• About Me
  • Blog
  • Home

Eric Hokanson

~ E's little space in cyberspace

Eric Hokanson

Monthly Archives: December 2013

To Learn to Code or Not

29 Sunday Dec 2013

Posted by Eric Hokanson in Programming

≈ Leave a comment

Tags

Code, Computer science, Education, Learning, programming

There has been a lot of discussion lately on the importance of learning to code.  And I have added my two-cents.  Maybe three.

Here is an interesting opposing viewpoint: You don’t need to learn to code and other truths about future careers.  It is the only opposing view I have seen so far.  The author argues that coding is not for everybody.  If you hate coding, then forcing yourself to learn just to stay competitive in the job market, would be a miserable way to go.  And you are not likely to be successful in a job you hate.

Secondly, learning to program just to launch a career change is likely to end in frustration.  Going from no programming experience to a programming job, while not unheard of, is rare.  Many tech companies today have a grueling application process requiring you to demonstrate proficiency and that takes years to master.  Up to 10 years in some studies I have seen.

It is always good to hear the other side of an argument.  Learning to program may not be great career advice.  However, what is the harm in learning for fun?  For your own personal benefit?  Programming is not some big mysterious skill that can only be done by a few hoodie clad brainy types.  Anyone can learn to code and some languages are remarkably easy pick up.  While it may take a decade for mastery, the fundamentals can be picked up in as little as a few weeks.  And you can create some amazing things almost right away.  There is no reason not to try your hand at programming.  See if you like it.  Creating your own web-sites or apps can be fun even if no one ever sees your creations.

To actually learn how to think. I think everyone in this country should learn to program a computer. Everyone should learn a computer language because it teaches you how to think. I think of computer science as a liberal art.

Steve Jobs from the lost interviews

Speaking from personal experience, programming has sharpened my problem solving skills and it will sharpen yours too.  Becoming a better problem solver is a skill that will benefit everyone.  No matter the job market situation: if you can solve problems then you will always have a job.  The market is already flooded with people that cause problems, but we could always use a few more problem solvers.

Related articles
  • Don’t Waste Your Break! Learn Something!! (drkblog.wordpress.com)
  • Learning Code – Keep on Trekking (codemoms.wordpress.com)

Merry Christmas!

25 Wednesday Dec 2013

Posted by Eric Hokanson in Christmas, Holidaze

≈ Leave a comment

Tags

Christmas, Christmas and holiday season, Holidaze, New Year

You hear that?  Not a creature is stirring.  Not even at the shopping malls!

Today begins the transition.  Soon we will go from all Christmas/after Christmas sales to new year’s resolution ads.

My favorite are the Special K commercials that claim eating a bowl of cereal for dinner is not only OK but will help you lose weight.

You hear that Mom!?!

The Father of Computing Pardoned!

24 Tuesday Dec 2013

Posted by Eric Hokanson in Alan Turing, Computer Science

≈ Leave a comment

Tags

Computer science, List of important publications in computer science, Turing

Alan Turing finally received an official pardon.  You can read all about it here.  It is a

The Father of Computing

long time coming, if you ask me.  I am not going to debate the whole sexual orientation thing here.  That is not my purpose today.  Lord knows we have enough debate from both sides thanks to the spate of state supreme court rulings — oh, and that duck dynasty guy.  Nope.  The Alan Turing I know was a profound thinker and ahead of his time.

I first learned of Turing as an undergrad CS major at FSU.  My interest was in cryptology and Turing made some innovative contributions to cryptanalysis during WWII.  It is a fascinating story and I recommend you check it out.  The Code Book by Simon Singh gives a good account to Turing’s thought process and how he was able to think outside the box transforming a seemingly insurmountable problem into a surmountable one.

My real appreciation of Turing’s genius was as a graduate student.  At FSU, grads are required to take an academic reading and study group.  We read seminal papers from the founding fathers of computer science and Alan Turing’s paper, “On Computable Numbers” was one of them.  I was very surprised how easy the paper was to read (well, once you wrapped your head around the Gothic Germanic notations used for set theory, but Turing explains what the notations mean in subsequent paragraphs); Turing’s paper should be on any aspiring CS major’s reading list.  Or pick up this book for a guided tour.  The author does a terrific job breaking down the paper, paragraph by paragraph, and explaining the concepts.

In the paper, Turing communicates his ideas to me as if I was a peer; not as a superior.  Although he was already an accomplished mathematician by the time of his publication and worthy of respect in academia, Turing does not come off sounding like an academic know-it-all.  I never felt like he talked down to me in his paper.  His communication style struck me as, “I have something interesting to share.  Let me tell you about it.”  Turing was able to map the concept of computing to a mathematical system — set theory in this case — and then use the laws and rules of that system to demonstrate its power and its limitations.  That’s right — computers can not solve all of our problems!  However, had it not been for Turing’s work, and the work of others, such as John Von Neumann, the computing devices you and I depend on today may never have existed.  This paper was published in 1936!  The integrated circuit wasn’t even dreamt of yet.

In 1952, Turing was convicted on indecency charges and subjected to treatments that would be considered discriminatory or unjust by today’s standards.  Socially and scientifically, Alan Turing was a man ahead of his time.  We can still learn a great deal from him.

To me, an individual’s sexual orientation or background doesn’t matter.  What matters is what you do.  Deep inside ourselves, we all have, thanks to a complicated morass of environment and upbringing, beliefs on religion, sexuality, ignorance and prejudices.  Deep down we are all flawed.  But if we can rise above our internal strife and accomplish things to improve the human condition, then that is a win.  History is full of examples of humans doing great good and inflicting great evil.  I believe it is a matter of personal choice as to which occurs.  Ironically, that is what separates us from the computer.  We can break free from our programming.

Life Lesson #1

24 Tuesday Dec 2013

Posted by Eric Hokanson in Christmas, Holidaze, procrastination, Shopping

≈ Leave a comment

Tags

Christmas, Christmas and holiday season, Holidays, Procrastination

Presents!Procrastination is harder to kick than crack cocaine.  Well, I guess I better get started on my Christmas shopping.  Happy holidaze from the E!

Quine Quandary

23 Monday Dec 2013

Posted by Eric Hokanson in Computer Science, Philosophy, Quine programs

≈ 1 Comment

Tags

C, Computer science, programming, Python, Quine

While at a Christmas party, I met a Computer Science undergrad currently earning his degree at UNM.  He was having trouble grappling Quine programs.  A Quine program is a computer program that takes in no input, and produces a copy of its own source code as the only output.  That is — self-replicating code.  It is not as easy to explain as one might think, and my poor crude attempts at doing so only confused this poor CS student further.  To my defense, I used examples you can find online, but many of these examples are not very intuitive to understand.  Take for example this Quine written in Python:

s='s=%r;print s%%s,';print s%s,

Fire up a Python interpreter and try it out. It simply prints that exact line you typed in.  Unless you are very familiar with Python strings and the string formatting codes, it is hard to see how this program works.  But it is essentially, defining a string s, then using that string itself to replicate.  Here is a Quine written in the old Kernigan and Ritchie C style:

main(){char*s="main(){char*s=%c%s%c;printf(s,34,s,34);}";printf(s,34,s,34);}

I don’t believe it will compile with today’s C99 or better compilers, which don’t allow programmers to implicitly call the printf function with out using:

#include <stdio.h>

Again, the C program is not any more intuitive to understand than the Python example.  So today, my goal is to write a Quine program in C that is easier for me to explain by example.  Instead of using printf format strings, I am going to leverage the power of a computer’s ability to represent C source code as data.  The goal is to take the data representation of the source code and print it, then translate the data into the ASCII high-level source code and print that.  After some trial and error, here is what I came up with:

#include <stdio.h>

int
main (void)
{
    unsigned int i;

    printf("const unsigned char data[] = {");
    for (i = 0; i<sizeof(data); i++)
    {
        if (i%8 == 0)
            printf("\n");
        printf("%0#4x,", data[i]);    
    }
    printf("\n};\n\n");
    for (i = 0; i<sizeof(data); i++)
        putchar(data[i]);
    return 0;
}

The above is my partial program so far.  There are two for-loops.  The first loop will iterate through a byte array called data, which I have not defined yet because this data array will contain the hexadecimal representation of this ASCII code (i.e. everything from the #include to the last right curly-brace at the bottom).

The second for-loop takes that same data array and uses the C library putchar that will translate the hexadecimal representation into an ASCII character, which will give us all that C code from the #include to the last right curly-brace at the bottom.  In other words: this source code will print an exact copy of the data array and our source code when executed.

Next, we need to translate our C code into the byte array data and place it at the top of our program (before the #include statement in the source above).  It should look like this:

const unsigned char data[] = {
0x23,0x69,0x6e,0x63,0x6c,0x75,0x64,0x65,
0x20,0x3c,0x73,0x74,0x64,0x69,0x6f,0x2e,
0x68,0x3e,0x0a,0x0a,0x69,0x6e,0x74,0x0a,
0x6d,0x61,0x69,0x6e,0x20,0x28,0x76,0x6f,
0x69,0x64,0x29,0x0a,0x7b,0x0a,0x20,0x20,
0x20,0x20,0x75,0x6e,0x73,0x69,0x67,0x6e,
0x65,0x64,0x20,0x69,0x6e,0x74,0x20,0x69,
0x3b,0x0a,0x20,0x20,0x20,0x20,0x0a,0x20,
0x20,0x20,0x20,0x70,0x72,0x69,0x6e,0x74,
0x66,0x28,0x22,0x63,0x6f,0x6e,0x73,0x74,
0x20,0x75,0x6e,0x73,0x69,0x67,0x6e,0x65,
0x64,0x20,0x63,0x68,0x61,0x72,0x20,0x64,
0x61,0x74,0x61,0x5b,0x5d,0x20,0x3d,0x20,
0x7b,0x22,0x29,0x3b,0x0a,0x20,0x20,0x20,
0x20,0x66,0x6f,0x72,0x20,0x28,0x69,0x20,
0x3d,0x20,0x30,0x3b,0x20,0x69,0x3c,0x73,
0x69,0x7a,0x65,0x6f,0x66,0x28,0x64,0x61,
0x74,0x61,0x29,0x3b,0x20,0x69,0x2b,0x2b,
0x29,0x0a,0x20,0x20,0x20,0x20,0x7b,0x0a,
0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
0x69,0x66,0x20,0x28,0x69,0x25,0x38,0x20,
0x3d,0x3d,0x20,0x30,0x29,0x0a,0x20,0x20,
0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
0x20,0x20,0x70,0x72,0x69,0x6e,0x74,0x66,
0x28,0x22,0x5c,0x6e,0x22,0x29,0x3b,0x0a,
0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
0x70,0x72,0x69,0x6e,0x74,0x66,0x28,0x22,
0x25,0x30,0x23,0x34,0x78,0x2c,0x22,0x20,
0x64,0x61,0x74,0x61,0x5b,0x69,0x5d,0x29,
0x3b,0x20,0x20,0x20,0x20,0x0a,0x20,0x20,
0x20,0x20,0x7d,0x0a,0x20,0x20,0x20,0x20,
0x70,0x72,0x69,0x6e,0x74,0x66,0x28,0x22,
0x5c,0x6e,0x22,0x7d,0x3b,0x5c,0x6e,0x5c,
0x6e,0x22,0x29,0x3b,0x0a,0x20,0x20,0x20,
0x20,0x66,0x6f,0x72,0x20,0x28,0x69,0x20,
0x3d,0x20,0x30,0x3b,0x20,0x69,0x3c,0x73,
0x69,0x7a,0x65,0x6f,0x66,0x28,0x64,0x61,
0x74,0x61,0x29,0x3b,0x20,0x69,0x2b,0x2b,
0x29,0x0a,0x20,0x20,0x20,0x20,0x20,0x20,
0x20,0x20,0x70,0x75,0x74,0x63,0x68,0x61,
0x72,0x28,0x64,0x61,0x74,0x61,0x5b,0x69,
0x5d,0x29,0x3b,0x0a,0x20,0x20,0x20,0x20,
0x72,0x65,0x74,0x75,0x72,0x6e,0x20,0x30,
0x3b,0x0a,0x7d,0x0a,
};

Now, how did I get the above?  Well, we can use an ASCII table and transcribe our C source above by hand… # = 0x23, i = 0x69, n = 0x6E, c = 0x63, l = 0x6C, u = 0x75, d = 0x64, e = 0x65, spaces = 0x20, newlines = 0x0A, etc.  That is a lot of work.  Being a lazy computer scientist, I wrote the following python script to do it for me:

import sys

f = open(sys.argv[1], 'r')

s = ''
for line in f:
    for l in line:
        s += '0x%02x' % ord(l)
        s += ','

s += '0x0a,'
step = 40
for i in range(0, len(s), step):
    line = s[i:i+step]
    print line

In the above, you pass in the C file of our first code listing above, and it prints to the screen:

0x23,0x69,0x6e,0x63,0x6c,0x75,0x64,0x65,
0x20,0x3c,0x73,0x74,0x64,0x69,0x6f,0x2e,
0x68,0x3e,0x0a,0x0a,0x69,0x6e,0x74,0x0a,
0x6d,0x61,0x69,0x6e,0x20,0x28,0x76,0x6f,
0x69,0x64,0x29,0x0a,0x7b,0x0a,0x20,0x20,
0x20,0x20,0x75,0x6e,0x73,0x69,0x67,0x6e,
0x65,0x64,0x20,0x69,0x6e,0x74,0x20,0x69,
0x3b,0x0a,0x20,0x20,0x20,0x20,0x0a,0x20,

<-------snipped----------------------->

0x28,0x64,0x61,0x74,0x61,0x29,0x3b,0x20,
0x69,0x2b,0x2b,0x29,0x0a,0x20,0x20,0x20,
0x20,0x20,0x20,0x20,0x20,0x70,0x75,0x74,
0x63,0x68,0x61,0x72,0x28,0x64,0x61,0x74,
0x61,0x5b,0x69,0x5d,0x29,0x3b,0x0a,0x20,
0x20,0x20,0x20,0x72,0x65,0x74,0x75,0x72,
0x6e,0x20,0x30,0x3b,0x0a,0x7d,0x0a,

You can copy and paste that into your

const unsigned char data[] = {

},

block and put that above the #include of the first code listing above.  I used Eclipse-C++ to code and run my program.  Upon execution the program should print to the console:

const unsigned char data[] = {
0x23,0x69,0x6e,0x63,0x6c,0x75,0x64,0x65,
0x20,0x3c,0x73,0x74,0x64,0x69,0x6f,0x2e,
0x68,0x3e,0x0a,0x0a,0x69,0x6e,0x74,0x0a,
0x6d,0x61,0x69,0x6e,0x20,0x28,0x76,0x6f,
0x69,0x64,0x29,0x0a,0x7b,0x0a,0x20,0x20,
0x20,0x20,0x75,0x6e,0x73,0x69,0x67,0x6e,
0x65,0x64,0x20,0x69,0x6e,0x74,0x20,0x69,
0x3b,0x0a,0x20,0x20,0x20,0x20,0x0a,0x20,
0x20,0x20,0x20,0x70,0x72,0x69,0x6e,0x74,
0x66,0x28,0x22,0x63,0x6f,0x6e,0x73,0x74,
0x20,0x75,0x6e,0x73,0x69,0x67,0x6e,0x65,
0x64,0x20,0x63,0x68,0x61,0x72,0x20,0x64,
0x61,0x74,0x61,0x5b,0x5d,0x20,0x3d,0x20,
0x7b,0x22,0x29,0x3b,0x0a,0x20,0x20,0x20,
0x20,0x66,0x6f,0x72,0x20,0x28,0x69,0x20,
0x3d,0x20,0x30,0x3b,0x20,0x69,0x3c,0x73,
0x69,0x7a,0x65,0x6f,0x66,0x28,0x64,0x61,
0x74,0x61,0x29,0x3b,0x20,0x69,0x2b,0x2b,
0x29,0x0a,0x20,0x20,0x20,0x20,0x7b,0x0a,
0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
0x69,0x66,0x20,0x28,0x69,0x25,0x38,0x20,
0x3d,0x3d,0x20,0x30,0x29,0x0a,0x20,0x20,
0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
0x20,0x20,0x70,0x72,0x69,0x6e,0x74,0x66,
0x28,0x22,0x5c,0x6e,0x22,0x29,0x3b,0x0a,
0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
0x70,0x72,0x69,0x6e,0x74,0x66,0x28,0x22,
0x25,0x30,0x23,0x34,0x78,0x2c,0x22,0x20,
0x64,0x61,0x74,0x61,0x5b,0x69,0x5d,0x29,
0x3b,0x20,0x20,0x20,0x20,0x0a,0x20,0x20,
0x20,0x20,0x7d,0x0a,0x20,0x20,0x20,0x20,
0x70,0x72,0x69,0x6e,0x74,0x66,0x28,0x22,
0x5c,0x6e,0x22,0x7d,0x3b,0x5c,0x6e,0x5c,
0x6e,0x22,0x29,0x3b,0x0a,0x20,0x20,0x20,
0x20,0x66,0x6f,0x72,0x20,0x28,0x69,0x20,
0x3d,0x20,0x30,0x3b,0x20,0x69,0x3c,0x73,
0x69,0x7a,0x65,0x6f,0x66,0x28,0x64,0x61,
0x74,0x61,0x29,0x3b,0x20,0x69,0x2b,0x2b,
0x29,0x0a,0x20,0x20,0x20,0x20,0x20,0x20,
0x20,0x20,0x70,0x75,0x74,0x63,0x68,0x61,
0x72,0x28,0x64,0x61,0x74,0x61,0x5b,0x69,
0x5d,0x29,0x3b,0x0a,0x20,0x20,0x20,0x20,
0x72,0x65,0x74,0x75,0x72,0x6e,0x20,0x30,
0x3b,0x0a,0x7d,0x0a,
};

#include 

int
main (void)
{
unsigned int i;printf("const unsigned char data[] = {");
for (i = 0; i<sizeof(data); i++)
    {
        if (i%8 == 0)
            printf("\n");
        printf("%0#4x," data[i]);    
    }
    printf("\n"};\n\n");
    for (i = 0; i<sizeof(data); i++)
        putchar(data[i]);
    return 0;
}

You should be able to copy and paste the print out into an IDE, compile and run it.  Quines are pretty neat.  I enjoyed this little exercise.  It made me think about levels of meaning; about values and their representations.  Computers and programs can’t differentiate between data and code.  It is the context that determines when data is meant to be interpreted as code instead of data, and when code is meant to be data (e.g. when downloading a binary file from the Internet).  This is an important concept in computer security.  It is the fact that we can use data as code that makes shellcode exploits possible.

“Yields falsehood when preceded by its quotation” yields falsehood when preceded by its quotation.

–Quine’s paradox

Life Lesson #34

18 Wednesday Dec 2013

Posted by Eric Hokanson in Uncategorized

≈ Leave a comment

Tags

Coffee, Latte, Starbuck

starbucks-spilled Remember to always look down before stepping out of your car in a Starbucks parking lot, to avoid stepping into someone’s spilled gingerbread-latte-puddle and ruining your shoes.

Computer Science Education Week December 9 – 15

07 Saturday Dec 2013

Posted by Eric Hokanson in Computer Science, Learning, Programming

≈ 1 Comment

Tags

Computer science, Newton's method, programming, Python, Square root

Teaching students programming and computer science one hour of code at a time.  Here is the official site where you can learn how to become involved.   I thought I would take an opportunity here to make my contribution.  In this lesson, I will use as my guide, a great introductory to Computer Science (CS) text, often referred to as the “purple” book, or the “wizard” book.

What is Computer Science?

Computer science is really a misnomer.  It is not a science.  We don’t study a system, observe phenomena, and run experiments to validate a hypothesis.  Computer science is not a study of computers anymore than biology is the study of microscopes.  A computer is simply a tool.  And computational devices come in many different forms.  There are the silicon-based binary gadgets that you use everyday, like laptops, tablets, and smart phones.  But they are poor imitations of the most powerful computing device ever created: the human being.  We are a bio-mechanical machine, performing our computations in base 10.  And of course, we are capable of much, much more.

Declarative and Imperative Knowledge

Computer science is not a science; it is more of an art — an engineering practice.  Computer science is really about knowledge.  The knowledge of how to do something: solve a problem, perform a task in a methodical, mechanical process.  This process is called imperative knowledge.  It is the knowledge of how to do something.  Declarative knowledge, on the other hand, deals with the facts.  Let me illustrate with an example found in the purple book.

Example: Square Roots by Newton’s Method

An example of declarative knowledge:

The above is a fact about square roots.  You can find it in any basic math text.  In words: the square root of any number x, is a number y, where y is a positive number, and if I multiply y by itself.  I get x.  For example: let x be 4, then y must be 2 because 2 times 2 equals 4.  You can reason the same for 16, or even 625.  Larger numbers are harder.  You may have to make some educated guesses before you stumble upon the correct answer.
Well, that is all fine and dandy.  But what if you were given: \sqrt{2} ?  How can we use the above declarative knowledge to figure that out?  And that is the problem of declarative knowledge.  It doesn’t tell you how to calculate the square root of 2 — or how to find the square root of any number.  The declarative statement can only tell you how to recognize a square root if you saw one.

Newton’s Method

To solve the square root of any number, we will use a very old algorithm called Newton’s method.  Ironically, the method starts with a wild-ass guess (a WAG, we call it in the scientific and engineering community).  Then we refine our guess with successive approximations until we get to an answer that is good enough for government work.  Let’s construct our algorithm based on Newton’s method:

To find the approximation of the square root of x:

  1. Make a guess G
  2. Improve guess G by averaging G and x/G
  3. Keep improving until the guess is good enough.

Simple, right?  Don’t take my word for it.  Try it out.

table

Compare the 1.4142 with your calculator’s square root button.  You should see the 1.4142 plus a bunch of other numbers.  We solved out to four decimal places (to the 10-thousandths place), and that is good enough for us.

Now let us write this out as a recipe of instructions:

Square Root X:

  1. Make a guess G
  2. Is it good enough?:  absolute_value(G*G – X) < 0.0001 then G is the answer and we can stop; otherwise go to next step
  3. Improve guess G: G = (G + X/G)/2
  4. Repeat step 2.

So let’s step through our recipe.  First make a Scientific Wild-ass Guess.

Next we test our guess by, first squaring our guess and subtracting that guess with X.  We take the absolute value because your guess may be less than the square.  For example, in the square root of 2, our first guess was 1.  1 – 2 = -1 and we don’t want a negative number because we are measuring the distance between our guess and the perfect square X.  And since negative distances don’t make sense, we take the absolute value, which means we first remove the negative sign, and then see if the answer is within some threshold of tolerance.  In this case, less than one-ten-thousandths.  Or put another way, we will keep refining our guesses until we calculate the square root to four decimal places.  If our guess is less than our threshold, then we stop and G is our answer.  If not, we go to step three to improve our guess and repeat the process.

Try our recipe above out with a piece of paper and a calculator and see if you get the same results as in the table above, if you let X = 2.

If you made it this far, my dear reader, I want to congratulate you.  Together we wrote a computer program.  Our program is not in a traditional computer language like C, or C++, or even Python.  But it is in the language of English and math.  Any reasonably intelligent human computer, with some knowledge of middle school, or high school math should be able to follow our recipe (algorithm) and effectively become the square root button on a calculator.

I hope the above example gives you an idea of what programming and computer science is about.  Now, if you really want to learn a programming language, first pick a language and a site you can learn from.  I recommend code academy and the language of Python.  Python is very easy to learn.  Once you get the basics and the syntax down, see if you can take our little recipe above and translate it into your new language, and get a computer to do all this hard math stuff for us.

Related articles
  • Bubble Name Animation (devguy.co)

Rest in Peace Nelson Mandela

05 Thursday Dec 2013

Posted by Eric Hokanson in Uncategorized

≈ Leave a comment

Thank you for all your hard work.  You taught us to never give up.  You have taught us how to act with poise and dignity in the face of great adversity; that even though oppressive governments (and lately, some not so oppressive governments) may stifle the will of the people; they may take away their liberties; but they can never crush the human spirit.

Holy 1984 Batman!

01 Sunday Dec 2013

Posted by Eric Hokanson in Computer Security, Cyber Security Research, Hacking

≈ Leave a comment

Tags

George Orwell, Hacking, TV

I warned that hooking everything up to Internet was a bad idea years ago.  Your TV can now watch you!  Too bad you can’t break for commercial every 10 minutes like your TV does.  Here is another article on the subject.

This is what people can do with the new smart TV you are buying for Christmas.  I shudder to think what can be done to medical devices that talk over wireless networks.  I am not sure what can be done about the problem.  People love the convenience of controlling their home’s thermostat or security system remotely, from the Internet.  And the bad guys love the ease of convenience, too.  The “Internet of things” security is a hot growing research area so we will be reading a lot more about the problem.

to publish or not to publish

Often, I am confronted by people about publishing vulnerabilities.  “Why would you bring this to the attention of the hackers?”, they would say.  The truth is, if someone like me can find the problem, then any reasonably intelligent and curious person can also find the problem.  It is very likely, that there are others who are aware of the vulnerabilities and this would include the hacker community.  More of our appliances contain computer chips that run light-weight versions of the Linux operating system and open source software.  Anybody can get access to the source code, and all code contain bugs and vulnerabilities.  It doesn’t matter who wrote the software, or how smart they are, mistakes get made, and others will find those mistakes and exploit them if they can.

Other scientific professions have suffered from similar dilemmas.  Physicists working on the Manhattan project, for example, often had to come to terms with the prospects of advancing human knowledge and having that knowledge lead to human destruction.  Wasn’t there a story somewhere about Buddhist priest who once said: “The good news is: all humans possess the keys to heaven.  The bad news: that same keys also opens the gates of hell.”?

I believe it is better to publish the technical vulnerabilities; to be aware of them so that many bright minds can come together and fix the problems.  And it helps alert the defenders to look out for them.  I remember watching the “Super Friends” as a kid.  On one episode, Robin was complaining about the inherent dangers of scientific discoveries and how easy it can be for people like Lex Luthor to use them for evil.  Batman replied: “… Technology is neither good or evil.  It is the mind behind it that determines its use.”

And they say Batman has no real super powers.  He has a super intellect.  I know.  It’s not as sexy as having a chest you can bounce bullets off of.  Or a new smart TV that you can hook directly up to the Internet.

Subscribe

  • Entries (RSS)
  • Comments (RSS)

Archives

  • May 2016
  • May 2015
  • April 2015
  • March 2015
  • September 2014
  • August 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013

Categories

  • Alan Turing
  • Algorithms
  • Apollo 17
  • C Programming
  • Christmas
  • Computer Programming
  • Computer Science
  • Computer Security
  • Current Events
  • Cyber Security Research
  • Education
  • Freedom of choice
  • Freewill
  • Hacking
  • Holidaze
  • Learning
  • Malware RE
  • Math
  • NASA
  • Pen-testing
  • Philosophy
  • Pi Day
  • procrastination
  • Programming
  • Python
  • Quine programs
  • Quotes
  • Random Stuff
  • Research
  • Reverse Engineering
  • Shopping
  • Smithsonian National Air and Space Museum
  • Software Development
  • Star Wars
  • Success
  • Uncategorized

Meta

  • Register
  • Log in

Blog at WordPress.com.

  • Follow Following
    • Eric Hokanson
    • Join 44 other followers
    • Already have a WordPress.com account? Log in now.
    • Eric Hokanson
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...