actual omnipresencia en la electrónica. Primero fueron Leibniz y la aritmética, luego Boole y la lógica, y finalmente Shannon y su idea de utilizar el álgebra de Boole para simplificar los circuitos. Una historia apasionante hasta llegar a nuestro smartphone.

» David G. Ortiz | blogthinkbig.com

Érase una vez unos ’hackers’ hispanos...

Fri, 05 Sep 2014 22:47:00 +0100

Vivimos en una era de ’ciberguerras’, intrusiones en línea e inseguridad informática, pero también en una época de libertad de acceso a cantidades ingentes de datos e información sin precedentes, de acceso casi ilimitado al conocimiento. No es posible explicar semejante paradoja sin asomarse la historia del ’hacking’ y, aunque parezca mentira, en España esa historia es apasionante. » hackstory.es

» Pablo Romero | elmundo.es

HubCap Chromecast Root Release

Sun, 31 Aug 2014 18:01:00 +0100

We’re happy to announce that fail0verflow, GTVHacker, and Team-Eureka have jointly discovered and exploited a new vulnerability in the Chromecast which allows root access on the current software build (17977) as well as new in box devices

» Team-Eureka | xda-developers.com

Open letter to the Linux World

Sun, 31 Aug 2014 17:34:00 +0100

So, what is systemd? Well, meet your new God. You may have been praying at the alter of simplicity, but your religion is being deprecated. It likely already happened without your knowledge during an upgrade of your Linux box. systemd is the all knowing, all controlling meta-deity that sees all and supervises all. It’s the new One Master Process that aspires to control everything it can - and it’s already doing a lot. It’s what init would look like if it were a transformer on steroids. It’s complicated, multi-faceted, opaque, and supremely powerful.

Offline attack shows Wi-Fi routers still vulnerable

Sat, 30 Aug 2014 17:41:00 +0100

The attack exploits weak randomization, or the lack of randomization, in a key used to authenticate hardware PINs on some implementations of Wi-Fi Protected Setup, allowing anyone to quickly collect enough information to guess the PIN using offline calculations. By calculating the correct PIN, rather than attempting to brute-force guess the numerical password, the new attack circumvents defenses instituted by companies. » Offline bruteforce attack on WiFi Protected Setup » Hands-on: hacking WiFi Protected Setup with Reaver< /a>

The Feynman Lectures on Physics, completely online

Sat, 30 Aug 2014 11:56:00 +0100

Last fall, we let you know that Caltech and The Feynman Lectures Website joined forces to create an online edition of The Feynman Lectures on Physics. They started with Volume 1. And now they’ve followed up with Volume 2 and Volume 3, making the collection complete. » The Feynman Lectures on Physics, Volume I » | The Feynman Lectures on Physics, Volume II » The Feynman Lectures on Physics, Volume III » Free textbooks » | Free ebooks

Hackers transform a smartphone gyroscope into an always-on microphone

Sat, 16 Aug 2014 09:16:00 +0100

Apps that use your smartphone’s microphone need to ask permission, but the motion sensors? No say-so needed. That might not sound like a big deal, but security researchers from Stanford University and defense firm Rafael have discovered a way to turn Android phone gyroscopes into crude microphones. They call their app ”Gyrophone” and here’s how it works: the tiny gyros in your phone that measure orientation do so using vibrating pressure plates. As it turns out, they can also pick up air vibrations from sounds, and many Android devices can do it in the 80 to 250 hertz range – exactly the frequency of a human voice.

Reflections on Trusting Trust

Fri, 15 Aug 2014 08:05:00 +0100

You can’t trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect.

The VP of Devil’s Advocacy

Thu, 07 Aug 2014 21:04:00 +0100

The tenth man. If nine of us look at the same information and arrive at the exact same conclusion, it’s the duty of the tenth man to disagree. No matter how improbable it may seem, the tenth man has to start thinking with the assumption that the other nine are wrong.

» MG Siegler | techcrunch.com

Why the Security of USB Is Fundamentally Broken

Sat, 02 Aug 2014 11:20:00 +0100

That’s the takeaway from findings security researchers Karsten Nohl and Jakob Lell plan to present next week, demonstrating a collection of proof-of-concept malicious software that highlights how the security of USB devices has long been fundamentally broken. The malware they created, called BadUSB, can be installed on a USB device to completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user’s internet traffic. Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted. And the two researchers say there’s no easy fix: The kind of compromise they’re demonstrating is nearly impossible to counter without banning the sharing of USB devices or filling your port with superglue.

Hacker a los 70: abuelos de la informática moderna que aún pican código a diario

Tue, 22 Jul 2014 09:00:00 +0100

Estamos tan inmersos en un mundo de electrónica, unos y ceros, que olvidamos lo recientes que son esos inventos que usamos a diario. Los primeros ordenadores personales verdaderamente relevantes nacieron a finales del siglo pasado: el Apple II (1977), el IBM PC (1981), el Commodore 64 (1982), el primer Macintosh (1984)¦ Windows nació aún más tarde, en 1985, como una extensión gráfica del sistema operativo MS-DOS.

» David G. Ortiz | yorokobu.es

StackOverflow Update: 560M Pageviews A Month, 25 Servers, And It’s All About Performance

Mon, 21 Jul 2014 17:38:00 +0100

The network of sites that make up StackExchange, which includes StackOverflow, is now ranked 54th for traffic in the world; they have 110 sites and are growing at a rate of 3 or 4 a month; 4 million users; 40 million answers; and 560 million pageviews a month. This is with just 25 servers. For everything. That’s high availability, load balancing, caching, databases, searching, and utility functions. All with a relative handful of employees. Now that’s quality engineering.

Sarah Harrison: ”No poder negar la verdad es lo que más les aterra”

Mon, 21 Jul 2014 07:45:00 +0100

Lo mismo sucede con el término de ”seguridad nacional” ampliamente utilizado desde la aparición de los documentos de la NSA. ”El término en sí significa proteger la estabilidad de tu país dentro de tus fronteras, por tanto no hay razón para vigilar a todo un país o invadir todo un país. Lo que hacen es utilizarlo como término universal para asustar a la gente evitando que publiquen la verdad y permitiéndoles tapar sus propios actos ilegales”, y recuerda como en pro de esta seguridad nacional, la agencia de seguridad nacional britanica irrumpió el pasado agosto en la redacción del diario estadounidense The Guardian y destruyó discos duros y documentación, en un ”extraordinario acto contra la libertad de prensa”. ”Y eso pasó en un país occidental, pero era por la seguridad nacional”.

El Gobierno de España está librando una guerra en contra del internet y tú eres la víctima

Mon, 21 Jul 2014 07:38:00 +0100

El canon AEDE se aprobaría el martes 22 de julio y sus implicaciones son mucho más grandes de lo que parece. Tasar el derecho a cita y legalizar medidas que atentan contra la libertad de expresión en internet. En este caso, la víctima eres tú.

» Eduardo Arcos | alt1040.com

Visualizing Algorithms

Sun, 29 Jun 2014 18:52:00 +0100

Algorithms are a fascinating use case for visualization. To visualize an algorithm, we don’t merely fit data to a chart; there is no primary dataset. Instead there are logical rules that describe behavior. This may be why algorithm visualizations are so unusual, as designers experiment with novel forms to better communicate. This is reason enough to study them. But algorithms are also a reminder that visualization is more than a tool for finding patterns in data. Visualization leverages the human visual system to augment human intellect: we can use it to better understand these important abstract processes, and perhaps other things, too.

The history of Android: The endless iterations of Google’s mobile OS

Tue, 17 Jun 2014 20:14:00 +0100

Android has been with us in one form or another for more than six years. During that time, we’ve seen an absolutely breathtaking rate of change unlike any other development cycle that has ever existed. When it came time for Google to dive in to the smartphone wars, the company took its rapid-iteration, Web-style update cycle and applied it to an operating system, and the result has been an onslaught of continual improvement. Lately, Android has even been running on a previously unheard of six-month development cycle, and that’s slower than it used to be. For the first year of Android’s commercial existence, Google was putting out a new version every two-and-a-half months.

Los tres monos sabios de WhatsApp

Sun, 15 Jun 2014 09:18:00 +0100

Abres WhatsApp cada diez minutos y, sin embargo, nunca has reparado en la historia fascinante que esconden tres de sus emoticonos más populares. Están en la categoría de smileys, justo debajo de la fila de expresivos gatitos amarillos, flanqueados por la máscara del lengendario Tengu nipón y una imponente calavera. A primera vista, son solo tres simpáticos y expresivos monos que dan mucho juego en las conversaciones, pero las apariencias engañan: detrás hay tradición, misterio y un lejano mito oriental.

La primera hoja de cálculo para PCs cumple 35 años

Wed, 11 Jun 2014 21:15:00 +0100

En la primavera de 1978 mientras que Dan Bricklin se sentaba en una de las clases del Máster que se estaba sacando en la Escuela de Empresariales de Harvard (Harvard Business School), se le ocurrió la idea de plasmar de forma electrónica lo que el profesor estaba haciendo en la pizarra. Éste, estaba dibujando una matriz con números en ciertas celdas y operaciones aritméticas en ciertas otras. Es decir, a Bricklin se le acababa de ocurrir la idea de crear una hoja de cálculo electrónica.

We are rate limiting the FCC to dialup modem speeds until they pay us for bandwidth

Thu, 05 Jun 2014 09:34:00 +0100

Since the FCC seems to have no problem with this idea, I’ve (through correspondence) gotten access to the FCC’s internal IP block, and throttled all connections from the FCC to 28.8kbps modem speeds on the Neocities.org front site, and I’m not removing it until the FCC pays us for the bandwidth they’ve been wasting instead of doing their jobs protecting us from the ”keep America’s internet slow and expensive forever” lobby.

ASCII Chart

Sun, 01 Jun 2014 22:42:00 +0100

The American Standard Code for Information Interchange (ASCII) was developed under the auspices of a committee of the American Standards Association, called the X3 committee, by its X3.2 (later X3L2) subcommittee, and later by that subcommittee’s X3.2.4 working group. The ASA became the United States of America Standards Institute or USASI and ultimately the American National Standards Institute.

» Charles Torvalds | askapache.com

The Forgotten History Of CGI

Sat, 31 May 2014 20:58:00 +0100

The roots of CGI lie in the first mechanical aids to drawing and painting. The earliest of these were developed to help solve a problem every artist has found to be sticky: perspective. Before the introduction of geometric perspective, the realistic depiction of nature was not one of the purposes of art. Instead, artists chose the size and position of objects in a picture by their relative importance to one another. A distant castle might appear to be larger than one in the foreground simply because it was considered more important.

The Golden Age of Basic

Sat, 31 May 2014 17:39:00 +0100

I remember my first program, by which I mean one that I cobbled together myself, not simply typing in a complete listing from the manual. I was twelve, the year was 1985, and the computer a Texas Instruments TI-99/4A (a machine which was actually the first 16-bit home computer). My program was a very simple text adventure game, created by chaining together as many IF¦ THEN GOTO statements as I had patience for.

Programming Sucks

Sat, 31 May 2014 17:30:00 +0100

Every friend I have with a job that involves picking up something heavier than a laptop more than twice a week eventually finds a way to slip something like this into conversation: ”Bro,1 you don’t work hard. I just worked a 4700-hour week digging a tunnel under Mordor with a screwdriver.” They have a point. Mordor sucks, and it’s certainly more physically taxing to dig a tunnel than poke at a keyboard unless you’re an ant. But, for the sake of the argument, can we agree that stress and insanity are bad things? Awesome. Welcome to programming.

Programming is social

Sat, 31 May 2014 13:20:00 +0100

Programming is social, too. Most people think it’s not. With assistance from media portrayals of programmers and sloppy stereotypes of our own, they think most of us would prefer to work alone in the dark. Some do, of course, but even then most programmers I know like to talk shop with other programmers all the time. They like to talk about the places where they are stuck, as well as the places they used to be stuck. War stories are the currency of the programmer community.

Unsafe cookies leave WordPress accounts open to hijacking, 2-factor bypass

Mon, 26 May 2014 21:50:00 +0100

Yan Zhu, a staff technologist at the Electronic Frontier Foundation, came to that determination after noticing that WordPress servers send a key browser cookie in plain text, rather than encrypting it, as long mandated by widely accepted security practices. The cookie, which carries the tag ”wordpress_logged_in,” is set once an end user has entered a valid WordPress user name and password. It’s the website equivalent of a plastic bracelets used by nightclubs. Once a browser presents the cookie, WordPress servers will usher the user behind a velvet rope to highly privileged sections that reveal private messages, update some user settings, publish blog posts, and more. The move by WordPress engineers to allow the cookie to be transmitted unencrypted makes them susceptible to interception in many cases.

netcat - Cycles Per Instruction

Sun, 25 May 2014 11:48:00 +0100

Welcome to the most unnecessarily complicated netcat album release format yet. In this repository, you will be able to compile your own kernel module, create a /dev/netcat device and redirect its output into an audio player (tested with mplayer and play from SoX as well).
 ogg123 - < /dev/netcat

;’ Brandon Lucia, Andrew Olmstead, and David Balatero github.com

Exploring limits of covert data collection on Android: apps can take photos with your phone without you knowing

Sun, 25 May 2014 09:42:00 +0100

Android apps can take photos with your phone in background phones without displaying any notification and you won’t see the app on the list of installed applications. App can send the photos over the internet to their private server. You can also find video with demo in this post.

» Szymon Sidor | snacksforyourmind.blogspot.co.uk

Bash implementation of 2048 game

Sat, 24 May 2014 17:43:00 +0100

Bash 2048 v1.1 (https://github.com/mydzor/bash2048) pieces=16 target=2048 score=2884

/------|------|------|------\
| 4 | 2 | 8 | 4 |
|------|------|------|------|
| 2 | 16 | 256 | 32 |
|------|------|------|------|
| 16 | 32 | 16 | 2 |
|------|------|------|------|
| 2 | 8 | 128 | 4 |
\------|------|------|------/
GAME OVER
Your score: 2884
You have lost, better luck next time.

;’ mydzor github.com

Aunque parezca mentira, siguen existiendo BBS

Sat, 24 May 2014 16:42:00 +0100

Belky es el ”sysop” (administrador) de VampireBBS. Anda estos días muy contento porque ha puesto de nuevo en marcha su vieja BBS. 32 personas accedieron al sistema nada más inaugurarlo, lo que en este prehistórico mundo es un éxito. Las BBS fueron, en la década de los 80 y 90, la Internet de la gente de la calle, la red a la medida humana, precursoras de todo lo que vendría después y centros de aprendizaje para muchos programadores, administradores y, en general, hackers. Hoy quedan muy pocas en pie, sólo tres en España, pero están decididas a no morir.

SSD breakthrough means 300% speed boost, 60% less power usage... even on old drives

Sat, 24 May 2014 16:08:00 +0100

A breakthrough has been made in SSD technology that could mean drastic performance increases due to the overcoming of one of the major issues in the memory type. Currently, data cannot be directly overwritten onto the NAND chips used in the devices. Files must be written to a clean area of the drive whilst the old area is formatted. This eventually causes fragmented data and lowers the drive’s life and performance over time.

TRS Drawbot

Sat, 24 May 2014 15:02:00 +0100

On a standard headphone plug, the left channel comes through the outer ”tip” contact, the right channel through the middle ”ring” contact, and the ground connection through the inner ”sleeve” contact. The acronym for these so-called ”tip-ring-sleeve” connectors is where TRS Drawbot gets its name. It has no microchips or circuit boards and uses free software to turn line graphics into sound files that make almost any audio device into an on-the-go robot controller.

Why Java is a compiled language and Python is not

Sat, 24 May 2014 07:36:00 +0100

One comment’s answer was ’marketing’, which in a sense is correct; one reason we call Java a compiled language is that that’s what Sun called it from the start. Another comment noted that Java has an explicit compilation phase that is separate from having the JVM execute your Java program by interpreting the bytecodes. All of this points us towards what I feel is the real answer:

In Java, bytecode is a first class object. In Python it’s an internal implementation detail.

Script-injected ”async scripts” considered harmful

Fri, 23 May 2014 21:21:00 +0100

The inline JavaScript solution has a subtle, but very important (and an often overlooked) performance gotcha: inline scripts block on CSSOM before they are executed. Why? The browser does not know what the inline block is planning to do in the script it is about to execute, and because JavaScript can access and manipulate the CSSOM, it blocks and waits until the CSS is downloaded, parsed, and the CSSOM is constructed and available.

Reverse Engineering a Furby

Sat, 18 Jan 2014 15:58:00 +0100

This past semester I’ve been working on a directed study at my university with Prof. Wil Robertson reverse engineering embedded devices. After a couple of months looking at a passport scanner, one of my friends jokingly suggested I hack a Furby, the notoriously annoying toy of late 1990s fame. Everyone laughed, and we all moved on with our lives.

However, the joke didn’t stop there. Within two weeks, this same friend said they had a present for me. And that’s how I started reverse engineering a Furby.

xkcd 1313: Something is Wrong on the Internet!

Tue, 07 Jan 2014 01:41:00 +0100

I found that the rollover text, “/bu|[rn]t|[coy]e|[mtg]a|j|iso|n[hl]|[ae]d|lev|sh|[lnd]i|[po]o|ls/ matches the last names of elected US presidents but not their opponents.”, is obviously false. After all there are several last names (like “Nixon” and “Bush”) that denote both elected presidents and opponents. So no regular expression could both match and not match “Nixon”.

So that got me thinking: if we ignore names that are both winners and losers, what regular expression does cover the winners and not the losers? And let’s try to find a short one, although perhaps not the very shortest.

Un ejército de ’frikis’ contra Telefónica

Tue, 07 Jan 2014 01:19:00 +0100

Hubo un tiempo en que sólo había un camino para surcar las redes: la Compañía Telefónica Nacional de España. Y una sola pensamiento profundo de los hackers: engañarla para surcar estas redes sin pagar nada. Entonces cogió gran importancia una especialidad, dentro de las artes del hacking, llamada ’phreaking’ (http://hackstory.net/phreaking), contracción de ’phone’ (teléfono) y ’freak’ (monstruo). Los ’phreakers’ tienen gran conocimiento de las líneas telefónicas y saben, entre otras cosas, como usarlas para llamar gratis. En los años 80 y 90 no había grupo de hackers que no contase entre sus filas con uno o más buenos ’phreakers’.

fix ubuntu

Sun, 15 Dec 2013 20:02:00 +0100

If you’re an Ubuntu user and you’re using the default settings, each time you start typing in Dash (to open an application or search for a file on your computer), your search terms get sent to a variety of third parties, some of which advertise to you.

Ubuntu should protect user privacy by default. Since it doesn’t, you can use the code to the left to disable the parts of Ubuntu which are invasive to your privacy.

Álbum para celebrar los 30 años de la FAMICOM/NES

Sun, 15 Dec 2013 15:27:00 +0100

A finales de 1983 la compañía Nintendo sacó al mercado la consola FAMICOM en Japón, a los pocos años se comercializó también por Europa y América bajo el nombre de NES. Para celebrar sus treinta años de existencia algunos entusiastas han decidido no quedarse de brazos cruzados y le han hecho un merecido homenaje, usándola para componer un CD de música que se distribuye de manera gratuita bajo licencia Creative Commons.

Este es el hombre que terminará por destruir Silicon Valley

Mon, 18 Nov 2013 20:41:00 +0100

El cumplimiento de la ecuación de Moore ha sido posible hasta la fecha gracias a la reducción constante del tamaño y el precio de los chips, unido al aumento de su potencia de cálculo. Sin embargo, los límites de la física están comenzando a imponerse sobre los pronósticos de Moore.

» David Pérez | elconfidencial.com

Descansad en paz, hackers.

Sun, 17 Nov 2013 13:55:00 +0100

Llevamos unos días en los que nos hemos enterado vía twitter de grandes pérdidas para la comunidad de seguridad informática a nivel mundial. Los más recientes, y en muy poco espacio de tiempo, Cédric Blancher y Péter Sz¶r (este último, hace un par de días, el 12 de Noviembre).

» José A. Guasch | securitybydefault.com

Command-line Forensics of hacked PHP.net

Tue, 05 Nov 2013 12:55:00 +0100

The good people from Barracuda Labs were kind enough to share a PCAP file from the PHP.net compromize on their blog.

I decided to have a closer look at that PCAP file to see what can be extracted from it. Since the PCAP contains Windows malware I played safe and did all the analysis on a Linux machine with no Internet connectivity.

» Erik Hjelmvik | netresec.com

Make a Raspberry Pi into a Anonymizing Tor Proxy!

Mon, 04 Nov 2013 12:30:00 +0100

Feel like someone is snooping on you? Browse anonymously anywhere you go with the Onion Pi Tor proxy. This is fun weekend project that uses a Raspberry Pi, a USB WiFi adapter and Ethernet cable to create a small, low-power and portable privacy Pi.

Using it is easy-as-pie. First, plug the Ethernet cable into any Internet provider in your home, work, hotel or conference/event. Next, power up the Pi with the micro USB cable to your laptop or to the wall adapter. The Pi will boot up and create a new secure wireless access point called Onion Pi. Connecting to that access point will automatically route any web browsing from your computer through the anonymizing Tor network.

FreeNAS

Sun, 03 Nov 2013 13:35:00 +0100

FreeNAS es un sistema operativo basado en FreeBSD pero orientado a servicios de almacenamiento en red. NAS corresponde a las siglas de ”almacenamiento conectado en red”.

FreeNAS y su fork Nas4Free son gratuitos, Nas4Free es open-source basado en licencia BSD. Estos sistemas operativos permiten crear un servidor doméstico muy potente con multitud de opciones de configuración como por ejemplo administración de decenas de usuarios con los permisos adecuados, crear unidades RAID para hacer copias de seguridad redundantes o aumentar el rendimiento del sistema.

25 años del gusano de Morris

Sat, 02 Nov 2013 13:00:00 +0100

El bicho explotaba vulnerabilidades en distintos servicios, como un fallo en el modo debug de sendmail, un buffer overflow en fingerd y una incorrecta configuración del rsh/rexec que permitía saltar entre equipos sin validación. Además de los clásicos usuarios y contraseñas débiles.

» Alejandro Ramos | securitybydefault.com

The 30 CSS Selectors you Must Memorize

Sun, 13 Oct 2013 11:31:00 +0100

So you learned the base id, class, and descendant selectors – and then called it a day? If so, you’re missing out on an enormous level of flexibility. While many of the selectors mentioned in this article are part of the CSS3 spec, and are, consequently, only available in modern browsers, you owe it to yourself to commit these to memory.

» Jeffrey Way | tutsplus.com

10 Colossal Old Computers That Changed History

Sun, 07 Jul 2013 20:47:00 +0100

Computers have come a long way since the early days, when two of the machines could take over a four-story building and weigh up to 250 tons. As early as the 1930s, inventors, engineers and physicists were figuring out ways to use machines to perform complex calculations and processes, employing pioneering methods to achieve their goals. Although some of those techniques and devices are now blissfully obsolete, many early innovators hit upon technologies that are still in use today. These 10 colossal old computers are a testament to the alluring potential of computing and the ingenuity of early computer scientists – as well as a visual demonstration of just how far we’ve come.

Uncovering android master key that makes 99% of devices vulnerable

Sat, 06 Jul 2013 13:24:00 +0100

The Bluebox Security research team – Bluebox Labs – recently discovered a vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user. The implications are huge! This vulnerability, around at least since the release of Android 1.6 (codename: ”Donut” ), could affect any Android phone released in the last 4 years1 – or nearly 900 million devices2– and depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet.

La edad de Oro de los videojuegos

Sun, 30 Jun 2013 23:46:00 +0100

La edad de oro de los videojuegos en España (1985 - 1991). EL número de Ordenadores de 8 bits en nuestro país era el suficiente como para crear una industria del videojuego. Jóvenes emprendedores crearían una industria lúdica, basada en el videojuego, que sorprendería en todo el mundo. Esta es la historia de esos programadores, compañías y entorno que nos embelesó en los inicios de la informática.

» Litos NET | youtube.com

Todo el mundo debería saber programar

Sat, 29 Jun 2013 11:01:00 +0100

» code.org | Via Friki Cabrón youtube.com

Así vuela un avión, y ojalá que por fin se aclare el tema de una vez por todas

Sun, 16 Jun 2013 23:06:00 +0100

”¿Cómo es posible que este montón de metal pueda sustentarse en el aire?” Esa pregunta nos la hemos hecho muchas veces, y aun hoy el ciudadano medio tiende a aceptarlo como artículo de fe. Hay muchas explicaciones en Internet, pero algunas son confusas, otras están equivocadas y otras más nos dejan como estábamos; y reitero lo que ya he dicho en Twitter, ”Brujería” no vale.

» Arturo Quirantes | naukas.com

Ethernet cumple 40 años: Bob Metcalfe

Sun, 16 Jun 2013 23:06:00 +0100

Éranse una vez los años 70, y un lugar denominado Centro de Investigación de Xerox en Palo Alto, California (Xeros PARC) donde se trabajaba en lo que sería la oficina del futuro. Dentro de ese proyecto existían unos ordenadores con capacidades gráficas y ratón que se llamaban ’Alto’ y, a pesar de lo temprano de los tiempos -en términos bit-, también se fabricaban allí las primeras impresoras láser. Tanto los ’Alto’ como las ’printers’ requerían interconexión; ya que aquellos primitivos ordenadores personales –aquellos primeros PCs que por robo intelectual o caprichos del destino pasaron por las nada inocentes manos de Steve Jobs y dieron origen a Apple- debían mandar los archivos para imprimir a las laser, pero también entenderse entre sí. La misión de intercomunicarlos y conseguir que los datos de unas máquinas pasaran a otras; es decir la misión de construir las primeras redes locales, se encomendó a un joven ingeniero de 27 años, especialista en comunicaciones, que se había graduado poco antes en el MIT (Instituto de Tecnología de Masachussets). Su nombre: Robert Metcalfe.

Gestión de RAID a través de MDADM

Sun, 16 Jun 2013 23:06:00 +0100

MDADM (Multiple Device Administrator) es un conjunto de herramientas que son utilizadas en GNU/Linux para la gestión de RAID (Redundant Array of Independent Disks, que se traduce como conjunto redundante de discos independientes) administrado a través de software, distribuido bajo los términos de la Licencia Pública General de GNU versión 2 (GNU/GPLv2).

» Joel Barrios Dueñas | alcancelibre.org

Prince of persia code review

Sat, 15 Jun 2013 23:06:00 +0100

Even though it is the Apple II version written in 6502 assembly language, it was a pleasant experience to dive in the code of that mythical game: As usual there were many fascinating sofware wizardries to discover.

The Apple II apparent poor environment for game programming was actually ground to unmatched innovation and creativity : From self-modifying code, in-house bootloader, clever floppy disc format to skewing lookup tables: Prince Of Persia features engineering treasures in every modules.

BIOS Based Rootkits

Fri, 14 Jun 2013 23:06:00 +0100

Everything described here is based on a project I completed in early 2011, which was originally started several years earlier. While attending CanSecWest in 2009, Anibal Sacco and Alfredo Ortega from Core Security did a presentation on ’Persistent BIOS Infection’ where they demonstrated how it was possible to patch the BIOS to do some nasty/awesome things. Their Phrack write-up is here: http://www.phrack.com/issues.html?issue=66&id=7. At the time this seemed really cool, but I never ended up getting the chance to try it out. A year later I needed to do a term project for school, so I decided to revisit BIOS hacking, and implement some of it myself.

The most sophisticated Android Trojan

Sun, 09 Jun 2013 23:06:00 +0100

Recently, an Android application came to us for analysis. At a glance, we knew this one was special. All strings in the DEX file were encrypted, and the code was obfuscated.

The file turned out to be a multi-functional Trojan, capable of the following: sending SMS to premium-rate numbers; downloading other malware programs, installing them on the infected device and/or sending them further via Bluetooth; and remotely performing commands in the console. Now, Kaspersky Lab’s products detect this malicious program as Backdoor.AndroidOS.Obad.a

First Glimpse into the Soul of a Tamagotchi

Sat, 08 Jun 2013 23:06:00 +0100

I dumped the ROM of a Tamagotchi using the code execution ability I posted previously. I wrote 6502 code that dumped each byte of the memory space of the Tamagotchi, and output it over port A (which is usually the Tamagotchi button input) via SPI.

» Natalie Silvanovich | kwartzlab.ca

How crackers ransack passwords like ’qeadzcwrsfxv1331’

Sat, 08 Jun 2013 23:06:00 +0100

In March, readers followed along as Nate Anderson, Ars deputy editor and a self-admitted newbie to password cracking, downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them. The moral of the story: if a reporter with zero training in the ancient art of password cracking can achieve such results, imagine what more seasoned attackers can do.

Imagine no more. We asked three cracking experts to attack the same list Anderson targeted and recount the results in all their color and technical detail Iron Chef style. The results, to say the least, were eye opening because they show how quickly even long passwords with letters, numbers, and symbols can be discovered.

Los 10 errores típicos de una PYME en materia de seguridad

Sat, 08 Jun 2013 23:06:00 +0100

No cabe duda de que en los últimos años hemos avanzado mucho en Seguridad de la Información. Poco a poco, entre las empresas comienza a implantarse la idea de que la seguridad es un ámbito al que hay que prestar una atención específica e independiente, más allá de lo que muchos consideran ”los informáticos”. Sin embargo, si no es bueno caer en el catastrofismo, no debemos ser demasiado indulgentes: queda mucho camino por recorrer y los avances no siempre se producen a la velocidad a la que, afortunadamente para los delincuentes, serían recomendables o deseables. A diario se producen noticias de empresas u organizaciones con una fuerte inversión en seguridad cuya infraestructura tecnológica es vulnerada, lo que da una idea del desequilibrio de fuerzas existente.

Stage By Stage Boot Process Of Linux In Detail

Sat, 08 Jun 2013 23:06:00 +0100

This article describes linux booting process in detail, what are the steps involved, which scripts run, what configuration files are read and their order, from turning on the system till getting the login prompt. Although this article projects a general view of booting a Linux system, but some configuration files and commands can be Red Hat specific. You can also download linux boot process pdf version for future reference.

» Raghu | expertslogin.com

Tetris Printer Algorithm

Wed, 05 Jun 2013 23:06:00 +0100

The algorithm converts pixels from a source image into squares in the Tetris playfield, one row at a time from the bottom up. To generate an individual square, the algorithm assembles a structure consisting of a rectangular region fully supported by a single square protruding from the bottom. When the rectangular region is completed, its rows are cleared, leaving behind the protruding square. Three examples of the process appear below

A Short History of the O’Reilly Animals

Sat, 01 Jun 2013 00:06:00 +0100

In the mid-1980s, O’Reilly (aka O’Reilly & Associates) was selling short books on Unix topics via mail order. These books, known as ”Nutshell Handbooks,” were held together by staples, and had plain brown covers. Over time, Tim O’Reilly decided that he wanted to sell the books through brick-and-mortar bookstores, and hired a graphic designer to create new book covers. Those covers were used for the first two titles that were sold into bookstores, but Tim wasn’t satisfied with the design.

¿Influye la edad en la calidad como programador?

Mon, 13 May 2013 00:10:00 +0100

Se dice que son necesarias 10.000 horas de trabajo de programación para alcanzar el nivel de experto, pero una vez llegado a él, ¿cuál es la evolución? ¿Se mantiene? ¿Continúa mejorando? ¿Retrocede?

» Juan Palacio | navegapolis.com

Cómo 4 ecuaciones cambiaron el mundo

Sat, 04 May 2013 21:43:00 +0100

Cuenta la anécdota que un día de la primavera de 1855 el físico inglés Michael Faraday daba una conferencia pública en la que mostraba sus pioneros experimentos sobre la electricidad y el magnetismo. Entre la audiencia se encontraba William Gladstone, entonces Ministro de Hacienda y futuro Primer Ministro. Gladstone se levantó y le espetó al investigador: ”todo esto es muy bonito, ¿pero alguna vez le encontraremos una aplicación práctica?”, a lo que Faraday respondió: ”no se preocupe, algún día el gobierno cobrará impuestos sobre esto”.

Luke’s Change: an Inside Job

Wed, 01 May 2013 15:13:00 +0100

An examination of some questionable events and circumstances leading up to the destruction of the Death Star, through the eyes of an amateur investigative journalist within the Star Wars galaxy. The focus is mainly on the connections between the people who created and operated the Death Star and those responsible for destroying it. For those who don’t care for the obvious, this is a satirical spoof of the 9/11 truther video Loose Change.

HTTP: The Protocol Every Web Developer Must Know – Part 1

Tue, 30 Apr 2013 00:12:00 +0100

HTTP stands for Hypertext Transfer Protocol. It’s a stateless, application-layer protocol for communicating between distributed systems, and is the foundation of the modern web. As a web developer, we all must have a strong understanding of this protocol.

Let’s review this powerful protocol through the lens of a web developer. We’ll tackle the topic in two parts. In this first entry, we’ll cover the basics and outline the various request and response headers. In the follow-up article, we’ll review specific pieces of HTTP – namely caching, connection handling and authentication.

Una partida ’perfecta’ de Serpiente

Mon, 29 Apr 2013 13:13:00 +0100

En 1997 esto era lo más avanzado en la industria del entretenimiento móvil. ”Snake” era conocido en entre los jugadores de PC y otras plataformas informáticas pero el Nokia 6110 fue el primer teléfono que lo integró entre sus características.

» Angel Jimenez de Luis | gizmodo.com

Imprescindibles: The I.T. Crowd

Sun, 28 Apr 2013 13:08:00 +0100

Probablemente es una de las series de televisión que más carcajadas me ha arrancado en los últimos años. Pese a su título (en español, Los informáticos) tiene bastante poco que ver con el humor ”nerd” de The Big Bang Theory, por ejemplo. The IT Crowd, para quien todavía no la haya visto y se la esté perdiendo, es una comedia de malentendidos y enredos, repleta de situaciones surrealistas que llegan a complicarse hasta el delirio incluso en los breves minutos que dura cada episodio.

No debes despreciar aquello que más necesitas

Sat, 27 Apr 2013 13:07:00 +0100

En mi opinión el origen de todos los males que afectan a la profesión del desarrollo de software (no me meto en otras cosas), o mejor dicho del programador (evito eufemismos tipo ”arquitecto”, ”ingeniero software”, ”desarrollador” o similares) es el desprecio a programar, el desprecio de la labor del programador frente a otros tipos de tareas.

» Jose María Arranz | saveinformaticos.reeelab.com

Time travel in movies

Sun, 21 Apr 2013 20:48:00 +0100

» mr. dalliard | mr-dalliard.tumblr.com

Los códigos genéticos e informáticos comparten sorprendentes similitudes

Sat, 20 Apr 2013 15:11:00 +0100

La teoría de la ”supervivencia del más apto” de Darwin puede aplicarse tanto a los sistemas biológicos como a los sistemas informáticos, sugiere una investigación del BNL y de la la Stony Brook University de Nueva York. El análisis del genoma de 500 bacterias y de 200.000 paquetes Linux ha revelado que estas dos redes complejas utilizan el mismo mecanismo para expandir sus componentes clave. La razón de esta similitud estaría en que las dos son sistemas de acceso libre, afirman los científicos.

Señoras y señores, con todos nosotros: La Vida

Wed, 10 Apr 2013 21:03:00 +0100

La vida es algo de lo que tenemos constancia directa, identificamos si un sistema está vivo o si no lo está. Sin embargo, aún no tenemos una definición totalmente satisfactoria del concepto ’vida’. Bien es cierto que hay una frontera difusa entre lo vivo y lo no vivo, uno siempre puede recurrir a los virus para forzar la conversación, pero a partir de cierto nivel la distinción entre sistemas vivos y sistemas inertes es más que evidente. Y la pregunta es: ¿cómo se originó la vida? ¿qué condiciones dieron lugar a la misma?

How two volunteers built the Raspberry Pi’s operating system

Sat, 06 Apr 2013 18:02:00 +0100

When you buy a Raspberry Pi, the $35 computer doesn’t come with an operating system. Loading your operating system of choice onto an SD card and then booting the Pi turns out to be pretty easy. But where do Pi-compatible operating systems come from?

With the Raspberry Pi having just turned one year old, we decided to find out how Raspbian”the officially recommended Pi operating system”came into being. The project required 60-hour work weeks, a home-built cluster of ARM computers, and the rebuilding of 19,000 Linux software packages. And it was all accomplished by two volunteers.

Desarrollan el primer transistor biológico

Fri, 05 Apr 2013 23:47:00 +0100

Un equipo de investigadores de la Universidad de Stanford ha desarrollado el primer transistor biológico a partir de materiales genéticos: ADN y ARN. Bajo el nombre de ”transcriptor”, los científicos hablan de este transistor biológico como el componente final necesario para la construcción de computadoras biológicas que funcionen dentro de las células vivas.

» Miguel Jorge | alt1040.com

Free and Openand Their Opposites

Thu, 04 Apr 2013 21:31:00 +0100

Merriam-Webster defines a tenet as ”a principle, belief, or doctrine generally held to be true; especially one held in common by members of an organization, movement, or profession.” As it happens, Linux is claimed by two doctrines that are to some degree at odds: those of free software and open source. This contention began when Eric S. Raymond published ”Goodbye, ’free software’; hello, ’open source’”, on February 8, 1998

» Doc Searls | linuxjournal.com

The Command Line is Your Best Friend

Wed, 03 Apr 2013 23:43:00 +0100

Yes, it’s that white (or green) on black screen, where mysterious text flows and strange commands execute. I know great programmers who never use the CLI; however, I also know basic computer users who do everything in the CLI instead of the graphical user interface (GUI). They have console applications to browse the web and file system, read mail, view images and edit text. They even watch YouTube videos and read PDF files without a GUI!

Cómo perder peso (en el navegador)

Tue, 02 Apr 2013 22:39:00 +0100

¿Y si nos juntáramos un grupo de expertos que trabajan en grandes sitios para crear una guía para el rendimiento front-end definitiva?

Y no sólo una de esas aburridas guías hechas para robots, ¿y si hiciéramos algo divertido? ¿Qué tal reunirse Briza Bueno (Americanas.com), Davidson Fellipe (Globo.com), Giovanni Keppelen (ex-Peixe Urbano), Jaydson Gomes (Terra), Marcel Duran (Twitter), Mike Taylor (Opera), Renato Mangini (Google) y Sérgio Lopes (Caelum) para crear la mejor referencia posible?

Internet Census 2012: Port scanning /0 using insecure embedded devices

Mon, 01 Apr 2013 00:50:00 +0100

While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. We used these devices to build a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage.

The 8085’s register file reverse engineered

Sun, 31 Mar 2013 20:28:00 +0100

On the surface, a microprocessor’s registers seem like simple storage, but not in the 8085 microprocessor. Reverse-engineering the 8085 reveals many interesting tricks that make the registers fast and compact. The picture below shows that the registers and associated control circuitry occupy a large fraction of the chip, so efficiency is important. Each bit is implemented with a surprisingly compact circuit. The instruction set is designed to make register accesses efficient. An indirection trick allows quick register exchanges. Many register operations use the unexpected but efficient data path of going through the ALU.

Las primeras programadoras

Sun, 31 Mar 2013 16:22:00 +0100

Cuando se habla del nacimiento de los primeros computadores, normalmente, se suelen asociar a hombres que trabajaban en el equipo de descifradores de códigos Bletchley Park durante la Segunda Guerra Mundial (como Alan Turing), John William Mauchly y John Presper Eckert en el ENIAC o Howard H. Aiken como responsable de la construcción de la Harvard Mark I; sin embargo, en los equipos de trabajo de estos pioneros de la computación se encontraban mujeres que ejercieron de programadoras y diseñadoras de los precursores de los ordenadores y servidores que sustentan nuestro trabajo diario.

DRM en HTML: la guerra por poseer la Web

Sat, 30 Mar 2013 20:02:00 +0100

Tim Berners-Lee habló hace unos días en las conferencias SXSW acerca del futuro de HTML, el lenguaje que inventó para construir la Web. Entre sus dichos habituales sobre la posición de la Web como la plataforma universal definitiva para acceder al conocimiento, Berners-Lee dijo algo que desató las protestas del mundo libre (tecnológicamente hablando): ”si no ponemos las ayudas necesarias para usar DRM [en la Web], la gente simplemente regresará a usar Flash”.

Una disputa en torno al spam genera el mayor ataque DDOS registrado en Internet

Fri, 29 Mar 2013 20:00:00 +0100

Varios medios se han hecho eco del que puede ser, probablemente, el mayor ataque de denegación de servicio (DDOS) registrado en la historia de Internet. Todo parece indicar que tras el ataque está una disputa en torno al SPAM. Una de las víctimas, CloudFlare, sitio especializado en la distribución de contenidos, ha confirmado el hecho.

El ataque ha tenido lugar entre el 18 y 19 de este mes, afectando a muchos usuarios de la Red y servicios como Netflix. Para entender hasta qué punto el ataque ha sido importante, pensad que un ataque DDOS normal puede suponer un tráfico de 10 Gbps, y éste ha llegado a picos de 300 Gbps, el más importante que se conoce públicamente.

La obra de M. C. Escher en la cultura popular

Thu, 28 Mar 2013 19:46:00 +0100

La obra de Maurits Cornelis Escher está plagada de composiciones sorprendentes en las que todos los elementos se fusionan y de perspectivas imposibles (aunque también produjo otro tipo de litografías). Su influencia fue enorme y ha repercutido en cientos de artistas. Pero también se pueden encontrar muchísimos homenajes a Escher en la cultura popular. Desde el celebérrimo gag del sillón de Los Simpson a los créditos de Donnie Darko, pasando por uno de los puzles más conocidos de God of War, estos son algunos ejemplos de la aparición de los diseños del artista holandés (o inspirados en ellos) en diversos campos.

Introducing the HTML5 Hard Disk Filler¢ API

Wed, 27 Mar 2013 21:42:00 +0100

The HTML5 Web Storage standard was developed to allow sites to store larger amounts of data (like 5-10 MB) than was previously allowed by cookies (like 4KB). localStorage is awesome because it’s supported in all modern browsers (Chrome, Firefox 3.5+, Safari 4+, IE 8+, etc.).

The standard anticipated that sites might abuse this feature and advised that browsers limit the total amount of storage space that each origin could use.

Run time profiling with cProfile

Wed, 27 Mar 2013 21:03:00 +0100

Python is distributed with profiling modules. They describe the run time operation of a pure python program, providing a variety of statistics.

The cProfile module is the recommended module. To execute your program under the control of the cProfile module, a simple form is:
$ python -m cProfile -s cumulative mypythonscript.py

» Alain Leufroy | logilab.org

Visualization of Regular Expression Character Classes

Tue, 26 Mar 2013 20:52:00 +0100

We all know the regular expression character classes, right? There are 12 standard classes:
[:alnum:] [:digit:] [:punct:]
[:alpha:] [:graph:] [:space:]
[:blank:] [:lower:] [:upper:]
[:cntrl:] [:print:] [:xdigit:]
But have you seen a visual representation of what these classes match? Probably not. Therefore I created a visualization that illustrates which part of the ASCII set each character class matches.

» Peteris Krumins | catonmat.net

El código Asimov

Sun, 24 Mar 2013 21:55:00 +0100

El hombre artificial siempre fue una fantasía que resulta tan atractiva como inquietante. Como ocurre con las fantasías, tarde o temprano a alguien pensó en llevarla a la práctica. Desde los autómatas de Vaucanson y Jacquet-Droz (tan admirados en el Siglo de las Luces) hasta esos vistosos robots humanoides que la televisión sueles usar para darles color en sus noticieros, aún suelen provocar ciertos temores.

» Pablo Capanna | pagina12.com.ar

Hacking the tag in 100 characters

Sat, 23 Mar 2013 12:21:00 +0100

A short while ago, I discovered that JavaScript allows you to change the href after you click on it. It may not seem that serious at first glance, but rest assured, it can trick customers into giving in their details to fraudsters.

» bilaw.al

Exigimos la retirada de la Ley Lassalle (nueva reforma de la Ley de Propiedad Intelectual)

Thu, 21 Mar 2013 00:00:00 +0100

Exigimos la retirada de la Ley Lassalle y la apertura de un diálogo equilibrado, moderado por un mediador neutral, entre las autoridades, ciudadanía en general, artistas, creadores e industria, con el objetivo discutir sobre las auténticas reformas necesarias en la LPI en un diálogo abierto y honesto.

No podemos aceptar una reforma en la que la copia privada se convierte de facto en una mera copia personal en una clara desconexión con la realidad y una involución legislativa que no se podía ni concebir ni a finales del siglo pasado y que actúa directamente contra los intereses de creadores y artistas que ven en la copia privada una actividad que les beneficia y sin la cual, muchos no hubieran llegado a ser tales.

Las claves del nuevo canon digital a las universidades: ¿a quién afecta y a quién beneficia?

Wed, 20 Mar 2013 23:20:00 +0100

El Gobierno de Mariano Rajoy planea la creación de un canon digital que se aplicaría a las universidades por los fragmentos de obras sometidas a derechos de autor que distribuyen a través de Internet en sus campus virtuales.

Según la Conferencia de Rectores de Universidades Españolas (Crue) y los expertos en derechos de autor y propiedad intelectual, este canon sería ilegal. Para la sociedad de derechos de autor que gestiona los intereses de las editoriales y los autores de textos, Cedro, es una necesidad. ”Si se paga por las fotocopias, cómo no se va a pagar por las copias digitales”, aduce.

How High Can You Get?

Wed, 20 Mar 2013 01:21:00 +0100

So I wanted to find out: what exactly is the bug in the program that causes this behavior and also, can it be fixed?

First I looked on the Internet to see if the answer has already been found. Some good starting information is located at http://www.jeffsromhack.com/products/donkeykong_tech.htm. There, Jeff Kulczycki breaks down the math of the kill screen, showing the formula that is used to compute the bonus for each level. The formula says the level times 10, plus 40, gives the number of hundreds in the bonus timer. If the result is too large it is forced back down. The key to this is that the level number is used in the calculation. On level 22 an overflow occurs, leaving the player with just 400 points on the timer because the multiplication and addition yields a number larger than 256.

El principio de exclusión explicado con urinarios

Wed, 20 Mar 2013 00:54:00 +0100

El principio de exclusión de Wolfgang Pauli nos dice que dos electrones en un mismo átomo no pueden tener todos sus números atómicos iguales. ¿Y qué significa eso? Aquí es donde entran los urinarios. En un centro comercial construido en la época dorada del ladrillo, un constructor un poco garrulo decidió poner un solo baño y con unas características especiales: la distancia entre los grupos de urinarios era inmensa, pero le daba la oportunidad de poner anuncios con las innumerables promociones de pisos de lamentable calidad, ridículo tamaño y exorbitante precio que tenía en venta. Así que los clientes no tenían más remedio que pasar por interminables pasillos de promociones fraudulentas para liberarse de su agüita amarilla y, si había suerte, saldrían con una hipoteca de por vida.

Propiedad intelectual: Preguntas frecuentes sobre la Ley Lasalle

Tue, 19 Mar 2013 00:48:00 +0100

Lo que hace la Ley Lasalle es terminar con ese debate en España decantándolo a la opción más favorable a la industria de los contenidos. La Ley define ahora expresamente lo que es ”acceso legal” y lo restringe a las copias que se hagan de un soporte original -por lo que la obra ha de estar adherida a un soporte- y siempre que lo hayas adquirido en propiedad por haberlo comprado, excluyendo así copias de obras originales pero alquiladas e incluso las que se hacen de un original que te presta un amigo. Además se exige que esa copia del original que has comprado la hagas por tus propios medios, si la haces ”con asistencia de terceros”, será ilícita.

Final Fantasy VII Review (Plot Spoilers)

Mon, 18 Mar 2013 00:37:00 +0100

My review of the 7th installment in the Final Fantasy series.

» IsanWilshireIII | youtube.com

CEO Friday: Why we don’t hire .NET programmers

Sun, 17 Mar 2013 19:09:00 +0100

See, experience is cheap. All it takes is time. Skill is harder, but really only requires hard work ” a lot of people can get that. But attitude. You either have it, or you don’t. The right sort of person is so passionate about coding, they can’t be stopped from doing it. They typically started before high school ” sometimes before middle school ” and never looked back. They write everything from assembly to jQuery, on PCs to mobile phones, doing hard core computer graphics to high level social networking. They’ve tried everything.

Revisa tu contrato: si contiene una de estas cláusulas, Europa lo considera abusivo

Sat, 16 Mar 2013 13:18:00 +0100

La propia Unión Europea reconoce que los abusos más frecuentes son:

excluir o limitar los derechos legales del consumidor con respecto al profesional en caso de incumplimiento

imponer al consumidor que no cumpla sus obligaciones una indemnización desproporcionadamente alta

incluir la adhesión del consumidor a cláusulas de las cuales no ha tenido la oportunidad de tomar conocimiento real antes de la celebración del contrato

supresión u obstaculización del ejercicio de acciones judiciales o de recursos.

» Ruth Ugalde | lainformacion.com

An open letter from bunnie, author of Hacking the Xbox

Fri, 15 Mar 2013 02:06:00 +0100

No Starch Press and I have decided to release this free ebook version of Hacking the Xbox in honor of Aaron Swartz. As you read this book, I hope that you’ll be reminded of how important freedom is to the hacking community and that you’ll be inclined to support the causes that Aaron believed in.

I agreed to release this book for free in part because Aaron’s treatment by MIT is not unfamiliar to me. In this book, you will find the story of when I was an MIT graduate student, extracting security keys from the original Microsoft Xbox. You’ll also read about the crushing disappointment of receiving a letter from MIT legal repudiating any association with my work, effectively leaving me on my own to face Microsoft.

¿Cuánto cuesta hacer un ping todas las direcciones de Internet?

Wed, 13 Mar 2013 00:59:00 +0100

Internet, la red de redes; todas las organizaciones modernas del mundo están conectadas a Internet. Un gran número de individuos disponemos de conexión a Internet, en el trabajo, en el domicilio particular y en el dispositivo móvil.

Esto nos puede hacer pensar que estamos hablando de un vasto rango de direcciones, dentro de las cuales los atacantes pueden centrar sus ataques en una organización determinada. Por ahora tomaremos como toda Internet el espacio de direcciones de IPv4. Cuando se despliegue y esté en uso IPv6, está claro que todo esto cambiara y habrá un nivel añadido de complejidad.

Godzilla

Sat, 09 Mar 2013 11:28:00 +0100

No hay duda de que Japón se ha convertido en el paraíso frikinal (con permiso de Howard Wolowitz). Desde los dibujos animados de Mazinger Z de mi niñez al Naruto de la de mis hijos, el país del sol naciente nos ha proporcionado una buena provisión de cine y literatura friki. Pero sin duda, el rey de todo ese paraíso es un enorme lagarto, dinosaurio, dragón o lo que sea. Por supuesto, me refiero a Godzilla.

El cifrado sin control, no sirve de nada

Tue, 05 Mar 2013 15:23:00 +0100

Últimamente, tanto en auditorías que realizamos, como en código que encuentro en la red, hay una cosa que me llama poderosamente la atención, y es el mal uso (o uso incompleto) de las funciones de criptografía. Por lo general, el procedimiento que suelen seguir los desarrolladores que no están en contacto con el mundo de la seguridad, suelen consistir en coger un método que venga con la API del lenguaje o en una librería de terceros, buscar el método que implementa el algoritmo de cifrado de turno, rellenar la firma del método y almacenar la salida.

Python internals: adding a new statement to Python

Fri, 01 Mar 2013 10:44:00 +0100

This article is an attempt to better understand how the front-end of Python works. Just reading documentation and source code may be a bit boring, so I’m taking a hands-on approach here: I’m going to add an until statement to Python.

All the coding for this article was done against the cutting-edge Py3k branch in the Python Mercurial repository mirror.

» Eli Bendersky | eli.thegreenplace.net

Keyboard rubik’s cube

Mon, 25 Feb 2013 00:27:00 +0100

This is my keyboard rubik’s cube. Must be solved in the normal way, but you have toï’¿ consider the centers and positioning the right way when you are solving the cube.

» Miguel Alonso | youtube.com

Superman vs Hulk - The Fight

Sun, 24 Feb 2013 23:58:00 +0100

Superman finds Hulk somewhere in the Mojave Desert. This is a prelude to a fight sequence in progress and will be posted some time in the future. Animation by Michael Habjan, created with Autodesk Maya 2009, composited and edited in Adobe After Effects CS3. Music done with Propellerhead Reason 5.

» Michael Habjan | youtube.com

Logran que un cuadricóptero sea capaz de lanzar y equilibrar un péndulo invertido

Sat, 23 Feb 2013 23:22:00 +0100

Un equipo de investigadores del Instituto de Tecnología de Suecia ha conseguido que unos cuadricópteros sean capaces de lanzar péndulos invertidos y, lo que es más sorprendente, atraparlos al vuelo y equilibrarlos. Para lograrlo, tienen que ser conscientes del ángulo de lanzamiento y de ’aterrizaje’ del péndulo, entre otros factores, y deben tener la capacidad de aprender de sus errores.

» Guillermo del Palacio | alt1040.com

Bobina de Tesla reproduce la melodía de Super Mario Bros

Fri, 22 Feb 2013 23:19:00 +0100

Estudiantes de ingeniería de la Universidad del Sur de Florida han trabajado durante 2 años en un proyecto que les ha llevado a construir una bobina de Tesla de 3 metros de altura capaz de producir corriente alterna. Su creacíon tiene además la particularidad de que se puede configurar para que reproduzca versiones de melodías famosas mediante el tono de los grandes arcos eléctricos que genera. Para demostrarlo, han hecho que imite el tema principal de Super Mario Bros. Este es el resultado que han obtenido:

A year in the life of a kernel mantainer by Greg Kroah-Hartman

Fri, 22 Feb 2013 23:16:00 +0100

Diez comandos de ADB que deberías conocer

Sat, 09 Feb 2013 15:29:00 +0100

Una de las muchas razones por la que una gran cantidad de usuarios elegimos Android es por la facilidad de uso y las muchas cosas que podemos hacer cuando conectamos nuestro dispositivo al ordenador. Muchas veces, al actualizar el teléfono o tablet a una nueva versión, ponerle una ROM cocinada o conseguir permisos de superusuario (root), necesitamos tener más contacto con el aparato que el que nos da el programa que usemos en ese instante (Odín en los Samsung, por ejemplo). El ADB (Android Debug Bridge) es un programa para ordenador que nos servirá de puente para conectar nuestros androides a la computadora y poder así interactuar con ellos de una forma más ”avanzada” y completa. Vamos a ver cómo se hace y algunos comandos básicos.

Hidden Secret Codes for Google Android Mobile Phones

Sat, 09 Feb 2013 14:32:00 +0100

Recently I got a Google Android mobile phone ”Samsung Galaxy I7500”. While I’m loving playing with it, I also found some interesting secret codes which can enable/disable lots of hidden settings in the mobile phone. These codes can also show many useful information about the phone.

» askvg.com

EL CASO DE AARON SWARTZ

Sun, 13 Jan 2013 13:59:00 +0100

Ayer se suicidó Aaron Swartz, uno de los activistas de Internet que hicieron de la libertad de expresión y un internet abierto una de sus banderas; parte gigante del freno a SOPA/PIPA, como hacker había colaborado en la especificación RSS a los 14 años y hasta cofundado REDDIT¦ tal vez la suma de sus antecedentes depresivos y la decisión del Gobierno de USA de perseguirlo y hacer un ejemplo con su caso lo llevaron a suicidarse.

High-Resolution Mandelbrot in Obfuscated Python

Sun, 06 Jan 2013 01:40:00 +0100

Here’s a followup to last month’s post about Penrose Tiling in Obfuscated Python. The Mandelbrot set is a traditional favorite among authors of obfuscated code. You can find obfuscated code in C, Perl, Haskell, Python and many other languages. Nearly all examples render the Mandelbrot set as ASCII art. The following Python script, on the other hand, begins as ASCII art:

_ _ = ( 255, lambda V ,B,c :c and Y(VV+B,B, c -1)if(abs(V)<6)else ( 2+c-4_abs(V)-0.4)/i ) ;v, x=1500,1000;C=range(v*x );import struct;P=struct.pack;M,
j =’<qiihhhh ‘,open(‘M.bmp’,‘wb’).write for X in j(‘BM’+P(M,v_x_3+26,26,12,v,x,1,24))or C: i ,Y=;j(P(‘BBB’,_(lambda T:(T_80+T__9 _i-950_T 99,T70-880T18+701 T __9 ,T*i*(1-T*_45_2)))(sum( [ Y(0,(A%3/3.+X%v+(X/v+ A/3/3.-x/2)/1j)*2.5 /x -2.7,i)**2 for
A in C [:9]]) /9) ) )

Sin dejar rastro, el ciberactivista paranoico

Sun, 30 Dec 2012 14:36:00 +0100

Ser ciberactivista cada día es más peligroso en este país donde asistimos boquiabiertos a la continua detención de personas que han participado en manifestaciones¦ o que iban a hacerlo como sucedió con las detenciones preventivas de miembros de la Coordinadora 25S.

Que no tenemos nada que ocultar es un pensamiento generalizado, pero no es cierto, máxime cuando se pretende criminalizar hasta la convocatoria de manifestaciones a través de las redes sociales.

Kbuild: the Linux Kernel Build System

Sun, 30 Dec 2012 14:34:00 +0100

One amazing thing about Linux is that the same code base is used for a different range of computing systems, from supercomputers to very tiny embedded devices. If you stop for a second and think about it, Linux is probably the only OS that has a unified code base. For example, Microsoft and Apple use different kernels for their desktop and mobile OS versions (Windows NT/Windows CE and OS X/iOS). Two of the reasons this is possible on Linux are that the kernel has many abstraction layers and levels of indirection and because its build system allows for creating highly customized kernel binary images.

100 Diagrams That Changed the World

Sun, 30 Dec 2012 14:32:00 +0100

Since the dawn of recorded history, we’ve been using visual depictions to map the Earth, order the heavens, make sense of time, dissect the human body, organize the natural world, perform music, and even concretize abstract concepts like consciousness and love. 100 Diagrams That Changed the World (UK; public library) by investigative journalist and documentarian Scott Christianson chronicles the history of our evolving understanding of the world through humanity’s most groundbreaking sketches, illustrations, and drawings, ranging from cave paintings to The Rosetta Stone to Moses Harris’s color wheel to Tim Berners-Lee’s flowchart for a ”mesh” information management system, the original blueprint for the world wide web.

Does rooting your device void your statutory warranty?

Wed, 19 Dec 2012 17:35:00 +0100

No. Just the fact that you modified or changed the software of your device, is not a sufficient reason to void your statutory warranty. As long as you have bought the device as a consumer in the European Union.

» Matija Å uklje, Carlo Piana | fsfe.org | Ismael Callejas elandroidelibre.com

10 interpretaciones de los viajes en el tiempo y visiones del futuro en la ciencia ficción

Wed, 19 Dec 2012 00:35:00 +0100

Desde que en 1781 apareció la obra ”Año 7603”, primera en la que se habla de un viaje en el tiempo, mucho se ha escrito sobre el tema en la ciencia ficción, sobre posibles paradojas, sobre la posibilidad o no de cambiar los acontecimientos, etcétera. En cada obra, los efectos de dichos viajes se interpretan de forma distinta. Y eso es lo que vamos a ver aquí, 10 interpretaciones en la ciencia ficción sobre lo que puede pasar cuando se conoce el futuro, ya sea conocido por viajes en el tiempo, predicciones u otros medios.

Noam Chomsky. La lingüistica, la informática y el activismo

Tue, 18 Dec 2012 17:05:00 +0100

En cuanto a la relación de Chomsky con la informática proviene de sus enormes aportaciones a la Teoría de Autómatas y al estudio de los lenguajes formales, donde sus ideas se aplican a la perfección. Dichas aportaciones han resultado elementos indispensables para la construcción de compiladores y traductores que puedan servir de intérpretes válidos entre las órdenes que dan los seres humanos y su correcta recepción y aplicación por máquinas automáticas. Puede decirse que el papel desempeñado por Chomsky ha resultado crucial en este importante campo, pues fue imprescindible para dar el siguiente paso tras los primeros computadores, el ENIAC o el propio ACE de Turing, programados directamente en código binario, de forma que a mediados de 1954 ya influyó en la especificación del borrador The IBM Mathematical Formula Translating System, origen del lenguaje Fortran, y también John Backus adoptó sus reglas para describir la sintaxis de Algol, origen de la notación Backus-Naur.

10 PRINT CHR$(205.5+RND(1)); : GOTO 10

Tue, 18 Dec 2012 16:50:00 +0100

This book takes a single line of code”the extremely concise BASIC program for the Commodore 64 inscribed in the title”and uses it as a lens through which to consider the phenomenon of creative computing and the way computer programs exist in culture. The authors of this collaboratively written book treat code not as merely functional but as a text”in the case of 10 PRINT, a text that appeared in many different printed sources”that yields a story about its making, its purpose, its assumptions, and more. They consider randomness and regularity in computing and art, the maze in culture, the popular BASIC programming language, and the highly influential Commodore 64 computer.

¿Cómo funciona la red Tor?

Tue, 18 Dec 2012 13:46:00 +0100

Tor es una red que implementa una técnica llamada Onion Routing (enrutado cebolla en castellano, aunque suena bastante peor), diseñada con vistas a proteger las comunicaciones en la Marina de los Estados Unidos. La ideas es cambiar el modo de enrutado tradicional de Internet para garantizar el anonimato y privacidad de los datos.

» Guillermo Julián | genbeta.com

El camino a un mejor programador

Mon, 17 Dec 2012 01:08:00 +0100

;`El camino a un mejor programador;’ es un libro que recopila artículos sobre ingeniería informática escritos por Esteban Manchado Velázquez, Joaquín Caraballo Moreno y Yeray Darias Camacho.

La mayoría de los artículos tratan sobre pruebas automáticas de una manera u otra, pero el tema común es mejorar como profesional de la informática.

» emanchado.github.com

A successful Git branching model

Sun, 16 Dec 2012 14:46:00 +0100

In this post I present the development model that I’ve introduced for all of my projects (both at work and private) about a year ago, and which has turned out to be very successful. I’ve been meaning to write about it for a while now, but I’ve never really found the time to do so thoroughly, until now. I won’t talk about any of the projects’ details, merely about the branching strategy and release management.

Ten Simple Rules for the Open Development of Scientific Software

Sun, 16 Dec 2012 14:44:00 +0100

If you have the choice, embracing an open approach to development has tremendous benefits. It allows you to build on the work of other scientists, and enables others to build on your own efforts. To make the development of open scientific software more rewarding and the experience of using software more positive, the following ten rules are intended to serve as a guide for any computational scientist.

» Andreas PrliÄ‡1, James B. Procter | ploscompbiol.org

Merge branch ’x86-nuke386-for-linus’

Sun, 16 Dec 2012 13:41:00 +0100

Pull ”Nuke 386-DX/SX support” from Ingo Molnar: ”This tree removes ancient-386-CPUs support and thus zaps quite a bit of complexity:

24 files changed, 56 insertions(+), 425 deletions(-)

… which complexity has plagued us with extra work whenever we wanted to change SMP primitives, for years.

Unfortunately there’s a nostalgic cost: your old original 386 DX33 system from early 1991 won’t be able to boot modern Linux kernels anymore. Sniff.”

I’m not sentimental. Good riddance.

Pong cumple 40 años: un videojuego tan antiguo, tan antiguo que ni siquiera era digital

Sun, 16 Dec 2012 13:17:00 +0100

El 29 de noviembre de 1972, hace ahora 40 años, un extraño artilugio salía del taller de Atari, por aquel entonces una jovencísima empresa que pretendía prácticamente inventar un nuevo mercado, con conceptos y aparatos como los videojuegos, las videoconsolas y las máquinas recreativas de videojuegos.

Se llamaba Pong y era un enorme armario de madera con un tubo de rayos catódicos en blanco y negro a modo de pantalla, unas palancas a modo de mandos y una ranura en la que echar monedas. Esos fueron los humildes comienzos de una compañía pionera fundada por Nolan Bushnell y Ted Dabney en Estados Unidos el verano de ese mismo año. El juego en sí lo desarrolló Allan Alcorn, un ingeniero cuyo nombre también ha pasado a los anales de la informática y la industria del entretenimiento.

Cómo trabajar con vhdl usando software libre

Sat, 15 Dec 2012 19:25:00 +0100

Las clases de ingeniería electrónica suelen dictarse usando herramientas propietarias, así que siempre paso algunas horas buscando hacer mis trabajos con software libre. Por esta razón, he decidido compartir la siguiente guía.

» pandacris | usemoslinux.blogspot.com

Hacking my vagina

Sat, 15 Dec 2012 16:06:00 +0100

This project has been an astonishing little journey. Many of my previous projects were characterized by an amazing outpouring of effort to build something highly intricate and ultimately invisible. This is the opposite kind of project. A little bit of work and a little custom design to create something new and exciting that I can immediately use in my everyday life. It also happens to be a sex toy. In other words, I wanted to hack something I actually use: my vagina.

The Big Internet Museum

Sat, 15 Dec 2012 13:15:00 +0100

You are about to enter the Big Internet Museum. Explore an interactive and ever-growing collection about the Internet and its remarkable graphic interface: the World Wide Web.

By the way, we don’t have a building. The reason is simple: our collection only exists online. Aside from that it’s a museum like any other – with curators, a diverse permanent collection, temporary exhibitions, different wings, donations, and more. In the Big Internet Museum you can have your name printed on the wall by submitting a piece to the collection! We might even open a gift shop. There, we’ve said it.

2012: What a Year for Linux

Sat, 15 Dec 2012 13:10:00 +0100

2012 has been another year of records for Linux. The operating system is the fastest growing platform across multiple industries and is inspiring new projects every single day. Join us as we review this amazing year and celebrate Linux and its global community of developers, contributors and sponsors. For more information about Linux, please visit linuxfoundation.org and linux.com.

Third-party Video and Photo Credits In order of appearance:

Technology Academy of Finland

Amazon (Kindle)

Google (Chromebook)

» TheLinuxFoundation | youtube.com

Lista de páginas recomendadas para aprender inglés

Wed, 12 Dec 2012 13:36:00 +0100

A continuación os pongo una serie de páginas webs que considero imprescindibles en caso de tener cualquier tipo de duda. Se incluyen tanto páginas en castellano como en inglés, y junto a la página una pequeña descripción de lo que podéis encontrar en ella. Espero que os resulte útil.

» Alber | eingleses.com

Una abadía con muros de plata

Wed, 12 Dec 2012 13:29:00 +0100

Tiene veinticinco años y es, posiblemente, la `abadía’ más joven de las que pueblan el territorio español aunque su ubicación no es exacta: vive en todos y cada uno de los microordenadores de 8 bits que un día la alojaron en sus monitores.

La Abadía del Crimen cumple un cuarto siglo y lo hace como uno de los referentes máximos del videojuego español y convertida en un objeto de culto tanto para aquellos que pudieron catarla en su día como para aquellos que la han descubierto con unos años de retraso.

Powerful Command Line Tools For Developers

Sat, 03 Nov 2012 14:13:00 +0100

Good tools are invaluable in figuring out where problems lie, and can also help to prevent problems from occurring in the first place, or just help you to be more efficient in general. Command line tools are particularly useful because they lend themselves well to automation and scripting, where they can be combined and reused in all sorts of different ways. Here we cover six particularly powerful and versatile tools which can help make your life a little bit easier.

IMDB Top 250 in 2 1/2 Minutes

Sat, 03 Nov 2012 13:49:00 +0100

This is one incredible list of films/movies. If Peter Weyland wanted David to learn about cinema while the crew of Prometheus was still in hyper sleep, he’d probably have him go down the IMDB Top 250. This list does change infrequently, and I began the project over a month prior to November 1, 2012, so attention to my haters…Yes…I KNOW some of these movies are not on the top 250. 53 Titles to be exact (as of 11/1/12). However, none of my haters can tell me that any of these 303 titles do not exist on IMDB.

La idea matemática que hizo volar al Voyager

Tue, 30 Oct 2012 12:58:00 +0100

La sonda espacial Voyager ha cautivado al mundo con su proeza en los confines del Sistema Solar, pero su lanzamiento en 1977 sólo fue posible gracias a las ideas matemáticas y la persistencia de un estudiante de doctorado que descubrió cómo catapultar sondas al espacio.

» Christopher Riley y Dallas Campbell | bbc.co.uk

Por Que Tu Cámara No Importa

Tue, 30 Oct 2012 12:54:00 +0100

¿Porqué es que fotógrafos cargados con los artefactos más extraordinarios, que inclusive usan Internet para conseguir las coordenadas exactas de G.P.S donde Jack o Ansel sacaban sus fotos, llegando hasta esas ubicaciones geográficas con la imagen en la mano para poder sacar una copia igual (ilegal por el Derecho Registral de los EE.UU. y por el sentido común), consiguen algo que puede parecer similar, pero que carece de todo el impacto y la emoción del original que creyeron copiar?

Transformada de Fourier discreta en Python con SciPy

Mon, 29 Oct 2012 10:00:00 +0100

En este artículo vamos a ver cómo calcular la transformada de Fourier discreta (o DFT) de una señal en Python utilizando la transformada rápida de Fourier (o FFT) implementada en SciPy. El análisis de Fourier es la herramienta fundamental en procesamiento de señales y resulta útil en otras áreas como en la resolución de ecuaciones diferenciales o en el tratamiento de imágenes.

» Juanlu001 | pybonacci.wordpress.com

A Field Guide To Mobile App Testing

Sun, 28 Oct 2012 13:07:00 +0100

Testers are often thought of as people who find bugs, but have you ever considered how testers actually approach testing? Do you ever wonder what testers actually do, and how they can add value to a typical technology project?

I’d like to take you through the thought process of testers and discuss the types of things they consider when testing a mobile app. The intention here is to highlight their thought processes and to show the coverage and depth that testers often go to.

High Resolution Time

Sun, 28 Oct 2012 13:05:00 +0100

This specification defines a JavaScript interface that provides the current time in sub-millisecond resolution and such that it is not subject to system clock skew or adjustments.

» Jatinder Mann | w3.org

Envenenamiento de cabeceras en Django 1.3 y 1.4

Sun, 28 Oct 2012 12:57:00 +0100

Django, framework de desarrollo web basado en Python ha actualizado las ramas 1.3 y 1.4 para dar solución a una vulnerabilidad que podría, mediante técnicas de envenenamiento de cabeceras (”Header poisoning”), redireccionar a un usuario a un sitio malicioso o incluso el robo de credenciales.

Para realizar algunas operaciones, Django extrae el nombre del dominio de la cabecera ”Host” enviada. La vulnerabilidad (CVE-2012-4520) reside en el parser del método django.http.HttpRequest.get_host(), que extrae esta cabecera ”Host” incorrectamente.

Automating with convention: Introducing sub

Sun, 28 Oct 2012 12:38:00 +0100

When I started my on-call shifts, we had pretty little in the way of automation for day-to-day issues. Tasks like SSH’ing into our cluster, starting a Rails console, or doing a deep search through our gigantic mail directories, were either shelved away in someone’s bashrc, history log, or just ingrained into someone’s memory. This pain was also felt by a few other of my fellow programmers, and we started cobbling together a Git repo simply named ”37s shell scripts”.

A dash of algebra on wireless networks promises to boost bandwidth tenfold, without new infrastructure

Sun, 28 Oct 2012 12:01:00 +0100

Academic researchers have improved wireless bandwidth by an order of magnitude”not by adding base stations, tapping more spectrum, or cranking up transmitter wattage, but by using algebra to eliminate the network-clogging task of resending dropped packets of data.

By providing new ways for mobile devices to solve for missing data, the technology not only eliminates this wasteful process but also can seamlessly weave data streams from Wi-Fi and LTE”a leap forward from other approaches that toggle back and forth. ”Any IP network will benefit from this technology,” says Sheau Ng, vice president for research and development at NBC Universal.

Stable Linux kernel hit by ext4 data corruption bug

Fri, 26 Oct 2012 08:48:00 +0100

Linux kernel developer Theodore ”Ted” Ts’o has released a series of patches for what he has called ”a Lance Armstrong bug” in the kernel, meaning behaviour that does not trip up tests but nevertheless makes the kernel work differently than intended. A user had reported a problem that caused data loss; the kernel developers quickly narrowed this down to a fault in the ext4 implementation that was introduced with the release of Linux 3.6.2 just over a week ago. Apparently, the data corruption bug was hard to track down as it only manifests itself if a system is rebooted twice in a relatively short period of time.

Pocos elementos forman sistemas complejos en el mundo físico, biológico o digital

Sat, 20 Oct 2012 16:22:00 +0100

Cuando observamos el mundo físico que nos rodea, nos maravillamos de su extrema variedad y complejidad. Al examinar el mundo vivo no deja de sorprendernos la riqueza de animales y plantas que encontramos por doquier. Sería iluso pretender leer los libros que se han escrito en la historia. La música ofrece una enorme repertorio de temas que escuchar. Y el mundo digital sorprende por la desbordante cantidad de contenidos que nos presenta. Pero todos estos complejos mundos tienen algo en común: están compuestos por una pequeña cantidadde elementos combinados en gigantescos números.

The History of Film

Mon, 15 Oct 2012 20:37:00 +0100

This graphic chronicles the history of feature films from the origins in the 1910s until the present day. More than 2000 of the most important feature-length films are mapped into 20 genres spanning 100 years. Films selected to be included have: won important awards such as the best picture Academy Award; achieved critical acclaim according to recognized film critics; are considered to be key genre films by experts; and/or attained box office success.

El salto de Felix Baumgartner en Python

Mon, 15 Oct 2012 20:15:00 +0100

Supongo que todos estáis al tanto de la hazaña de Felix Baumgartner, el hombre que ha saltado desde una altura de más de 120000 pies desde un globo, convirtiéndose en el hombre que más alto ha saltado y el que ha alcanzado la mayor velocidad sin ayuda mecánica como parte de la misión Red Bull Stratos.

En Pybonacci somos tan frikis, que vamos a visualizar el salto supersónico de Baumgartner como mejor se nos da: con Python ;)

SOLID CSS

Tue, 09 Oct 2012 21:02:00 +0100

CSS was meant to style academic documents and simple sites (eg. wiki, blogs) where the cascade and descendant selectors makes a lot of sense. Unfortunately many sites we build nowadays are way more complex than that, and what used to work on simple projects doesn’t scale very well. We need to find smarter ways to code CSS to avoid the common issues and re-think the way we do our work. We should learn from the experience of other devs working in different domains, and apply into our own domain. Things like separation of concerns, modularity, encapsulation, DRY can (and should) be applied to large scale CSS projects as well. The main problem is that most people who are good at CSS doesn’t necessarily have a Computer Science background, most of them started as designers and learned CSS by themselves (that was my case¦). That’s the main reason why I’m writing this post.

Android, iOS, tiempos de respuestas y por qué nada es gratis en sistemas informáticos

Tue, 09 Oct 2012 19:59:00 +0100

Apple tomó muchas decisiones técnicas con el objetivo de mejorar la ”experiencia de usuario”, pero por sí mismas serían inútiles -o más perjudiciales- si no van acompañadas de medidas de control estrictas. Es fundamental el papel de los controles de las aplicaciones en el App Store (¡ojo! no los justifico). Independientemente de otras consideraciones políticas, dado su simplicidad y soluciones ad hoc, el iOS sería muy fácil de ”abusar” por los desarrolladores y aplicaciones.

Bash One-Liners Explained, Part III: All about redirections

Tue, 09 Oct 2012 19:54:00 +0100

Working with redirections in bash is really easy once you realize that it’s all about manipulating file descriptors. When bash starts it opens the three standard file descriptors: stdin (file descriptor 0), stdout (file descriptor 1), and stderr (file descriptor 2). You can open more file descriptors (such as 3, 4, 5, …), and you can close them. You can also copy file descriptors. And you can write to them and read from them.

Using footnote in tables

Tue, 09 Oct 2012 17:46:00 +0100

Have you ever tried to add a footnote to a table inside the tabular environment? Even though the index is printed, the search for the actual footnote will be in vain.

» Tom | texblog.org

From SQL injection to shell

Mon, 08 Oct 2012 13:00:00 +0100

This course details the exploitation of SQL injection in a PHP based website and how an attacker can use it to gain access to the administration pages. Then, using this access, the attacker will be able to gain code execution on the server. The attack is divided into 3 steps:

Fingerprinting: to gather information on the web application and technologies in use.

Detection and exploitation of SQL injection: in this part, you will learn how SQL injections work and how to exploit them in order to retrieve information.

Access to the administration pages and code execution: the last step in which you will access the operating system and run commands.

» pentesterlab.com

f2fs: introduce flash-friendly file system

Sat, 06 Oct 2012 13:54:00 +0100

NAND flash memory-based storage devices, such as SSD, eMMC, and SD cards, have been widely being used for ranging from mobile to server systems. Since they are known to have different characteristics from the conventional rotational disks, a file system, an upper layer to the storage device, should adapt to the changes from the sketch.

F2FS is a new file system carefully designed for the NAND flash memory-based storage devices. We chose a log structure file system approach, but we tried to adapt it to the new form of storage. Also we remedy some known issues of the very old log structured file system, such as snowball effect of wandering tree and high cleaning overhead.

Recopilación de relojes matemáticos

Fri, 05 Oct 2012 12:58:00 +0100

El tiempo… ese bien tan preciado para muchos, tan desperdiciado por la mayoría… Eso que los relojes nos ayudan a medir o controlar a diario.

Hablemos de relojes. Los hay de muchísimos tipos: de muñeca, de pared, analógicos, digitales, con números arábigos, con números romanos, o hasta sin números. Y, evidentemente, los hay con motivos friki-matemáticos. Y de esos son los que vamos a ver a continuación, de relojes matemáticos.

Lostalgic

Fri, 05 Oct 2012 12:39:00 +0100

This project is based on the entire ABC’s LOST TV show scripts, 115 episodes in 7 seasons, that I managed to parse from Lostpedia. I also parsed this page with additional information about hidden characters relations.

My aim for this project is not (only) to visualize some properties and patterns out of the script but actually to allow to read and enjoy the series in a different way.

I plan to add new views (will inform through twitter), more aimed to reveal global patterns in the script, and I will include cliffhangers and writing teams information.

HoneyMap

Mon, 01 Oct 2012 11:40:00 +0100

You are looking at the HoneyMap, a real-time world map which visualizes attacks captured by honeypots of the Honeynet Project. Red markers on the map represent attackers, yellow markers are targets (honeypot sensors).

» Florian Weingarte and Mark Schloesser | HoneyMap / honeynet.org

Major security vulnerability in some Samsung phones could trigger factory reset via web page

Wed, 26 Sep 2012 17:38:00 +0100

A major security vulnerability has been discovered in some TouchWiz-based Samsung smartphones, including the Galaxy S2 and certain Galaxy S3 models on older firmware. The bug was first demonstrated days ago by security researcher Ravi Borgaonkar at the Ekoparty security conference. It involves the use of a single line of code in a malicious web page to immediately trigger a factory reset without prompting the user, or allowing them to cancel the process. Even more serious is the possibility that this could be paired with a similar glitch to render the user’s SIM card inoperable. And as the malicious code is in URI form, it can also be delivered via NFC or QR code.

How To Ask Questions The Smart Way

Wed, 26 Sep 2012 10:13:00 +0100

In the world of hackers, the kind of answers you get to your technical questions depends as much on the way you ask the questions as on the difficulty of developing the answer. This guide will teach you how to ask questions in a way more likely to get you a satisfactory answer.

Now that use of open source has become widespread, you can often get as good answers from other, more experienced users as from hackers. This is a Good Thing; users tend to be just a little bit more tolerant of the kind of failures newbies often have. Still, treating experienced users like hackers in the ways we recommend here will generally be the most effective way to get useful answers out of them, too.

My dog: the paradox

Thu, 20 Sep 2012 23:48:00 +0100

» Matthew Inman | theoatmeal.com

An open letter to Senator Rockefeller

Thu, 20 Sep 2012 20:49:00 +0100

Dear Sen. Rockefeller,

I am a cyber expert. I invented a key technology known as ”IPS” that is a standard part of network defense. I invented hacking techniques like ”sidejacking” that are a standard part of network offense. I am a coder who has written a million lines of production code. I am a ”pentester” who has performed simulated attacks that confirm your worst nightmares about power-grid blackouts and financial meltdowns.

Cosmo, the Hacker ’God’ Who Fell to Earth

Sun, 16 Sep 2012 11:31:00 +0100

Cosmo is huge ” 6 foot 7 and 220 pounds the last time he was weighed, at a detention facility in Long Beach, California on June 26. And yet he’s getting bigger, because Cosmo ” also known as Cosmo the God, the social-engineering mastermind who weaseled his way past security systems at Amazon, Apple, AT&T, PayPal, AOL, Netflix, Network Solutions, and Microsoft ” is just 15 years old.

He turns 16 next March, and he may very well do so inside a prison cell.

How to Argue on the Internet Without Becoming a Troll

Sat, 15 Sep 2012 10:56:00 +0100

It’s September of an election year, and people are drawing lines, taking stands, and proclaiming their political beliefs. Even the lurkers, who brag that they ”never post political stuff on Facebook” find their trigger fingers twitching over the ”share” button. The internet is a battlefield, and you simply can’t get around online without being drawn into a shootout from time to time. When that happens, these tips will keep you knocking down opponents without losing your cool or becoming a troll.

Southampton engineers a Raspberry Pi Supercomputer

Thu, 13 Sep 2012 12:30:00 +0100

Computational Engineers at the University of Southampton have built a supercomputer from 64 Raspberry Pi computers and Lego.

The team, led by Professor Simon Cox, consisted of Richard Boardman, Andy Everett, Steven Johnston, Gereon Kaiping, Neil O’Brien, Mark Scott and Oz Parchment, along with Professor Cox’s son James Cox (aged 6) who provided specialist support on Lego and system testing.

Professor Cox comments: ”As soon as we were able to source sufficient Raspberry Pi computers we wanted to see if it was possible to link them together into a supercomputer. We installed and built all of the necessary software on the Pi starting from a standard Debian Wheezy system image and we have published a guide so you can build your own supercomputer.”

Well, Actually

Mon, 10 Sep 2012 17:25:00 +0100

As software developers, we develop habits that allow us to build products that work and do not fail under stress. Every software developer knows what an ”off-by-one” error is, and like the Karate Kid, we train extensively so we can avoid those traps. We learn how to avoid these and other similar software problems and we sharpen our skills to find logic errors.

As we mature as developers, finding logic errors and incomplete solutions becomes our way of life. It defines us.

HTML Responsive Images Extension

Fri, 07 Sep 2012 11:18:00 +0100

This proposal adds new elements and attribute to [HTML5] to enable different sources of images based on browser and display characteristics. The proposal addresses multiple use cases such as images used in responsive web designs and different images needed for high density displays.

This proposal allows content authors to provide user agents with the information they need to select the best image source. The current img element only allows for a single source of an image, but there are numerous use cases where document authors need to define different image sources depending on the factors such as the design, size resolution, and display density.

WhatsApp is using IMEI numbers as passwords

Fri, 07 Sep 2012 10:56:00 +0100

As you probably already heard in recent news, 1,000,001 Apple UDID’s were leaked. It’s unfortunate that so many apps use UDID’s to identify users since it’s extremely insecure.

This brings me to WhatsApp, a free messaging service, used by millions of people. Their system runs on a modified version of XMPP (Extensible Messaging and Presence Protocol). There is nothing wrong with using XMPP, but there is a problem in how WhatsApp handle authentication.

4 unix commands I abuse every day

Thu, 06 Sep 2012 18:05:00 +0100

A co-worker watched me type the other day and noticed that I use certain Unix commands for purposes other than they are intended. Yes, I abuse Unix commands.

» Tom Limoncelli | everythingsysadmin.com

The open source technology behind Twitter

Sat, 01 Sep 2012 12:54:00 +0100

Without open source, Twitter wouldn’t exist. Every Tweet you send and receive touches open source software on its journey between computers and mobile devices. We were curious about how much open source is used at Twitter. Beyond that, we wanted to discover how open source may influence the culture at Twitter, Inc.

We asked Chris Aniszczyk, Open Source Manager at Twitter, to share the company’s open source story. Aniszczyk will be keynoting at this month’s LinuxCon, August 29 through 31, in San Diego, CA. His topic: The open source technology behind a Tweet.

Los dueños de la información II

Fri, 31 Aug 2012 18:43:00 +0100

Hace año y medio que recopilé datos sobre la distribución de la propiedad de los medios de comunicación, compilando esos datos en un solo gráfico: los dueños de la información.

Parece que el gráfico tuvo buena acogida y a mucha gente le pareció interesante. A mí, al menos, me parece útil. Una herramienta para tener presente, cuando consultamos algún medio de comunicación, a qué intereses sirve. Así que me puse manos a la obra, recopilando datos de los movimientos empresariales en el sector, para poder mostraros un nuevo gráfico, ampliado, corregido y actualizado.

Old Spice Muscle Music

Fri, 31 Aug 2012 16:04:00 +0100

Watch me jam solo, then use the special interactive player to record your own remix. Go ahead, show me what you got!

Ver vídeo

» Terry Crews | vimeo.com

Walking paper

Thu, 30 Aug 2012 11:53:00 +0100

Paper Biped Robot making process from H/P MPM (Mechanical Paper Model) http://www.geocities.jp/kikousya290821/newmpm.htm All paper made Biped Robot without wooden shafts and elastic band as power source

» geocities.jp/kikousya290821 | via microsiervos.com

Which Are More Legible: Serif or Sans Serif Typefaces?

Mon, 27 Aug 2012 21:12:00 +0100

Back in 1998 when Times New Roman was still widely used on the web, my then boss made sure we always designed our web sites with Arial, as she hated the look of serif fonts on the web. Was it the case that sans serif fonts were more legible, or was it just a matter of taste?

In 2003 as part of my master’s degree I reviewed over 50 empirical studies in typography and found a definitive answer.

Tales Of A First Time Driver Developer

Sun, 26 Aug 2012 15:25:00 +0100

Since 2004, I’ve owned a ThinkPad A22m - a laptop that came out in 2001. Much to the dismay of certain friends, I still feel no need to purchase a newer computer. I’ve often said that this old hardware can do everything I need while still letting me run modern software. However, it now seems like I will have to take some responsibility for the code if I want that to still be true in the future.

Debian and I

Sat, 25 Aug 2012 12:39:00 +0100

Debian is the most influential Linux distribution ever. Of the 305 active distributions listed on Distrowatch, 147 are derived from Debian, and 87 from Ubuntu, Debian’s most famous off-shoot. In other words, 77% of the distributions being used today wouldn’t exist without Debian. That makes Debian’s nineteenth anniversary on August 16 worth a moment’s reflection, not just technologically, but socially as well.

For me, Debian and free software are hopelessly intertwined. While I had played about with Linux before, I only went hardcore when I started work on 5 July, 1999 at Stormix Technologies, an ultimately unsuccessful attempt to commercialize Debian. From there, I jumped ship to work at Progeny Linux System, which was founded by Ian Murdock and funded by Bruce Perens’ short-lived Linux Capital Group, and very much traded on the reputation of the two Debian leaders behind it.

¿Es posible tener un smartphone completamente libre?

Fri, 24 Aug 2012 23:51:00 +0100

Desde el punto de vista del usuario ¿Se puede tener una plataforma Android basada exclusivamente en Software Libre? Este es mi análisis tras una experiencia de seis meses de uso.

» Pablo Hinojosa | osl.ugr.es

Decipher MPPE by breaking MS-CHAP v2

Mon, 20 Aug 2012 19:13:00 +0100

Our investigation focuses on Microsoft proprietary protocols with the help of a network trace and references. The steps that will be covered are specific to authentication view (MS-Chapv2), key derivation for encryption and the algorithm of the compression feature (MPPE/MPPC). Finally, to complete our approach, we will illustrate weaknesses through a new forensic tool dedicated to these protocols.

Mainline :

Details on MSChap-v2 : The first chapter aims to understand how the authentication protocol works ; Overview of MPPE protocol : We explain briefly the encryption protocol ; Overview of MPPC protocol : Here, we take a look at the compression feature ; Decipher MPPE by breaking MSCHAP-v2 : We decipher MPPE protocol with the help of MSChap-v2;

Nyan Cat Telnet Server

Mon, 20 Aug 2012 18:53:00 +0100

This is an animated, color, ANSI-text telnet server that renders a loop of the classic Nyan Cat animation.

Open up a supported terminal and run:

telnet miku.acm.uiuc.edu

» Kevin Lange | miku.acm.uiuc.edu

10 Free Color Palettes From 10 Famous Paintings

Mon, 20 Aug 2012 13:03:00 +0100

If you want to learn a thing or two about color, why not look to the true masters whose artistic work has stood the test of time? Great painters almost always possess a keen understanding of color that is truly impressive when you stop to appreciate it.

» Joshua Johnson | designshack.net

The Emerging Revolution in Game Theory

Mon, 20 Aug 2012 00:17:00 +0100

The world of game theory is currently on fire. In May, Freeman Dyson at Princeton University and William Press at the University of Texas announced that they had discovered a previously unknown strategy for the game of prisoner’s dilemma which guarantees one player a better outcome than the other.

That’s a monumental surprise. Theorists have studied Prisoner’s Dilemma for decades, using it as a model for the emergence of co-operation in nature. This work has had a profound impact on disciplines such as economics, evolutionary biology and, of course, game theory itself. The new result will have impact in all these areas and more.

El gran fraude de los cosméticos

Fri, 17 Aug 2012 12:53:00 +0100

El pasado martes, Mercadona retiró 11 productos cosméticos después de una evaluación realizada por la Agencia Española de Medicamentos y Productos Sanitarios. Ayer, esa misma agencia publicó un comunicado explicando que el problema era de orden administrativo y no existía ningún peligro para la salud de los consumidores.

Me parece un buen momento para que hablemos del verdadero problema de fondo. La industria cosmética se sostiene sobre una mentira: hacer creer a sus clientes que la eficacia de sus productos tiene una base científica.

New release under development; suggestions requested

Fri, 17 Aug 2012 12:29:00 +0100

Fellow Linuxers,

This is just to announce the imminent completion of a brand-new Linux release, which I’m calling the Debian Linux Release. This is a release that I have put together basically from scratch; in other words, I didn’t simply make some changes to SLS and call it a new release. I was inspired to put together this release after running SLS and generally being dissatisfied with much of it, and after much altering of SLS I decided that it would be easier to start from scratch. The base system is now virtually complete (though I’m still looking around to make sure that I grabbed the most recent sources for everything), and I’d like to get some feedback before I add the ”fancy” stuff.

BSD vs Linux

Wed, 15 Aug 2012 18:59:00 +0100

I run FreeBSD on my computers. A lot of my friends run Linux, or at least one of the distributions of it. Naturally, then, we agree that a Unix-style operating system is the right choice, but we disagree on which to use.

It’s been my impression that the BSD communit{y,ies}, in general, understand Linux far better than the Linux communit{y,ies} understand BSD. I have a few theories on why that is, but that’s not really relevant. I think a lot of Linux people get turned off BSD because they don’t really understand how and why it’s put together. Thus, this rant; as a BSD person, I want to try to explain how BSD works in a way that Linux people can absorb.

Game deaths

Wed, 15 Aug 2012 18:09:00 +0100

A compilation of classic arcade deaths, arranged to an 8-bit cover of ”Mad World”.

The music is a cover of Mad World, by Tears for Fears.

» Rob Beschizza | boingboing.net

Best Paper Awards in Computer Science (since 1996)

Wed, 15 Aug 2012 17:30:00 +0100

Much of this data was entered by hand (obtained by contacting past conference organizers, retrieving cached conference websites, and searching CVs) so please email me if you notice any errors or omissions: bestpaper-AT-jeffhuang.com. I tried to collect best paper awards from the top-tier conferences in each area, but some conferences do not have such an award (e.g. SIGGRAPH, CAV). ”Distinguished paper award” and ”outstanding paper award” are included but not ”best student paper” (e.g. NIPS) or ”best 10-year old paper” (e.g. POPL)

Python Ecosystem - An Introduction

Wed, 15 Aug 2012 17:26:00 +0100

When developers shift from PHP, Ruby or any other platform to Python, the very first road block they face (most often) is a lack of an overall understanding of the Python ecosystem. Developers often yearn for a tutorial or resource that explains how to accomplish most tasks in a more or less standard way.

What follows is an extract from the internal wiki at my workplace, which documents the basics of the Python ecosystem for web application development for our interns, trainees and experienced developers who shift to Python from other platforms.

Brainfuck beware: JavaScript is after you!

Mon, 13 Aug 2012 19:32:00 +0100

I just made a tool to transform any javascript code into an equivalent sequence of ()[]{}!+ characters. You can try it here, or grab it from github or npm. Keep on reading if you want to know how it works.

What do you know about non-alphanumeric XSS?

The other day one of my friends asked me that question on IRC, pointing me to some articles on sla.ckers.org where they tried to create some scripts like alert(1) with non-alphanumeric characters.

I Was a Teenage Hacker

Fri, 10 Aug 2012 10:38:00 +0100

Twenty-four years ago today, I had a very bad day.

On August 8, 1988, I was a senior in high school. I was working my after school and weekend job at Safeway as a cashier, when the store manager suddenly walked over and said I better stop ringing up customers and talk to my mother on the store phone right now. Mom told me to come home immediately because, well, there were police at the front door asking for me with some legal papers in hand.

The web architecture of The Internet map

Wed, 08 Aug 2012 18:04:00 +0100

You must have heard about The Internet map by now. If not, you can take a look at it here. Roughly speaking, the Internet Map displays websites’ location according to users’ behavior. Similar websites visited by the same people are situated close to one another; different websites not having mutual visitors are situated at a considerable distance from each other. The size of a website on the map is determined by its average click rating while the color is defined by belonging to a nationality. You can get a more detailed notion referring to the About section on the website of the Map.

Did Bill Gates Steal the Heart of DOS?

Wed, 08 Aug 2012 17:43:00 +0100

The history of the computer industry is filled with fascinating tales of riches that appear to practically fall from the sky.

Along with stories of riches won, there are stories of opportunities missed. Take that of Ronald Wayne, who cofounded Apple Computer with Steve Wozniak and Steve Jobs but sold his shares for just US $2300. And John Atanasoff, who proudly showed his digital computer design to John Mauchly”who later codesigned the Eniac, often defined as the first electronic computer, without credit to Atanasoff.

Why the Cloud Sucks

Tue, 07 Aug 2012 01:22:00 +0100

I’ve had too many personal experiences get messed up just because companies change things on the cloud. I’ve come to a depressed state of feeling that I own nothing on the cloud and have no ability to keep things working the way they do. Features change and get dropped, things you depend on disappear, etc. And no company will ever take responsibility. It’s rare to ever get told what really happened.

Seeing Through Walls With a Wireless Router

Mon, 06 Aug 2012 03:19:00 +0100

Wi-Fi radio signals are found in 61 percent of homes in the U.S. and 25 percent worldwide, so Karl Woodbridge and Kevin Chetty, researchers at University College London, designed their detector to use these ubiquitous signals. When a radio wave reflects off a moving object, its frequency changes”a phenomenon called the Doppler effect. Their radar prototype identifies frequency changes to detect moving objects. It’s about the size of a suitcase and contains a radio receiver composed of two antennas ;íand a signal-processing unit. In tests, they have used it to determine a person’s location, speed and direction”even through a one-foot-thick brick wall. Because the device itself doesn’t emit any radio waves, it can’t be detected.

The website of the world’s first-ever web server

Mon, 06 Aug 2012 03:11:00 +0100

CERN, the European Organization for Nuclear Research, is where it all began in March 1989. A physicist, Tim Berners-Lee, wrote a proposal for information management showing how information could be transferred easily over the Internet by using hypertext, the now familiar point-and-click system of navigating through information. The following year, Robert Cailliau, a systems engineer, joined in and soon became its number one advocate.

The idea was to connect hypertext with the Internet and personal computers, thereby having a single information network to help CERN physicists share all the computer-stored information at the laboratory. Hypertext would enable users to browse easily between texts on web pages using links. The first examples were developed on NeXT computers.

Crowd Source Audit Platform for Manual PenTest

Sat, 04 Aug 2012 12:24:00 +0100

Helping Companies, and Hackers to get things done. Companies test their servers or Web Apps covered by anonymity and confidentiality, while Hackers get paid for what they love to do most: Hacking Servers

» hackaserver.com

Using Bipolar Transistors As Switches

Thu, 02 Aug 2012 12:41:00 +0100

While transistors have many uses, one of the less known uses by amateurs is the ability for bipolar transistors to turn things on and off. While there are limitations as to what we can switch on and off, transistor switches offer lower cost and substantial reliability over conventional mechanical relays. In this article, we will review the basic principles for transistor switches using common bipolar transistors.

The most commonly used transistor switch is the PNP variety shown in Figure 1. The secret to making a transistor switch work properly is to get the transistor in a saturation state. For this to happen we need to know the maximum load current for the device to be turned on and the minimum HFE of the transistor.

La ESI de Ciudad Real libera 4 libros sobre Desarrollo de Videojuegos

Wed, 01 Aug 2012 10:06:00 +0100

La Escuela Superior de Informática de la Universidad de Castilla-La Mancha ha liberado el material de la primera edición del Curso de Experto en Desarrollo de Videojuegos. El material, compuesto por 4 libros de más de 1.200 páginas en total y múltiples ejemplos de código fuente, se basa principalmente en tecnologías y estándares libres. Casi la totalidad de los ejemplos del curso han sido desarrollados en GNU/Linux. Puedes descargar los libros gratuitamente en la web del curso (formato PDF), en EPUB o comprar los libros en papel. Los ejemplos del libro se distribuye con licencia GPLv3 y el libro con licencia Creative Commons BY NC ND

Introduction to text manipulation on UNIX-based systems

Tue, 31 Jul 2012 15:03:00 +0100

A basic tenets of UNIX philosophy is to create programs (or processes) that do one thing, and do that one thing well. It is a philosophy demanding careful thought about interfaces and ways of joining these smaller (hopefully more simple) processes together to create useful results. Normally textual data flows between these interfaces. Over time, more and more advanced text processing tools and languages have been developed. For languages, earlier on there was perl, later came python, and ruby. While these and other languages are very capable text processors, such tools are not always available, especially in a production environment. In this article, a number of basic UNIX text processing commands are demonstrated and may be used individually or in conjunction with each other to solve problems which may also be addressed with newer languages. For many people, an example provides more information than long winded explanations. Please note because of the variety of UNIX and UNIX-like systems available, command flags, program behavior, and output differs between implementations.

Learn Vim Progressively

Tue, 31 Jul 2012 14:58:00 +0100

You want to teach yourself vim (the best text editor known to human kind) in the fastest way possible. This my way of doing it. You start by learning the minimal to survive, then you integrate all the tricks slowly.

Vim the Six Billion Dollar editor

Better, Stronger, Faster.

Learn vim and it will be your last text editor. There isn’t any better text editor that I know of. It is hard to learn, but incredible to use.

N-Tier Architecture And Tips

Tue, 31 Jul 2012 14:54:00 +0100

N-Tier architecture is an industry-proved software architecture model, suitable to support enterprise-level client/server applications by resolving issues like scalability, security, fault tolerance and etc. .NET has many tools and features, but .NET doesn’t have pre-defined ways to guard how to implement N-Tier architecture. Therefore, in order to achieve good design and implementation of N-Tier architecture in .NET, understanding fully its concepts is very important. However, many of us may hear, read or use N-Tier architecture for many years but still misunderstand its concepts more or less. This article tries to clarify many basic concepts in N-Tier architecture from all aspects, and also provide some practical tips. The tips in this article are based on the assumption that a team has a full control over all layers of the N-Tier architecture.

I won’t hire people who use poor grammar. here’s why.

Tue, 31 Jul 2012 14:37:00 +0100

In the same vein, programmers who pay attention to how they construct written language also tend to pay a lot more attention to how they code. You see, at its core, code is prose. Great programmers are more than just code monkeys; according to Stanford programming legend Donald Knuth they are ”essayists who work with traditional aesthetic and literary forms.” The point: programming should be easily understood by real human beings ” not just computers.

Monkey Island y LucasArts: de referencias a referente

Tue, 31 Jul 2012 13:25:00 +0100

En un lugar de Melee Island^TM^ de cuyo nombre no quiero acordarme, nuestro wannabe pirata se llamaba Guybrush Threepwood. Tenía unos veinte años, y pesaba poco más de 54 kilos. Aguantaba la respiración durante 10 minutos, intentaba vender unas bonitas chaquetas de piel y soñaba con ser pirata. Todo eran peleas de espadas e insultos, grog y pollos de goma con poleas en medio, hasta que cayó enamorado de la gobernadora Marley que, tras ser secuestrada, le condujo hasta el malvado y temible pirata fantasma LeChuck.

El dios de las pequeñas rendijas

Tue, 31 Jul 2012 13:20:00 +0100

Ninguna multinacional tiene tantas sucursales, ninguna empresa engloba tanto personal a su cargo y ningún holding ha podido sacar al mercado un producto más rentable. Jamás ha existido un negocio tan beneficioso y duradero a pesar de haber demostrado con el paso del tiempo estar tan radicalmente equivocado en sus afirmaciones. Es el sueño dorado de cualquier empresario: crecer sin límite sin que ninguno de tus errores detenga tu prosperidad.

Bash prompts

Fri, 27 Jul 2012 19:34:00 +0100

You can tell a lot about a shell user by looking at their prompt. Most shell users will use whatever the system’s default prompt is for their entire career. Under many Linux distributions, this prompt includes the username, the hostname, and the current working directory, along with a $ sigil for regular users, and a # for root.

» Tom Ryder | blog.sanctum.geek.nz

The Humble Programmer

Thu, 26 Jul 2012 23:07:00 +0100

As a result of a long sequence of coincidences I entered the programming profession officially on the first spring morning of 1952 and as far as I have been able to trace, I was the first Dutchman to do so in my country. In retrospect the most amazing thing was the slowness with which, at least in my part of the world, the programming profession emerged, a slowness which is now hard to believe. But I am grateful for two vivid recollections from that period that establish that slowness beyond any doubt.

System Administrator Appreciation Day

Thu, 26 Jul 2012 18:19:00 +0100

System AdministratorAppreciation Dayhis website from its box, installed an operating system, patched it for security, made sure the power and air conditioning was working in the server room, monitored it for stability, set up the software, and kept backups in case anything went wrong. All to serve this webpage.

» sysadminday.com

So You Want to Be a Security Expert

Tue, 24 Jul 2012 20:51:00 +0100

I regularly receive e-mail from people who want advice on how to learn more about computer security, either as a course of study in college or as an IT person considering it as a career choice.

First, know that there are many subspecialties in computer security. You can be an expert in keeping systems from being hacked, or in creating unhackable software. You can be an expert in finding security problems in software, or in networks. You can be an expert in viruses, or policies, or cryptography. There are many, many opportunities for many different skill sets. You don’t have to be a coder to be a security expert.

Todos los emuladores para Android

Tue, 24 Jul 2012 19:59:00 +0100

Muchos de nosotros somos auténticos gamers en Android, y como buenos jugones, nos encantan los juegos de vieja escuela. Sí, ya sabéis, los clásicos: Mario Kart, Super Mario 64, cualquier juego de la Nes/Snes, etc¦ Y digo yo, con estos auténticas bestias de Android que tenemos, ¿no deberíamos poder jugar a todos ellos? Pues efectivamente, se puede. El único problema es que por razón X, a Google no le gusta mucho que hayan emuladores en el Play Store y por ello se encuentran tan pocos. Pero tranquilos que hoy os traemos una recopilación de todos los emuladores actuales a los que se puede jugar en Android

Understanding Python Decorators in 12 Easy Steps!

Tue, 24 Jul 2012 19:52:00 +0100

Ok, perhaps I jest. As a Python instructor, understanding decorators is a topic I find students consistently struggle with upon first exposure. That’s because decorators are hard to understand! Getting decorators requires understanding several functional programming concepts as well as feeling comfortable with some unique features of Python’s function definition and function calling syntax. _Using_ decorators is easy (see Section 10)! But writing them can be complicated.

I can’t make decorators easy - but maybe by walking through each piece of the puzzle one step at a time I can help you feel more confident in understanding decorators[1]. Because decorators are complex this is going to be a long article - but stick with it! I promise to make each piece as simple as possible - and if you understand each piece, you’ll understand how decorators work! I’m trying to assume minimal Python knowledge but this will probably be most helpful to people who have at least a casual working exposure to Python.

The Geek Syndrome

Tue, 24 Jul 2012 19:05:00 +0100

Nick is building a universe on his computer. He’s already mapped out his first planet: an anvil-shaped world called Denthaim that is home to gnomes and gods, along with a three-gendered race known as kiman. As he tells me about his universe, Nick looks up at the ceiling, humming fragments of a melody over and over. ”I’m thinking of making magic a form of quantum physics, but I haven’t decided yet, actually,” he explains. The music of his speech is pitched high, alternately poetic and pedantic - as if the soul of an Oxford don has been awkwardly reincarnated in the body of a chubby, rosy-cheeked boy from Silicon Valley. Nick is 11 years old.

The Mathematics of Autism

Tue, 24 Jul 2012 19:02:00 +0100

Autism may be associated with mathematical skills. Autism researcher Simon Baron-Cohen has published studies that autism is more prevalent in the familes of physicists, engineers, and mathematicians. Unusual mathematical skills are reported in a small percentage of cases of ”classic autism.” Movies, television, and popular culture such as Rainman (1988), Mercury Rising (1998), and many other works often play up this rare association by presenting autistic characters with extreme mathematical abilities.

12 Reasons Why Every Linux System Administrator Should be Lazy

Tue, 24 Jul 2012 18:32:00 +0100

Lazy sysadmin is the best sysadmin –Anonymous

System administrators job is not visible to other IT groups or end-users. Mostly they look at administrators and wonder why sysadmins don’t seem to have any work.

If you see a sysadmin who is always running around, and trying to put down fire, and constantly dealing with production issues, you might think he is working very hard, and really doing his job. But in reality he is not really doing his job.

Does Bitrate Really Make a Difference In My Music?

Tue, 24 Jul 2012 17:45:00 +0100

While you may have some idea about what bitrate is, the ”can audiophiles really tell the difference” argument has raged on for quite some time, and it’s hard to get people to drop their egos and actually explain what these things mean and whether they really matter. Here’s a bit of information on bitrate and how it applies to our practical music listening experience.

» Whitson Gordon | lifehacker.com

History of the browser user-agent string

Tue, 17 Jul 2012 13:09:00 +0100

In the beginning there was NCSA Mosaic, and Mosaic called itself NCSA_Mosaic/2.0 (Windows 3.1), and Mosaic displayed pictures along with text, and there was much rejoicing. And behold, then came a new web browser known as ”Mozilla”, being short for ”Mosaic Killer,” but Mosaic was not amused, so the public name was changed to Netscape, and Netscape called itself Mozilla/1.0 (Win3.1), and there was more rejoicing. And Netscape supported frames, and frames became popular among the people, but Mosaic did not support frames, and so came ”user agent sniffing” and to ”Mozilla” webmasters sent frames, but to other browsers they sent not frames.

A Turing Complete Puzzle Game

Tue, 17 Jul 2012 13:08:00 +0100

The code behind the Google doodle celebrating Alan Turing’s 100th birthday is now up on Google code. This animated logic puzzle game appeared on the Google homepage on June 23, 2012. If you missed it, you can still play it in the doodle archives.

Our doodle for Turing’s 100th birthday showed a live action Turing Machine with twelve interactive programming puzzles. Turing Machines are theoretical objects in formal logic, not physical things, so we walked a fine line between technical accuracy and accessibility. We focused on finding a good representation for programs and choosing puzzles of appropriate complexity. We did considerable user testing and iteration, more than for any past doodle.

Un largo segundo en el cerebro

Mon, 16 Jul 2012 19:32:00 +0100

Millones de impulsos llegan al cerebro desde distintos sentidos. Millones llegan incluso desde un sentido como la vista. El cerebro tiene múltiples áreas de procesamiento. En la vista por ejemplo se procesa en centros distintos el color, la forma o el movimiento. Cada impulso recorre un camino diferente al resto. Algunos son más largos y otros son más cortos. Por lo tanto, tardan distinto tiempo en llegar al cerebro. ¿Cómo sabe el cerebro que dos impulsos que sucedieron a la vez pero llegan en distinto momento son en realidad simultáneos?

MySQL, MSSQL and Oracle SQL Injection Compilation

Sun, 15 Jul 2012 17:59:00 +0100

This Knowledge Base was put together and is maintained by Roberto Salgado, Co-Founder of Websec. It is a compilation of books, papers, cheatsheets and testing done by Roberto over the years.

» Roberto Salgado | websec.ca

A Visual Git Reference

Sun, 15 Jul 2012 17:31:00 +0100

This page gives brief, visual reference for the most common commands in git. Once you know a bit about how git works, this site may solidify your understanding.

» Mark Lodato | marklodato.github.com

Levels of aspiration

Sun, 15 Jul 2012 17:20:00 +0100

Debates over technology, technique, and process often go nowhere because the participants are arguing from different levels of aspiration.

You’re unlikely to convince someone they should switch to programming Ruby for its beauty, if they’re merely looking to make a living as a single consultant serving local businesses in Schaumburg, Illinois.

Questions such as ”does this run on my existing web host?” or ”will my clients want something their nephew web designer hasn’t even heard of?” matter far more. Their aspirations are local, finding something that (sorta) works, and getting paid.

¿Existen los colores en la naturaleza?

Sun, 15 Jul 2012 17:17:00 +0100

Aparentemente esta pregunta parece absurda, ¿Como no van a existir los bellos colores de los paisajes que podemos observar a diario? El azul del cielo, el verde de las hojas de los árboles… parece evidente que los colores existen y son uno de los atributos más fundamentales de todos los objetos que observamos. Sin embargo, como veremos a continuación la respuesta a esta pregunta es asombrosa e inesperada. Lo primero que tenemos que hacer para tratar de responderla es analizar brevemente como y por que vemos los objetos que nos rodean.

Statistical functions in MySQL

Sat, 14 Jul 2012 19:38:00 +0100

Even in times of a growing market of specialized NoSQL databases, the relevance of traditional RDBMS doesn’t decline. Especially when it comes to the calculation of aggregates based on complex data sets that can not be processed as a batch like Map&Reduce. MySQL is already bringing in a handful of aggregate functions that can be useful for a statistical analysis. The best known of this type are certainly:
COUNT(x), SUM(x), AVG(x), MIN(x), MAX(x), STD(x)
In addition, there are a number of statistical evaluations which are also worthwhile - if not even more interesting and meaningful, but with MySQL only producible with greater efforts. What about the different averages? The harmonic average, a weighted average or the geomean? What is in the course of this with the aggregate product? How do we determine the mode, the median? The covariance?

Ready-to-use virtual machines sporting open-source operating systems

Sat, 14 Jul 2012 19:31:00 +0100

We provide pre-built images for several open-source operating systems.

Please note that:

Every image contains the latest software as of the day the image was built. Performing updates is on your own, and may require looking for documentation to read using your favourite search engine. Default usernames and passwords, where required, can be found next to the download link of each image. You are warmly invited to create your own user, or at least to change passwords, if you intend to use the images in a public environment.

Cómo medir la eficiencia energética de tu propio coche

Sat, 14 Jul 2012 18:27:00 +0100

Pere Roura (Universitat de Girona) y Daniel Oliu nos cuentan en ”How energy efficient is your car?,” AJP 80: 588-593, July 2012, cómo medir de forma práctica la eficiencia energética de tu propio coche. Como ejemplo utilizan su Volkswagen Lupo 3L, un coche diseñado para ser muy eficiente con un motor diésel de tres cilindros, un peso de 830 kg y un consumo récord de solo 3 litros a los 100 km. Según su estudio solo el 28% de la energía del combustible se transfiere a las ruedas, lo que sin lugar a dudas es todo un récord en eficiencia para un vehículo comercial. Sin embargo, también nos recuerda que el 72% de la energía del combustible se pierde por aerodinámica, fricción, pérdidas mecánicas y térmicas. En los vehículos de gasolina, la eficiencia suele ser mucho menor. Para un vehículo típico se estima que solo el 12-13% de la energía del combustible se transmite a las ruedas, según el estudio de Joseph A. Carpenter, Jr. (Department of Energy, USA) et al., ”Road Transportation Vehicles,” MRS Bull. 33: 439–444, 2008 [copia gratis], del que he extraído la figura de abajo.

Preliminary discussion of the logical design of an electronic computing instrument

Fri, 13 Jul 2012 18:59:00 +0100

Arthur W. Burks / Herman H. Goldstine / John von Neumann

PART I

1. Principal components of the machine

1.1. Inasmuch as the completed device will be a general-purpose computing machine it should contain certain main organs relating to arithmetic, memory-storage, control and connection with the human operator. It is intended that the machine be fully automatic in character, i.e. independent of the human operator after the computation starts. A fuller discussion of the implications of this remark will be given in Sec. 3 below.

Scaling lessons learned at Dropbox

Fri, 13 Jul 2012 18:03:00 +0100

I was in charge of scaling Dropbox for a while, from roughly 4,000 to 40,000,000 users. For most of that time we had one to three people working on the backend. Here are some suggestions on scaling, particularly in a resource-constrained, fast-growing environment that can’t always afford to do things ”the right way” (i.e., any real-world engineering project ;-). If people find this useful, I’ll try to come up with more tips and write a part 2.

The Complete Wildfire Index (Root/S-OFF Guides/ROMs/Kernels/Radios/RUU/Recoveries/Themes)

Fri, 13 Jul 2012 17:37:00 +0100

This thread has 2 Posts, and is categorized as following. You can scroll down to the Point you are looking for.

Post 1:

Getting Root / S-OFF to your Wildfire. A Short overview and Guide Custom ROM List

Post 2:

Custom Kernels List Radio (Baseband) List RUU List (ROM Update Utility - Getting back to stock) Custom Recoveries (ClockWorkMod) Themes List Misc tweaks / hacks

» 3xeno | xda-developers.com

ROM NaRkDrOiD IcX3 (4.0.3 LP8/LP9) para Samsung Galaxy S2

Fri, 13 Jul 2012 17:30:00 +0100

[ROM] [UPDATE1] [{^NaRkDrOiD IcX3^}][4.0.3. LP8/LP9][MejorasVarias][Mods][Extras][Novedades y mucho más!] [ ¿¿TE LO VAS A PERDER?? ]

» anarko919 | htcmania.com

Key Principles of Maintainable JavaScript

Wed, 11 Jul 2012 18:45:00 +0100

The thing to remember, above all else when writing JS code, is that it’s a dynamic language. This means there are a lot of ways to do things. You don’t have to deal with strongly typed classes, or some of the more complex features from languages, like C# and Java. This is both a blessing and a curse.

You can read an article on the history of JavaScript here, but the gist of it is that Brandon Eich, in 1995, was hired by Netscape to design a language. What he came up with was the loosely typed language that we know as JavaScript. Over the years, it became ”standardized” as ECMAscript, but, throughout all the browser wars, the various browsers implemented these features differently. This, naturally, lead to a lot of sleepless nights for web developers. This problem, when combined with the fact that JavaScript was considered to be most applicable for manipulating images and performing quick bits of validation, led JavaScript to, incorrectly, be viewed as a terrible language.

Caching with Twemcache

Wed, 11 Jul 2012 00:36:00 +0100

We built Twemcache because we needed a more robust and manageable version of Memcached, suitable for our large-scale production environment. Today, we are open-sourcing Twemcache under the New BSD license. As one of the largest adopters of Memcached, a popular open source caching system, we have used Memcached over the years to help us scale our ever-growing traffic. Today, we have hundreds of dedicated cache servers keeping over 20TB of data from over 30 services in-memory, including crucial data such as user information and Tweets. Collectively these servers handle almost 2 trillion queries on any given day (that’s more than 23 million queries per second). As we continued to grow, we needed a more robust and manageable version of Memcached suitable for our large scale production environment.

The TTY demystified

Mon, 09 Jul 2012 20:09:00 +0100

The TTY subsystem is central to the design of Linux, and UNIX in general. Unfortunately, its importance is often overlooked, and it is difficult to find good introductory articles about it. I believe that a basic understanding of TTYs in Linux is essential for the developer and the advanced user.

Beware, though: What you are about to see is not particularly elegant. In fact, the TTY subsystem ” while quite functional from a user’s point of view ” is a twisty little mess of special cases. To understand how this came to be, we have to go back in time.

Pitfalls in Random Number Generation

Mon, 09 Jul 2012 20:07:00 +0100

Random number generation is subtle. Random number generators contain deterministic algorithms designed to produce output that simulates non-deterministic behavior. It’s amazing that there are algorithms that do this well enough for many applications. But unless used carefully, random number generators can misbehave in mysterious ways.

» John D. Cook | codeproject.com

La vida, ¿es inevitable o un simple acontecimiento fortuito?

Sat, 07 Jul 2012 18:35:00 +0100

Bajo la intensa mirada del telescopio espacial Kepler, van apareciendo ante nosotros más y más planetas similares al nuestro. Todavía no hemos encontrado uno exactamente igual que la Tierra, pero son tantos los descubiertos que parece que la galaxia debe estar llena de planetas habitables.

Estos descubrimientos nos traen de nuevo una vieja paradoja. Tal como el físico Enrico Fermi, preguntó en 1950, si hay muchas sitios adecuados para la vida ahí fuera y las formas de vida extraterrestre pueden ser comunes, ¿dónde se han metido? Después de más de medio siglo de búsqueda de inteligencia extraterrestre, hasta el momento nos quedamos con las manos vacías.

Definitive PHP security checklist

Fri, 06 Jul 2012 14:34:00 +0100

There was a recent question about a PHP security checklist on a forum I frequent, and I’ve decided to write my own comprehensive checklist to fill the void. There’s something for everyone but the security expert. In fact, you might find an issue that you never thought about. Securing PHP web applications would be a better title for this article.

» sk89q.com

Free Software Foundation recommendations for free operating system distributions considering Secure Boot

Fri, 06 Jul 2012 14:33:00 +0100

We have been working hard the last several months to stop Restricted Boot, a major threat to user freedom, free software ideals, and free software adoption. Under the guise of security, a computer afflicted with Restricted Boot refuses to boot any operating systems other than the ones the computer distributor has approved in advance. Restricted Boot takes control of the computer away from the user and puts it in the hands of someone else.

Declaration of Internet freedom

Thu, 05 Jul 2012 18:52:00 +0100

We believe that a free and open Internet can bring about a better world. To keep the Internet free and open, we call on communities, industries and countries to recognize these principles. We believe that they will help to bring about more creativity, more innovation and more open societies.

We are joining an international movement to defend our freedoms because we believe that they are worth fighting for.

Let’s discuss these principles ” agree or disagree with them, debate them, translate them, make them your own and broaden the discussion with your community ” as only the Internet can make possible.

Radix Sort Revisited

Thu, 05 Jul 2012 18:43:00 +0100

In every decent programmer’s toolbox lies a strange weapon called a Radix Sort. Where does it come from ? Who invented it ? I don’t know. As far as I can remember it was there, fast, easy, effective. Really effective. So unbelievably useful I’ve never really understood why people would want to use something else. The reasons ? Most of the time, they tell me about floats, negative values, and why their new quick-sort code rocks.

A Gentle Introduction to Algorithm Complexity Analysis

Thu, 05 Jul 2012 18:17:00 +0100

A lot of programmers that make some of the coolest and most useful software today, such as many of the stuff we see on the Internet or use daily, don’t have a theoretical computer science background. They’re still pretty awesome and creative programmers and we thank them for what they build.

However, theoretical computer science has its uses and applications and can turn out to be quite practical. In this article, targeted at programmers who know their art but who don’t have any theoretical computer science background, I will present one of the most pragmatic tools of computer science: Big O notation and algorithm complexity analysis. As someone who has worked both in a computer science academic setting and in building production-level software in the industry, this is the tool I have found to be one of the truly useful ones in practice, so I hope after reading this article you can apply it in your own code to make it better. After reading this post, you should be able to understand all the common terms computer scientists use such as ”big O”, ”asymptotic behavior” and ”worst-case analysis”.

tl;drLegal

Wed, 04 Jul 2012 00:44:00 +0100

SKIP THE LICENSE Reading software licenses sucks, so we’ve summarized all of the popular ones for you in a neat at-a-glance format. Just begin typing the name of your license on the frontpage and select from the auto-completing drop-down menu. TL;DR - We summarize software licenses.

LET THEM TAKE IT EASY Do you have people using your software? We all hate reading software licenses. Let them take it easy and link them to your license on here. We provide embed and linking options for every license on the site. Next time include a link alongside your license. TL;DR - Link a summary in place of a license.

Ubuntu Manual Project

Wed, 04 Jul 2012 00:03:00 +0100

Primeros pasos con Ubuntu 12.04 es una guía para principiantes del sistema operativo Ubuntu. Se encuentra disponible bajo una licencia de código abierto y su descarga, lectura, modificación y distribución son libres. El manual le ayudará a familiarizarse con tareas cotidianas como navegar por Internet, escuchar música, escanear documentos y mucho más. Al centrarse en instrucciones fáciles de seguir, es adecuado para todos los niveles de experiencia.

» ubuntu-manual.org

Una cebolla que nos puede hacer llorar

Sun, 01 Jul 2012 23:51:00 +0100

El pasado día 26 de junio asistí al evento ”Iniciativas Open Data en España”, atraído sin duda, por los grandes espadas en la materia que son Alberto Abella, Roberto Santos y Victoria Anderica, que además del reconocido prestigio que tienen, llevan años trabajando para que este país sea algo mejor. Como cabía esperar, no me defraudaron en sus intervenciones, que fueron tan correctas como acertadas. Como contrapartida, y diré el pecado, pero no el pecador, tuve que oír de boca de ”expertos” en la materia, estas dos afirmaciones, que me preocuparon y mucho, puesto que pueden afectar muy negativamente a la Ley de Transparencia y su desarrollo posterior:

Paper Enigma

Sun, 01 Jul 2012 21:02:00 +0100

Although the Enigma cipher as a whole is quite complex (it’s complexity is comparable to modern cryptographic algorithms) the individual transformations within it are relatively simple. In fact, they are simple enough that you can decipher an Enigma message with just a paper model. Our model is three-dimensional, to illustrate the wiring of a real Enigma machine. It needs only common household items to construct, and is completely compatible with all settings of a real Enigma machine (models I, M1, M2 and M3).

GNU Make in Detail for Beginners

Thu, 28 Jun 2012 12:56:00 +0100

Large projects can contain thousands of lines of code, distributed in multiple source files, written by many developers and arranged in several subdirectories. A project may contain several component divisions. These components may have complex inter-dependencies ” for example, in order to compile component X, you have to first compile Y; in order to compile Y, you have to first compile Z; and so on. For a large project, when a few changes are made to the source, manually recompiling the entire project each time is tedious, error-prone and time-consuming.

El algoritmo de Dios

Thu, 28 Jun 2012 12:15:00 +0100

El algoritmo de Dios es un término que surgió en la búsqueda de aquel algoritmo que indicara los pasos mínimos que resuelven un cubo de Rubik cualquiera. El término se usa profusamente, no sólo para el cubo de Rubik.

Mucho antes de conocer dicho término, cuando me encontraba con diversos tipos de problemas, ya me asaltaba recurrentemente una pregunta irrelevante (para el caso que me ocupaba), pero que espero te haga pensar un poco en la importancia de algunas cuestiones que quizás no conoces:

An Introduction to Lock-Free Programming

Wed, 27 Jun 2012 23:58:00 +0100

Lock-free programming is a challenge, not just because of the complexity of the task itself, but because of how difficult it can be to penetrate the subject in the first place. I was fortunate in that my first introduction to lock-free (also known as lockless) programming was Bruce Dawson’s excellent and comprehensive white paper, Lockless Programming Considerations. And like many, I’ve had the occasion to put Bruce’s advice into practice developing and debugging lock-free code on platforms such as the Xbox 360. Since then, a lot of good material has been written, ranging from abstract theory and proofs of correctness to practical examples and hardware details. I’ll leave a list of references in the footnotes. At times, the information in one source may appear orthogonal to other sources: For instance, some material assumes sequential consistency, and thus sidesteps the memory ordering issues which typically plague lock-free C/C++ code. The new C++11 atomic library standard throws another wrench into the works, challenging the way many of us express lock-free algorithms. In this post, I’d like to re-introduce lock-free programming, first by defining it, then by distilling most of the information down to a few key concepts. I’ll show how those concepts relate to one another using flowcharts, then we’ll dip our toes into the details a little bit. At a minimum, any programmer who dives into lock-free programming should already understand how to write correct multithreaded code using mutexes, and other high-level synchronization objects such as semaphores and events.

Why you should never use hash functions for message authentication

Wed, 27 Jun 2012 23:54:00 +0100

The general thrust of this post is: use a MAC function like HMAC to sign data, don’t use hash functions. Although not all hash functions suffer from the problem I’m going to illustrate, in general using a hash function for message authentication comes with a lot of potential problems because those functions aren’t designed for this task. You shouldn’t try to work around it by creatively processing the inputs or inventing some fancy way of chaining hash functions. Just use the functions that were designed for this task instead of inventing your own crypto schemes.

All About Unicode, UTF8 & Character Sets

Wed, 27 Jun 2012 23:52:00 +0100

This is a story that dates back to the earliest days of computers. The story has a plot, well, sort of. It has competition and intrigue, as well as traversing oodles of countries and languages. There is conflict and resolution, and a happyish ending. But the main focus is the characters ” 110,116 of them. By the end of the story, they will all find their own unique place in this world. This story (or article, as known on Smashing Magazine) will follow a few of those characters more closely, as they journey from Web server to browser, and back again. Along the way, you’ll find out more about the history of characters, character sets, Unicode and UTF-8, and why question marks and odd accented characters sometimes show up in databases and text files.

Carta abierta al Presidente Constitucional de la República del Ecuador

Tue, 26 Jun 2012 17:44:00 +0100

Estimado Rafael Correa, Presidente de Ecuador

En lo referente al asilo de Julian Assange en Ecuador me permito hacerle la siguiente recomendación.

El trabajo realizado por Assange y WikiLeaks ha sido muy importante para transparentar el mundo en el que vivimos. Proteger a Julian Assange de la persecución de EE.UU. es un deber que tenemos todos y usted tiene la posibilidad de ayudarle. Las posibles acusaciones de delitos sexuales son otro asunto, y de ser serias, merecen respeto. Aquí propongo una manera por la cual Ecuador puede lograr los dos objetivos.

El extraño caso de la función negada en Javascript

Tue, 26 Jun 2012 13:23:00 +0100

Tras este novelesco título lo que se esconde en esta ocasión es una estructura que podemos encontrar últimamente en bibliotecas y códigos de terceros. Se trata de una variante de las funciones autoejecutables (o que se auto invocan) que ya tratamos aquí hace algún tiempo.

En concreto, se trata de la siguiente pieza de código:
!function() {
// My awesome code...
}();
¿Qué es exactamente esta función negada? ¿Cómo y porqué funciona? Echemos un vistazo a las tripas de Javascript¦

Actualización automática ¿Bendición o condena?

Tue, 26 Jun 2012 12:48:00 +0100

El caso TheFlame ha promovido muchas reacciones: los articulistas rellenan páginas con prefijos ”ciber” y la palabra ”guerra”. Las casas antivirus lo usan como arma de venta (aun sin haberlo detectado en cinco años) y Microsoft queda en evidencia con su PKI y la refuerza. TheFlame ha minado también la confianza: en los gobiernos, en los antivirus… pero sobre todo, en la criptografía y en la actualización automática.

» hispasec.com

lexical scoping and dynamic scoping in Emacs Lisp

Tue, 26 Jun 2012 12:39:00 +0100

In this article, I demonstrate:

difference between dynamic scoping and lexical scoping in Emacs Lisp

what to watch out for with dynamic scoping

what you can do with lexical scoping and lexical closures

what happens when you mix lexical scoping code and dynamic scoping code

Emacs Lisp is always dynamically scoped in Emacs 23 and below. Support for lexical scoping is added to Emacs 24. Nice because many agree that lexical scoping makes more sense in most cases than dynamic scoping does. You’ll see why soon in this article. If you have an el file that you want to load with lexical scoping, you can add -*- lexical-binding: t -*- as the first line, then when Emacs 24 loads the file, it will apply lexical scoping to the code in that el file.

Why NULL points to 0?

Tue, 26 Jun 2012 02:40:00 +0100

A few years ago I would answer the above question with ”because NULL is defined as a void pointer to 0”, which is only half correct (and close to being wrong). The answer to this question is much more complicated and thus much more interesting.

Let’s start with checking what the C standards (or actually drafts of the standards) say about the (in)famous NULL ptr. The green/yellow/orange colors mark the part that caught my attention. I’ll leave the C++0x case for another time (C++0x introduces the nullptr of std::nullptr_t type btw). For TL;DR scroll down, I summarize the points anyway.

Golden Axe - Desvelando todos sus secretos

Tue, 26 Jun 2012 02:00:00 +0100

Buenas, aquí os traigo, en primicia, una guía que destripa los secretos del sistema de puntuación del juego, uno de los más complejos de la época y de la historia de los beat em up. Muchos os habreis acabado este juego, pero seguro que nunca habeis tenido claro porque la maquina os da al final una puntuacion u otra, incluso aunque hayais hecho partidas casi iguales la puntuacion cambia ostensiblemente y nunca queda claro el motivo. Bien, espero con esta breve guia quede todo claro y a partir de ahora controleis a vuestro antojo los puntos que obteneis en este juego. Al clarificar el sistema de puntuacion, tambien se hace mas sencillo intentar lograr una cierta puntuacion en el juego, pues ahora ya sabemos de qué depende. La guia está basada en la versión original, esto es, la versión Arcade japonesa. Es importante este detalle porque algunos enemigos tienen algo menos de vida en el resto de versiones arcade del juego. Y por supuesto esto que digo nada tiene que ver con la versiones domésticas.

PHP Database Access: Are You Doing It Correctly?

Mon, 25 Jun 2012 11:52:00 +0100

We’ve covered PHP’s PDO API a couple of times here on Nettuts+, but, generally, those articles focused more on the theory, and less on the application. This article will fix that! To put it plainly, if you’re still using PHP’s old mysql API to connect to your databases, read on!

» tutsplus.com

in which three programming methods are compared

Mon, 25 Jun 2012 11:25:00 +0100

There are, roughly speaking, three ways to develop large user-facing programs, which we will refer to here as 0) the Unix way, 1) the Emacs way, and 2) the wrong way.

» technomancy.us

Un universo desde la nada

Mon, 25 Jun 2012 11:09:00 +0100

Lawrence Krauss da una charla sobre nuestro actual panorama del universo, cómo éste terminará y sobre todo cómo es que se produjo desde la nada. Krauss es autor de muchos libros best seller sobre física y cosmología, incluyendo ”Física de Star Trek.”

» @polibioinexistente | youtube.com

Tesla, el genio que hizo la luz

Mon, 25 Jun 2012 11:07:00 +0100

Nicola Tesla, ingeniero y matemático fue uno de los grandes inventores del siglo XX y también de los más olvidados. Precursor de la televisión, de la robótica, de los rayos X y de muchos otros adelantos, Tesla fue el genio que afirmó y demostró en sus experimentos que podía generar una energía libre, universal y gratuita. En 2006 las Naciones Unidas conmemoraron el año de Tesla. Además Tesla ha servido de inspiración para la Real Academia de Ciencias Exactas, Físicas y Matemáticas, que este año ha reivindicado su figura. Precisamente ahora, finaliza el ciclo ”Ciencia para todos” y con él, el proceso de selección de talentos matemáticos entre los escolares españoles. Es el llamado proyecto ESTALMAT, que sigue los pasos de las antiguas escuelas de conocimiento.

M.C. Escher - Metamorphose

Mon, 25 Jun 2012 10:40:00 +0100

Maurits Cornelis Escher es un artista holandés nacido en la ciudad de Leeuwarden, Países Bajos, el 17 de junio de 1898, mejor conocido por sus grabados en madera, xilografías y litografías que tratan sobre figuras imposibles, teselados y mundos imaginarios. Su obra experimenta con diversos métodos de representar (en dibujos de 2 ó 3 dimensiones) espacios paradójicos que desafían a los modos habituales de representación. No fue precisamente un estudiante brillante, y sólo llegó a destacar en las clases de dibujo. En 1919, bajo presión paterna, empieza los estudios de arquitectura en la Escuela de Arquitectura y Artes Decorativas de Haarlem, estudios que abandonó poco después para pasar como discípulo de un profesor de artes gráficas, Jessurum de Mesquitas. Con él, adquirió unos buenos conocimientos básicos de dibujo, y destacó sobremanera en la técnica de grabado en madera, la cual llegó a dominar con gran maestría.

The Linux Graphics Stack

Fri, 22 Jun 2012 17:04:00 +0100

This is an introductory overview post for the Linux Graphics Stack, and how it currently all fits together. I initially wrote it for myself after having conversations with people like Owen Taylor, Ray Strode and Adam Jackson about this stack. I had to go back to them every month or so and learn the stuff from the ground up all over again, as I had forgotten every single piece. I asked them for a good high-level overview document so I could stop bothering them. They didn’t know of any. I started this one. It has been reviewed by Adam Jackson and David Airlie, both of whom work on this exact stack.

Mario5

Thu, 21 Jun 2012 19:58:00 +0100

In the history of computer games some games have created and carried whole companies on their shoulders. One of those games is certainly Mario Bros. The Mario character first appeared in the game Donkey Kong and became very famous within its own game series starting with the original Mario Bros. in 1983. Nowadays a lot of spin-offs and 3D jump and runs are being produced centering the Mario character. In this article we will develop a very simple Super Mario clone, which is easily extendible with new items, enemies, heros and of course levels.

Regular Expression Matching Can Be Simple And Fast

Thu, 21 Jun 2012 18:21:00 +0100

Historically, regular expressions are one of computer science’s shining examples of how using good theory leads to good programs. They were originally developed by theorists as a simple computational model, but Ken Thompson introduced them to programmers in his implementation of the text editor QED for CTSS. Dennis Ritchie followed suit in his own implementation of QED, for GE-TSS. Thompson and Ritchie would go on to create Unix, and they brought regular expressions with them. By the late 1970s, regular expressions were a key feature of the Unix landscape, in tools such as ed, sed, grep, egrep, awk, and lex.

Microcódigo en mi código

Thu, 21 Jun 2012 18:10:00 +0100

El micro-código corresponde tradicionalmente con la forma más ”pura” de firmware, instrucciones al fin y al cabo, que controlan una máquina. Si no te suenan los términos, puede ser una lectura interesante si quieres conocer cómo funciona un procesador.

Pero no es de hardware de lo que quiero hablar, sino de una forma (curiosa u obvia, de ti depende) de escribir ciertas partes de nuestros programas, que toma la idea básica de las lógicas micro-programadas.

DNSSEC – ¿Qué es y por qué es importante?

Thu, 21 Jun 2012 17:55:00 +0100

Para contactar a otra persona a través de Internet, debe escribir una dirección en su ordenador: un nombre o un número. Esa dirección tiene que ser única para que los ordenadores sepan cómo encontrarse entre sí. ICANN se ocupa de coordinar estos identificadores únicos en todo el mundo. Sin esa coordinación no tendríamos una Internet global. Al escribir un nombre, un sistema debe traducir ese nombre en un número antes de que se pueda establecer la conexión. Ese sistema se denomina Sistema de nombres de dominio (DNS) y traduce nombres como www.icann.org en números, denominados direcciones IP (sigla que corresponde a Protocolo de Internet). ICANN coordina el sistema de direcciones para garantizar que sean únicas.

The Conscience of a Hacker

Thu, 21 Jun 2012 03:58:00 +0100

Another one got caught today, it’s all over the papers. ”Teenager Arrested in Computer Crime Scandal”, ”Hacker Arrested after Bank Tampering”… Damn kids. They’re all alike.

But did you, in your three-piece psychology and 1950’s technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world… Mine is a world that begins with school… I’m smarter than most of the other kids, this crap they teach us bores me… Damn underachiever. They’re all alike.

Hackstory

Thu, 21 Jun 2012 03:54:00 +0100

La Hackstory es una enciclopedia online que versa sobre la cultura e historia hacker, con especial atención a las iniciativas, grupos, anécdotas y puntos de encuentro hispanos. La estamos creando desde finales del verano de 2008, en nuestro tiempo libre, y ya llevamos entrados unos 200 artículos. Tenemos 18.000 visitas mensuales, 580 al día.

En nuestro proyecto, la palabra ”hacker” no es sinónimo de delincuente, sino de persona experta y entusiasta con la tecnología, de alguien muy habilidoso con las herramientas que brindan la informática y las telecomunicaciones. Si quieres saber más, puedes consultar nuestra definición en hackstory.net/index.php/Hacker

The 8 Queens Problem with Arduino and Adafruit 8x8 Matrix display

Thu, 21 Jun 2012 03:47:00 +0100

Using an Arduino and an 8x8 matrix display from Adafruit (with I2C backpack), we display all the solutions to the classic 8-Queens problem (see http://en.wikipedia.org/wiki/Eight_queens_puzzle )

A solution to the 8 Queen problem is where 8 queens are placed on a chess board so that no queen can take any other queen.

» @stormingrobots | youtube.com

LEGO Turing Machine

Thu, 21 Jun 2012 03:43:00 +0100

This is a short documentary about the LEGO Turing Machine built by Jeroen van den Bos and Davy Landman at Centrum Wiskunde & Informatica (CWI), Amsterdam (Netherlands). They built it for CWI’s exposition ”Turings Erfenis” in honor of the centenary of Alan Turing’s birth on 23 June 1912. Alan Turing was a brilliant mathematician who helped define the theoretical model of the computer as we know it today. He was a visionary, one of the few people of his time who recognized the role the computer would play for humanity. The Turing Machine (1936) is an adequate model of a computer. It can do anything the computers of today or tomorrow can do.

Code vs. power consumption

Sat, 16 Jun 2012 18:49:00 +0100

I’ve been wondering for some time whether the power consumption of an ATmega varies depending on the code it is running. Obviously, sleep modes and clock rate changes have a major impact – but how about plain loops?

» jeelabs.org

Linux: The 0.01 Release

Sat, 16 Jun 2012 18:47:00 +0100

”This is a free minix-like kernel for i386(+) based AT-machines,” began the Linux version 0.01 release notes in September of 1991 for the first release of the Linux kernel. ”As the version number (0.01) suggests this is not a mature product. Currently only a subset of AT-hardware is supported (hard-disk, screen, keyboard and serial lines), and some of the system calls are not yet fully implemented (notably mount/umount aren’t even implemented).” Booting the original 0.01 Linux kernel required bootstrapping it with minix, and the keyboard driver was written in assembly and hard-wired for a Finnish keyboard. The listed features were mostly presented as a comparison to minix and included, efficiently using the 386 chip rather than the older 8088, use of system calls rather than message passing, a fully multithreaded FS, minimal task switching, and visible interrupts. Linus Torvalds noted, ”the guiding line when implementing linux was: get it working fast. I wanted the kernel simple, yet powerful enough to run most unix software.”

El Top 7 de dilemas que enfrentan los desarrolladores de hoy

Sat, 16 Jun 2012 18:40:00 +0100

Tu jefe lo quiere para ayer, pero más vale que cumpla con los standards de mañana. Los clientes quieren todas las características que se puedan imaginar, pero no te atrevas a confundirlos dándoles todos los botones que desee. Tus compañeros programadores quieren que documentes tu código, pero ellos simplemente responden ”tl;dr” (Too Long; didn’t read) a cualquier cosa que escribes.

Así como la tecnología evoluciona, también lo hacen los dilemas que enfrentan los desarrolladores. Cada elección, desde la plataforma hasta el almacenamiento de datos, incluyendo a cuánto control darle a los usuarios, está cargada de preguntas. Y gracias a la nube, el crecimiento de la tecnología móvil y la acelerada vanguardia, pareciera como si el mundo de la programación enfrentara una nueva elección – y dilema – a un ritmo creciente.

Sócrates y el efecto Dunning-Kruger

Thu, 14 Jun 2012 12:38:00 +0100

El efecto Dunning-Kruger se puede expresar de la siguiente manera: los peores trabajadores/estudiantes/participantes son los que menos conscientes son de su propia incompetencia. Toma su nombre de un estudio de 2003 que realizaron Dunning, Kruger y otros con estudiantes universitarios con respecto a los resultados de sus exámenes. Después los resultados han sido reproducidos en varias ocasiones, por ejemplo con estudiantes de medicina a la hora de evaluar su capacidad para realizar entrevistas de diagnóstico, con administrativos evaluando su rendimiento o con técnicos de laboratorios médicos calibrando su nivel de dominio del trabajo.

La falacia del Programador Perdido

Tue, 12 Jun 2012 20:37:00 +0100

La semana pasada desayuné con un polémico artículo de Enrique Dans titulado ”El Programador Perdido”, en el que lamentaba la falta de buenos programadores en España. Programadores con cabeza y riñones suficientes para sacar adelante un proyecto ganador en una industria global y competitiva como Internet.

Si quieres encontrar un buen programador, básicamente sólo tienes que hacer una cosa: pagarlo.

Pero esa presunción –como las comparaciones con la supuesta calificación y estatus de los programadores extranjeros- es errónea y estereotipada. Después de más de 10 años trabajando en la industria del software, tanto en España como en eso que llaman Silicon Valley, yo conozco otra verdad. Una verdad incómoda.

Client-Side vs. Server-Side Rendering

Mon, 04 Jun 2012 14:15:00 +0100

Yesterday Twitter announced that it was moving away from client-side rendering back to server-side rendering in order to improve page load time. Today I found myself having to defend my position that server-side rendering will almost always be faster. I figured I’d blog about it.

I want to point out a couple things. First, I’m talking specifically about render performance and page speed. There might be other compelling advantages to thick-clients; I’m talking about performance. Secondly, I’m going to get on a high horse here and say that it worries me that developers think client-side rendering is faster. This is basic and fundamental knowledge about how the web and browsers work. Maybe I’ll be proven wrong. If I am, I’ll admit it. It’ll be embarrassing because it means that I don’t know the fundamentals. But I’ll be glad to have learned (which is why I blog).

OAuth - Open Authorization Protocol

Mon, 04 Jun 2012 14:14:00 +0100

Cuando en 2006 los ingenieros de twitter estaban tratando de implementar OpenID para permitir a los desarrolladores de aplicaciones acceder a su API sin que los usuarios tuvieran que introducir sus credenciales en la propia aplicación, se dieron cuenta, por un lado, de que OpenID no era la solución que necesitaban y, más importante aún, de que no existía ningún estándar que permitiera hacer algo parecido.

Comenzaron entonces a trabajar en la implementación de OAuth, que pronto fue apoyada por otras empresas como Google. Hasta que por fin, en octubre de 2007, se publicó OAuth 1.0. Aunque no fue hasta agosto de 2010 que no se aprobó como estándar RFC 5849.

Deuda técnica

Mon, 04 Jun 2012 14:12:00 +0100

¿Qué desarrollador de software nunca ha estado una semana programando a toda velocidad, casi sin saber que hace, ya que la fecha de entrega está cerca y todo tiene que estar terminado ”para ayer”? ¿Quién no se ha encontrado en la situación de saber que está programando una chapuza, pensando que otro día lo mejorará, y ese día nunca llega? ¿Quién alguna vez, al ver una porción de código fuente no ha exclamado indignado: ¡qué narices hace este código! o ¡quién leches lo ha programado!?

Porque robar a los pequeños es más fácil

Mon, 04 Jun 2012 00:28:00 +0100

Porque, en el mejor de los casos, seguimos pensando que ver la ”s” de https:// y un candado cerrado en nuestro navegador web nos asegura que la página que visitamos es legítima. Porque pensamos que si tecleamos el nombre del dominio en la barra de direcciones no es posible que estemos visitando una página fraudulenta. Porque nos conocemos al dedillo la aplicación de banca electrónica de nuestra entidad financiera. Porque si esta página nos solicita más caracteres de lo habitual a la hora de introducir la contraseña no sospechamos. Porque si tras autenticarnos en la misma nos solicita todas las posiciones de la tarjeta de coordenadas, en muchos casos las seguimos introduciendo.

How to Have Fun Programming

Sun, 03 Jun 2012 13:00:00 +0100

I may not be a great programmer, but I have a ton of fun programming. As a self-taught hacker, I’ve always enjoyed programming to a great extent–but everyone has their ups and downs. These are simply my reflections about what makes me happy while programming, and serves as reminder to myself why I should keep pushing onwards!

» rdegges.com

Crash of the Titans Science Visualization

Fri, 01 Jun 2012 15:54:00 +0100

This scientific visualization of a computer simulation depicts the inevitable collision between our Milky Way galaxy and the Andromeda galaxy (also known as Messier 31). NASA Hubble Space Telescope observations indicate that the two galaxies, pulled together by their mutual gravity, will crash together in a near-head-on collision about 4 billion years from now. The thin disk shapes of these spiral galaxies are strongly distorted and irrevocably transformed by the encounter. Around 6 billion years from now, the two galaxies will merge to form a single elliptical galaxy.

Revistas y bases de datos on line sobre TIC y Educación

Thu, 31 May 2012 00:16:00 +0100

Listado de aquellas publicaciones tanto de naturaleza académica y universitaria como divulgativa y profesional que son accesibles, de forma gratuita, a través de Internet, sobre estudios, ensayos, informes académicos sobre la temática de las aplicaciones educativas de las tecnologías digitales: el elearning o docencia virtual, los entornos personales del aprendizaje, la integración escolar de las TIC, los portafolios electrónicos, las redes sociales y el aprendizaje, la web 2.0 en educación, etcétera. Para confeccionar este índice de revistas he manejado dos bases de datos de publicaciones electrónicas: DOAJ Directory of Open Acces Journals Education y e-Revistas Plataforma Open Access de Revistas Científicas Electrónicas Españolas y Latinoamericanas. Y también, por supuesto, el buscador Google.

List of TCS conferences and workshops

Wed, 30 May 2012 18:31:00 +0100

I would like to ask for help in compiling a list of as many TCS-related conferences and workshops as possible. My main motivation for doing this is to plan possible blog coverage of more theory venues – finding correspondents attending these events who would be willing to write either brief or in-depth blog entries about events they are attending. Beyond that, I hope a list like this would give everyone a better sense of the lay of the theory land.

Protecting Your GNU/Linux System from Dropbox

Wed, 30 May 2012 00:18:00 +0100

Typical blog posts about Dropbox security concentrate on data or network encryption. I want to talk about protecting your system from Dropbox the application, as well as Dropbox the company. In this blog post I tell you how to prepare for a theoretical scenario where Dropbox turns malicious. I’ve done a number of things to make Dropbox run in a much more secure fashion on my Ubuntu laptop. Hopefully I will introduce you to some vulnerabilities that you weren’t aware of, and teach how to protect against them. Many of the attacks and defenses described here are portable to apps other than Dropbox.

Django’s CBVs were a mistake

Tue, 29 May 2012 17:31:00 +0100

I’ve written before about the somewhat doubtful advantages of Class-Based Views.

Since then, I’ve done more work as maintenance programmer on a Django project, and I’ve been reminded that library and framework design must take into account the fact that not all developers are experts. Even if you only hire the best, no-one can be an expert straight away.

Thinking through things more from the perspective of a maintenance programmer, my doubts about CBVs have increased, to the point where I recently tweeted that CBVs were a mistake.

Being exceptional

Tue, 29 May 2012 16:30:00 +0100

Apparently, in Python, it is easier to ask for forgiveness rather than seek permission. That is to say, the normal approach when writing Python code is to assume that what you are trying to do will work properly. If something exceptional happens and the code doesn’t work the way you were hoping, then the Python interpreter will tell you of the error so that you can handle that exceptional circumstance. This general approach, of trying to do something, then cleaning up if something goes wrong is acronymically called EAFP (”easier to ask for forgiveness than permission”).

The History of Encryption

Mon, 28 May 2012 01:39:00 +0100

» infografía | via cyberhades.com

Applying Macrotypography For A More Readable Web Page

Mon, 28 May 2012 01:32:00 +0100

Any application of typography can be divided into two arenas: micro and macro. Understanding the difference between the two is especially useful when crafting a reading experience, because it allows the designer to know when to focus on legibility and when to focus on readability. This article focuses mostly on a few simple macrotypographic techniques”with a dash of micro”and on how to combine them all to build a more harmonious, adaptable and, most importantly, readable Web page.

¿Por qué usamos Linux?

Sun, 27 May 2012 15:52:00 +0100

Le decimos a la gente que usamos Linux porque es seguro. O porque es libre, porque lo podemos adaptar a nuestras necesidades, porque es gratis, porque tiene un soporte excelente por parte de la comunidad…

» wallbase.cc

Por qué el lobby de los derechos de autor ama la pornografía infantil

Sun, 27 May 2012 13:12:00 +0100

”La pornografía infantil es genial,” dijo entusiastamente el sujeto. ”Los políticos no entienden el intercambio de archivos, pero entienden la pornografía infantil, y la quieren filtrar para ganar puntos con el público. Una vez que los convenzamos de filtrar la pornografía infantil, podremos hacer que extiendan el bloqueo al intercambio de archivos.”

» falkvinge.net

Interactive map of Linux kernel

Sun, 27 May 2012 13:10:00 +0100

The interactive Linux kernel map helps you traverse complex interconnections between subsystems of the kernel while you explore its source code. A Linux hacker, trying to track down a bug or just understand how some subsystem works, can get exhausted just trying to figure out what invokes what ” so the kernel map comes to the rescue!

» makelinux.com

Why Nikola Testa was the greatest geek who ever lived

Sun, 27 May 2012 12:19:00 +0100

» theoatmeal.com | Response to Forbes

The Art of Computer Typography

Sat, 26 May 2012 11:24:00 +0100

Ever since I came across Jürg Lehni’s essay on typographic technology and digital fonts, Typeface As Programme, I’ve been fascinated with the story of Donald E. Knuth and his unexpected contributions to typography.

» @Jason Z. | 37signals.com

Por qué me enamoré de los hackers

Fri, 25 May 2012 23:35:00 +0100

Porque son gente lista y genial, de inacabable curiosidad, sentido del humor y vorazmente críticos, capaces de ponerlo todo patas arriba porque se les ocurrió una idea y con una ética colectiva que está cambiando el mundo. ¡Ah, no! ¿Que no es así como pensabas que eran los hackers? ¿Imaginabas unos tipos malvados, delincuentes habituales, sin empacho en asaltar tu ordenador y tu cuenta bancaria? ¿Esos de los que hablan día sí día también los medios y la policía, poniéndoles la etiqueta de ”hacker”?

DNS vs. large memory pages

Fri, 25 May 2012 14:05:00 +0100

As everyone knows, an important threat against the Internet is that of a coordinated DDoS attack against the root TLD DNS servers. The way I”d solve is with a simple inline device that both blocks some simple attacks from hitting the DNS server, but which can also answer simple queries, offloading the main server, even if it”s failed. This can be done with $2000, half for the desktop machine, and the other half for the dual-port 10-gig Ethernet.

Imponiendo GPL; usando técnicas de Judo

Thu, 24 May 2012 12:18:00 +0100

El propósito del software libre es hacer que el código que corre en las máquinas que gobiernan nuestras vidas sea transparente. En palabras de Lawrence Lessig, el software libre es ”libre en el sentido de que el control del código de desarrollo sea transparente para todos, y que cualquier persona tenga el derecho de tomar ese control, y modificarlo si él o ella cree conveniente.”

El mecanismo por el cual el software libre logra esto es el copyleft. El copyleft es un hack en el copyright (la ley de derechos de autor) que le quita los derechos exclusivos al titular del copyright y los comparte con el usuario, otorgándole el derecho de modificar, copiar, compartir y redistribuir el software, bajo la condición de que deben transferirse los mismos derechos a usuarios subsiguientes. ”Si uno usa y adapta un programa de software libre, y luego libera esa nueva versión adaptada para el público, debe ser tan libre como la versión original”.

Monta tu propio DNS dinámico

Wed, 23 May 2012 21:36:00 +0100

Ahora que todos los servicios tipo dyndns.org y no-ip.org se han vuelto de pago, echamos de menos un servicio de DNS dinámico que poder usar por poco dinero léase: gratis. La mala noticia es que no hay ninguno totalmente gratuito. La buena noticia es que, bajo ciertas circunstancias, podemos montarlo nosotros mismos.

» Roberto Suárez Soto | linuxtecnico.es

Manual del perfecto conductor español

Wed, 23 May 2012 10:45:00 +0100

En cierta ocasión se realizó una encuesta entre los conductores españoles que arrojó resultados sorprendentes. Aproximadamente el 95% de los conductores consideraba que conducía mejor que la media, lo que quiere decir que o bien el 5% conduce verdaderamente mal y en una escala del 1 al 10 puntúa negativo, o que en general el conductor español medio se mira por las mañanas ante el espejo de la bruja de Blancanieves. Personalmente me inclino por lo segundo. Más que nada porque el espejo me salió carísimo. En fin; pongámonos el traje de Antropólogo Indecente y vayamos a echarle un vistazo a la fauna que puebla la jungla de asfalto.

Caching Tutorial

Wed, 23 May 2012 00:14:00 +0100

This is an informational document. Although technical in nature, it attempts to make the concepts involved understandable and applicable in real-world situations. Because of this, some aspects of the material are simplified or omitted, for the sake of clarity. If you are interested in the minutia of the subject, please explore the References and Further Information at the end.

» mnot.net

Can’t Get Into Preprocessors? Try Zen Coding

Wed, 23 May 2012 00:08:00 +0100

A ton of discussion lately has been given to preprocessors. These incredibly useful tools make coding easier, faster and more maintainable, but they’re certainly not for everyone. Whether or not you’ve jumped on the preprocessor bandwagon, you should give a fresh look to an old favorite that helps you dramatically cut your coding time without reinventing your workflow with compilers and other complications: Zen Coding.

» designhack.net

Writing Plugins for gedit 3 with Python

Wed, 23 May 2012 00:03:00 +0100

This is a guide to programming plugins for gedit 3, the default text editor for GNOME 3. gedit 3 uses the Libpeas GObject plugin system and the plugins can be written using C or Python. This guide will only cover writing plugins with Python.

» micahcarrick.com

Cables HDMI, la verdadera diferencia entre un cable caro y barato

Wed, 23 May 2012 00:00:00 +0100

El uso de un cable HDMI permite transmitir una señal digital, señal de vídeo con mayor resolución, sonido multicanal en un sólo cable y la inclusión de datos auxiliares. Desde la versión HDMI 1.0 hasta la 1.4 se han ido añadiendo mejoras al cable. Por ejemplo, en la versión 1.4 se puede enviar una señal de vídeo a una resolución de 4096—2160 pixeles a 24fps o 3840—2160 a 30fps. Además permite enviar contenido 3D y junto a las mejoras de audio es capaz de enviar y recibir datos a través de una conexión Ethernet incorporada en el propio cable.

Application Cache is a Douchebag

Tue, 22 May 2012 15:21:00 +0100

Good morning! Over in ”castle Lanyrd” we recently launched our mobile site, which caches data on events you’re attending for viewing offline. I’ve boiled the offline bits down to a simple demo and posted all the code on Github. But before we delve into the code, let me tell you a true story. Totally true.

» alistapart.com

The UNIX System: Making Computers More Productive

Mon, 21 May 2012 10:35:00 +0100

In the late 1960s, Bell Laboratories computer scientists Dennis Ritchie and Ken Thompson started work on a project that was inspired by an operating system called Multics, a joint project of MIT, GE, and Bell Labs. The host and narrator of this film, Victor Vyssotsky, also had worked on the Multics project. Ritchie and Thompson, recognizing some of the problems with the Multics OS, set out to create a more useful, flexible, and portable system for programmers to work with.

12 resolutions for programmers

Sun, 20 May 2012 12:26:00 +0100

It’s important for programmers to challenge themselves.

Creative and technical stagnation is the only alternative.

In the spirit of the new year, I’ve compiled twelve month-sized resolutions.

Each month is an annually renewable technical or personal challenge:

Go analog.

Stay healthy.

Embrace the uncomfortable.

Learn a new programming language.

Automate.

Learn more mathematics.

Focus on security.

Back up your data.

Learn more theory.

Engage the arts and humanities.

Learn new software.

Complete a personal project.

» Matt Might | matt.might.net

Never use hard tabs

Sun, 20 May 2012 12:06:00 +0100

As there seems to be some confusion when hard tab characters (ASCII code 9) are appropriate in source code files here is a rule:

1) Never use hard tabs

1. 1) Unless your source code is hard tab sensitive (only such format I know is Makefile)

» opensourcehacker.com

Vim: revisited

Sun, 20 May 2012 03:56:00 +0100

I’ve had an off/on relationship with Vim for the past many years.

Before, I never felt like we understood each other properly. I felt that the kind of programming I’m doing is not easily done without plugins and some essential settings in .vimrc, but fiddling with all the knobs and installing all the plugins that I thought I needed was a process that in the end stretched out from few hours to weeks, months even; and it the end it just caused frustration instead of making me a happier coder.

Seven habits of effective text editing

Sun, 20 May 2012 03:46:00 +0100

If you spend a lot of time typing plain text, writing programs or HTML, you can save much of that time by using a good editor and using it effectively. This paper will present guidelines and hints for doing your work more quickly and with fewer mistakes.

The open source text editor Vim (Vi IMproved) will be used here to present the ideas about effective editing, but they apply to other editors just as well. Choosing the right editor is actually the first step towards effective editing. The discussion about which editor is the best for you would take too much room and is avoided. If you don’t know which editor to use or are dissatisfied with what you are currently using, give Vim a try; you won’t be disappointed.

How Linux is Built

Thu, 17 May 2012 21:07:00 +0100

While Linux is running our phones, friend requests, tweets, financial trades, ATMs and more, most of us don’t know how it’s actually built. This short video takes you inside the process by which the largest collaborative development project in the history of computing is organized. Based on the annual report ”Who Writes Linux,” this is a powerful and inspiring story of how Linux has become a community-driven phenomenon. More information about Linux and The Linux Foundation can be found at http://www.linuxfoundation.org and http://www.linux.com

Basics of Computational Number Theory

Wed, 16 May 2012 23:58:00 +0100

This document is a gentle introduction to computational number theory. The plan of the paper is to first give a quick overview of arithmetic in the modular integers. Throughout, we will emphasize computation and practical results rather than delving into the why. Simple programs, generally in JavaScript, are available for all of the algorithms mentioned. At the end of the paper we will introduce the Gaussian Integers and Galois Fields and compare them to the modular integers. Companion papers will examine number theory from a more advanced perspective.

Dario Taraborelli: The Beauty of LaTeX

Wed, 16 May 2012 23:50:00 +0100

There are several reasons why one should prefer LaTeX to a WYSIWYG word processor like Microsoft Word: portability, lightness, security are just a few of them (not to mention that LaTeX is free). There is still a further reason that definitely convinced me to abandon MS Word when I wrote my dissertation: you will never be able to produce professionally typeset and well-structured documents using most WYSIWYG word processors. LaTeX is a free typesetting system that allows you to focus on content without bothering about the layout: the software takes care of the actual typesetting, structuring and page formatting, producing documents of astonishing elegance.

Augmented reality sandbox with real-time water flow simulation

Wed, 16 May 2012 09:26:00 +0100

Video of a sandbox equipped with a Kinect 3D camera and a projector to project a real-time colored topographic map with contour lines onto the sand surface. The sandbox lets virtual water flow over the surface using a GPU-based simulation of the Saint-Venant set of shallow water equations.

» @okreylos | youtube.com

La escala del universo

Tue, 15 May 2012 20:09:00 +0100

» link | via reddit

Learn to speak vim – verbs, nouns, and modifiers!

Mon, 14 May 2012 15:03:00 +0100

Using vim is like talking to your editor in ’verb modifier object’ sentences, turned into acronyms.

» yanpritzker.com

The grammar of VIM

Mon, 14 May 2012 14:33:00 +0100

Like a lot of people, I have gone retro when it comes to editors, using Vim for most of my day to day work. I’ve been doing most of my development these days in a terminal window, logged directly into a VM where I test my code.

» rc3.org

Curso de Asterisk

Mon, 14 May 2012 14:27:00 +0100

» dragonjar.org

Upstart Intro, Cookbook and Best Practises

Mon, 14 May 2012 13:35:00 +0100

The purpose of this document is multi-faceted. It is intended as:

A gentle introduction to Upstart.

A Cookbook of recipes and best-practises for solving common and not so common problems.

An extended guide to the configuration syntax of Upstart.

It attempts to explain the intricacies of Upstart with worked examples and lots of details.

Note that the reference documentation for Upstart will always be the manual pages: this is merely a supplement to them.

How To Make Your Own Text Adventure On A Computer

Mon, 14 May 2012 13:34:00 +0100

If you have made a text adventure in your mind that you really like, and you’re tired of dictating it and would rather make it in a computer language, this page is for you! I’m teaching you a shortcut to make a text adventure, for those who actually know Python.

» bluezandmuse.com

Learn to Hack

Mon, 14 May 2012 13:30:00 +0100

Attack servers, crack passwords, exploit services, beat encryption - everything you need to protect yourself from evil.

There are two rules of computer security: one – don’t buy a computer; and two – if you have to buy a computer, don’t turn it on. If you break these rules then you’ll be opening yourself up to potential problems. No system is 100% safe from hackers, but by following a few simple steps you can make yours much harder for intruders to attack.

Sobre el cifrado completo de disco

Mon, 14 May 2012 02:07:00 +0100

» kriptopolis.com