[ Home | Articles | Account | People | Projects | FAQ ] Name: Eric Hopper
Member since: 2000-12-18 11:34:17
Last Login: 2008-05-30 01:54:38
Homepage: http://www.omnifarious.org/~hopper/
Notes:
I've been a C/C++ programmer for a long time. I've also been working on The StreamModule System for a long time. I've written one commercial application using it and numerous small test programs, including a port forwarder.
I also write small papers and essays on technical topics when the whim strikes me.
In an effort to get google to consolidate my online
identity, here is a link to my ClaimID page: 
Interesting Advogato links:
Algorithm advice?
I think I would like an algorithm similar to Advogato's trust metric for deciding what people's names should be by default.
But, let me state the problem...
I'm designing a system in which people use OpenID to authenticate eachother on a series of small websites. I also want people to be able to talk about eachother in a linkable way, like they do on LJ.
The problem with using OpenID for this is that an OpenID is a fairly long and somewhat cumbersome identifier. I think most people have nicknames they would like to use to call others. In fact, many people become known by a well known nickname. For example, there are many people in the world who know me as ![[info]](http://p-stat.livejournal.com/img/userinfo.gif){kind=small}
omnifarious and possibly even think of me that way instead of my actual name of Eric Hopper.
I would like a distributed way to allow a group of people to agree about nicknames. If someone new comments on your site, it might be nice if they immediately acquired a nickname that was short and was well known by other people who commented on your site.
One thought is to have people make computer-readable statements associating an OpenID with a nickname and publishing them on their sites. Then you could periodically gather this data from various sites and run an algorithm like Advogato's trust metric algorithm to come up with default nicknames for people who are still two or three degrees away from you on your social graph.
First recorded attempt to attack my systems via IPv6
Someone just tried to spam my CAKE wiki via IPv6. The attack came from 2002:c26a:c164:0:216:cbff:feab:b3f5 which is a 6to4 address (you can tell from the beginning 2002) meaning that it corresponds to the IPv4 address of c26ac164, also known as 194.106.193.100 which is the address of some computer in Poland.
It also looks like they're on a network that's using EUI-64 based IPv6 address assignment, so the MAC address it came from is 00:16:cb:ab:b3:f5. Looking that up at the MAC Address Vendor lookup page reveals that this MAC address belongs to an Apple.
Someone's poor hacked Mac is trying to spam my wiki, or this is the computer of the hacker who's running the botnet trying to figure out why none of the spam is showing up.
Syndicated 2008-05-29 22:30:50 (Updated 2008-05-29 22:39:50) from Lover of Ideas
Wiki spam
I've been getting lots of spam on the wiki for my long dormant CAKE project. Mostly Moin Moin's (the wiki software I've been using) anti-spam feature has worked in defending against these attempts. The feature is that Moin Moin periodically downloads a list of regular expressions that match spam URLs and checks on wiki edits to see if they are introducing these URLs into the wiki.
But recently it hasn't been keeping up. Recently spammers have been registering hundreds of random letter jumble domain names or breaking into legitimate web servers and hosting their content in a weird part of the server. In fact, my wiki currently seems to be the target of a very concerted and coordinated attempt to use a botnet to spam it with URLs that do not appear in the banned list.
I found one aspect of how the software spams the wiki. It puts the spam URLs in the change comment. Most humans don't even fill in that comment, and hardly ever put a URL in it. And I modified the wiki software to check for that behavior. That has been successful in rebuffing almost all of the attacks so far.
I'm now also recording all failed attempts to alter the wiki and adding the IPs to a big list of banned IPs, and that's succeeded in rebuffing even more attacks. In one case I even decided to put in a whole /24.
Spammers and the security issues of people running Windows are the most consistently irritating problem on the Internet today.
Syndicated 2008-05-29 03:25:29 (Updated 2008-05-29 03:29:16) from Lover of Ideas
Threading vs. event-driven
A comrade in arms on the event-driven vs. threaded debate has switched sides and is now a threading advocate. He's been having doubts for awhile but was finally convinced by an article about threaded vs. event-driven approaches in Java. I'm not so sure, though it's clear that some of the long-standing reasons that threaded approaches were bad are starting to go away.
My main complaint about threads is that the concurrency model they represent is too hard for most people to use and requires way more discipline than the average programmer seems capable of.
My secondary complaint is basically that they introduce latency. Every synchronization operation represents a piece of data that has to be communicated between threads. I wrote a long pondering article about threads and latency awhile ago.
One thing I've noticed is that reads are usually much more frequent than updates. This makes things like memcached a good idea. I think of memcached as essentially being NUMA without hardware support.
I think it's clear though that some level of threading is a good idea nowadays.
One interesting thing that Java has done that I think is an overall useful concept is making some data structures immutable so that no locking operations are required to access them. Python does this too.
This is going to require some thinking.
Syndicated 2008-05-17 03:05:44 (Updated 2008-05-17 03:11:41) from Lover of Ideas
Test Open ID implementation for Python
I got it working. I have a record for TestOpenID on the Python cheese shop website. There is also a link to my own page on TestOpenID.
It should be easy_install able.
Omnifarious certified others as follows:
Others have certified Omnifarious as follows:
[ Certification disabled because you're not logged in. ]
FOAF updates: Trust rankings are now exported, making the data available to other users and websites. An external FOAF URI has been added, allowing users to link to an additional FOAF file.
Keep up with the latest Advogato features by reading the Advogato status blog.
If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!
del.icio.us
Digg
Google bookmark
reddit
Simpy
StumbleUpon
Furl
Newsvine
Technorati
Tailrank